Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eeb1a0db-c6e7-4578-b508-84b15c96b526.roa
File:                     eeb1a0db-c6e7-4578-b508-84b15c96b526.roa (raw, json)
Hash identifier:          7/3kTjAFWjDYjsuxvUz1bfiv3I+hwwBUeLAGsmWIC9E=
Subject key identifier:   9D:B2:8A:60:28:3B:DF:37:8F:CF:FD:8D:60:7B:A8:CA:A7:9B:65:42
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       24AE8CFAD084046CF89A1341AF02CE7AEF0E60BB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eeb1a0db-c6e7-4578-b508-84b15c96b526.roa
Signing time:             Mon 06 Oct 2025 15:39:05 +0000
ROA not before:           Mon 06 Oct 2025 15:39:05 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        24.110.16.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:ae:8c:fa:d0:84:04:6c:f8:9a:13:41:af:02:ce:7a:ef:0e:60:bb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:39:05 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=5aeb600d6c2dcaabccfea758e9f778be56e8fd9490729f2c9a57ad3c24a5f7f0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d8:b4:26:29:e6:a9:9f:0f:a2:f9:45:10:1a:
                    2f:03:a9:d2:44:f5:72:39:e9:ce:43:4b:44:c4:ae:
                    f1:1c:5d:bf:c3:d1:75:78:da:44:91:a6:f0:8e:52:
                    45:92:1d:68:b1:b8:31:a4:e7:80:61:6b:42:1b:d3:
                    04:22:84:87:fd:fb:33:d5:2f:a3:e3:f5:a9:af:c4:
                    7c:6b:00:46:81:f4:9b:43:0f:68:dc:93:eb:22:73:
                    e1:a9:a6:26:62:cf:e4:f3:df:61:2a:ea:9b:c4:1e:
                    90:c6:67:2a:a8:51:e6:40:07:97:24:4f:a3:5e:e9:
                    5a:77:5c:c6:2d:6c:a7:47:fe:f1:91:52:d6:c5:4e:
                    e6:61:ff:8f:9a:8a:13:53:07:c1:ff:a0:b0:15:3a:
                    72:f9:e2:bb:3c:7c:e3:17:04:40:59:93:27:8e:b9:
                    09:96:59:87:43:95:14:b9:ac:ea:4a:c8:cd:8e:a6:
                    b5:27:83:4b:9c:00:81:d6:73:fd:e7:ae:18:75:0c:
                    cf:7a:3f:8b:0f:e1:e6:09:fb:da:c9:13:51:87:d5:
                    1e:58:51:b8:91:8e:06:ab:43:ce:b4:8e:c9:ff:c7:
                    fd:ac:75:72:43:6b:2c:28:0d:20:f2:57:21:2b:fa:
                    df:0f:16:dc:d3:53:66:ef:16:66:64:6b:89:dd:4e:
                    c2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:B2:8A:60:28:3B:DF:37:8F:CF:FD:8D:60:7B:A8:CA:A7:9B:65:42
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/eeb1a0db-c6e7-4578-b508-84b15c96b526.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.110.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         bc:af:be:6a:64:10:9b:90:05:17:2e:65:0d:aa:3d:f1:ec:30:
         83:2c:0d:c9:6a:e6:e0:1a:91:01:57:41:46:6f:31:5e:0e:c8:
         65:db:8b:13:d0:58:dc:3e:36:16:3e:d7:d4:8e:9c:64:6d:99:
         06:ae:be:fd:4d:7d:91:fe:19:85:88:17:ba:90:7a:2f:3d:b4:
         7d:5f:0c:a3:ce:fb:af:fb:f0:54:b5:37:38:03:54:e8:46:df:
         08:f1:1a:9b:35:b5:a1:37:05:be:55:e2:0e:a7:0e:d4:96:37:
         99:f9:7a:ab:a7:02:a6:d6:4e:2f:9a:ad:f0:4f:c4:8e:01:4e:
         f7:07:80:08:44:09:b3:91:aa:b6:17:f0:10:a9:d5:a1:bf:3e:
         25:59:16:c3:e0:2e:30:8f:b5:e2:69:3a:07:4b:fc:b0:93:1e:
         55:e3:87:e7:02:19:67:3a:bd:a8:e2:a8:ce:61:5d:18:41:64:
         57:41:f9:95:85:b0:a8:cb:d8:53:f7:b5:dd:26:7b:f4:c2:89:
         9c:56:c4:6b:81:b0:b5:77:9a:37:d3:6e:b0:e9:47:58:23:15:
         f1:e6:f0:a8:b1:07:42:a3:93:ec:18:ad:ed:2a:a0:04:2d:6d:
         f1:9b:75:a2:ef:1f:30:7c:85:45:09:23:36:27:b5:8e:05:26:
         6a:a0:ec:0d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJK6M+tCEBGz4mhNBrwLOeu8OYLswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUzOTA1WhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A1YWViNjAwZDZjMmRjYWFiY2NmZWE3NThlOWY3NzhiZTU2
ZThmZDk0OTA3MjlmMmM5YTU3YWQzYzI0YTVmN2YwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC12LQmKeapnw+i+UUQGi8DqdJE9XI56c5DS0TErvEcXb/D
0XV42kSRpvCOUkWSHWixuDGk54Bha0Ib0wQihIf9+zPVL6Pj9amvxHxrAEaB9JtD
D2jck+sic+GppiZiz+Tz32Eq6pvEHpDGZyqoUeZAB5ckT6Ne6Vp3XMYtbKdH/vGR
UtbFTuZh/4+aihNTB8H/oLAVOnL54rs8fOMXBEBZkyeOuQmWWYdDlRS5rOpKyM2O
prUng0ucAIHWc/3nrhh1DM96P4sP4eYJ+9rJE1GH1R5YUbiRjgarQ860jsn/x/2s
dXJDaywoDSDyVyEr+t8PFtzTU2bvFmZka4ndTsI5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnbKKYCg73zePz/2NYHuoyqebZUIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VlYjFhMGRiLWM2ZTctNDU3OC1iNTA4LTg0YjE1Yzk2YjUyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQYbhAwDQYJKoZIhvcNAQELBQADggEBALyvvmpkEJuQBRcuZQ2qPfHsMIMs
Dclq5uAakQFXQUZvMV4OyGXbixPQWNw+NhY+19SOnGRtmQauvv1NfZH+GYWIF7qQ
ei89tH1fDKPO+6/78FS1NzgDVOhG3wjxGps1taE3Bb5V4g6nDtSWN5n5equnAqbW
Ti+arfBPxI4BTvcHgAhECbORqrYX8BCp1aG/PiVZFsPgLjCPteJpOgdL/LCTHlXj
h+cCGWc6vajiqM5hXRhBZFdB+ZWFsKjL2FP3td0me/TCiZxWxGuBsLV3mjfTbrDp
R1gjFfHm8KixB0Kjk+wYre0qoAQtbfGbdaLvHzB8hUUJIzYntY4FJmqg7A0=
-----END CERTIFICATE-----