Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbc52a03-e4e6-48a0-8f85-9d9f1f9d01e9.roa
File:                     fbc52a03-e4e6-48a0-8f85-9d9f1f9d01e9.roa (raw, json)
Hash identifier:          VOIXUj+2tL06y9lE7qrbF9lIytc8V+jHiXNasy60gcU=
Subject key identifier:   C0:27:24:AE:C8:6E:D7:A1:91:83:79:F6:A2:95:DC:34:87:6E:40:84
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       60E98DC33E6C785BC383ED8AB0033D6825EBF57C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbc52a03-e4e6-48a0-8f85-9d9f1f9d01e9.roa
Signing time:             Mon 29 Sep 2025 15:12:40 +0000
ROA not before:           Mon 29 Sep 2025 15:12:40 +0000
ROA not after:            Mon 03 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        65.80.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:e9:8d:c3:3e:6c:78:5b:c3:83:ed:8a:b0:03:3d:68:25:eb:f5:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 29 15:12:40 2025 GMT
            Not After : Nov  3 23:59:59 2025 GMT
        Subject: serialNumber=4ca04aeb187845fe925940d2ce100d890ee571f4c54fd799443ebf1eb9a680b9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:6b:32:82:a8:32:ba:48:bc:3d:00:7a:3c:f5:
                    91:75:42:f7:5f:7a:06:0c:58:0f:bf:56:90:b4:5e:
                    d3:0c:c8:87:55:5f:16:a0:52:00:be:d5:72:8a:1c:
                    ac:f4:5d:fe:73:63:d0:e3:e3:64:a7:62:e4:cd:f8:
                    6b:40:d4:50:b6:b7:5a:76:64:fa:28:f1:d2:d5:6f:
                    4a:32:fe:3b:ac:7d:c7:cc:e8:c4:64:53:4e:c5:eb:
                    c7:90:ca:6e:95:76:2b:01:cf:35:92:c9:9f:12:c8:
                    f0:f9:7c:db:70:17:66:1f:26:74:e3:0a:3e:47:b6:
                    61:20:03:72:44:2b:40:c3:ca:c0:08:e6:6d:c0:16:
                    7b:3e:9b:24:2b:8a:a6:32:74:5f:cc:d5:aa:07:f4:
                    3f:13:81:1b:2b:af:60:02:3c:56:69:37:1a:38:02:
                    e2:a7:83:ef:9c:e7:26:f1:ef:cf:b2:8c:60:75:8a:
                    7f:b5:fb:79:62:2a:ce:dc:97:fb:e6:1c:8c:db:0e:
                    f8:49:7a:c1:1c:e7:8a:fa:04:f5:9e:f6:0a:83:78:
                    56:37:f9:27:a0:74:25:d7:13:3f:6c:a8:a8:5d:fa:
                    e5:e1:d6:ab:45:d7:37:38:f4:a3:fe:bd:20:ae:ac:
                    fe:ef:bc:15:a4:56:4f:74:40:cd:2b:25:f6:82:3c:
                    be:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:27:24:AE:C8:6E:D7:A1:91:83:79:F6:A2:95:DC:34:87:6E:40:84
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fbc52a03-e4e6-48a0-8f85-9d9f1f9d01e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  65.80.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         81:ed:5a:7d:ac:ac:02:ac:d2:ad:2a:d1:65:0e:4b:7e:ff:50:
         19:90:63:ef:b3:0c:0a:9f:d7:3c:e7:a6:a7:74:f3:dd:50:4a:
         e9:46:90:5a:34:e9:51:16:75:5f:22:47:31:ad:f6:85:d7:f4:
         d4:af:e0:70:b9:9a:7a:59:d4:35:56:e2:e5:06:7a:eb:68:cf:
         b6:b4:7d:6d:e0:94:9a:e8:04:d9:07:c9:8a:e8:eb:a8:77:aa:
         af:6e:f5:95:c0:25:26:b2:e4:d7:9e:59:a9:83:b7:ae:a6:8e:
         59:cb:4a:30:4a:3b:5e:61:bd:c5:cc:38:b9:47:d9:8b:45:2f:
         4b:eb:d8:cc:0c:69:bc:b1:16:12:3d:4f:04:2c:eb:21:1f:0a:
         f4:cc:b8:f7:7a:48:c2:db:e7:d9:8e:b4:fc:53:74:65:44:ab:
         43:d4:3d:41:10:26:ef:cf:9b:7d:2b:2b:60:6e:dd:ef:21:cd:
         5e:eb:a7:3f:8b:36:20:43:93:16:29:77:ac:f5:3e:d1:89:b2:
         30:de:1d:1b:c5:25:e8:67:8f:aa:26:ae:4a:00:b2:8b:b9:17:
         e0:d0:61:69:f2:da:62:96:23:6f:e4:ff:8d:39:6e:9d:76:c9:
         a0:29:88:96:fd:c0:09:5d:33:d4:88:0b:a7:0f:18:4c:06:e5:
         46:03:f3:80
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUYOmNwz5seFvDg+2KsAM9aCXr9XwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI5MTUxMjQwWhcNMjUxMTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0A0Y2EwNGFlYjE4Nzg0NWZlOTI1OTQwZDJjZTEwMGQ4OTBl
ZTU3MWY0YzU0ZmQ3OTk0NDNlYmYxZWI5YTY4MGI5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYazKCqDK6SLw9AHo89ZF1QvdfegYMWA+/VpC0XtMMyIdV
XxagUgC+1XKKHKz0Xf5zY9Dj42SnYuTN+GtA1FC2t1p2ZPoo8dLVb0oy/jusfcfM
6MRkU07F68eQym6VdisBzzWSyZ8SyPD5fNtwF2YfJnTjCj5HtmEgA3JEK0DDysAI
5m3AFns+myQriqYydF/M1aoH9D8TgRsrr2ACPFZpNxo4AuKng++c5ybx78+yjGB1
in+1+3liKs7cl/vmHIzbDvhJesEc54r6BPWe9gqDeFY3+SegdCXXEz9sqKhd+uXh
1qtF1zc49KP+vSCurP7vvBWkVk90QM0rJfaCPL4XAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUwCckrshu16GRg3n2opXcNIduQIQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZiYzUyYTAzLWU0ZTYtNDhhMC04Zjg1LTlkOWYxZjlkMDFlOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBBUDANBgkqhkiG9w0BAQsFAAOCAQEAge1afaysAqzSrSrRZQ5Lfv9QGZBj
77MMCp/XPOemp3Tz3VBK6UaQWjTpURZ1XyJHMa32hdf01K/gcLmaelnUNVbi5QZ6
62jPtrR9beCUmugE2QfJiujrqHeqr271lcAlJrLk155ZqYO3rqaOWctKMEo7XmG9
xcw4uUfZi0UvS+vYzAxpvLEWEj1PBCzrIR8K9My493pIwtvn2Y60/FN0ZUSrQ9Q9
QRAm78+bfSsrYG7d7yHNXuunP4s2IEOTFil3rPU+0YmyMN4dG8Ul6GePqiauSgCy
i7kX4NBhafLaYpYjb+T/jTlunXbJoCmIlv3ACV0z1IgLpw8YTAblRgPzgA==
-----END CERTIFICATE-----