Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe30170b-f64b-447c-bfa6-1b91a1c5a516.roa
File:                     fe30170b-f64b-447c-bfa6-1b91a1c5a516.roa (raw, json)
Hash identifier:          2kJL68+mugtUOvA6khRBgjOfcl88UfURGjE6qJRTm28=
Subject key identifier:   82:A6:34:09:8A:36:57:06:AF:3B:8B:DF:2C:74:9C:86:F4:86:59:AF
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       23C014C558ED588BD677A5CF2183EC9CF65BD8FC
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe30170b-f64b-447c-bfa6-1b91a1c5a516.roa
Signing time:             Fri 26 Sep 2025 00:01:41 +0000
ROA not before:           Fri 26 Sep 2025 00:01:41 +0000
ROA not after:            Fri 31 Oct 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        122.200.62.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:c0:14:c5:58:ed:58:8b:d6:77:a5:cf:21:83:ec:9c:f6:5b:d8:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 26 00:01:41 2025 GMT
            Not After : Oct 31 23:59:59 2025 GMT
        Subject: serialNumber=36cf0b31336a9ff0af49435dedd7583cb9f55da2c44601eb6ef220bac2679109, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ea:29:24:bf:09:a0:ba:da:f3:a4:ae:dd:09:
                    8e:50:6b:32:e3:92:2f:e7:e8:55:c9:de:e6:18:ce:
                    af:24:f6:98:e5:ad:ad:36:b5:32:5b:5d:40:ec:7a:
                    a3:e7:a6:a9:e0:3c:33:f9:b9:4e:c9:3c:ad:f2:18:
                    5b:b1:a8:7d:2d:46:b3:76:93:d4:7f:1d:95:02:c4:
                    49:a8:2c:17:29:56:09:e1:8a:3c:71:b5:d6:a9:85:
                    87:27:9e:09:77:b3:50:2e:d9:da:af:07:9e:31:81:
                    87:48:3b:ca:bd:4e:81:14:a4:51:d3:8b:d5:3e:10:
                    bc:f0:d6:bc:de:b2:03:ab:40:79:8c:63:81:17:53:
                    1c:94:1d:84:d3:6a:42:a0:7a:d0:41:cc:86:28:c3:
                    b5:d2:98:28:af:55:18:89:b7:12:be:68:d0:22:61:
                    00:88:d5:01:2c:bf:bf:7f:bb:b8:45:db:0d:12:ab:
                    34:e2:37:56:20:23:cf:84:f7:05:70:0e:fc:9a:c5:
                    81:bf:f6:77:45:fb:cd:cb:b8:78:70:4a:86:b0:3f:
                    e0:fc:23:a0:41:6f:8a:e0:df:65:26:d8:85:c0:4d:
                    2d:8a:74:c7:18:29:16:ec:61:6f:94:fb:f0:4c:18:
                    75:93:c3:a3:c0:38:56:e8:95:e1:67:1f:01:6d:52:
                    ad:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:A6:34:09:8A:36:57:06:AF:3B:8B:DF:2C:74:9C:86:F4:86:59:AF
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fe30170b-f64b-447c-bfa6-1b91a1c5a516.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  122.200.62.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9a:be:45:56:65:22:84:91:d3:ae:de:88:e0:2d:fd:0c:94:6a:
         9e:54:f4:aa:c1:6b:67:f2:b2:a3:68:9c:5f:45:ce:fe:99:f2:
         9a:4a:a2:bb:6d:e1:bc:c4:be:35:82:ff:af:cb:a4:a7:a8:fd:
         4c:be:02:07:6a:4e:3c:46:93:f8:6d:89:6e:1c:85:e1:8b:e6:
         54:05:d2:92:cb:58:d4:30:bb:64:4c:9b:89:88:f8:34:72:d0:
         df:0a:e6:7d:bb:7c:7f:c0:8e:75:dc:f3:3f:bd:ce:70:5b:b4:
         23:bb:0e:e8:92:f5:5d:c3:6c:da:27:de:6a:8e:53:0e:00:bf:
         23:36:e3:7d:00:b5:77:9e:23:fe:a9:a4:aa:9d:12:5d:a8:13:
         7a:87:d1:23:9f:0d:7d:fe:3a:8b:bd:e5:af:c4:2a:48:c8:c7:
         d7:65:3f:a8:88:f5:13:50:c0:e9:53:23:6d:89:8d:a1:06:34:
         d7:8a:e0:1d:f2:8c:d4:c5:3a:37:dd:27:34:8d:57:a6:96:d6:
         2f:40:e3:47:24:5e:e1:27:12:b5:d4:ca:20:f0:2c:fb:61:ce:
         1f:bc:30:89:e9:b2:9b:3b:05:eb:98:6e:ed:ba:57:4b:0d:86:
         7c:dd:27:d3:96:7b:34:be:2f:29:31:a8:30:ca:c5:5d:f9:17:
         6e:5f:16:5f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUI8AUxVjtWIvWd6XPIYPsnPZb2PwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTI2MDAwMTQxWhcNMjUxMDMxMjM1OTU5
WjB6MUkwRwYDVQQFE0AzNmNmMGIzMTMzNmE5ZmYwYWY0OTQzNWRlZGQ3NTgzY2I5
ZjU1ZGEyYzQ0NjAxZWI2ZWYyMjBiYWMyNjc5MTA5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDj6ikkvwmgutrzpK7dCY5QazLjki/n6FXJ3uYYzq8k9pjl
ra02tTJbXUDseqPnpqngPDP5uU7JPK3yGFuxqH0tRrN2k9R/HZUCxEmoLBcpVgnh
ijxxtdaphYcnngl3s1Au2dqvB54xgYdIO8q9ToEUpFHTi9U+ELzw1rzesgOrQHmM
Y4EXUxyUHYTTakKgetBBzIYow7XSmCivVRiJtxK+aNAiYQCI1QEsv79/u7hF2w0S
qzTiN1YgI8+E9wVwDvyaxYG/9ndF+83LuHhwSoawP+D8I6BBb4rg32Um2IXATS2K
dMcYKRbsYW+U+/BMGHWTw6PAOFboleFnHwFtUq3HAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgqY0CYo2VwavO4vfLHSchvSGWa8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2ZlMzAxNzBiLWY2NGItNDQ3Yy1iZmE2LTFiOTFhMWM1YTUxNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAF6yD4wDQYJKoZIhvcNAQELBQADggEBAJq+RVZlIoSR067eiOAt/QyUap5U
9KrBa2fysqNonF9Fzv6Z8ppKortt4bzEvjWC/6/LpKeo/Uy+AgdqTjxGk/htiW4c
heGL5lQF0pLLWNQwu2RMm4mI+DRy0N8K5n27fH/AjnXc8z+9znBbtCO7DuiS9V3D
bNon3mqOUw4AvyM2430AtXeeI/6ppKqdEl2oE3qH0SOfDX3+Oou95a/EKkjIx9dl
P6iI9RNQwOlTI22JjaEGNNeK4B3yjNTFOjfdJzSNV6aW1i9A40ckXuEnErXUyiDw
LPthzh+8MInpsps7BeuYbu26V0sNhnzdJ9OWezS+LykxqDDKxV35F25fFl8=
-----END CERTIFICATE-----