Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ad3a4fb-a417-4f1b-83fd-6527c2718313.roa
File:                     0ad3a4fb-a417-4f1b-83fd-6527c2718313.roa (raw, json)
Hash identifier:          DaPRjwQ+o0DylZwmB7K0Smfi3hC/iETrvyx9+gIF8tc=
Subject key identifier:   F6:68:75:8D:9F:C1:FF:DE:4D:AF:E2:B3:B4:4E:8C:D5:42:63:57:16
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       08FDE29C327697EB3AD5F58D1BDF4272500A2190
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ad3a4fb-a417-4f1b-83fd-6527c2718313.roa
Signing time:             Wed 05 Nov 2025 00:40:13 +0000
ROA not before:           Wed 05 Nov 2025 00:40:13 +0000
ROA not after:            Wed 10 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        93.190.184.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:fd:e2:9c:32:76:97:eb:3a:d5:f5:8d:1b:df:42:72:50:0a:21:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:40:13 2025 GMT
            Not After : Dec 10 23:59:59 2025 GMT
        Subject: serialNumber=9dee3ff2ca512704d1c37e447289201ab07d7e47d9940ea6ebdd5ffd6034461e, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:45:f1:98:05:60:d0:5d:cb:7d:c2:8c:da:3e:
                    63:16:d5:5a:c8:23:2e:ae:ae:ff:db:e7:67:ad:3a:
                    8a:6d:56:27:e5:6b:88:47:11:c5:8a:56:f9:85:cd:
                    7e:bb:08:fd:d1:e1:bb:2c:2b:e9:44:4a:03:8b:20:
                    20:6d:c5:24:e2:3f:3d:49:fe:54:de:8a:40:2e:f4:
                    54:d7:13:ea:de:7e:04:e0:4e:8b:fb:08:a6:5b:45:
                    05:9f:b4:a7:40:5b:32:11:98:5f:8b:1c:c8:f0:32:
                    40:33:6e:96:28:b2:f3:60:f0:9e:b2:fb:d2:14:d7:
                    91:ce:f9:98:43:97:b8:fd:97:16:62:81:41:54:95:
                    e7:9f:fb:85:2f:6b:97:64:0c:21:a7:7c:e2:ca:33:
                    f0:22:70:df:ba:36:ac:96:36:53:f6:30:be:ae:76:
                    2e:b4:d1:1f:0f:37:22:9a:81:ce:c3:00:dc:cf:c1:
                    e0:de:a1:af:c5:2a:99:19:34:8a:2c:09:18:8b:93:
                    80:54:b4:bd:17:c8:ff:95:9f:a9:d0:bf:62:23:56:
                    46:b4:0c:99:d4:21:19:13:77:9f:7f:01:87:49:c5:
                    e2:4e:c9:06:d9:58:90:c2:b8:a6:60:a4:d8:85:f5:
                    5e:41:87:29:f9:91:3b:f7:a6:3f:6c:61:4c:4d:72:
                    9e:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:68:75:8D:9F:C1:FF:DE:4D:AF:E2:B3:B4:4E:8C:D5:42:63:57:16
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/0ad3a4fb-a417-4f1b-83fd-6527c2718313.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.190.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d2:a9:9c:2f:2a:42:63:41:9a:6c:52:38:60:2d:36:9c:7a:32:
         74:d9:73:a7:06:f3:15:95:25:08:47:67:52:85:3f:0b:30:af:
         ac:26:4a:56:73:ae:24:5e:26:c1:93:a3:68:22:dd:a8:bc:55:
         33:68:79:51:5f:9c:b7:b4:e6:e5:cf:6d:da:af:36:00:e8:79:
         8b:a2:b9:63:af:76:49:37:5c:60:e7:9e:8a:c0:86:af:9e:98:
         d5:04:0a:d6:bd:db:bf:c9:f3:12:da:b2:3b:0b:bb:cb:ac:c3:
         cf:4c:30:ce:75:ee:e2:9b:d8:32:9c:18:89:9a:70:3e:2e:26:
         75:f6:80:e6:82:1d:2a:c2:ec:8b:db:a5:09:5c:de:91:31:ab:
         f5:1e:66:3d:df:c8:84:66:2a:88:30:1e:2d:05:69:3c:fd:89:
         ac:9c:12:ee:03:ed:2b:ff:89:17:0d:b6:b0:39:5d:fa:64:aa:
         88:e1:3e:b7:c7:f7:c4:9b:5f:38:43:2e:43:4b:bf:ff:fa:08:
         c6:a2:01:38:a0:f5:e9:a6:1a:62:7d:7a:cc:95:3b:91:ed:03:
         45:f1:ad:b3:fa:56:a6:b0:7e:2a:9f:2f:fd:6a:97:38:99:e9:
         4e:03:3b:19:0b:e7:2e:7d:df:1a:d3:73:dc:aa:de:7b:b3:07:
         bf:c8:57:b3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCP3inDJ2l+s61fWNG99CclAKIZAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDA0MDEzWhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A5ZGVlM2ZmMmNhNTEyNzA0ZDFjMzdlNDQ3Mjg5MjAxYWIw
N2Q3ZTQ3ZDk5NDBlYTZlYmRkNWZmZDYwMzQ0NjFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgRfGYBWDQXct9wozaPmMW1VrIIy6urv/b52etOoptVifl
a4hHEcWKVvmFzX67CP3R4bssK+lESgOLICBtxSTiPz1J/lTeikAu9FTXE+refgTg
Tov7CKZbRQWftKdAWzIRmF+LHMjwMkAzbpYosvNg8J6y+9IU15HO+ZhDl7j9lxZi
gUFUleef+4Uva5dkDCGnfOLKM/AicN+6NqyWNlP2ML6udi600R8PNyKagc7DANzP
weDeoa/FKpkZNIosCRiLk4BUtL0XyP+Vn6nQv2IjVka0DJnUIRkTd59/AYdJxeJO
yQbZWJDCuKZgpNiF9V5Bhyn5kTv3pj9sYUxNcp4tAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9mh1jZ/B/95Nr+KztE6M1UJjVxYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzBhZDNhNGZiLWE0MTctNGYxYi04M2ZkLTY1MjdjMjcxODMxMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABdvrgwDQYJKoZIhvcNAQELBQADggEBANKpnC8qQmNBmmxSOGAtNpx6MnTZ
c6cG8xWVJQhHZ1KFPwswr6wmSlZzriReJsGTo2gi3ai8VTNoeVFfnLe05uXPbdqv
NgDoeYuiuWOvdkk3XGDnnorAhq+emNUECta927/J8xLasjsLu8usw89MMM517uKb
2DKcGImacD4uJnX2gOaCHSrC7IvbpQlc3pExq/UeZj3fyIRmKogwHi0FaTz9iayc
Eu4D7Sv/iRcNtrA5XfpkqojhPrfH98SbXzhDLkNLv//6CMaiATig9emmGmJ9esyV
O5HtA0XxrbP6VqawfiqfL/1qlziZ6U4DOxkL5y593xrTc9yq3nuzB7/IV7M=
-----END CERTIFICATE-----