Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b589bcc-8e5f-42b0-84e6-f5be0dcf4137.roa
File:                     5b589bcc-8e5f-42b0-84e6-f5be0dcf4137.roa (raw, json)
Hash identifier:          Qabkgyy2X0F7chqQHAG53UO9uEmeJvA12itVWzm7cP8=
Subject key identifier:   25:34:AD:84:A9:35:B7:7B:47:C8:70:11:F7:DC:60:A9:7A:8F:91:70
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       088C70729531EC37598CC44D6FBAC03A6C4AF411
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b589bcc-8e5f-42b0-84e6-f5be0dcf4137.roa
Signing time:             Fri 31 Oct 2025 00:51:24 +0000
ROA not before:           Fri 31 Oct 2025 00:51:24 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        44.216.184.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:8c:70:72:95:31:ec:37:59:8c:c4:4d:6f:ba:c0:3a:6c:4a:f4:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:51:24 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=e90cf48a2f67763d7267d6a3ba1e0fd0769b7572f1db339703c203caad1f48a7, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:46:7f:fd:49:69:87:a0:2c:ee:f8:80:c2:cf:
                    1c:25:f5:16:a1:4e:6c:60:cc:93:f6:3c:d5:b4:84:
                    c9:c0:8e:4e:cf:32:bf:90:74:ad:70:29:27:c5:8c:
                    73:36:1c:33:a2:12:be:44:c2:3d:ba:0a:6b:63:89:
                    9c:3a:18:9e:c5:d1:9c:d4:8e:e3:2e:ba:75:17:98:
                    8f:ba:2c:d2:df:60:27:5f:af:b6:61:7d:b8:6e:2a:
                    ea:2d:84:eb:59:43:4e:2f:5c:24:0c:d9:f4:8f:a4:
                    c3:43:03:d6:0d:cf:4f:30:19:bf:72:4e:5d:ea:4e:
                    24:8c:df:bb:2d:c8:74:e8:7a:8c:e1:ed:30:cb:d2:
                    c4:0f:ee:a4:74:03:c7:79:a2:57:55:ba:2d:17:3e:
                    77:40:b9:50:4a:8f:9d:8d:81:1d:79:58:3b:94:67:
                    fc:84:25:2d:43:d3:b5:ab:d2:13:e0:39:f2:a4:95:
                    33:7e:74:c0:ce:6c:0e:cf:fb:bd:4e:e6:ed:49:43:
                    7e:98:5e:4a:42:c4:a9:a1:82:7c:e8:d4:e1:10:09:
                    b0:1a:98:fc:5d:bb:fd:38:f0:bc:27:bf:83:62:a6:
                    a5:42:8f:cc:f2:01:0a:2e:ea:a6:41:77:87:ea:00:
                    f8:c6:89:e0:f0:4c:d1:0f:63:80:2f:cd:34:65:d6:
                    af:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:34:AD:84:A9:35:B7:7B:47:C8:70:11:F7:DC:60:A9:7A:8F:91:70
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b589bcc-8e5f-42b0-84e6-f5be0dcf4137.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  44.216.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c2:ca:d8:44:f3:4f:00:f3:6d:7c:89:40:85:73:49:91:40:2a:
         fc:23:8d:12:dc:1d:b8:42:db:0d:a4:91:f1:f8:4b:83:85:d7:
         37:33:33:e7:e5:73:6b:f7:05:24:9b:3f:ce:a3:ea:61:b1:10:
         ab:9b:e5:9e:bf:b5:99:7f:e4:60:2b:fe:03:7f:41:42:86:97:
         62:5e:3d:80:9e:2a:36:f2:dd:f7:ce:19:ba:bc:9e:d8:1a:00:
         7a:d2:ca:92:62:bf:bc:1f:58:06:e5:27:c6:0b:6a:7d:c5:e6:
         ab:27:17:34:cd:e3:e5:6d:cd:57:5d:6f:cc:13:a2:64:55:3e:
         d5:1d:7e:b9:b9:29:97:0a:91:ed:7d:3d:a1:5e:f7:a2:25:c0:
         01:43:94:df:42:ac:42:51:a6:5a:c7:82:2b:29:6c:fd:4d:1d:
         2b:c8:51:68:34:25:6f:be:fc:00:90:ee:cc:ac:3a:44:9f:3a:
         0f:0b:19:51:2c:8d:ef:f1:56:5a:af:ad:83:fd:2f:67:88:78:
         80:25:fc:88:3d:b1:cf:a0:fd:78:06:6f:fd:46:87:0d:44:d1:
         5c:a2:8e:41:26:a3:bb:52:fb:5d:ab:49:03:a7:26:e5:af:34:
         02:e1:3d:3e:72:8d:83:83:ab:96:d2:db:bc:b7:8e:1a:e3:ed:
         ef:7e:f8:52
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCIxwcpUx7DdZjMRNb7rAOmxK9BEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDA1MTI0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlOTBjZjQ4YTJmNjc3NjNkNzI2N2Q2YTNiYTFlMGZkMDc2
OWI3NTcyZjFkYjMzOTcwM2MyMDNjYWFkMWY0OGE3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQChRn/9SWmHoCzu+IDCzxwl9RahTmxgzJP2PNW0hMnAjk7P
Mr+QdK1wKSfFjHM2HDOiEr5Ewj26CmtjiZw6GJ7F0ZzUjuMuunUXmI+6LNLfYCdf
r7ZhfbhuKuothOtZQ04vXCQM2fSPpMNDA9YNz08wGb9yTl3qTiSM37styHToeozh
7TDL0sQP7qR0A8d5oldVui0XPndAuVBKj52NgR15WDuUZ/yEJS1D07Wr0hPgOfKk
lTN+dMDObA7P+71O5u1JQ36YXkpCxKmhgnzo1OEQCbAamPxdu/048Lwnv4NipqVC
j8zyAQou6qZBd4fqAPjGieDwTNEPY4AvzTRl1q+pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUJTSthKk1t3tHyHAR99xgqXqPkXAwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzViNTg5YmNjLThlNWYtNDJiMC04NGU2LWY1YmUwZGNmNDEzNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIs2LgwDQYJKoZIhvcNAQELBQADggEBAMLK2ETzTwDzbXyJQIVzSZFAKvwj
jRLcHbhC2w2kkfH4S4OF1zczM+flc2v3BSSbP86j6mGxEKub5Z6/tZl/5GAr/gN/
QUKGl2JePYCeKjby3ffOGbq8ntgaAHrSypJiv7wfWAblJ8YLan3F5qsnFzTN4+Vt
zVddb8wTomRVPtUdfrm5KZcKke19PaFe96IlwAFDlN9CrEJRplrHgispbP1NHSvI
UWg0JW++/ACQ7sysOkSfOg8LGVEsje/xVlqvrYP9L2eIeIAl/Ig9sc+g/XgGb/1G
hw1E0VyijkEmo7tS+12rSQOnJuWvNALhPT5yjYODq5bS27y3jhrj7e9++FI=
-----END CERTIFICATE-----