Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eaad6c7d-4b0b-4907-ac15-be008f56cea0.roa
File:                     eaad6c7d-4b0b-4907-ac15-be008f56cea0.roa (raw, json)
Hash identifier:          1yQ/nxOV/s7gL+QSV60ralHFdfU43/UvRYy3ETCRNfc=
Subject key identifier:   5D:F9:C2:0E:70:2C:75:DE:F2:00:EE:68:2C:F6:32:63:53:D4:02:82
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       43E79DC37588E77AEFDB48E41E9CC2FB10C9BF84
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eaad6c7d-4b0b-4907-ac15-be008f56cea0.roa
Signing time:             Fri 03 Oct 2025 00:52:04 +0000
ROA not before:           Fri 03 Oct 2025 00:52:04 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.241.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:e7:9d:c3:75:88:e7:7a:ef:db:48:e4:1e:9c:c2:fb:10:c9:bf:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:52:04 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=b78f5c491f6ba03ed6735fa734c02b7c02f92ed8dbcbeaa68e7557f42418e1ab, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:63:7a:6a:d2:3e:18:bb:24:b2:66:9d:9e:c8:
                    dc:b6:a1:2e:aa:03:d9:30:cb:38:b3:05:32:54:07:
                    31:19:7d:63:ab:86:e8:db:bb:42:10:03:9f:26:c3:
                    c9:3c:b8:bc:73:40:61:81:e0:20:a6:38:98:b5:dc:
                    f1:d6:f8:1c:a3:96:4c:4e:e1:94:33:58:cf:96:1d:
                    b1:7c:e8:7b:81:0b:e1:70:60:ad:7d:9e:de:37:07:
                    cd:de:ca:1f:18:f5:69:40:01:05:32:2a:17:ce:8b:
                    3e:24:36:57:3f:d4:2e:d2:c4:57:b9:6a:00:bd:6c:
                    2b:e6:04:fd:95:6c:9e:b8:58:2e:f8:ba:04:05:9f:
                    cd:aa:ce:1f:60:92:2d:ad:de:11:8e:3d:2f:f1:1e:
                    45:0c:4b:18:f7:cd:33:37:87:19:3c:76:6f:7a:9d:
                    67:c2:ee:fd:a3:ca:ba:6e:9a:0b:66:86:53:58:73:
                    c4:44:ff:26:d8:43:9b:53:b5:1e:3b:73:c9:ee:cb:
                    c3:9a:8d:a3:d3:8a:4c:13:09:59:f9:a5:85:c0:3c:
                    22:f5:f1:ca:e5:b1:d5:92:f6:38:e9:e8:05:ac:88:
                    19:cf:aa:a8:83:7c:46:88:0f:76:ce:71:cc:c9:8e:
                    d4:56:60:b0:65:25:e9:bf:80:44:a7:85:b3:a5:ec:
                    6f:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:F9:C2:0E:70:2C:75:DE:F2:00:EE:68:2C:F6:32:63:53:D4:02:82
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eaad6c7d-4b0b-4907-ac15-be008f56cea0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:9e:e1:75:52:f6:1c:e9:bb:73:8f:d4:be:df:bf:70:9b:e6:
         ee:2d:23:9e:bb:05:18:60:6b:af:4e:01:dd:b2:e7:c8:4e:16:
         9d:96:e8:27:21:11:0f:0d:b2:e1:70:44:d5:1b:d9:db:1c:90:
         00:15:d5:e8:58:36:d6:93:e0:f2:89:9f:b7:31:b6:b2:9b:96:
         cc:15:0e:2c:74:cc:7a:8d:b2:a2:b1:f9:e0:07:10:fd:d5:9c:
         48:0c:2c:67:bc:27:7d:3a:cb:8e:4a:9a:50:d9:8f:84:4a:1a:
         e6:de:b6:7d:13:f1:5e:17:b0:88:c3:a0:db:b4:1f:a4:f5:e8:
         e6:b9:b4:0d:bc:5d:e3:da:fa:58:6d:03:7f:50:4b:3b:ea:13:
         a2:d1:ab:58:21:2d:5c:c0:11:93:89:5c:ce:65:fc:d9:b3:da:
         32:41:d2:ec:df:49:4d:94:d6:82:ab:9e:0b:d1:79:79:e3:d9:
         94:84:c9:38:86:6a:1f:1b:8a:86:5f:c2:e1:cd:c7:ab:1b:e5:
         47:2e:aa:75:8f:46:46:3d:1f:94:69:f9:5f:5e:22:76:69:6d:
         bc:9f:60:fc:f5:af:0d:1b:fd:0b:fe:60:3a:a5:88:51:fc:50:
         55:1c:f6:88:25:8b:67:98:ff:39:52:01:87:59:55:33:3c:4d:
         88:11:a6:d8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQ+edw3WI53rv20jkHpzC+xDJv4QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MjA0WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzhmNWM0OTFmNmJhMDNlZDY3MzVmYTczNGMwMmI3YzAy
ZjkyZWQ4ZGJjYmVhYTY4ZTc1NTdmNDI0MThlMWFiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHY3pq0j4YuySyZp2eyNy2oS6qA9kwyzizBTJUBzEZfWOr
hujbu0IQA58mw8k8uLxzQGGB4CCmOJi13PHW+ByjlkxO4ZQzWM+WHbF86HuBC+Fw
YK19nt43B83eyh8Y9WlAAQUyKhfOiz4kNlc/1C7SxFe5agC9bCvmBP2VbJ64WC74
ugQFn82qzh9gki2t3hGOPS/xHkUMSxj3zTM3hxk8dm96nWfC7v2jyrpumgtmhlNY
c8RE/ybYQ5tTtR47c8nuy8OajaPTikwTCVn5pYXAPCL18crlsdWS9jjp6AWsiBnP
qqiDfEaID3bOcczJjtRWYLBlJem/gESnhbOl7G91AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUXfnCDnAsdd7yAO5oLPYyY1PUAoIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VhYWQ2YzdkLTRiMGItNDkwNy1hYzE1LWJlMDA4ZjU2Y2VhMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTfEwDQYJKoZIhvcNAQELBQADggEBADue4XVS9hzpu3OP1L7fv3Cb5u4t
I567BRhga69OAd2y58hOFp2W6CchEQ8NsuFwRNUb2dsckAAV1ehYNtaT4PKJn7cx
trKblswVDix0zHqNsqKx+eAHEP3VnEgMLGe8J306y45KmlDZj4RKGubetn0T8V4X
sIjDoNu0H6T16Oa5tA28XePa+lhtA39QSzvqE6LRq1ghLVzAEZOJXM5l/Nmz2jJB
0uzfSU2U1oKrngvReXnj2ZSEyTiGah8bioZfwuHNx6sb5UcuqnWPRkY9H5Rp+V9e
InZpbbyfYPz1rw0b/Qv+YDqliFH8UFUc9ogli2eY/zlSAYdZVTM8TYgRptg=
-----END CERTIFICATE-----