Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa
File:                     1044c764-927e-41a1-b94e-b8bb9091f9c3.roa (raw, json)
Hash identifier:          bk/m431YnVG/QwzgctxDwDuRT8G52SyWFmWj/i5oXq0=
Subject key identifier:   A7:5C:AF:BA:7F:8D:9C:88:CE:9D:2B:D2:9D:D5:2A:B9:86:EB:26:CA
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       4F7D17C43F79E3976D4C9AEBEC77D3DFFF01C150
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa
Signing time:             Sat 25 Oct 2025 00:10:13 +0000
ROA not before:           Sat 25 Oct 2025 00:10:13 +0000
ROA not after:            Sat 29 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        194.134.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:7d:17:c4:3f:79:e3:97:6d:4c:9a:eb:ec:77:d3:df:ff:01:c1:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 25 00:10:13 2025 GMT
            Not After : Nov 29 23:59:59 2025 GMT
        Subject: serialNumber=c751aa2bde8c7f939b7456e5d8f075b7ecbb6b34f4ac138108f2b11961453b38, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:7b:88:b4:0c:b9:4a:58:66:ce:2b:98:54:73:
                    1c:6c:20:a2:8a:10:c2:68:85:58:54:4e:71:09:68:
                    e5:a5:d5:07:37:c5:0d:9a:b5:d9:56:3c:9a:17:02:
                    8b:4d:bd:0f:ca:83:0d:04:81:87:e5:ea:7f:ca:38:
                    7e:86:0e:cb:29:be:f0:b5:ee:e5:f7:1e:b6:83:64:
                    d5:86:64:24:dd:df:ee:3a:38:d0:54:e6:ad:f9:96:
                    64:21:b2:42:80:b8:3e:3b:f4:58:7c:2d:d7:ee:d6:
                    69:c1:9d:21:82:3c:b7:b7:e3:03:95:39:55:b6:be:
                    de:6b:d7:ba:0d:f8:0e:89:88:94:a9:c6:eb:a7:8d:
                    e1:3f:d9:ca:b5:62:08:d2:6e:92:8c:7d:0a:6e:9d:
                    59:89:f5:57:33:55:1b:f8:87:fe:80:8b:92:c9:0c:
                    ee:04:83:ce:f2:9e:34:a0:31:66:a0:f6:1d:98:78:
                    9d:cc:70:ee:3e:9d:df:ca:4f:92:80:c9:b3:dc:6b:
                    c5:f4:37:36:98:de:55:e4:ef:be:fd:0c:bd:43:5b:
                    bf:f8:64:64:52:72:bb:6c:ba:a2:0b:6e:de:f4:d2:
                    af:ab:40:6c:d4:b6:eb:e8:79:03:21:90:29:57:34:
                    61:5e:27:42:ca:e5:5d:c6:cd:68:5b:91:50:9e:47:
                    39:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:5C:AF:BA:7F:8D:9C:88:CE:9D:2B:D2:9D:D5:2A:B9:86:EB:26:CA
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1044c764-927e-41a1-b94e-b8bb9091f9c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.134.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         62:f4:8e:df:70:0e:4f:53:6d:4b:f8:89:37:2c:4c:53:49:7d:
         26:90:ef:00:86:81:95:36:53:9d:40:3d:42:a6:32:5e:4c:da:
         6b:61:ff:5a:35:3b:7b:4e:d5:36:24:47:b9:76:2e:33:30:33:
         68:df:f8:f5:96:bb:68:7f:43:87:22:f1:63:94:b6:1e:1c:11:
         6d:a7:71:62:54:79:f5:7e:60:71:3f:c1:e8:c1:8c:fb:55:b2:
         69:17:04:48:c6:d4:8b:f6:17:4e:19:a7:cc:b1:6b:60:e3:b7:
         13:a7:09:55:96:3b:8d:3d:fb:c1:f3:8d:4e:1f:c2:fd:16:49:
         4e:ec:e0:87:e5:c3:c9:1e:b2:e4:6c:47:f5:0e:4f:9d:41:c4:
         27:85:4d:11:1b:6f:37:bb:72:17:4b:52:98:c6:be:c8:e1:c6:
         59:6c:ab:7b:8b:d7:d3:c1:3a:02:9e:2d:ea:50:d1:49:5c:80:
         67:f7:9a:c7:48:e2:54:e5:d8:80:04:85:ec:07:51:ce:5e:05:
         25:bb:ef:50:8a:cf:24:09:fa:9b:ee:79:34:02:e2:26:b6:bc:
         d2:4e:f8:73:b8:70:c0:8e:69:9f:df:8c:29:d5:55:37:78:87:
         6c:6b:7e:55:5e:20:ff:b8:f0:d7:6e:4c:96:97:83:dc:66:89:
         a7:f0:3a:94
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUT30XxD9545dtTJrr7HfT3/8BwVAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI1MDAxMDEzWhcNMjUxMTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0BjNzUxYWEyYmRlOGM3ZjkzOWI3NDU2ZTVkOGYwNzViN2Vj
YmI2YjM0ZjRhYzEzODEwOGYyYjExOTYxNDUzYjM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCxe4i0DLlKWGbOK5hUcxxsIKKKEMJohVhUTnEJaOWl1Qc3
xQ2atdlWPJoXAotNvQ/Kgw0EgYfl6n/KOH6GDsspvvC17uX3HraDZNWGZCTd3+46
ONBU5q35lmQhskKAuD479Fh8Ldfu1mnBnSGCPLe34wOVOVW2vt5r17oN+A6JiJSp
xuunjeE/2cq1YgjSbpKMfQpunVmJ9VczVRv4h/6Ai5LJDO4Eg87ynjSgMWag9h2Y
eJ3McO4+nd/KT5KAybPca8X0NzaY3lXk7779DL1DW7/4ZGRScrtsuqILbt700q+r
QGzUtuvoeQMhkClXNGFeJ0LK5V3GzWhbkVCeRzlpAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUp1yvun+NnIjOnSvSndUquYbrJsowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzEwNDRjNzY0LTkyN2UtNDFhMS1iOTRlLWI4YmI5MDkxZjljMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDChjANBgkqhkiG9w0BAQsFAAOCAQEAYvSO33AOT1NtS/iJNyxMU0l9JpDv
AIaBlTZTnUA9QqYyXkzaa2H/WjU7e07VNiRHuXYuMzAzaN/49Za7aH9DhyLxY5S2
HhwRbadxYlR59X5gcT/B6MGM+1WyaRcESMbUi/YXThmnzLFrYOO3E6cJVZY7jT37
wfONTh/C/RZJTuzgh+XDyR6y5GxH9Q5PnUHEJ4VNERtvN7tyF0tSmMa+yOHGWWyr
e4vX08E6Ap4t6lDRSVyAZ/eax0jiVOXYgASF7AdRzl4FJbvvUIrPJAn6m+55NALi
Jra80k74c7hwwI5pn9+MKdVVN3iHbGt+VV4g/7jw125MlpeD3GaJp/A6lA==
-----END CERTIFICATE-----