Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/455ad1c4-cda1-4def-a603-9493ce5df056.roa
File:                     455ad1c4-cda1-4def-a603-9493ce5df056.roa (raw, json)
Hash identifier:          vCSb7HTBQCPqbnxHQHvC14/LYdI1QJ8vRf/YPcBMT8U=
Subject key identifier:   EE:20:B8:4A:A2:63:31:67:19:55:4E:F3:02:10:BC:12:86:61:B0:DD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09BDD05157F8DAE9D905D6E0FA57076AC6B568FD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/455ad1c4-cda1-4def-a603-9493ce5df056.roa
Signing time:             Mon 27 Oct 2025 00:00:59 +0000
ROA not before:           Mon 27 Oct 2025 00:00:59 +0000
ROA not after:            Mon 01 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        194.97.160.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:bd:d0:51:57:f8:da:e9:d9:05:d6:e0:fa:57:07:6a:c6:b5:68:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 27 00:00:59 2025 GMT
            Not After : Dec  1 23:59:59 2025 GMT
        Subject: serialNumber=b7b98dfcdbfde3331d5bd347bb0e98dae7ba6ce04359d3c372bff2bca3ebce8c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:d1:b4:9a:13:f9:87:2e:13:f3:41:10:12:32:
                    d0:dc:4c:65:25:cc:0e:18:dc:6a:10:ec:70:6f:c1:
                    2a:a4:8f:46:d3:14:43:26:4e:af:d5:03:61:d5:9e:
                    72:c7:b9:d3:cc:83:36:23:1f:7f:69:4e:3f:f4:66:
                    dc:ad:d6:3f:c1:cb:ca:bb:9d:6e:d8:7b:9f:a7:51:
                    d2:7d:b6:7e:82:75:63:39:3d:b5:b5:c8:4f:6b:9f:
                    9a:5f:38:e2:bc:f0:41:9b:c3:5d:f9:b3:68:50:89:
                    85:73:12:83:2e:5e:fe:06:ba:6d:7f:8a:b7:40:cb:
                    13:0d:90:34:0d:8e:36:3d:03:03:c4:35:53:8c:ad:
                    14:c2:f4:49:f4:0e:3f:c7:44:ff:1d:78:1b:c5:43:
                    df:ff:35:29:01:a2:ee:1d:66:67:76:80:7b:8d:ab:
                    a3:92:81:1d:01:37:63:36:77:5c:d4:08:c0:14:8e:
                    ec:57:96:94:a7:1c:6d:af:02:6f:48:77:45:37:09:
                    cc:37:5b:7f:b2:a3:92:84:b3:b7:b0:40:6d:b6:bb:
                    a1:ad:ed:f5:9f:ed:3c:b3:fd:06:59:92:b5:8e:36:
                    19:c5:97:94:89:b8:25:7c:f9:f5:99:8c:1a:12:f4:
                    92:07:87:9b:60:34:d8:29:f0:a7:0b:6f:75:6a:89:
                    fd:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EE:20:B8:4A:A2:63:31:67:19:55:4E:F3:02:10:BC:12:86:61:B0:DD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/455ad1c4-cda1-4def-a603-9493ce5df056.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.97.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         c5:b3:79:0e:e4:ca:c8:ab:9c:36:1c:5b:e3:5f:44:72:67:e3:
         fd:a8:86:0b:ff:da:4c:5a:65:ea:37:47:31:57:ac:65:e2:36:
         6a:6b:37:0c:60:70:7f:a8:95:94:f1:89:e8:27:5c:b2:75:72:
         d0:01:78:ca:4b:aa:cf:b1:af:6d:b2:76:a3:e9:57:d2:b1:20:
         72:20:bf:5a:38:c2:c4:a9:39:14:32:92:a6:55:4a:82:53:be:
         b0:b2:bc:a0:38:05:9c:83:14:16:c7:d4:79:de:b2:11:df:a5:
         82:10:dd:0e:6c:ef:07:a5:31:60:70:a1:5f:c5:e6:b6:3f:e4:
         1b:b5:55:b2:0b:7a:96:7d:a8:9f:e7:bc:a3:d0:9d:ed:07:a9:
         07:3e:f1:9e:5c:02:37:56:a3:7b:91:5e:8f:f1:e9:8b:fc:79:
         08:65:ba:4d:12:1f:6e:1f:6e:15:97:c4:45:64:1d:ca:0e:bd:
         d3:b2:da:6b:da:4f:77:2b:f3:b3:e0:8a:fb:e4:2a:0a:65:c5:
         d5:ff:30:01:09:5a:54:8a:dc:3c:72:f7:2a:4a:bb:5f:b5:cf:
         17:41:7e:32:5a:bf:8e:4b:87:b6:af:23:e8:cf:0e:e5:ab:b3:
         b3:9a:92:2f:11:34:da:88:7e:58:fb:01:24:3b:91:46:7a:3b:
         ca:ae:c3:72
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCb3QUVf42unZBdbg+lcHasa1aP0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI3MDAwMDU5WhcNMjUxMjAxMjM1OTU5
WjB6MUkwRwYDVQQFE0BiN2I5OGRmY2RiZmRlMzMzMWQ1YmQzNDdiYjBlOThkYWU3
YmE2Y2UwNDM1OWQzYzM3MmJmZjJiY2EzZWJjZThjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCH0bSaE/mHLhPzQRASMtDcTGUlzA4Y3GoQ7HBvwSqkj0bT
FEMmTq/VA2HVnnLHudPMgzYjH39pTj/0Ztyt1j/By8q7nW7Ye5+nUdJ9tn6CdWM5
PbW1yE9rn5pfOOK88EGbw135s2hQiYVzEoMuXv4Gum1/irdAyxMNkDQNjjY9AwPE
NVOMrRTC9En0Dj/HRP8deBvFQ9//NSkBou4dZmd2gHuNq6OSgR0BN2M2d1zUCMAU
juxXlpSnHG2vAm9Id0U3Ccw3W3+yo5KEs7ewQG22u6Gt7fWf7Tyz/QZZkrWONhnF
l5SJuCV8+fWZjBoS9JIHh5tgNNgp8KcLb3Vqif0pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU7iC4SqJjMWcZVU7zAhC8EoZhsN0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzQ1NWFkMWM0LWNkYTEtNGRlZi1hNjAzLTk0OTNjZTVkZjA1Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPCYaAwDQYJKoZIhvcNAQELBQADggEBAMWzeQ7kysirnDYcW+NfRHJn4/2o
hgv/2kxaZeo3RzFXrGXiNmprNwxgcH+olZTxiegnXLJ1ctABeMpLqs+xr22ydqPp
V9KxIHIgv1o4wsSpORQykqZVSoJTvrCyvKA4BZyDFBbH1HneshHfpYIQ3Q5s7wel
MWBwoV/F5rY/5Bu1VbILepZ9qJ/nvKPQne0HqQc+8Z5cAjdWo3uRXo/x6Yv8eQhl
uk0SH24fbhWXxEVkHcoOvdOy2mvaT3cr87PgivvkKgplxdX/MAEJWlSK3Dxy9ypK
u1+1zxdBfjJav45Lh7avI+jPDuWrs7Oaki8RNNqIflj7ASQ7kUZ6O8quw3I=
-----END CERTIFICATE-----