Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa
File:                     3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa (raw, json)
Hash identifier:          7xa+pQifzisEfigYO+YoISlv7gWopmezepb+sIq6/aY=
Subject key identifier:   B9:22:1D:66:D5:F7:05:38:76:AB:03:61:8B:6E:D4:FD:A6:6D:F6:E4
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3320532AF4317E11E0352C38C72F42BFFDB6D488
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa
Signing time:             Fri 31 Oct 2025 00:10:40 +0000
ROA not before:           Fri 31 Oct 2025 00:10:40 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        37.203.157.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:20:53:2a:f4:31:7e:11:e0:35:2c:38:c7:2f:42:bf:fd:b6:d4:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:10:40 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=b924c6e74491e7caaacae77c7cb8c844502e06e97a83dae2514a240753f5e0ad, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:36:50:b1:f1:fd:5e:ee:72:c1:bd:da:2b:c5:
                    5e:39:ba:6e:7d:ca:be:53:40:50:51:f0:11:59:d5:
                    e4:8f:0c:53:2b:19:62:40:34:98:00:ae:f9:6f:ee:
                    c3:51:49:9b:15:a1:d6:fe:df:9e:00:d9:2e:58:d6:
                    76:e6:55:bf:12:dc:04:7d:ef:a3:69:4c:9c:5d:b9:
                    21:16:24:e0:19:83:95:df:5e:97:97:4d:29:58:03:
                    24:b6:31:ba:8d:87:2e:a2:57:af:91:b5:9f:7f:68:
                    68:fd:09:7e:33:c7:5c:9d:f0:04:94:35:30:93:17:
                    07:49:3a:50:c5:5f:58:08:84:46:25:25:d5:3b:a3:
                    c3:0f:04:fb:b9:86:f8:24:af:b7:55:d5:2c:ff:ea:
                    c3:4d:e2:75:c0:ca:0d:20:f7:93:59:40:29:9d:8a:
                    ab:10:61:9a:99:d7:cd:84:8f:ee:22:6e:6b:9f:91:
                    39:39:a4:37:59:c0:75:3d:c8:49:a4:6d:79:ae:55:
                    e9:7f:63:9c:fb:77:c7:d3:ed:8d:f4:d4:22:51:21:
                    65:aa:10:a2:d1:17:6c:36:08:02:5b:c0:1a:ef:02:
                    11:ab:61:ce:f6:ab:e8:49:aa:10:87:3b:fe:ec:a6:
                    40:18:82:31:c9:1b:74:fb:6e:f7:15:26:af:54:27:
                    d1:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:22:1D:66:D5:F7:05:38:76:AB:03:61:8B:6E:D4:FD:A6:6D:F6:E4
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/3e111cab-b373-424b-a3a9-8c8fc7f71e17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.203.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1a:64:f9:19:3f:0f:18:14:36:1f:10:e4:f4:52:6a:37:00:d2:
         99:42:3b:6b:ff:ab:75:24:5e:37:5f:b3:21:af:13:ff:a0:42:
         e9:8e:63:40:bb:d8:56:99:37:fc:9f:10:0b:38:03:41:fa:2d:
         5b:02:74:a4:1e:ab:d8:26:d9:7d:3a:cc:8a:12:a1:e1:a0:b4:
         35:00:4f:60:4e:51:b9:08:c3:72:76:8d:85:12:a8:92:87:02:
         fd:31:06:e1:72:08:4e:e1:68:7d:7c:53:b4:1f:1d:11:7c:d3:
         11:c4:9f:0a:7a:58:91:6d:2a:70:2b:75:c7:e4:8b:e4:bf:0f:
         74:0b:3d:0b:7f:ae:36:67:28:65:a3:e0:89:50:b9:39:99:cd:
         1b:27:5c:87:1d:d4:bd:4c:3e:bb:0d:5a:a1:8f:fa:e8:c5:51:
         26:a4:57:14:97:01:5a:c4:30:a9:fc:eb:4f:13:68:df:68:3f:
         2c:f2:57:5e:d6:c8:10:09:38:0c:38:b4:40:a7:27:fc:5a:19:
         6d:da:1a:75:c4:9e:99:71:4f:7a:44:28:85:d6:7e:82:ed:e7:
         cd:af:c4:ce:9a:0b:d3:f4:e9:b8:8b:fa:51:05:d9:a1:54:0d:
         75:3c:d5:79:88:eb:82:dd:42:3e:cf:b7:a7:82:54:1d:43:bf:
         0e:4e:91:a4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMyBTKvQxfhHgNSw4xy9Cv/221IgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAxMDQwWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiOTI0YzZlNzQ0OTFlN2NhYWFjYWU3N2M3Y2I4Yzg0NDUw
MmUwNmU5N2E4M2RhZTI1MTRhMjQwNzUzZjVlMGFkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDCNlCx8f1e7nLBvdorxV45um59yr5TQFBR8BFZ1eSPDFMr
GWJANJgArvlv7sNRSZsVodb+354A2S5Y1nbmVb8S3AR976NpTJxduSEWJOAZg5Xf
XpeXTSlYAyS2MbqNhy6iV6+RtZ9/aGj9CX4zx1yd8ASUNTCTFwdJOlDFX1gIhEYl
JdU7o8MPBPu5hvgkr7dV1Sz/6sNN4nXAyg0g95NZQCmdiqsQYZqZ182Ej+4ibmuf
kTk5pDdZwHU9yEmkbXmuVel/Y5z7d8fT7Y301CJRIWWqEKLRF2w2CAJbwBrvAhGr
Yc72q+hJqhCHO/7spkAYgjHJG3T7bvcVJq9UJ9ErAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuSIdZtX3BTh2qwNhi27U/aZt9uQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzNlMTExY2FiLWIzNzMtNDI0Yi1hM2E5LThjOGZjN2Y3MWUxNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAly50wDQYJKoZIhvcNAQELBQADggEBABpk+Rk/DxgUNh8Q5PRSajcA0plC
O2v/q3UkXjdfsyGvE/+gQumOY0C72FaZN/yfEAs4A0H6LVsCdKQeq9gm2X06zIoS
oeGgtDUAT2BOUbkIw3J2jYUSqJKHAv0xBuFyCE7haH18U7QfHRF80xHEnwp6WJFt
KnArdcfki+S/D3QLPQt/rjZnKGWj4IlQuTmZzRsnXIcd1L1MPrsNWqGP+ujFUSak
VxSXAVrEMKn8608TaN9oPyzyV17WyBAJOAw4tECnJ/xaGW3aGnXEnplxT3pEKIXW
foLt582vxM6aC9P06biL+lEF2aFUDXU81XmI64LdQj7Pt6eCVB1Dvw5OkaQ=
-----END CERTIFICATE-----