Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2fe5322-91ca-4110-b210-af46310a9592.roa
File:                     f2fe5322-91ca-4110-b210-af46310a9592.roa (raw, json)
Hash identifier:          5aa13P+fO0odPQgxELCooTDtXpVgx6JKIp/87XbCFM0=
Subject key identifier:   EC:79:94:5D:5F:45:28:2F:82:19:BE:41:79:D3:AB:28:F7:6A:0F:99
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0C8AB3D43A9FFE5276DE7B2F906F1E32901B1A24
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2fe5322-91ca-4110-b210-af46310a9592.roa
Signing time:             Tue 30 Sep 2025 00:21:06 +0000
ROA not before:           Tue 30 Sep 2025 00:21:06 +0000
ROA not after:            Tue 04 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        166.92.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:8a:b3:d4:3a:9f:fe:52:76:de:7b:2f:90:6f:1e:32:90:1b:1a:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 30 00:21:06 2025 GMT
            Not After : Nov  4 23:59:59 2025 GMT
        Subject: serialNumber=588c21a3c572dc87fde86e54595fd7cd5a8335069a50f9a79e40a0d7ea3b1ba5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:d2:ca:04:05:7f:30:b2:6b:dd:87:51:cb:71:
                    f2:0a:df:36:77:d9:2c:3d:27:1c:49:12:b1:02:63:
                    fe:21:d3:2a:4c:67:e8:27:22:79:49:79:76:b9:07:
                    7e:b3:aa:c1:54:df:22:72:b5:9e:d8:84:ad:8c:24:
                    8a:46:e9:96:af:c3:4d:13:f4:2f:22:be:8a:15:76:
                    cf:03:d2:3b:70:5e:89:d9:d3:cf:2d:58:f7:9a:06:
                    42:1b:b1:e3:04:1a:10:db:c9:74:8f:a4:64:21:74:
                    bd:49:99:17:fb:4a:f5:68:84:a3:68:dd:51:46:c8:
                    fe:b9:b2:d2:3c:8d:1f:5b:b0:62:1e:5d:f0:cf:28:
                    0f:c8:39:ce:75:ce:e9:03:e7:c5:4c:5f:63:7c:4f:
                    92:c6:15:e1:01:bd:8b:bf:04:24:a3:c7:7d:e6:ae:
                    e0:ba:9e:c4:af:35:10:7a:4d:8d:76:42:0e:75:df:
                    08:ce:9f:74:b9:99:35:24:64:f8:4e:38:89:96:32:
                    52:4a:f0:52:c8:2e:8b:be:c4:ec:29:95:4b:18:46:
                    24:4a:7a:19:8a:1c:8b:78:49:47:52:be:eb:0a:ff:
                    3e:15:1d:c9:6c:48:8c:86:c5:12:75:55:4f:92:4f:
                    d3:40:44:42:34:60:b8:56:5c:11:e4:22:40:f5:ac:
                    76:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:79:94:5D:5F:45:28:2F:82:19:BE:41:79:D3:AB:28:F7:6A:0F:99
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2fe5322-91ca-4110-b210-af46310a9592.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.92.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         03:58:28:3e:75:f5:35:d7:00:80:28:13:17:a8:40:23:e5:6e:
         34:79:e9:db:c1:1f:c0:60:0c:28:78:3a:a6:b2:b2:bd:9f:7c:
         c6:54:0c:eb:a7:55:54:a7:23:fa:3b:e7:86:d1:c6:07:7a:92:
         ec:e4:2d:b7:ad:b8:77:0b:b4:64:ee:42:01:7e:38:1b:cd:76:
         13:d4:4b:9c:e9:bf:70:f6:6c:29:23:89:f5:44:2f:25:c4:c3:
         eb:9f:77:85:a5:38:46:26:a7:e3:c7:4d:a7:f2:e0:64:3f:ec:
         58:97:5e:6b:45:77:ce:f7:1c:69:b9:50:1c:9b:c0:7d:17:ca:
         ea:5f:0c:ad:6a:bb:1f:26:28:3d:40:a8:6c:56:33:04:c2:21:
         48:b5:1e:f6:54:38:fa:06:85:70:ed:ad:b4:f9:9c:7e:49:b3:
         63:75:71:88:28:b7:75:eb:a6:00:6a:72:57:01:be:b2:99:0f:
         84:ee:ac:86:51:fc:7d:6f:00:dc:ce:dc:6b:de:6d:2a:69:29:
         47:f5:4a:ec:2e:8d:b9:cf:59:94:07:16:f7:cf:69:ca:aa:a9:
         68:d4:2b:de:b4:ad:27:e1:74:d0:9d:10:04:ec:b1:da:8f:1a:
         0d:3d:f6:e0:6d:e6:68:e3:96:63:39:4e:51:ea:77:7f:90:9e:
         47:5f:ed:a1
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUDIqz1Dqf/lJ23nsvkG8eMpAbGiQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAyMTA2WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A1ODhjMjFhM2M1NzJkYzg3ZmRlODZlNTQ1OTVmZDdjZDVh
ODMzNTA2OWE1MGY5YTc5ZTQwYTBkN2VhM2IxYmE1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDq0soEBX8wsmvdh1HLcfIK3zZ32Sw9JxxJErECY/4h0ypM
Z+gnInlJeXa5B36zqsFU3yJytZ7YhK2MJIpG6Zavw00T9C8ivooVds8D0jtwXonZ
088tWPeaBkIbseMEGhDbyXSPpGQhdL1JmRf7SvVohKNo3VFGyP65stI8jR9bsGIe
XfDPKA/IOc51zukD58VMX2N8T5LGFeEBvYu/BCSjx33mruC6nsSvNRB6TY12Qg51
3wjOn3S5mTUkZPhOOImWMlJK8FLILou+xOwplUsYRiRKehmKHIt4SUdSvusK/z4V
HclsSIyGxRJ1VU+ST9NAREI0YLhWXBHkIkD1rHbhAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU7HmUXV9FKC+CGb5BedOrKPdqD5kwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyZmU1MzIyLTkxY2EtNDExMC1iMjEwLWFmNDYzMTBhOTU5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCmXDANBgkqhkiG9w0BAQsFAAOCAQEAA1goPnX1NdcAgCgTF6hAI+VuNHnp
28EfwGAMKHg6prKyvZ98xlQM66dVVKcj+jvnhtHGB3qS7OQtt624dwu0ZO5CAX44
G812E9RLnOm/cPZsKSOJ9UQvJcTD6593haU4Rian48dNp/LgZD/sWJdea0V3zvcc
ablQHJvAfRfK6l8MrWq7HyYoPUCobFYzBMIhSLUe9lQ4+gaFcO2ttPmcfkmzY3Vx
iCi3deumAGpyVwG+spkPhO6shlH8fW8A3M7ca95tKmkpR/VK7C6Nuc9ZlAcW989p
yqqpaNQr3rStJ+F00J0QBOyx2o8aDT324G3maOOWYzlOUep3f5CeR1/toQ==
-----END CERTIFICATE-----