Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4b80097-4935-4e1f-8e05-5e9dd70d4515.roa
File:                     e4b80097-4935-4e1f-8e05-5e9dd70d4515.roa (raw, json)
Hash identifier:          7Agv3wt1eAMeeDvbqgXWzR6A/us7RjpWL0OsaFwm388=
Subject key identifier:   27:5E:48:A2:11:E9:A8:7E:9E:5C:E2:C8:F9:F7:B6:8A:97:00:5B:A8
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       70EE4C05789F3E4212AA7C52BA5235C08B86DEAF
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4b80097-4935-4e1f-8e05-5e9dd70d4515.roa
Signing time:             Sat 18 Oct 2025 03:10:10 +0000
ROA not before:           Sat 18 Oct 2025 03:10:10 +0000
ROA not after:            Sat 22 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        65.8.232.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:ee:4c:05:78:9f:3e:42:12:aa:7c:52:ba:52:35:c0:8b:86:de:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 18 03:10:10 2025 GMT
            Not After : Nov 22 23:59:59 2025 GMT
        Subject: serialNumber=91f3acea0fdfc83434d9cd06f50637874823f26f0226db663f4c12144d6a3956, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ed:e3:be:4d:5d:eb:1e:c7:ed:62:60:2a:17:
                    59:f4:37:70:b9:35:f9:3a:3e:d3:a1:55:df:c8:22:
                    f1:86:62:02:f9:85:4a:58:d0:71:a6:a2:aa:cd:2f:
                    42:7b:ec:fd:81:0e:7f:8f:6e:21:03:46:61:36:93:
                    a5:94:0e:c6:7e:01:fa:48:a6:0e:24:29:d5:8f:fa:
                    31:86:bd:b2:52:82:c9:b4:77:10:59:fb:68:b4:bd:
                    0f:9f:7a:38:b8:64:70:83:d0:d7:49:6b:5b:44:1f:
                    45:25:d5:b8:bd:03:96:8a:0e:30:40:e6:04:67:d9:
                    8f:5a:0f:fa:95:b5:ad:7b:69:99:19:7e:c3:74:7d:
                    00:e5:be:82:84:98:f4:fa:ad:99:b6:10:3b:91:69:
                    5a:c1:d5:9c:6b:6e:7a:de:b1:2f:38:3d:58:2a:8f:
                    d6:fa:98:6d:76:4e:c0:1c:70:f5:79:f7:9d:9a:98:
                    3b:1b:21:ad:ec:87:d8:cc:98:be:f0:c6:3c:6b:ba:
                    c2:9f:9e:27:30:1d:c8:e4:a7:d1:24:f9:cb:a3:88:
                    8f:89:a8:72:48:56:5e:cd:de:ab:e0:cf:ed:bd:d3:
                    53:ae:40:79:6d:4a:67:54:ff:62:5b:c1:f6:cb:31:
                    2b:87:eb:49:2f:59:e8:f9:39:aa:1f:c7:ae:ca:73:
                    a0:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:5E:48:A2:11:E9:A8:7E:9E:5C:E2:C8:F9:F7:B6:8A:97:00:5B:A8
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e4b80097-4935-4e1f-8e05-5e9dd70d4515.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  65.8.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:82:c4:96:4b:df:d4:78:0f:b2:c7:97:54:aa:4f:f6:c8:71:
         b9:47:71:1b:36:70:7d:60:25:0f:74:aa:53:59:34:b7:78:14:
         9b:9d:14:7b:c6:10:37:85:61:77:f8:b1:52:89:e4:ea:89:86:
         ea:a6:18:dd:60:0f:48:ff:85:bb:4d:30:06:af:a5:8d:84:8e:
         b8:ec:ee:9d:00:0c:38:b5:8c:be:9c:1a:de:e2:e7:ba:9d:df:
         f6:53:71:ad:55:41:22:7b:19:b3:2d:74:52:fe:ca:e6:a8:7d:
         2d:af:19:26:07:45:62:c7:90:72:2d:37:1c:7d:83:24:14:d3:
         54:1c:82:06:96:3c:0a:25:53:db:86:3a:cd:f7:3c:84:92:07:
         00:ff:56:1a:83:eb:5d:03:fd:52:77:00:97:dc:a2:13:1e:23:
         df:0d:6c:00:a9:6b:f5:ed:1d:be:b7:df:40:b0:9c:c3:db:e7:
         69:48:b6:e8:2d:4f:2a:07:36:2c:f8:6c:2a:3a:80:8b:1d:fa:
         c9:fe:d3:23:87:8d:e8:3e:a1:3f:bf:a5:cc:9d:1e:58:2e:c3:
         79:e9:73:a5:ad:08:59:77:9f:87:db:e4:11:04:02:84:92:a9:
         12:66:6d:d9:a4:16:db:b8:40:42:64:1f:7b:de:cf:9d:55:a2:
         a8:14:1f:a6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUcO5MBXifPkISqnxSulI1wIuG3q8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDE4MDMxMDEwWhcNMjUxMTIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A5MWYzYWNlYTBmZGZjODM0MzRkOWNkMDZmNTA2Mzc4NzQ4
MjNmMjZmMDIyNmRiNjYzZjRjMTIxNDRkNmEzOTU2MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr7eO+TV3rHsftYmAqF1n0N3C5Nfk6PtOhVd/IIvGGYgL5
hUpY0HGmoqrNL0J77P2BDn+PbiEDRmE2k6WUDsZ+AfpIpg4kKdWP+jGGvbJSgsm0
dxBZ+2i0vQ+feji4ZHCD0NdJa1tEH0Ul1bi9A5aKDjBA5gRn2Y9aD/qVta17aZkZ
fsN0fQDlvoKEmPT6rZm2EDuRaVrB1ZxrbnresS84PVgqj9b6mG12TsAccPV5952a
mDsbIa3sh9jMmL7wxjxrusKfnicwHcjkp9Ek+cujiI+JqHJIVl7N3qvgz+2901Ou
QHltSmdU/2JbwfbLMSuH60kvWej5Oaofx67Kc6BnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJ15IohHpqH6eXOLI+fe2ipcAW6gwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U0YjgwMDk3LTQ5MzUtNGUxZi04ZTA1LTVlOWRkNzBkNDUxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABBCOgwDQYJKoZIhvcNAQELBQADggEBADqCxJZL39R4D7LHl1SqT/bIcblH
cRs2cH1gJQ90qlNZNLd4FJudFHvGEDeFYXf4sVKJ5OqJhuqmGN1gD0j/hbtNMAav
pY2Ejrjs7p0ADDi1jL6cGt7i57qd3/ZTca1VQSJ7GbMtdFL+yuaofS2vGSYHRWLH
kHItNxx9gyQU01QcggaWPAolU9uGOs33PISSBwD/VhqD610D/VJ3AJfcohMeI98N
bACpa/XtHb6330CwnMPb52lItugtTyoHNiz4bCo6gIsd+sn+0yOHjeg+oT+/pcyd
Hlguw3npc6WtCFl3n4fb5BEEAoSSqRJmbdmkFtu4QEJkH3vez51VoqgUH6Y=
-----END CERTIFICATE-----