Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e70e795-db95-4e14-8829-14b3140bf926.roa
File:                     4e70e795-db95-4e14-8829-14b3140bf926.roa (raw, json)
Hash identifier:          AV/HSSJ936biYmIJcHBgek9L3W1aZeU1iBf7TW8YkK4=
Subject key identifier:   7D:EE:36:A2:DE:08:6D:16:61:4E:3B:40:43:74:75:8F:20:B9:56:2A
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       3B5DE4691006FA86683FCE9C7977D8DB79822577
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e70e795-db95-4e14-8829-14b3140bf926.roa
Signing time:             Fri 31 Oct 2025 00:20:08 +0000
ROA not before:           Fri 31 Oct 2025 00:20:08 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        44.215.76.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:5d:e4:69:10:06:fa:86:68:3f:ce:9c:79:77:d8:db:79:82:25:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:20:08 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=0d751838ccf161a673fc8f220cb448b95a3beae27a6037589687841dce7ca045, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d5:5e:c9:c8:77:32:2f:74:d1:c4:ce:ec:39:
                    39:d5:a3:03:80:e4:d2:cf:50:12:e5:21:e9:fb:df:
                    fe:67:67:0c:49:ca:35:89:11:6b:db:9a:9e:16:de:
                    17:50:f5:6b:db:17:e4:8c:99:d8:fb:4d:57:99:af:
                    d8:bf:96:bc:e7:3c:ba:80:d5:76:84:a1:5b:66:65:
                    ea:32:b9:d1:0e:97:24:af:6b:29:58:ff:43:61:a8:
                    0f:1c:95:f6:60:ec:37:9c:40:e4:d1:59:c0:02:af:
                    d0:6e:9e:cc:7c:b2:09:de:e1:70:aa:56:e8:e8:85:
                    02:94:a0:c7:cc:98:4d:98:e1:cf:2f:e9:40:ed:e9:
                    29:ef:73:5e:ef:d4:0e:b2:54:87:12:f9:56:a6:80:
                    e1:9b:d1:dd:6c:9b:f6:5b:65:ba:fd:db:13:06:74:
                    cd:95:a0:39:b2:1a:c1:23:ee:18:be:cf:38:fa:4b:
                    7c:62:4e:5c:50:f4:8d:5a:a5:dd:44:41:19:a5:e8:
                    82:2e:53:0f:55:5f:34:42:1d:77:ee:f9:59:fe:17:
                    a7:ae:e2:06:fe:97:e0:58:be:c9:08:07:40:36:5c:
                    32:a9:71:59:7f:33:58:ee:bf:02:73:85:b0:8a:43:
                    fc:ef:ef:29:5a:93:d9:54:b5:8f:fa:e2:65:b9:88:
                    ed:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:EE:36:A2:DE:08:6D:16:61:4E:3B:40:43:74:75:8F:20:B9:56:2A
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4e70e795-db95-4e14-8829-14b3140bf926.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.215.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         52:3a:fb:90:5b:ea:09:df:4d:c0:e8:b6:b7:31:d9:b1:99:19:
         f0:37:d1:13:d7:64:78:92:fc:78:8b:ba:41:a3:ad:07:b8:92:
         78:2c:11:31:b8:ab:0a:d9:f0:bd:c1:15:d9:af:0e:15:90:c9:
         1b:40:8a:60:96:ff:60:20:4a:c5:d9:ee:6a:c6:b2:00:87:16:
         30:b3:4e:cd:46:cc:4e:e0:bd:75:b3:1f:25:c1:4e:4a:66:98:
         49:a1:93:c3:f4:64:09:64:19:b7:37:a3:b4:af:bf:4d:41:8a:
         59:85:33:72:5e:18:fb:98:b4:28:b5:54:7b:59:d2:91:c4:ed:
         15:c7:38:25:db:f1:60:dd:41:3c:66:43:2a:6f:c1:2e:a5:70:
         73:3f:2a:8f:63:be:fc:5e:78:a2:d6:bd:54:6e:d2:1d:40:ba:
         a6:76:91:97:98:b6:24:db:dc:3d:4e:3d:73:f7:cc:48:fe:fa:
         ae:06:f0:64:2a:01:2f:ce:ec:bb:c7:0f:b9:85:6d:27:bc:a4:
         98:2b:85:b8:f7:9b:92:71:c1:72:c0:93:84:c0:9f:c6:b2:1e:
         d2:47:95:ef:c0:e4:bf:c7:16:37:ab:36:1f:d8:cb:b5:30:34:
         3c:6f:c8:65:6b:56:30:28:24:38:9e:59:12:8e:41:a6:dc:fe:
         69:38:ef:5e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUO13kaRAG+oZoP86ceXfY23mCJXcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAyMDA4WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwZDc1MTgzOGNjZjE2MWE2NzNmYzhmMjIwY2I0NDhiOTVh
M2JlYWUyN2E2MDM3NTg5Njg3ODQxZGNlN2NhMDQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCv1V7JyHcyL3TRxM7sOTnVowOA5NLPUBLlIen73/5nZwxJ
yjWJEWvbmp4W3hdQ9WvbF+SMmdj7TVeZr9i/lrznPLqA1XaEoVtmZeoyudEOlySv
aylY/0NhqA8clfZg7DecQOTRWcACr9Bunsx8sgne4XCqVujohQKUoMfMmE2Y4c8v
6UDt6Snvc17v1A6yVIcS+VamgOGb0d1sm/ZbZbr92xMGdM2VoDmyGsEj7hi+zzj6
S3xiTlxQ9I1apd1EQRml6IIuUw9VXzRCHXfu+Vn+F6eu4gb+l+BYvskIB0A2XDKp
cVl/M1juvwJzhbCKQ/zv7ylak9lUtY/64mW5iO1zAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfe42ot4IbRZhTjtAQ3R1jyC5ViowHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRlNzBlNzk1LWRiOTUtNGUxNC04ODI5LTE0YjMxNDBiZjkyNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAs10wwDQYJKoZIhvcNAQELBQADggEBAFI6+5Bb6gnfTcDotrcx2bGZGfA3
0RPXZHiS/HiLukGjrQe4kngsETG4qwrZ8L3BFdmvDhWQyRtAimCW/2AgSsXZ7mrG
sgCHFjCzTs1GzE7gvXWzHyXBTkpmmEmhk8P0ZAlkGbc3o7Svv01BilmFM3JeGPuY
tCi1VHtZ0pHE7RXHOCXb8WDdQTxmQypvwS6lcHM/Ko9jvvxeeKLWvVRu0h1AuqZ2
kZeYtiTb3D1OPXP3zEj++q4G8GQqAS/O7LvHD7mFbSe8pJgrhbj3m5JxwXLAk4TA
n8ayHtJHle/A5L/HFjerNh/Yy7UwNDxvyGVrVjAoJDieWRKOQabc/mk4714=
-----END CERTIFICATE-----