Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/333d102e-eb8d-45c3-bc18-1c5c34a0ee53.roa
File:                     333d102e-eb8d-45c3-bc18-1c5c34a0ee53.roa (raw, json)
Hash identifier:          MsIq/oVuS46/BkcM+pqICOxFc93TB/z92s6sFnp1yxk=
Subject key identifier:   02:A4:84:5E:CF:F3:DB:11:90:F0:9F:89:43:37:63:BD:AA:DA:92:A4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7E1096E91E0BF82353256FEA8F0AD91189E96A62
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/333d102e-eb8d-45c3-bc18-1c5c34a0ee53.roa
Signing time:             Fri 24 Oct 2025 00:11:38 +0000
ROA not before:           Fri 24 Oct 2025 00:11:38 +0000
ROA not after:            Fri 28 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        98.88.0.0/13 maxlen: 13
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:10:96:e9:1e:0b:f8:23:53:25:6f:ea:8f:0a:d9:11:89:e9:6a:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 24 00:11:38 2025 GMT
            Not After : Nov 28 23:59:59 2025 GMT
        Subject: serialNumber=b1bfe95838017246a61cb4ae4529903ad2a06f1033e23602e7fe6e7da85882c0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:66:eb:be:da:be:b4:a6:1a:52:57:fb:72:82:
                    70:37:ae:b3:d0:d5:98:59:cd:28:60:73:f5:b7:5b:
                    a7:ac:50:40:d6:68:8b:a3:ff:6c:9c:70:47:c8:a2:
                    1a:b7:51:51:5c:f6:67:56:34:11:29:d3:e0:61:e2:
                    cc:12:8e:c5:60:47:89:5f:5c:eb:88:af:db:11:22:
                    99:b6:61:c4:e4:70:0d:c6:ce:4a:c9:ab:a2:d2:7b:
                    fc:cd:8f:34:51:49:0f:4f:d3:27:76:48:d2:e8:5e:
                    d7:ba:ed:fe:b1:0d:be:5b:57:ec:8f:fa:2b:e1:d6:
                    55:10:a9:f8:30:fd:8a:3d:13:06:0f:0f:7d:18:c1:
                    97:1f:54:93:56:0c:b9:b5:5b:7f:66:68:dc:29:61:
                    f1:51:ce:7d:4c:6d:f6:a4:05:95:ca:bd:4c:5f:c5:
                    01:ed:80:eb:24:c4:97:4f:d8:e9:ad:54:04:8e:14:
                    30:a4:73:72:39:a8:2b:cb:36:d3:4b:1f:29:a6:0b:
                    00:cd:06:da:d4:63:08:e4:99:56:01:7e:40:65:00:
                    8e:2b:42:0d:52:cd:db:b6:54:a4:56:0b:e0:83:45:
                    7d:f4:1a:15:83:2e:6d:1e:b1:5d:4a:bc:99:a5:b2:
                    3a:58:e1:31:57:5f:7f:4a:6c:cf:48:ee:35:f2:58:
                    08:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:A4:84:5E:CF:F3:DB:11:90:F0:9F:89:43:37:63:BD:AA:DA:92:A4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/333d102e-eb8d-45c3-bc18-1c5c34a0ee53.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  98.88.0.0/13

    Signature Algorithm: sha256WithRSAEncryption
         4e:4d:73:fb:19:57:99:8d:10:a3:d8:53:18:b2:fd:f3:c1:34:
         76:68:94:c7:aa:9b:f0:fe:96:cb:5a:55:dd:42:ca:dc:a1:34:
         63:04:c8:3c:8f:de:fa:fd:22:36:11:94:d2:5a:b6:7b:71:42:
         f0:b2:ee:a7:90:3b:be:71:8a:d3:a4:46:eb:d3:48:b1:9f:01:
         6d:99:47:8f:71:25:72:8d:33:d1:74:54:22:4d:08:89:71:17:
         37:91:03:79:c9:89:cd:77:5e:d6:c6:19:ba:d5:5b:cb:d5:4a:
         bf:fd:86:60:f2:a5:5e:27:a2:6d:76:af:9e:14:ba:8a:79:ef:
         e6:04:37:38:a0:4a:3e:e9:3c:93:70:19:ae:5c:5c:8e:90:63:
         5a:c7:41:c6:b9:9f:be:9c:cf:75:1f:86:97:cf:d8:25:9c:be:
         2d:de:03:d0:d2:8c:95:da:60:0f:55:f2:fd:f4:ff:da:24:a6:
         8f:b8:31:e7:55:37:4f:aa:01:26:f0:83:18:ab:34:f7:c7:a3:
         b6:27:8f:08:5f:82:e0:b1:f0:9a:b6:24:a3:d8:0c:60:62:62:
         2f:8e:3c:a6:bf:5c:7a:59:ad:1c:df:ab:d9:87:c2:a4:c0:23:
         bf:0c:9f:5a:42:8d:81:f9:50:db:5a:65:40:a8:83:85:3a:0f:
         4f:b3:32:a2
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfhCW6R4L+CNTJW/qjwrZEYnpamIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI0MDAxMTM4WhcNMjUxMTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMWJmZTk1ODM4MDE3MjQ2YTYxY2I0YWU0NTI5OTAzYWQy
YTA2ZjEwMzNlMjM2MDJlN2ZlNmU3ZGE4NTg4MmMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC0Zuu+2r60phpSV/tygnA3rrPQ1ZhZzShgc/W3W6esUEDW
aIuj/2yccEfIohq3UVFc9mdWNBEp0+Bh4swSjsVgR4lfXOuIr9sRIpm2YcTkcA3G
zkrJq6LSe/zNjzRRSQ9P0yd2SNLoXte67f6xDb5bV+yP+ivh1lUQqfgw/Yo9EwYP
D30YwZcfVJNWDLm1W39maNwpYfFRzn1MbfakBZXKvUxfxQHtgOskxJdP2OmtVASO
FDCkc3I5qCvLNtNLHymmCwDNBtrUYwjkmVYBfkBlAI4rQg1Szdu2VKRWC+CDRX30
GhWDLm0esV1KvJmlsjpY4TFXX39KbM9I7jXyWAjZAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUAqSEXs/z2xGQ8J+JQzdjvarakqQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzMzM2QxMDJlLWViOGQtNDVjMy1iYzE4LTFjNWMzNGEwZWU1My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwNiWDANBgkqhkiG9w0BAQsFAAOCAQEATk1z+xlXmY0Qo9hTGLL988E0dmiU
x6qb8P6Wy1pV3ULK3KE0YwTIPI/e+v0iNhGU0lq2e3FC8LLup5A7vnGK06RG69NI
sZ8BbZlHj3Elco0z0XRUIk0IiXEXN5EDecmJzXde1sYZutVby9VKv/2GYPKlXiei
bXavnhS6innv5gQ3OKBKPuk8k3AZrlxcjpBjWsdBxrmfvpzPdR+Gl8/YJZy+Ld4D
0NKMldpgD1Xy/fT/2iSmj7gx51U3T6oBJvCDGKs098ejtiePCF+C4LHwmrYko9gM
YGJiL448pr9celmtHN+r2YfCpMAjvwyfWkKNgflQ21plQKiDhToPT7Myog==
-----END CERTIFICATE-----