Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a53505-4c1d-4b62-a854-99ae3e6964ed.roa
File:                     e9a53505-4c1d-4b62-a854-99ae3e6964ed.roa (raw, json)
Hash identifier:          qUn1rPs+BShXj2B7+NxN4IyNZNRxIkyK2TXFescnvXg=
Subject key identifier:   F4:1C:C3:3E:86:AD:22:74:A3:29:F9:97:17:CC:AA:DB:AB:93:9E:5C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       770C6FCC7F88CE6FB7A217CCA6124B81407E48ED
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a53505-4c1d-4b62-a854-99ae3e6964ed.roa
Signing time:             Tue 30 Sep 2025 00:02:10 +0000
ROA not before:           Tue 30 Sep 2025 00:02:10 +0000
ROA not after:            Tue 04 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        135.159.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:0c:6f:cc:7f:88:ce:6f:b7:a2:17:cc:a6:12:4b:81:40:7e:48:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 30 00:02:10 2025 GMT
            Not After : Nov  4 23:59:59 2025 GMT
        Subject: serialNumber=d4d52d0cdef55e8450cb2ab16c68436c92a65307116615e89d34fecb684f3dcd, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:5c:72:8f:82:a7:d6:da:f5:1e:7b:0e:3e:4f:
                    15:71:3d:37:51:7c:fb:84:a0:25:f1:0f:d9:73:38:
                    39:72:4c:f1:48:5e:d4:23:33:3c:4f:24:c4:d6:b3:
                    60:a1:81:5b:da:ba:0c:3b:27:97:4e:eb:12:a0:78:
                    84:f1:45:05:a8:04:51:39:36:6a:40:d2:5c:96:d8:
                    a3:b1:96:99:9d:67:d7:cc:e0:15:09:29:9c:50:22:
                    f2:f4:25:81:2e:2a:00:ef:e2:4c:59:80:e5:4a:80:
                    0e:9e:1d:80:15:f3:9e:64:70:18:12:b0:30:73:39:
                    62:c8:fa:ca:59:0e:df:8c:41:36:66:ff:0c:3b:d3:
                    e1:cc:86:ce:56:50:26:37:e2:98:e9:da:d1:31:24:
                    c4:f0:ae:37:13:2f:ff:e4:e9:61:8e:55:b8:ea:97:
                    83:b7:e9:be:73:4e:34:0d:51:4a:28:67:61:55:da:
                    56:0f:77:ed:ca:a5:d6:67:cb:27:a0:c9:04:6e:93:
                    55:18:ce:2a:e2:89:e6:41:57:3a:e8:35:14:f9:50:
                    08:e3:1e:81:55:cd:7f:25:f8:06:82:12:67:c2:4e:
                    20:e6:e9:64:b5:d8:c7:17:2e:56:e7:be:0d:cb:2c:
                    56:f7:e6:64:bb:5e:8b:e8:1f:45:5e:4e:55:72:b6:
                    91:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:1C:C3:3E:86:AD:22:74:A3:29:F9:97:17:CC:AA:DB:AB:93:9E:5C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e9a53505-4c1d-4b62-a854-99ae3e6964ed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  135.159.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1f:aa:6f:f9:bf:33:80:a0:ae:19:f5:71:81:03:9a:f1:cc:f9:
         ed:38:27:e0:bc:ce:1f:94:b5:28:30:bb:28:0c:0a:3f:c2:ef:
         43:90:e3:2e:ee:30:19:67:a6:be:aa:be:03:42:57:ca:8f:55:
         fc:bd:9e:7f:5f:3c:0d:83:64:85:32:71:45:39:08:b7:fc:b6:
         42:93:80:66:55:3b:46:7b:0c:61:39:6d:d7:54:90:50:79:22:
         85:44:10:80:f3:95:95:77:02:d4:61:61:f7:9c:6f:50:03:c9:
         4d:c0:df:cf:29:84:cc:87:94:84:96:ea:dd:d0:ad:c5:2c:5f:
         73:d0:33:0b:5e:d4:4b:a1:f6:9f:2e:a8:be:d1:bc:d8:37:4e:
         59:33:d3:34:94:96:cc:41:82:56:8b:d0:67:4f:9f:7e:d5:90:
         2d:38:0d:ec:65:0a:9f:60:79:e2:2f:16:8d:30:d5:d4:1f:5c:
         0a:00:32:bc:27:14:7e:30:af:19:09:09:90:4b:3b:7f:61:a3:
         3b:b8:12:10:cf:9f:a6:42:c8:68:62:72:37:54:57:4e:66:cc:
         4f:07:1f:5f:85:19:94:53:59:b6:6a:94:55:e5:67:90:73:2c:
         94:d7:a4:0f:36:cd:87:02:80:96:f6:b2:c1:63:97:08:b7:5e:
         0a:cc:93:df
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdwxvzH+Izm+3ohfMphJLgUB+SO0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAwMjEwWhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BkNGQ1MmQwY2RlZjU1ZTg0NTBjYjJhYjE2YzY4NDM2Yzky
YTY1MzA3MTE2NjE1ZTg5ZDM0ZmVjYjY4NGYzZGNkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDLXHKPgqfW2vUeew4+TxVxPTdRfPuEoCXxD9lzODlyTPFI
XtQjMzxPJMTWs2ChgVvaugw7J5dO6xKgeITxRQWoBFE5NmpA0lyW2KOxlpmdZ9fM
4BUJKZxQIvL0JYEuKgDv4kxZgOVKgA6eHYAV855kcBgSsDBzOWLI+spZDt+MQTZm
/ww70+HMhs5WUCY34pjp2tExJMTwrjcTL//k6WGOVbjql4O36b5zTjQNUUooZ2FV
2lYPd+3KpdZnyyegyQRuk1UYziriieZBVzroNRT5UAjjHoFVzX8l+AaCEmfCTiDm
6WS12McXLlbnvg3LLFb35mS7XovoH0VeTlVytpHJAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU9BzDPoatInSjKfmXF8yq26uTnlwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U5YTUzNTA1LTRjMWQtNGI2Mi1hODU0LTk5YWUzZTY5NjRlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCHnzANBgkqhkiG9w0BAQsFAAOCAQEAH6pv+b8zgKCuGfVxgQOa8cz57Tgn
4LzOH5S1KDC7KAwKP8LvQ5DjLu4wGWemvqq+A0JXyo9V/L2ef188DYNkhTJxRTkI
t/y2QpOAZlU7RnsMYTlt11SQUHkihUQQgPOVlXcC1GFh95xvUAPJTcDfzymEzIeU
hJbq3dCtxSxfc9AzC17US6H2ny6ovtG82DdOWTPTNJSWzEGCVovQZ0+fftWQLTgN
7GUKn2B54i8WjTDV1B9cCgAyvCcUfjCvGQkJkEs7f2GjO7gSEM+fpkLIaGJyN1RX
TmbMTwcfX4UZlFNZtmqUVeVnkHMslNekDzbNhwKAlvaywWOXCLdeCsyT3w==
-----END CERTIFICATE-----