Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/241f4132-bfd8-45b5-8038-fc51213db63e.roa
File:                     241f4132-bfd8-45b5-8038-fc51213db63e.roa (raw, json)
Hash identifier:          4j5S+94SP6Ne4OPGVOetHAUIdCHJkIB2AZo6vld2xXY=
Subject key identifier:   F4:92:65:64:20:20:0D:AE:1E:8D:F9:03:82:4D:48:DC:19:D6:DE:73
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       68F98B49D1C298B299A6618667144A779F69BB83
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/241f4132-bfd8-45b5-8038-fc51213db63e.roa
Signing time:             Tue 21 Oct 2025 00:00:03 +0000
ROA not before:           Tue 21 Oct 2025 00:00:03 +0000
ROA not after:            Tue 25 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fef:3400::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:f9:8b:49:d1:c2:98:b2:99:a6:61:86:67:14:4a:77:9f:69:bb:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 21 00:00:03 2025 GMT
            Not After : Nov 25 23:59:59 2025 GMT
        Subject: serialNumber=35100b9737888e312e2654184153e12de152cfc08aeed8247c5b524d111f59ae, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:18:93:6e:31:af:df:33:db:3f:5e:90:ce:94:
                    df:3e:d0:4f:db:4d:5c:63:36:0c:5a:87:f4:9c:56:
                    56:b5:6a:66:d7:b9:ee:5f:57:38:ef:3f:0e:c7:7e:
                    f4:36:4c:ff:26:da:27:1f:78:af:30:78:b7:cf:be:
                    8d:03:0f:74:b3:a8:ff:2c:9e:eb:1d:31:48:40:a4:
                    b4:11:99:2e:09:cc:c2:76:d7:0b:32:a2:24:c7:cd:
                    82:73:1c:8e:4a:4a:e7:66:66:ab:41:12:2e:ca:b9:
                    9e:c9:6a:cd:c3:70:ba:ed:9e:24:b3:39:45:cc:7f:
                    fe:61:bd:e3:86:d8:eb:7d:1a:a0:76:8b:9f:02:9d:
                    f6:c9:6d:63:b1:c3:64:38:76:6f:53:ce:4c:93:27:
                    1e:3a:7f:ba:07:02:0f:fe:6b:f0:c6:9b:d3:44:43:
                    e0:a8:c6:fe:6a:5a:99:7b:d6:da:b5:35:aa:58:a4:
                    0c:8e:df:c9:f1:45:01:69:02:e1:6b:64:63:47:df:
                    fd:d3:1e:7f:d8:e4:6c:1f:06:af:83:2e:a5:ab:52:
                    3c:39:fa:5d:63:c2:fc:85:21:fc:fb:49:e4:b7:59:
                    1e:12:7b:cd:ea:01:1d:a5:74:17:86:68:07:14:91:
                    cb:f3:fb:ef:e6:0d:74:8f:e9:d5:3d:d8:3e:54:dd:
                    35:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:92:65:64:20:20:0D:AE:1E:8D:F9:03:82:4D:48:DC:19:D6:DE:73
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/241f4132-bfd8-45b5-8038-fc51213db63e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fef:3400::/40

    Signature Algorithm: sha256WithRSAEncryption
         77:c2:26:2b:97:bf:50:3d:d6:d6:e0:20:f7:6b:59:ca:30:15:
         0a:ff:c2:fa:f0:e2:59:de:b8:33:46:63:7d:77:ec:f3:12:9f:
         e2:b5:81:90:08:c5:af:35:94:88:f1:bb:f3:db:37:e8:49:b5:
         5e:42:75:89:a6:d6:0b:87:f3:64:33:fe:19:6e:8d:86:56:f3:
         a8:61:6a:89:33:85:1a:4b:24:5f:c1:b3:58:39:f8:46:04:e2:
         6f:ed:10:c5:ed:1a:46:69:23:5c:86:5a:22:70:92:f9:05:c9:
         a6:b3:ef:ff:a0:8b:9f:54:64:bb:41:b7:4d:f8:8e:2a:cb:8a:
         a5:28:ee:01:91:7f:37:41:c6:86:73:09:40:34:e2:31:61:9a:
         2d:bc:f7:85:07:ec:76:ca:a4:d3:fc:78:0b:b3:98:8e:0a:36:
         88:64:15:37:15:e8:8a:e9:05:6b:cc:62:c5:2c:b8:7f:dd:25:
         2e:aa:53:68:a9:dd:bd:6e:f7:bc:75:b9:43:31:53:58:5b:42:
         57:4f:bd:28:57:ed:cb:6e:44:58:80:22:d2:79:b4:57:bc:78:
         1c:08:34:3d:1b:5c:a4:8d:fe:aa:0d:b8:1b:16:87:c0:17:b2:
         71:69:43:44:cb:04:6e:ba:a7:e7:97:11:f6:f9:59:37:01:7b:
         55:50:c8:26
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUaPmLSdHCmLKZpmGGZxRKd59pu4MwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIxMDAwMDAzWhcNMjUxMTI1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNTEwMGI5NzM3ODg4ZTMxMmUyNjU0MTg0MTUzZTEyZGUx
NTJjZmMwOGFlZWQ4MjQ3YzViNTI0ZDExMWY1OWFlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7GJNuMa/fM9s/XpDOlN8+0E/bTVxjNgxah/ScVla1ambX
ue5fVzjvPw7HfvQ2TP8m2icfeK8weLfPvo0DD3SzqP8snusdMUhApLQRmS4JzMJ2
1wsyoiTHzYJzHI5KSudmZqtBEi7KuZ7Jas3DcLrtniSzOUXMf/5hveOG2Ot9GqB2
i58CnfbJbWOxw2Q4dm9TzkyTJx46f7oHAg/+a/DGm9NEQ+Coxv5qWpl71tq1NapY
pAyO38nxRQFpAuFrZGNH3/3THn/Y5GwfBq+DLqWrUjw5+l1jwvyFIfz7SeS3WR4S
e83qAR2ldBeGaAcUkcvz++/mDXSP6dU92D5U3TXlAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQU9JJlZCAgDa4ejfkDgk1I3BnW3nMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzI0MWY0MTMyLWJmZDgtNDViNS04MDM4LWZjNTEyMTNkYjYzZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/vNDANBgkqhkiG9w0BAQsFAAOCAQEAd8ImK5e/UD3W1uAg92tZyjAV
Cv/C+vDiWd64M0ZjfXfs8xKf4rWBkAjFrzWUiPG789s36Em1XkJ1iabWC4fzZDP+
GW6NhlbzqGFqiTOFGkskX8GzWDn4RgTib+0Qxe0aRmkjXIZaInCS+QXJprPv/6CL
n1Rku0G3TfiOKsuKpSjuAZF/N0HGhnMJQDTiMWGaLbz3hQfsdsqk0/x4C7OYjgo2
iGQVNxXoiukFa8xixSy4f90lLqpTaKndvW73vHW5QzFTWFtCV0+9KFfty25EWIAi
0nm0V7x4HAg0PRtcpI3+qg24GxaHwBeycWlDRMsEbrqn55cR9vlZNwF7VVDIJg==
-----END CERTIFICATE-----