Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1bcd7874-89b7-496a-9e61-695dcca4b351.roa
File:                     1bcd7874-89b7-496a-9e61-695dcca4b351.roa (raw, json)
Hash identifier:          sMP5ZX5JgmzXsh9Dfyd8xpzSWX4lAuzJvFvAYJdgShE=
Subject key identifier:   8F:B1:22:77:24:D6:CE:60:4B:15:B6:22:E1:82:EA:41:9B:52:DE:E2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2B5625FA306AA55D9525E51E78516C7E7C67A473
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1bcd7874-89b7-496a-9e61-695dcca4b351.roa
Signing time:             Fri 31 Oct 2025 21:22:06 +0000
ROA not before:           Fri 31 Oct 2025 21:22:06 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        93.77.156.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:56:25:fa:30:6a:a5:5d:95:25:e5:1e:78:51:6c:7e:7c:67:a4:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 21:22:06 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=4378027cbed5b3b6912e252d63d6b6c4edef3b39bfaff0987de0ad81aa65050b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:3f:0a:d7:61:6f:96:46:c6:fe:c6:b5:20:51:
                    54:a2:87:43:02:b3:01:ba:96:67:70:e6:a5:58:c7:
                    88:91:4d:34:55:0d:9d:0f:49:44:74:97:f2:d5:19:
                    52:3a:19:7c:a4:5a:8f:48:71:ff:bd:f8:71:6b:34:
                    56:64:84:3d:ad:b9:15:a9:b9:84:6e:70:03:c5:c0:
                    c2:dc:56:70:4c:27:3e:51:67:2b:d1:55:68:4a:25:
                    0a:f6:69:f9:71:19:7e:02:f1:6b:da:e7:29:e4:63:
                    4f:86:64:32:14:a1:d1:aa:bf:53:47:24:83:72:b9:
                    88:c8:4d:b7:1e:f7:5a:e5:01:ff:38:a6:da:13:4a:
                    72:e5:c1:67:00:25:55:84:e3:e1:3a:59:da:c2:29:
                    46:f2:81:50:4f:fa:d1:86:96:83:c6:e7:da:36:c4:
                    1d:bb:5d:93:1a:1f:2f:9a:72:f5:75:62:27:0b:a5:
                    9e:a9:92:84:ad:42:f1:5f:7c:64:ad:08:e6:b2:41:
                    18:ef:0e:94:9d:c0:9f:2f:f1:49:a6:b0:80:aa:26:
                    1e:0d:f7:df:53:8f:03:55:13:05:e2:05:15:e8:46:
                    a5:ef:44:af:f9:c4:01:0f:7e:62:17:9e:4c:98:f4:
                    69:46:92:99:38:f9:48:71:1c:07:04:24:2d:cf:62:
                    14:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:B1:22:77:24:D6:CE:60:4B:15:B6:22:E1:82:EA:41:9B:52:DE:E2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/1bcd7874-89b7-496a-9e61-695dcca4b351.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.77.156.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:02:74:da:ef:8d:94:ce:63:28:92:83:d8:f6:19:7d:c9:8d:
         71:fe:ee:fb:ec:e3:51:b3:82:37:10:ec:10:80:d3:6d:f9:ff:
         1d:71:28:05:17:f9:5a:34:55:cf:ef:e6:38:18:78:0b:27:1f:
         a0:db:f1:13:a1:db:54:b1:80:b9:85:95:10:6b:2a:b0:a8:c4:
         39:58:3a:2c:00:90:d1:53:3b:b2:1b:af:ec:57:95:1b:18:bc:
         72:5f:c0:db:04:c4:52:51:12:49:c0:2f:63:2e:80:b8:1d:1f:
         5c:51:c3:3d:2e:cc:53:7e:62:81:06:f5:a3:a2:c6:84:97:d1:
         a2:ac:b9:26:be:00:88:ec:8f:7f:81:dc:59:4b:b1:d4:21:3e:
         f1:8d:4f:8d:8f:d8:33:fc:f7:c6:8a:c0:9b:f7:0f:b9:c5:91:
         54:af:cd:8e:c4:2a:01:cd:86:26:86:ef:59:72:26:17:e7:bc:
         a1:d8:b3:f5:84:56:f7:89:03:1c:04:bf:bf:97:a9:8d:b2:9d:
         be:76:4d:7f:85:d0:d0:af:00:30:fd:81:ec:00:64:9a:bd:9a:
         dc:f8:0a:57:3a:78:75:94:83:ac:45:78:ec:e5:1b:c8:92:7b:
         3b:ec:89:06:09:7f:3e:e5:14:39:f2:f3:fb:24:cb:7e:5a:63:
         c2:76:a3:98
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK1Yl+jBqpV2VJeUeeFFsfnxnpHMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMjEyMjA2WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0Mzc4MDI3Y2JlZDViM2I2OTEyZTI1MmQ2M2Q2YjZjNGVk
ZWYzYjM5YmZhZmYwOTg3ZGUwYWQ4MWFhNjUwNTBiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYPwrXYW+WRsb+xrUgUVSih0MCswG6lmdw5qVYx4iRTTRV
DZ0PSUR0l/LVGVI6GXykWo9Icf+9+HFrNFZkhD2tuRWpuYRucAPFwMLcVnBMJz5R
ZyvRVWhKJQr2aflxGX4C8Wva5ynkY0+GZDIUodGqv1NHJINyuYjITbce91rlAf84
ptoTSnLlwWcAJVWE4+E6WdrCKUbygVBP+tGGloPG59o2xB27XZMaHy+acvV1YicL
pZ6pkoStQvFffGStCOayQRjvDpSdwJ8v8UmmsICqJh4N999TjwNVEwXiBRXoRqXv
RK/5xAEPfmIXnkyY9GlGkpk4+UhxHAcEJC3PYhR7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUj7EidyTWzmBLFbYi4YLqQZtS3uIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzFiY2Q3ODc0LTg5YjctNDk2YS05ZTYxLTY5NWRjY2E0YjM1MS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABdTZwwDQYJKoZIhvcNAQELBQADggEBAFgCdNrvjZTOYyiSg9j2GX3JjXH+
7vvs41GzgjcQ7BCA0235/x1xKAUX+Vo0Vc/v5jgYeAsnH6Db8ROh21SxgLmFlRBr
KrCoxDlYOiwAkNFTO7Ibr+xXlRsYvHJfwNsExFJREknAL2MugLgdH1xRwz0uzFN+
YoEG9aOixoSX0aKsuSa+AIjsj3+B3FlLsdQhPvGNT42P2DP898aKwJv3D7nFkVSv
zY7EKgHNhiaG71lyJhfnvKHYs/WEVveJAxwEv7+XqY2ynb52TX+F0NCvADD9gewA
ZJq9mtz4Clc6eHWUg6xFeOzlG8iSezvsiQYJfz7lFDny8/sky35aY8J2o5g=
-----END CERTIFICATE-----