Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/014c5b16-8b1e-4d0f-9900-050775309905.roa
File:                     014c5b16-8b1e-4d0f-9900-050775309905.roa (raw, json)
Hash identifier:          iZmOXisJSiz/XEy7QW8kV+0MfKkSYEP72k+8M/GZKxY=
Subject key identifier:   38:2E:36:38:89:5D:1C:B8:5E:7C:8B:5A:B6:94:E2:AE:97:FA:53:E1
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       074260E61A42E62F319FC31E8570D36F57F176AD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/014c5b16-8b1e-4d0f-9900-050775309905.roa
Signing time:             Tue 04 Nov 2025 00:20:09 +0000
ROA not before:           Tue 04 Nov 2025 00:20:09 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        75.22.192.0/19 maxlen: 19
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:42:60:e6:1a:42:e6:2f:31:9f:c3:1e:85:70:d3:6f:57:f1:76:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  4 00:20:09 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=7107a2e0c169b19266609b1e5b19b950525b3c28c70861ed9e565438b9aaaf58, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:80:d2:5c:c2:4b:86:8e:8a:3a:0e:65:78:c3:
                    cd:b5:62:cf:a8:02:76:3a:58:77:e4:47:66:dc:bb:
                    fd:fb:4a:8b:b5:4a:a1:c8:1f:ef:40:a3:66:d7:a3:
                    14:c6:9f:dd:65:8f:64:90:4c:7b:00:9a:6c:85:52:
                    41:fc:b3:6b:82:50:05:1b:9f:d8:be:92:bd:76:5f:
                    0d:2c:36:6b:3a:b8:02:4c:76:ff:15:74:42:e5:4c:
                    79:32:ba:d3:5e:61:b8:d5:12:fe:85:8a:7f:9d:01:
                    5b:c4:17:c8:5b:9a:86:52:25:12:b0:8a:6b:f8:7a:
                    f0:82:6f:ec:7c:d3:94:b2:f3:b1:e6:2e:66:49:26:
                    2e:f8:75:85:13:f4:0c:39:46:da:d2:4a:bf:58:f3:
                    68:94:39:61:06:c7:2f:a8:6c:b0:14:cf:2c:05:86:
                    42:c7:4a:e1:70:5e:fc:e2:08:37:68:9c:1c:3c:5a:
                    e1:25:fc:ad:8f:4c:04:4f:2e:a7:94:44:64:fa:07:
                    ee:b4:e2:30:a0:b7:03:8f:4f:e8:cd:a8:6f:b8:88:
                    4e:ef:b5:76:22:09:84:10:2e:57:58:4c:c8:cb:1e:
                    cd:1c:db:26:7e:0f:00:77:b9:95:1d:6a:60:2c:a3:
                    0f:ab:b2:2c:de:0d:4f:93:46:91:58:e5:9f:73:aa:
                    b4:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:2E:36:38:89:5D:1C:B8:5E:7C:8B:5A:B6:94:E2:AE:97:FA:53:E1
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/014c5b16-8b1e-4d0f-9900-050775309905.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  75.22.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         75:f4:2f:df:62:78:72:4b:cc:b6:53:fb:2c:8e:6a:e4:5e:95:
         9c:4c:e4:5d:7b:ef:03:00:75:db:8b:10:b6:92:12:11:bb:9f:
         a2:c7:2f:f5:ef:00:7d:de:24:c7:20:4f:f1:38:07:8b:00:58:
         09:09:2f:83:61:91:72:c6:e7:82:c2:b2:6b:6c:19:33:7b:ad:
         23:b6:bb:44:01:a1:d6:f1:c3:0c:4d:49:29:05:c2:ed:a3:b1:
         85:db:9b:f3:4f:ff:6d:ee:25:ba:90:cf:4c:ce:6f:e4:c4:ed:
         a5:8e:28:ce:d6:39:7d:68:5c:c9:74:0a:21:10:0d:c2:0a:62:
         61:c4:55:b5:f7:d6:53:f6:0e:cf:09:35:b8:ea:50:23:ff:cf:
         54:ad:c7:53:ad:5c:bf:2f:9a:69:df:af:79:cd:40:c3:39:eb:
         ab:c3:71:9d:dc:ee:2c:35:78:27:1c:6f:3e:41:e2:06:8a:1f:
         07:61:6a:20:e5:3c:12:74:75:17:b4:7f:20:6b:36:9a:b3:c2:
         63:26:9e:4e:d5:90:b2:f3:c9:a2:26:77:8d:27:d9:59:96:c1:
         ab:b8:ef:ad:d1:ec:94:21:f5:41:a0:8a:02:2d:d1:55:64:62:
         e8:ae:b5:9d:b3:fb:fb:10:e0:a3:f5:e0:2c:a5:42:4a:0e:47:
         05:bc:f9:67
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUB0Jg5hpC5i8xn8MehXDTb1fxdq0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA0MDAyMDA5WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MTA3YTJlMGMxNjliMTkyNjY2MDliMWU1YjE5Yjk1MDUy
NWIzYzI4YzcwODYxZWQ5ZTU2NTQzOGI5YWFhZjU4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCggNJcwkuGjoo6DmV4w821Ys+oAnY6WHfkR2bcu/37Sou1
SqHIH+9Ao2bXoxTGn91lj2SQTHsAmmyFUkH8s2uCUAUbn9i+kr12Xw0sNms6uAJM
dv8VdELlTHkyutNeYbjVEv6Fin+dAVvEF8hbmoZSJRKwimv4evCCb+x805Sy87Hm
LmZJJi74dYUT9Aw5RtrSSr9Y82iUOWEGxy+obLAUzywFhkLHSuFwXvziCDdonBw8
WuEl/K2PTARPLqeURGT6B+604jCgtwOPT+jNqG+4iE7vtXYiCYQQLldYTMjLHs0c
2yZ+DwB3uZUdamAsow+rsizeDU+TRpFY5Z9zqrTfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUOC42OIldHLhefItatpTirpf6U+EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzAxNGM1YjE2LThiMWUtNGQwZi05OTAwLTA1MDc3NTMwOTkwNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAVLFsAwDQYJKoZIhvcNAQELBQADggEBAHX0L99ieHJLzLZT+yyOauRelZxM
5F177wMAdduLELaSEhG7n6LHL/XvAH3eJMcgT/E4B4sAWAkJL4NhkXLG54LCsmts
GTN7rSO2u0QBodbxwwxNSSkFwu2jsYXbm/NP/23uJbqQz0zOb+TE7aWOKM7WOX1o
XMl0CiEQDcIKYmHEVbX31lP2Ds8JNbjqUCP/z1Stx1OtXL8vmmnfr3nNQMM566vD
cZ3c7iw1eCccbz5B4gaKHwdhaiDlPBJ0dRe0fyBrNpqzwmMmnk7VkLLzyaImd40n
2VmWwau4763R7JQh9UGgigIt0VVkYuiutZ2z+/sQ4KP14CylQkoORwW8+Wc=
-----END CERTIFICATE-----