Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5dbe408-99e0-40d6-9f4c-107979954b1b.roa
File:                     d5dbe408-99e0-40d6-9f4c-107979954b1b.roa (raw, json)
Hash identifier:          hTYMqlKHSshAf7J7wrOJ4jZAr/KI7D0bjRra9bUkIH8=
Subject key identifier:   05:45:9A:95:D2:DE:F4:06:3E:30:61:7A:F8:E5:92:95:39:0F:81:04
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       542C534D2FABA7F39D5B6483B1F158C93FB18B3A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5dbe408-99e0-40d6-9f4c-107979954b1b.roa
Signing time:             Sat 18 Oct 2025 01:00:42 +0000
ROA not before:           Sat 18 Oct 2025 01:00:42 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        65.8.147.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:2c:53:4d:2f:ab:a7:f3:9d:5b:64:83:b1:f1:58:c9:3f:b1:8b:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 01:00:42 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=8fa8987b8d41310b4743cf46f7342e98d40ab39d02a802aa6577105214a45cc5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:e8:45:ef:fd:8c:45:7a:c7:23:b6:a6:d0:bc:
                    26:20:16:61:9e:e8:7f:21:f0:6c:02:47:bf:22:39:
                    50:3b:c0:fa:ca:a9:7d:0c:fc:44:a4:e3:84:a4:c4:
                    79:5f:59:70:2a:6c:57:98:2e:be:60:9f:31:23:ae:
                    61:2a:55:73:5e:c2:39:8f:de:c1:df:9f:ae:2a:0d:
                    69:31:ba:b9:4e:23:56:ce:ed:27:85:f1:52:c7:34:
                    34:d5:dc:a4:be:54:03:50:58:7a:47:04:f7:69:06:
                    3a:01:a3:b2:c7:b3:06:38:9c:44:87:da:ba:61:96:
                    49:69:bb:d8:0d:bc:31:ff:42:9a:41:4f:aa:6d:da:
                    76:6c:f7:69:59:be:32:34:9b:d0:8e:8d:a1:5b:25:
                    17:03:27:94:07:04:93:b9:10:e0:30:76:73:27:77:
                    0e:a2:fd:03:47:5c:9a:d0:82:74:08:28:1f:de:47:
                    99:9a:29:a9:f1:ee:f0:a0:02:d7:65:86:f8:34:07:
                    80:15:2f:27:7a:fb:d4:55:05:8e:3c:9a:2c:b9:61:
                    f6:ac:7c:3e:f9:44:5c:ab:ee:0c:7a:d6:b1:0b:ac:
                    e0:4f:61:48:92:b1:97:f7:e5:9f:8e:57:2c:c7:43:
                    b2:63:08:d7:17:56:e3:cd:bb:02:30:87:c2:b5:a7:
                    91:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:45:9A:95:D2:DE:F4:06:3E:30:61:7A:F8:E5:92:95:39:0F:81:04
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d5dbe408-99e0-40d6-9f4c-107979954b1b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  65.8.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         cb:33:ae:e7:99:0b:64:da:d8:15:e2:3e:54:fc:0f:e7:1d:e4:
         1d:97:ef:c1:1f:5a:26:7f:62:dc:c8:2a:59:90:a0:3f:60:2f:
         9a:6e:2e:05:49:26:b2:92:2f:11:a5:2e:3f:7a:a9:2c:04:0e:
         21:2d:7b:d7:8d:7c:93:0e:65:78:9d:97:ff:37:24:05:fb:86:
         ca:62:62:c4:4d:02:1c:cb:58:cf:bf:4d:5b:56:90:7b:63:13:
         85:66:bf:89:22:62:fa:e3:80:f8:0b:80:88:0c:be:b8:cd:27:
         7b:87:29:ed:51:3c:7b:a1:95:5d:ce:86:c1:04:58:5c:92:8f:
         c5:a3:07:cc:cb:66:7e:ed:6b:45:b7:92:38:88:2a:34:5d:a7:
         8c:23:8f:10:f0:13:e6:da:26:00:55:57:32:10:d7:d6:f0:65:
         cd:36:67:b5:a0:ad:b0:d9:d4:69:32:80:61:8d:c0:2b:d7:ef:
         ca:d6:66:93:92:64:27:bf:50:1f:c0:ea:23:dc:f1:cb:3c:d0:
         d9:f1:e9:c0:44:64:64:79:76:26:13:a7:56:55:0f:9f:09:a8:
         ae:e1:45:8c:a5:f2:1d:ff:da:ce:a9:36:64:04:8f:99:63:6f:
         3b:01:d9:cb:c4:53:bf:bb:68:f0:d7:2f:e6:89:99:21:72:0e:
         c3:d9:fd:26
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVCxTTS+rp/OdW2SDsfFYyT+xizowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDEwMDQyWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZmE4OTg3YjhkNDEzMTBiNDc0M2NmNDZmNzM0MmU5OGQ0
MGFiMzlkMDJhODAyYWE2NTc3MTA1MjE0YTQ1Y2M1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCg6EXv/YxFescjtqbQvCYgFmGe6H8h8GwCR78iOVA7wPrK
qX0M/ESk44SkxHlfWXAqbFeYLr5gnzEjrmEqVXNewjmP3sHfn64qDWkxurlOI1bO
7SeF8VLHNDTV3KS+VANQWHpHBPdpBjoBo7LHswY4nESH2rphlklpu9gNvDH/QppB
T6pt2nZs92lZvjI0m9COjaFbJRcDJ5QHBJO5EOAwdnMndw6i/QNHXJrQgnQIKB/e
R5maKanx7vCgAtdlhvg0B4AVLyd6+9RVBY48miy5YfasfD75RFyr7gx61rELrOBP
YUiSsZf35Z+OVyzHQ7JjCNcXVuPNuwIwh8K1p5EZAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUBUWaldLe9AY+MGF6+OWSlTkPgQQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1ZGJlNDA4LTk5ZTAtNDBkNi05ZjRjLTEwNzk3OTk1NGIxYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABBCJMwDQYJKoZIhvcNAQELBQADggEBAMszrueZC2Ta2BXiPlT8D+cd5B2X
78EfWiZ/YtzIKlmQoD9gL5puLgVJJrKSLxGlLj96qSwEDiEte9eNfJMOZXidl/83
JAX7hspiYsRNAhzLWM+/TVtWkHtjE4Vmv4kiYvrjgPgLgIgMvrjNJ3uHKe1RPHuh
lV3OhsEEWFySj8WjB8zLZn7ta0W3kjiIKjRdp4wjjxDwE+baJgBVVzIQ19bwZc02
Z7WgrbDZ1GkygGGNwCvX78rWZpOSZCe/UB/A6iPc8cs80Nnx6cBEZGR5diYTp1ZV
D58JqK7hRYyl8h3/2s6pNmQEj5ljbzsB2cvEU7+7aPDXL+aJmSFyDsPZ/SY=
-----END CERTIFICATE-----