Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa
File:                     3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa (raw, json)
Hash identifier:          6OWL94wCQq3lmAIjtAOh+CEgsx+FvAd1AzuYHd7CGhc=
Subject key identifier:   76:39:BC:A1:72:B1:C7:77:34:0B:4E:24:A1:61:5F:19:D1:C3:5F:7E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       093D59C2E67CD82BB9A06782BCF6314ACAC555E2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa
Signing time:             Sun 26 Oct 2025 00:11:26 +0000
ROA not before:           Sun 26 Oct 2025 00:11:26 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        32.160.0.0/14 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:3d:59:c2:e6:7c:d8:2b:b9:a0:67:82:bc:f6:31:4a:ca:c5:55:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:11:26 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=fe21d391fc6eb1996b4458a4df289c94fb5b0eaee0b05ee389dcb335dae938cc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:8d:7b:78:3e:98:b8:7e:30:93:b8:b7:17:43:
                    1b:e6:fe:f0:0a:1e:57:2c:de:1e:cb:86:92:7e:f3:
                    bf:b0:24:26:04:5f:ae:d5:c7:c9:40:c5:09:83:7a:
                    a8:84:67:40:35:d4:9c:c5:90:4e:21:35:4e:69:2d:
                    a4:73:0b:6f:ee:d0:ce:44:a2:62:39:e9:e3:c9:ee:
                    c2:7f:d3:64:97:57:64:d7:c9:ee:9d:27:a2:50:61:
                    d1:28:df:d5:a5:93:16:21:cc:74:ce:88:f7:15:3f:
                    0e:3e:c7:b6:74:52:22:34:5a:90:48:8c:7d:47:19:
                    bd:13:0a:eb:48:36:ac:84:db:16:32:28:f2:bf:c9:
                    2f:c7:20:c9:19:5b:3a:ee:b7:8a:1b:c9:87:d3:39:
                    2f:e7:16:a7:04:5b:f5:56:09:54:c9:70:9f:8e:88:
                    bf:97:f6:70:e3:45:64:3a:cc:41:fd:94:40:fa:18:
                    40:38:cc:cc:6b:77:53:6a:1a:4b:aa:3e:0e:19:0a:
                    b3:55:3f:57:94:75:0b:a3:5e:ea:0a:80:b9:b3:70:
                    7a:f6:f8:52:2c:9e:15:9a:ab:de:33:3d:b4:98:26:
                    32:24:5a:30:f8:43:23:3f:e5:ae:9d:24:59:5d:0a:
                    d4:f0:ea:21:ca:c2:f4:09:d2:84:07:00:12:02:71:
                    4b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:39:BC:A1:72:B1:C7:77:34:0B:4E:24:A1:61:5F:19:D1:C3:5F:7E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3c52c0e6-7237-4386-a1d8-c4738c01d3a3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  32.160.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         36:fe:dd:6d:36:fc:53:c2:68:63:ae:35:c2:cb:25:6d:03:b4:
         11:fd:d2:05:94:0b:86:b1:47:5d:f8:44:c7:b2:38:4d:29:9b:
         94:f8:e6:23:d2:50:94:59:b6:eb:61:31:a2:19:01:e0:08:15:
         3f:ee:96:fa:de:a1:0d:5b:2e:f9:4b:bc:ae:be:ee:a0:00:30:
         64:df:74:31:c0:8e:9d:91:1f:d6:7e:7d:be:fe:56:a7:38:20:
         ea:45:e2:6d:5e:0a:25:0f:4d:ae:21:21:8c:df:1e:fa:93:ab:
         79:42:ed:a8:db:67:a0:ac:74:24:c4:55:18:53:c5:c2:58:05:
         5d:1e:96:e7:64:cc:df:cd:1a:c3:f7:35:76:38:b7:93:ef:58:
         07:ad:f0:ee:9a:1f:7e:d2:0e:6c:dd:57:9c:78:81:69:18:d8:
         77:fe:b2:eb:a9:5b:a7:c9:eb:52:a2:47:21:07:9f:0c:8c:56:
         f8:93:0d:d5:56:8a:83:52:2c:d6:18:72:cc:d5:a0:80:5d:9f:
         e2:93:52:07:2e:69:d4:bc:30:4c:45:d7:23:9f:4a:fc:f7:6f:
         fa:a9:5a:4e:32:75:91:3d:00:f7:b2:7b:2b:e4:97:f1:83:5f:
         0d:b5:6a:e2:65:b7:45:4c:a3:2b:86:50:71:39:09:d0:27:f7:
         4d:fe:3c:49
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCT1ZwuZ82Cu5oGeCvPYxSsrFVeIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAxMTI2WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BmZTIxZDM5MWZjNmViMTk5NmI0NDU4YTRkZjI4OWM5NGZi
NWIwZWFlZTBiMDVlZTM4OWRjYjMzNWRhZTkzOGNjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCsjXt4Ppi4fjCTuLcXQxvm/vAKHlcs3h7LhpJ+87+wJCYE
X67Vx8lAxQmDeqiEZ0A11JzFkE4hNU5pLaRzC2/u0M5EomI56ePJ7sJ/02SXV2TX
ye6dJ6JQYdEo39WlkxYhzHTOiPcVPw4+x7Z0UiI0WpBIjH1HGb0TCutINqyE2xYy
KPK/yS/HIMkZWzrut4obyYfTOS/nFqcEW/VWCVTJcJ+OiL+X9nDjRWQ6zEH9lED6
GEA4zMxrd1NqGkuqPg4ZCrNVP1eUdQujXuoKgLmzcHr2+FIsnhWaq94zPbSYJjIk
WjD4QyM/5a6dJFldCtTw6iHKwvQJ0oQHABICcUuVAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUdjm8oXKxx3c0C04koWFfGdHDX34wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNjNTJjMGU2LTcyMzctNDM4Ni1hMWQ4LWM0NzM4YzAxZDNhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwIgoDANBgkqhkiG9w0BAQsFAAOCAQEANv7dbTb8U8JoY641wsslbQO0Ef3S
BZQLhrFHXfhEx7I4TSmblPjmI9JQlFm262ExohkB4AgVP+6W+t6hDVsu+Uu8rr7u
oAAwZN90McCOnZEf1n59vv5Wpzgg6kXibV4KJQ9NriEhjN8e+pOreULtqNtnoKx0
JMRVGFPFwlgFXR6W52TM380aw/c1dji3k+9YB63w7pofftIObN1XnHiBaRjYd/6y
66lbp8nrUqJHIQefDIxW+JMN1VaKg1Is1hhyzNWggF2f4pNSBy5p1LwwTEXXI59K
/Pdv+qlaTjJ1kT0A97J7K+SX8YNfDbVq4mW3RUyjK4ZQcTkJ0Cf3Tf48SQ==
-----END CERTIFICATE-----