Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e81e2c00-a513-4147-992e-a192a2dba6b1.roa
File:                     e81e2c00-a513-4147-992e-a192a2dba6b1.roa (raw, json)
Hash identifier:          OIYmyBa+0747APo8UCHR65K7keMOYnLfJtfw4nxxdNU=
Subject key identifier:   BB:EE:A6:40:F7:9E:5F:7C:DC:22:EF:1E:41:28:41:F4:C6:86:01:17
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       72E25ED2BF0266F809981666854F7DE8DCAD2C46
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e81e2c00-a513-4147-992e-a192a2dba6b1.roa
Signing time:             Mon 29 Sep 2025 15:12:34 +0000
ROA not before:           Mon 29 Sep 2025 15:12:34 +0000
ROA not after:            Mon 03 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        151.160.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:e2:5e:d2:bf:02:66:f8:09:98:16:66:85:4f:7d:e8:dc:ad:2c:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 29 15:12:34 2025 GMT
            Not After : Nov  3 23:59:59 2025 GMT
        Subject: serialNumber=9c2adad47fcb868607b9c086783a263ec7ac1756a1f5c1c8b0e5180496895f7b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2b:17:8a:9d:11:9b:c9:f8:63:32:35:e4:c7:
                    26:f8:6f:93:18:06:d8:a4:5e:0d:b9:b2:1a:78:52:
                    73:92:27:14:82:81:9d:ef:df:c6:10:f7:77:11:12:
                    39:94:7b:17:e8:b4:c3:a4:c0:cd:dd:b7:3f:26:01:
                    f7:b9:32:27:f5:a6:68:00:90:26:32:06:be:84:80:
                    51:1c:87:56:18:41:ca:58:db:ce:e1:8d:e0:07:ff:
                    59:98:eb:1e:6a:27:08:f2:72:d3:7f:3c:18:9a:85:
                    7e:7a:fa:70:19:57:57:fa:fd:58:9b:5b:2f:fc:60:
                    5b:e4:b2:33:c5:9e:1c:95:26:ff:f8:9a:aa:56:8d:
                    3c:46:44:96:08:c9:a5:62:d2:6c:5d:c0:35:99:20:
                    2e:2a:99:85:28:1e:01:78:fc:24:c6:f9:11:45:ba:
                    5a:e7:e3:4b:16:63:fe:99:0a:99:a6:4c:3c:10:28:
                    95:3e:c9:a2:60:41:61:9c:96:6e:56:1a:ab:b4:0b:
                    3a:f4:ae:a3:60:f8:1d:48:dc:b1:0d:1d:6d:48:67:
                    d1:fc:aa:70:3d:29:87:f9:58:07:be:ee:b4:3a:57:
                    37:ab:f1:10:96:62:7d:da:f6:2b:d1:7e:9f:b8:45:
                    dd:29:95:d5:a5:82:d1:3d:29:cd:69:19:77:c7:9e:
                    68:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:EE:A6:40:F7:9E:5F:7C:DC:22:EF:1E:41:28:41:F4:C6:86:01:17
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e81e2c00-a513-4147-992e-a192a2dba6b1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  151.160.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         09:22:9b:5a:e9:b4:f9:d9:94:11:f3:a1:af:a3:f5:c7:bc:10:
         9f:97:7a:b6:a0:f4:a0:ed:37:19:5c:5c:31:f0:ef:73:24:7b:
         ec:33:cb:0e:0f:14:51:1e:61:7a:b4:76:70:11:9d:f1:c2:9c:
         21:11:d1:c8:39:cc:f8:53:f5:25:9b:01:c7:16:5f:65:82:30:
         60:cd:2e:8f:a5:4d:39:46:50:0f:14:09:3e:1a:c0:2b:af:f4:
         7a:8a:86:50:d6:0f:0d:79:c4:ac:88:65:04:86:20:f7:83:cb:
         42:e0:a6:b7:29:5f:68:ba:20:0a:bf:82:e4:22:18:89:b9:2f:
         f4:a0:27:bd:85:1d:9e:35:a4:ba:32:d3:a6:7c:10:22:74:90:
         1e:e8:db:4f:d4:40:0d:b7:03:08:58:e7:a2:19:86:26:93:a0:
         d5:db:0c:33:19:7b:8a:0a:ce:77:ce:9f:ad:21:8d:2d:8b:c5:
         88:2c:dd:4e:9c:83:b7:77:82:fa:51:6b:03:65:06:a4:4e:7f:
         fe:ba:5d:f2:51:0d:f6:b1:88:7f:d2:b5:39:55:d0:e8:b0:58:
         de:ea:b1:a9:55:5a:88:7a:1b:bb:ca:1d:13:4a:f5:54:a1:47:
         9b:f5:0d:68:f9:9f:7c:ac:8c:35:99:4c:9d:b9:7f:1d:95:22:
         e8:e2:94:ba
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUcuJe0r8CZvgJmBZmhU996NytLEYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUxMjM0WhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A5YzJhZGFkNDdmY2I4Njg2MDdiOWMwODY3ODNhMjYzZWM3
YWMxNzU2YTFmNWMxYzhiMGU1MTgwNDk2ODk1ZjdiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjKxeKnRGbyfhjMjXkxyb4b5MYBtikXg25shp4UnOSJxSC
gZ3v38YQ93cREjmUexfotMOkwM3dtz8mAfe5Mif1pmgAkCYyBr6EgFEch1YYQcpY
287hjeAH/1mY6x5qJwjyctN/PBiahX56+nAZV1f6/VibWy/8YFvksjPFnhyVJv/4
mqpWjTxGRJYIyaVi0mxdwDWZIC4qmYUoHgF4/CTG+RFFulrn40sWY/6ZCpmmTDwQ
KJU+yaJgQWGclm5WGqu0Czr0rqNg+B1I3LENHW1IZ9H8qnA9KYf5WAe+7rQ6Vzer
8RCWYn3a9ivRfp+4Rd0pldWlgtE9Kc1pGXfHnmg7AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUu+6mQPeeX3zcIu8eQShB9MaGARcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U4MWUyYzAwLWE1MTMtNDE0Ny05OTJlLWExOTJhMmRiYTZiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCXoDANBgkqhkiG9w0BAQsFAAOCAQEACSKbWum0+dmUEfOhr6P1x7wQn5d6
tqD0oO03GVxcMfDvcyR77DPLDg8UUR5herR2cBGd8cKcIRHRyDnM+FP1JZsBxxZf
ZYIwYM0uj6VNOUZQDxQJPhrAK6/0eoqGUNYPDXnErIhlBIYg94PLQuCmtylfaLog
Cr+C5CIYibkv9KAnvYUdnjWkujLTpnwQInSQHujbT9RADbcDCFjnohmGJpOg1dsM
Mxl7igrOd86frSGNLYvFiCzdTpyDt3eC+lFrA2UGpE5//rpd8lEN9rGIf9K1OVXQ
6LBY3uqxqVVaiHobu8odE0r1VKFHm/UNaPmffKyMNZlMnbl/HZUi6OKUug==
-----END CERTIFICATE-----