Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848952e2-f44c-4951-9963-3a457ef26fed.roa
File:                     848952e2-f44c-4951-9963-3a457ef26fed.roa (raw, json)
Hash identifier:          aZb6kFs72wdlOFAaFqXeBmVenAFr1br2USz1M3gOXXo=
Subject key identifier:   A1:CE:88:74:22:8C:70:F2:10:BA:A8:B6:01:B6:A3:F5:E8:1E:6E:C2
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5EB0A468A53C1ABC5A617494C451E30BAB4C2ED1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848952e2-f44c-4951-9963-3a457ef26fed.roa
Signing time:             Thu 23 Oct 2025 05:54:59 +0000
ROA not before:           Thu 23 Oct 2025 05:54:59 +0000
ROA not after:            Thu 27 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        24.110.52.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:b0:a4:68:a5:3c:1a:bc:5a:61:74:94:c4:51:e3:0b:ab:4c:2e:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 23 05:54:59 2025 GMT
            Not After : Nov 27 23:59:59 2025 GMT
        Subject: serialNumber=997dedaf636fc24bf63a78821a1238068a7f32269d6938d76a04dd7cc49a530b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:64:e5:08:22:53:51:66:ae:92:f7:32:d0:d2:
                    20:0f:24:4f:51:af:d4:3a:72:0a:d2:4a:77:6b:5c:
                    6a:1f:76:e3:a2:8d:db:9d:05:28:a0:36:f9:15:55:
                    12:d9:ef:cf:b3:74:a2:d5:fc:3f:0d:c2:48:47:30:
                    7e:ac:c8:e5:3e:bf:30:58:54:1e:d3:fa:a6:01:3c:
                    c2:16:89:73:46:98:b2:f7:70:99:c9:67:ce:90:f6:
                    71:c7:db:73:9c:f5:79:16:28:56:46:b3:9f:39:12:
                    25:8b:3b:73:d2:d2:c4:d9:d0:07:4d:14:16:f5:14:
                    41:9f:6a:34:a0:f5:e7:5b:c9:77:b4:db:06:bc:33:
                    8d:7e:26:9e:8e:86:e9:93:1c:4f:65:73:4e:a4:27:
                    c7:8f:b7:6b:12:11:cc:3d:9f:2a:d5:04:23:48:32:
                    04:f9:21:b0:4a:58:8c:19:21:98:e4:81:63:82:77:
                    08:29:8d:61:32:54:4d:8e:37:cc:26:12:e2:7d:43:
                    5b:3c:14:4d:3a:93:f2:d0:f6:c5:40:c8:ec:a8:ca:
                    3c:35:32:01:1b:25:e8:69:12:f7:d0:a3:4c:e8:10:
                    a9:87:61:d1:d4:f2:50:5d:ff:38:33:b7:0c:a9:88:
                    ec:ca:24:59:b5:89:b7:2a:69:ce:89:0c:1f:65:f9:
                    28:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:CE:88:74:22:8C:70:F2:10:BA:A8:B6:01:B6:A3:F5:E8:1E:6E:C2
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/848952e2-f44c-4951-9963-3a457ef26fed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.110.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:26:a5:e5:e9:77:4a:1e:a6:42:e4:79:74:87:e8:b7:83:f7:
         9b:42:b6:31:ce:e4:88:b0:b3:4c:a6:8d:36:45:91:e7:30:b6:
         66:89:cb:94:40:14:11:6c:fc:14:d2:e7:3b:c4:88:25:af:f7:
         51:4b:d2:48:b9:f6:d0:83:4f:3b:1f:01:3c:a9:f9:f3:5f:9f:
         f0:e1:bf:dc:42:a5:ef:8d:8a:5e:d7:81:58:7d:fd:db:f6:2a:
         d7:77:73:73:ac:57:f2:c3:0e:97:e6:01:b9:9c:9f:4f:3f:4b:
         b6:5f:9e:7b:55:84:b5:ca:a5:d3:5b:16:a1:a9:52:c4:7d:b1:
         7c:c4:9d:bf:22:c6:79:b9:ee:d1:cf:08:64:3b:43:e7:f5:2c:
         9c:73:6f:92:be:e9:88:d8:cf:3c:f7:6a:94:29:fa:ac:f4:86:
         4c:c9:c8:a9:f5:c4:06:b8:9f:49:4c:c9:35:2b:2c:88:2e:b5:
         1f:28:8f:60:1d:8b:c9:18:50:03:56:c1:24:3c:e4:23:90:89:
         7a:db:a6:20:f5:d6:64:b3:14:74:bd:c6:aa:27:84:e7:a4:dd:
         ba:de:09:62:09:92:3e:56:ac:0c:33:01:89:be:32:b6:26:1e:
         d4:de:31:6b:d6:92:8b:be:42:be:4a:08:c3:7e:41:0f:b7:0f:
         48:a2:37:ee
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXrCkaKU8GrxaYXSUxFHjC6tMLtEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDIzMDU1NDU5WhcNMjUxMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A5OTdkZWRhZjYzNmZjMjRiZjYzYTc4ODIxYTEyMzgwNjhh
N2YzMjI2OWQ2OTM4ZDc2YTA0ZGQ3Y2M0OWE1MzBiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZZOUIIlNRZq6S9zLQ0iAPJE9Rr9Q6cgrSSndrXGofduOi
jdudBSigNvkVVRLZ78+zdKLV/D8NwkhHMH6syOU+vzBYVB7T+qYBPMIWiXNGmLL3
cJnJZ86Q9nHH23Oc9XkWKFZGs585EiWLO3PS0sTZ0AdNFBb1FEGfajSg9edbyXe0
2wa8M41+Jp6OhumTHE9lc06kJ8ePt2sSEcw9nyrVBCNIMgT5IbBKWIwZIZjkgWOC
dwgpjWEyVE2ON8wmEuJ9Q1s8FE06k/LQ9sVAyOyoyjw1MgEbJehpEvfQo0zoEKmH
YdHU8lBd/zgztwypiOzKJFm1ibcqac6JDB9l+ShfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUoc6IdCKMcPIQuqi2Abaj9egebsIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg0ODk1MmUyLWY0NGMtNDk1MS05OTYzLTNhNDU3ZWYyNmZlZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAYbjQwDQYJKoZIhvcNAQELBQADggEBAKsmpeXpd0oepkLkeXSH6LeD95tC
tjHO5Iiws0ymjTZFkecwtmaJy5RAFBFs/BTS5zvEiCWv91FL0ki59tCDTzsfATyp
+fNfn/Dhv9xCpe+Nil7XgVh9/dv2Ktd3c3OsV/LDDpfmAbmcn08/S7ZfnntVhLXK
pdNbFqGpUsR9sXzEnb8ixnm57tHPCGQ7Q+f1LJxzb5K+6YjYzzz3apQp+qz0hkzJ
yKn1xAa4n0lMyTUrLIgutR8oj2Adi8kYUANWwSQ85COQiXrbpiD11mSzFHS9xqon
hOek3breCWIJkj5WrAwzAYm+MrYmHtTeMWvWkou+Qr5KCMN+QQ+3D0iiN+4=
-----END CERTIFICATE-----