Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/802dd918-8d70-4326-af2f-e982eb27726f.roa
File:                     802dd918-8d70-4326-af2f-e982eb27726f.roa (raw, json)
Hash identifier:          r0yOQRFfxyBmf/sAelU/QA61DzKGSd46QGYE+APJTbM=
Subject key identifier:   4D:FB:F5:28:98:C7:C0:68:2E:A1:0C:84:AA:B8:D9:A2:AC:18:34:A6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       495466267FCDE1AAE74AD1FB59E2D0AF94E7F23A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/802dd918-8d70-4326-af2f-e982eb27726f.roa
Signing time:             Fri 31 Oct 2025 00:40:11 +0000
ROA not before:           Fri 31 Oct 2025 00:40:11 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.17.180.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:54:66:26:7f:cd:e1:aa:e7:4a:d1:fb:59:e2:d0:af:94:e7:f2:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:40:11 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=be75fabe075627d7d5741e58ca81ae13f77266e172eba483e77be2512b581030, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:6c:27:83:5d:ae:b1:c8:1f:8d:c8:39:53:26:
                    e0:ba:1f:65:2e:9c:1c:e0:ec:6c:41:8e:c7:f6:b0:
                    f4:e1:79:78:a3:c4:9b:fd:f3:45:c7:56:fd:e2:b3:
                    78:a5:3c:6e:2e:0a:26:3a:3f:76:a6:e9:52:f3:3a:
                    28:90:7a:0e:c4:4f:fd:03:d2:62:56:28:57:28:62:
                    ef:fa:7e:27:d8:2a:e4:c6:42:3e:f0:3c:18:f9:35:
                    86:62:0c:b7:6a:22:ab:19:4c:26:05:c1:73:5f:68:
                    ad:a3:35:26:4a:bc:00:1d:d9:66:5a:81:59:3c:44:
                    fd:96:53:ee:89:94:37:14:7d:60:28:43:4d:00:05:
                    2d:f8:e5:d7:fb:6e:dc:44:01:63:64:9a:2f:ff:c6:
                    b0:9f:e0:02:18:28:01:33:c9:ae:ba:13:8a:49:09:
                    18:12:e9:08:d3:2a:eb:31:cc:28:eb:65:ae:10:77:
                    de:f3:81:4c:f4:69:b4:01:ea:97:4f:3f:1a:d6:42:
                    57:60:25:26:c5:59:7a:ab:e0:61:77:21:40:e2:7f:
                    d8:aa:ae:50:4a:57:e7:61:d2:3e:27:90:6d:31:43:
                    c0:ef:c7:eb:fd:7d:b1:65:e9:e0:ea:78:52:aa:75:
                    cb:40:1f:1d:ba:40:1f:9b:49:8c:70:a3:e1:1b:bf:
                    7d:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:FB:F5:28:98:C7:C0:68:2E:A1:0C:84:AA:B8:D9:A2:AC:18:34:A6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/802dd918-8d70-4326-af2f-e982eb27726f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.17.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:fd:67:d6:58:09:25:9d:90:98:cc:07:cd:f4:25:91:86:6d:
         8e:39:e2:a2:31:d5:9f:ee:af:dc:92:13:bc:94:1a:a8:17:ae:
         c7:e2:56:06:87:62:8b:74:7e:78:b1:ad:92:60:36:8f:a4:d3:
         86:e7:69:f5:fc:09:13:22:e4:9a:bd:21:4e:15:9e:79:3c:88:
         ed:65:ee:39:e6:b9:d6:f7:cb:23:28:c5:ba:74:b0:87:35:5e:
         9c:02:b9:77:81:b7:54:dd:32:92:e8:84:5e:3d:ca:46:7f:cc:
         eb:1e:f6:ba:47:d6:a8:d4:a7:46:6d:99:ce:b4:60:0f:9e:0f:
         3b:ff:c4:34:cd:dd:cf:8d:ef:ea:43:b1:50:f8:62:5a:34:60:
         e6:cf:b4:22:8f:5d:02:b4:12:cd:51:5a:21:e3:a8:99:a4:17:
         63:c8:8c:e0:27:af:c6:69:a2:36:ce:a6:b8:0d:2f:23:8d:06:
         28:c3:05:bb:22:ca:f3:4c:b2:b2:ca:9f:83:5c:1a:a9:84:33:
         af:c8:8a:e4:62:e8:79:1e:e1:99:34:62:21:9e:bd:8f:3a:4b:
         ad:45:6e:c3:79:50:16:e6:a7:8b:b5:93:7a:20:7a:e1:c9:87:
         40:73:bf:8b:63:2d:e2:12:7a:ab:48:92:7b:69:50:7e:5b:c4:
         fc:76:c3:1f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSVRmJn/N4arnStH7WeLQr5Tn8jowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDA0MDExWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZTc1ZmFiZTA3NTYyN2Q3ZDU3NDFlNThjYTgxYWUxM2Y3
NzI2NmUxNzJlYmE0ODNlNzdiZTI1MTJiNTgxMDMwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYbCeDXa6xyB+NyDlTJuC6H2UunBzg7GxBjsf2sPTheXij
xJv980XHVv3is3ilPG4uCiY6P3am6VLzOiiQeg7ET/0D0mJWKFcoYu/6fifYKuTG
Qj7wPBj5NYZiDLdqIqsZTCYFwXNfaK2jNSZKvAAd2WZagVk8RP2WU+6JlDcUfWAo
Q00ABS345df7btxEAWNkmi//xrCf4AIYKAEzya66E4pJCRgS6QjTKusxzCjrZa4Q
d97zgUz0abQB6pdPPxrWQldgJSbFWXqr4GF3IUDif9iqrlBKV+dh0j4nkG0xQ8Dv
x+v9fbFl6eDqeFKqdctAHx26QB+bSYxwo+Ebv32nAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTfv1KJjHwGguoQyEqrjZoqwYNKYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgwMmRkOTE4LThkNzAtNDMyNi1hZjJmLWU5ODJlYjI3NzI2Zi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIyEbQwDQYJKoZIhvcNAQELBQADggEBAIb9Z9ZYCSWdkJjMB830JZGGbY45
4qIx1Z/ur9ySE7yUGqgXrsfiVgaHYot0fnixrZJgNo+k04bnafX8CRMi5Jq9IU4V
nnk8iO1l7jnmudb3yyMoxbp0sIc1XpwCuXeBt1TdMpLohF49ykZ/zOse9rpH1qjU
p0Ztmc60YA+eDzv/xDTN3c+N7+pDsVD4Ylo0YObPtCKPXQK0Es1RWiHjqJmkF2PI
jOAnr8ZpojbOprgNLyONBijDBbsiyvNMsrLKn4NcGqmEM6/IiuRi6Hke4Zk0YiGe
vY86S61FbsN5UBbmp4u1k3ogeuHJh0Bzv4tjLeISeqtIkntpUH5bxPx2wx8=
-----END CERTIFICATE-----