Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c3c97fa-c615-46e3-80f0-b7d0b8a094b5.roa
File:                     4c3c97fa-c615-46e3-80f0-b7d0b8a094b5.roa (raw, json)
Hash identifier:          LXHCGfRUiB8NMUsDuYPPaj9abEy8YgIa1c7vTsNbwH0=
Subject key identifier:   D0:6C:FC:BA:1F:38:50:19:4F:57:0D:6F:94:09:89:73:52:AD:A9:94
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       09129DA50E107B4904C2DB4368B37D93F2222905
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c3c97fa-c615-46e3-80f0-b7d0b8a094b5.roa
Signing time:             Wed 22 Oct 2025 00:31:59 +0000
ROA not before:           Wed 22 Oct 2025 00:31:59 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        77.112.0.0/14 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:12:9d:a5:0e:10:7b:49:04:c2:db:43:68:b3:7d:93:f2:22:29:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 22 00:31:59 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=cb855181b524fc3a5b571799fbb4794bf0512e139c3ba3d2da8d3733e9b25fe5, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:24:1b:d6:6c:d6:ed:2d:d9:55:f6:36:b7:33:
                    6f:4d:6d:88:b0:7a:74:a7:0d:c9:08:ab:dc:d7:2d:
                    85:29:7f:77:ce:a9:cb:da:2f:ab:9e:64:16:f4:3f:
                    a3:7f:f1:33:ba:7c:dc:f8:16:48:15:65:c6:37:55:
                    60:2c:68:95:1f:fe:9f:5a:5c:a3:d0:32:c2:48:ea:
                    ff:a7:a6:17:fe:51:48:77:c6:57:4c:cd:3a:9b:d0:
                    c6:99:3d:c6:eb:14:8a:1d:0a:e8:03:6c:ba:16:38:
                    dd:4c:d9:f1:47:7f:52:7e:0a:74:6a:36:eb:da:b9:
                    0c:9c:fa:19:50:7a:43:98:3b:dd:99:6a:87:42:aa:
                    22:e2:68:84:31:64:fe:d2:8d:89:e0:33:d6:2b:fb:
                    13:aa:d9:82:25:50:62:06:ce:b3:f9:31:73:32:6e:
                    a6:ae:80:98:d2:da:38:08:07:25:e9:7d:d6:1b:08:
                    92:cd:a3:15:5b:5a:31:42:87:7a:24:ff:07:3a:b2:
                    54:b8:b9:6f:95:88:3c:69:de:c9:76:36:fb:44:3d:
                    90:64:7b:f9:82:b4:21:fb:9f:39:9c:ce:81:1e:19:
                    d9:bb:c9:4a:28:0d:84:e4:08:4e:d9:49:66:b9:e2:
                    34:00:df:21:1d:e7:59:da:6c:e7:53:2b:37:6a:42:
                    f3:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:6C:FC:BA:1F:38:50:19:4F:57:0D:6F:94:09:89:73:52:AD:A9:94
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4c3c97fa-c615-46e3-80f0-b7d0b8a094b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.112.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         57:a1:56:e3:8c:c4:32:3f:68:55:f3:2f:0f:d8:75:ec:85:81:
         d5:bf:bc:63:6b:bb:bf:8a:d3:70:fe:5f:30:24:60:5f:c4:b7:
         2f:fd:36:54:68:da:a5:5d:7b:54:6c:cd:f8:73:d7:36:e3:28:
         d3:7b:52:b0:b8:d7:19:fb:bd:1f:27:70:53:49:77:73:9b:09:
         99:43:3a:f1:35:9f:10:a7:ee:5e:0f:7e:12:b0:82:70:ff:b0:
         51:7a:aa:c1:29:35:88:69:5a:50:68:5d:52:7a:ce:3d:74:8b:
         92:f2:82:7a:cd:a9:b4:95:52:f1:7b:f4:8f:4b:0e:7e:e9:b7:
         e2:67:84:8a:1d:eb:25:2a:db:ff:bf:3b:04:e0:6b:7c:c4:41:
         c9:36:4d:3f:3a:68:c5:23:26:d7:87:89:42:3d:e9:64:38:40:
         72:c1:18:f4:f7:8f:9e:85:9a:9f:9c:f1:a5:d9:b7:9d:b5:ef:
         48:89:07:56:00:a9:47:1e:ba:3c:1e:6d:e9:47:93:e8:17:a1:
         95:40:ed:9a:aa:47:7d:0c:98:1f:4a:b9:d9:26:1f:f4:2f:85:
         1c:c1:88:6a:f7:1e:34:0e:7e:a1:a8:0e:50:8a:fb:e4:d2:f7:
         88:19:b5:77:be:08:a4:bb:cd:a9:91:ae:ad:98:e5:47:56:67:
         c9:b4:8b:38
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUCRKdpQ4Qe0kEwttDaLN9k/IiKQUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAzMTU5WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0BjYjg1NTE4MWI1MjRmYzNhNWI1NzE3OTlmYmI0Nzk0YmYw
NTEyZTEzOWMzYmEzZDJkYThkMzczM2U5YjI1ZmU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDKJBvWbNbtLdlV9ja3M29NbYiwenSnDckIq9zXLYUpf3fO
qcvaL6ueZBb0P6N/8TO6fNz4FkgVZcY3VWAsaJUf/p9aXKPQMsJI6v+nphf+UUh3
xldMzTqb0MaZPcbrFIodCugDbLoWON1M2fFHf1J+CnRqNuvauQyc+hlQekOYO92Z
aodCqiLiaIQxZP7SjYngM9Yr+xOq2YIlUGIGzrP5MXMybqaugJjS2jgIByXpfdYb
CJLNoxVbWjFCh3ok/wc6slS4uW+ViDxp3sl2NvtEPZBke/mCtCH7nzmczoEeGdm7
yUooDYTkCE7ZSWa54jQA3yEd51nabOdTKzdqQvMNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU0Gz8uh84UBlPVw1vlAmJc1KtqZQwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRjM2M5N2ZhLWM2MTUtNDZlMy04MGYwLWI3ZDBiOGEwOTRiNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJNcDANBgkqhkiG9w0BAQsFAAOCAQEAV6FW44zEMj9oVfMvD9h17IWB1b+8
Y2u7v4rTcP5fMCRgX8S3L/02VGjapV17VGzN+HPXNuMo03tSsLjXGfu9HydwU0l3
c5sJmUM68TWfEKfuXg9+ErCCcP+wUXqqwSk1iGlaUGhdUnrOPXSLkvKCes2ptJVS
8Xv0j0sOfum34meEih3rJSrb/787BOBrfMRByTZNPzpoxSMm14eJQj3pZDhAcsEY
9PePnoWan5zxpdm3nbXvSIkHVgCpRx66PB5t6UeT6BehlUDtmqpHfQyYH0q52SYf
9C+FHMGIavceNA5+oagOUIr75NL3iBm1d74IpLvNqZGurZjlR1ZnybSLOA==
-----END CERTIFICATE-----