Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa
File:                     82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa (raw, json)
Hash identifier:          I0nc7vUEzycPwXwkFsDOG7iFjnBS4iLZtwNiE1kBSe0=
Subject key identifier:   52:50:B6:A6:02:25:D4:AF:87:24:8D:74:4A:11:09:04:50:B1:96:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       0BA7979F28817FE25B3D538B91B4032AAEFA9764
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa
Signing time:             Tue 04 Nov 2025 00:00:08 +0000
ROA not before:           Tue 04 Nov 2025 00:00:08 +0000
ROA not after:            Tue 09 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        66.149.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:a7:97:9f:28:81:7f:e2:5b:3d:53:8b:91:b4:03:2a:ae:fa:97:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  4 00:00:08 2025 GMT
            Not After : Dec  9 23:59:59 2025 GMT
        Subject: serialNumber=56503a478d6dfe457037ff3597217d81f303c05795b7bbd9c5de964643f572ce, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ed:6d:30:7e:dd:0f:37:75:0e:e6:b2:ce:aa:
                    2d:7f:3c:9b:59:0a:61:5a:1a:e4:54:d1:e8:c6:6b:
                    3b:b0:e8:0e:fa:f7:39:02:82:48:55:3e:9b:53:77:
                    87:61:4b:34:17:43:58:37:53:2c:8d:e3:34:ee:3c:
                    ad:d1:37:7c:4e:e1:2f:66:e5:71:96:d2:60:73:b6:
                    1d:43:ba:0a:8f:bd:d5:1d:4b:50:f1:84:ec:67:0b:
                    5e:b4:da:da:a6:73:fe:28:ae:36:f9:8c:06:8f:d9:
                    62:9d:db:a2:1f:c5:9d:83:41:e2:b9:39:05:6d:14:
                    f4:b9:b4:43:34:78:7d:79:d5:97:ab:ae:34:45:f6:
                    a1:3d:0f:fa:bc:29:9a:d6:d9:1c:df:34:9e:40:32:
                    d5:34:03:ab:51:36:86:74:e1:32:8d:9a:92:94:99:
                    bb:a5:b2:11:92:70:c3:75:de:a9:92:6d:3b:24:ee:
                    b7:64:1f:7b:ec:83:14:53:33:74:fc:37:86:d4:1c:
                    90:46:40:0f:57:09:bd:fe:13:42:29:fc:3d:9d:0a:
                    6b:02:e0:69:54:88:94:94:81:f4:18:a3:ec:0a:df:
                    6d:9b:97:64:7f:8f:4a:be:df:60:31:20:a1:d7:40:
                    f7:0f:10:23:d0:fa:d9:24:36:a2:b4:4c:ff:a0:a8:
                    a0:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:50:B6:A6:02:25:D4:AF:87:24:8D:74:4A:11:09:04:50:B1:96:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/82f2d58e-cb6c-4400-aa23-2b45b3a0f0db.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.149.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         8b:7b:2d:9d:f9:11:12:5b:df:91:ce:2c:9c:9e:6b:e3:c3:d2:
         1c:7d:87:3a:46:b4:cc:6f:34:0a:6c:03:98:b0:f6:ed:2a:e7:
         8c:48:f2:a1:bc:b8:9b:ec:54:c3:54:2f:41:62:ef:ed:51:1d:
         28:74:49:d9:54:b4:4f:4c:c8:69:4c:c2:fb:95:c6:be:02:e0:
         ef:5a:00:1b:29:d3:2d:e2:c0:23:9d:db:62:56:42:ff:69:84:
         1c:cc:81:77:8f:38:e0:6a:5a:2b:e1:dd:5b:6f:5b:5e:a3:16:
         8c:c2:b3:49:c8:4c:6c:4f:ca:62:79:13:9d:c6:03:fb:b9:82:
         e7:22:26:5e:f2:47:fa:20:a2:39:72:51:82:24:1d:90:61:cb:
         27:25:ff:7e:50:80:2d:fa:69:f0:04:f1:16:55:61:88:8c:f7:
         8c:f6:35:84:f5:3f:2d:26:36:82:dd:11:d0:3f:68:7f:9c:01:
         f6:b1:df:07:31:28:e7:e2:98:b7:53:4c:42:67:0b:51:7e:ec:
         b4:47:68:77:55:f4:7b:71:ff:0e:3b:7c:89:df:e5:cd:13:1a:
         f8:ac:06:43:b8:fe:dc:d1:90:5c:c8:66:91:59:e9:e8:1c:d9:
         51:a9:58:7e:15:51:90:a2:6a:67:ff:7d:94:37:71:55:e1:3f:
         ad:3c:21:da
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUC6eXnyiBf+JbPVOLkbQDKq76l2QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA0MDAwMDA4WhcNMjUxMjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NjUwM2E0NzhkNmRmZTQ1NzAzN2ZmMzU5NzIxN2Q4MWYz
MDNjMDU3OTViN2JiZDljNWRlOTY0NjQzZjU3MmNlMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCf7W0wft0PN3UO5rLOqi1/PJtZCmFaGuRU0ejGazuw6A76
9zkCgkhVPptTd4dhSzQXQ1g3UyyN4zTuPK3RN3xO4S9m5XGW0mBzth1DugqPvdUd
S1DxhOxnC1602tqmc/4orjb5jAaP2WKd26IfxZ2DQeK5OQVtFPS5tEM0eH151Zer
rjRF9qE9D/q8KZrW2RzfNJ5AMtU0A6tRNoZ04TKNmpKUmbulshGScMN13qmSbTsk
7rdkH3vsgxRTM3T8N4bUHJBGQA9XCb3+E0Ip/D2dCmsC4GlUiJSUgfQYo+wK322b
l2R/j0q+32AxIKHXQPcPECPQ+tkkNqK0TP+gqKADAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUUlC2pgIl1K+HJI10ShEJBFCxlvYwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzgyZjJkNThlLWNiNmMtNDQwMC1hYTIzLTJiNDViM2EwZjBkYi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBClTANBgkqhkiG9w0BAQsFAAOCAQEAi3stnfkRElvfkc4snJ5r48PSHH2H
Oka0zG80CmwDmLD27SrnjEjyoby4m+xUw1QvQWLv7VEdKHRJ2VS0T0zIaUzC+5XG
vgLg71oAGynTLeLAI53bYlZC/2mEHMyBd4844GpaK+HdW29bXqMWjMKzSchMbE/K
YnkTncYD+7mC5yImXvJH+iCiOXJRgiQdkGHLJyX/flCALfpp8ATxFlVhiIz3jPY1
hPU/LSY2gt0R0D9of5wB9rHfBzEo5+KYt1NMQmcLUX7stEdod1X0e3H/Djt8id/l
zRMa+KwGQ7j+3NGQXMhmkVnp6BzZUalYfhVRkKJqZ/99lDdxVeE/rTwh2g==
-----END CERTIFICATE-----