Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa
File:                     5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa (raw, json)
Hash identifier:          FBsb0QiTibHhJ/89Mkoa0NKFJdCQwpZ+M8mOccOXSQM=
Subject key identifier:   0C:54:F9:3D:14:04:E3:98:38:6E:0C:B2:62:7A:B5:C0:8F:B4:E7:44
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0BEFA4AE5C64AB4C24D484CAC87516162A2AA023
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa
Signing time:             Wed 22 Oct 2025 00:31:48 +0000
ROA not before:           Wed 22 Oct 2025 00:31:48 +0000
ROA not after:            Wed 26 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        23.228.192.0/18 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:ef:a4:ae:5c:64:ab:4c:24:d4:84:ca:c8:75:16:16:2a:2a:a0:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 22 00:31:48 2025 GMT
            Not After : Nov 26 23:59:59 2025 GMT
        Subject: serialNumber=0742f1e1763979ef2dc4b1af73595a53a9772d694ae04bcbc657c1ac7acefd21, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ab:42:22:6f:b6:85:85:9d:60:68:0b:92:22:
                    92:82:65:6e:20:2f:b2:d4:8d:b2:d7:21:1b:ca:81:
                    dc:c4:b3:99:a3:4f:cb:2c:d1:0e:1b:82:86:19:90:
                    c5:fa:39:d0:eb:ba:48:90:29:54:1c:ca:c5:c8:ce:
                    27:19:42:21:6a:73:72:9f:51:1b:6f:b2:d6:23:73:
                    60:02:3a:00:ff:49:f1:1b:12:a1:79:b9:58:94:f6:
                    f0:50:84:13:eb:6d:ab:5b:83:7f:7d:11:23:5e:76:
                    2f:20:b3:e8:d0:35:58:97:3c:e1:ba:6a:d0:bb:ef:
                    92:09:d9:a5:f2:ce:ea:fb:59:2a:c8:02:a9:bf:fa:
                    f2:42:ef:35:9f:2f:98:32:14:ac:12:c1:bf:7c:08:
                    4f:26:e3:d6:88:26:b8:22:95:aa:f5:26:78:58:40:
                    d1:6c:d1:1d:c7:0e:cb:66:2e:67:13:f1:39:5a:f7:
                    e9:f4:2f:d7:ab:60:c3:6e:52:12:9b:5c:86:0e:a3:
                    45:f1:4a:5f:52:00:15:3d:54:56:93:18:ab:17:72:
                    f5:56:a4:39:c7:fa:64:c9:fa:0f:ff:ef:26:4e:39:
                    fb:d7:de:e6:70:3e:a3:6f:73:3a:91:5a:ea:72:f8:
                    e3:42:e5:e1:02:0f:13:2d:42:b5:1c:7b:4f:7f:ea:
                    78:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:54:F9:3D:14:04:E3:98:38:6E:0C:B2:62:7A:B5:C0:8F:B4:E7:44
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5423a80a-be1f-4708-a5ef-17ccc2a1a025.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.228.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         39:cf:a8:94:3d:7f:62:cb:87:5c:85:cf:5b:c8:7e:82:28:fd:
         2c:ff:10:c0:3b:a6:98:79:60:cb:4d:c8:5e:7f:2a:bf:8e:cb:
         78:2a:4e:d2:3d:b0:b5:7b:ed:5f:49:4c:6d:18:ec:2a:e1:d2:
         01:98:95:9a:72:15:d1:fb:70:38:d7:b1:52:b3:5f:04:78:67:
         01:e3:3b:cf:c7:e9:3a:46:df:99:e4:37:62:c7:d9:1e:8f:46:
         77:2c:90:e1:40:a5:b5:e0:74:34:fe:e5:96:bc:15:12:c1:ae:
         63:b1:34:f0:03:8a:45:40:e8:a4:ee:8c:91:c2:14:76:88:4a:
         87:6e:44:45:91:e2:99:a3:79:5f:69:78:c0:2f:dc:26:51:de:
         0f:d1:ba:f4:ee:2c:dd:f9:a3:2c:56:71:95:7d:91:6d:5d:eb:
         26:5b:a4:ec:0a:a4:a9:f2:7f:b1:0a:20:d4:02:fe:dd:3c:3e:
         51:14:06:d1:c4:96:f4:b8:77:2c:4b:28:5b:88:ab:42:52:fc:
         5f:cf:ba:26:8b:a5:67:7c:7b:3f:43:cc:55:42:02:26:c1:ae:
         aa:38:f9:b2:2c:72:4c:2d:90:b7:b2:4e:89:03:94:fb:a2:bc:
         a9:82:40:88:ac:6e:a3:5a:78:ae:fa:4b:2c:3c:f8:c9:60:8c:
         f3:a9:97:89
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUC++krlxkq0wk1ITKyHUWFioqoCMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIyMDAzMTQ4WhcNMjUxMTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNzQyZjFlMTc2Mzk3OWVmMmRjNGIxYWY3MzU5NWE1M2E5
NzcyZDY5NGFlMDRiY2JjNjU3YzFhYzdhY2VmZDIxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQClq0Iib7aFhZ1gaAuSIpKCZW4gL7LUjbLXIRvKgdzEs5mj
T8ss0Q4bgoYZkMX6OdDrukiQKVQcysXIzicZQiFqc3KfURtvstYjc2ACOgD/SfEb
EqF5uViU9vBQhBPrbatbg399ESNedi8gs+jQNViXPOG6atC775IJ2aXyzur7WSrI
Aqm/+vJC7zWfL5gyFKwSwb98CE8m49aIJrgilar1JnhYQNFs0R3HDstmLmcT8Tla
9+n0L9erYMNuUhKbXIYOo0XxSl9SABU9VFaTGKsXcvVWpDnH+mTJ+g//7yZOOfvX
3uZwPqNvczqRWupy+ONC5eECDxMtQrUce09/6niRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUDFT5PRQE45g4bgyyYnq1wI+050QwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzU0MjNhODBhLWJlMWYtNDcwOC1hNWVmLTE3Y2NjMmExYTAyNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYX5MAwDQYJKoZIhvcNAQELBQADggEBADnPqJQ9f2LLh1yFz1vIfoIo/Sz/
EMA7pph5YMtNyF5/Kr+Oy3gqTtI9sLV77V9JTG0Y7Crh0gGYlZpyFdH7cDjXsVKz
XwR4ZwHjO8/H6TpG35nkN2LH2R6PRncskOFApbXgdDT+5Za8FRLBrmOxNPADikVA
6KTujJHCFHaISoduREWR4pmjeV9peMAv3CZR3g/RuvTuLN35oyxWcZV9kW1d6yZb
pOwKpKnyf7EKINQC/t08PlEUBtHElvS4dyxLKFuIq0JS/F/PuiaLpWd8ez9DzFVC
AibBrqo4+bIsckwtkLeyTokDlPuivKmCQIisbqNaeK76Syw8+MlgjPOpl4k=
-----END CERTIFICATE-----