Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/85990add-2190-4b72-b762-5667ee04b800.roa
File:                     85990add-2190-4b72-b762-5667ee04b800.roa (raw, json)
Hash identifier:          Wu4tiN5W0QJk4B2hlANiouCAO+ZrcBI38XIHghV8GT8=
Subject key identifier:   03:7C:F4:01:42:F9:1D:F1:BC:C8:CD:6C:CE:4B:4C:7B:9D:3E:E6:FC
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       473EFEE04D5BB1E12DB84C64D95131B484FDD96D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/85990add-2190-4b72-b762-5667ee04b800.roa
Signing time:             Fri 31 Oct 2025 00:10:04 +0000
ROA not before:           Fri 31 Oct 2025 00:10:04 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        13.130.8.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:3e:fe:e0:4d:5b:b1:e1:2d:b8:4c:64:d9:51:31:b4:84:fd:d9:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:10:04 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=373f917e00d545412dd46c2f0ffa6455163acdd2fa8ccf76d59d7d27be67a655, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:dd:64:69:82:f3:e3:50:dd:1a:23:29:92:44:
                    74:9e:6f:48:73:5d:c9:20:33:37:61:50:ef:3f:5a:
                    da:32:99:0b:be:4c:de:7f:1f:d0:4c:a1:7c:41:25:
                    91:3f:18:7f:3c:5a:af:d7:ef:7d:d5:68:43:7f:fc:
                    63:39:6a:38:fb:3c:40:1d:6d:19:de:52:5a:e6:dc:
                    f1:bf:d7:bb:20:39:9d:28:47:89:04:7a:fe:ff:06:
                    a6:95:0b:f8:ce:68:28:93:60:09:f2:1c:aa:5d:d1:
                    5f:c8:7f:4f:26:08:d2:b1:ce:97:78:85:97:37:e0:
                    10:4b:70:f9:5f:57:62:46:ec:ef:1c:7a:f6:a8:02:
                    2c:8c:b0:83:4a:61:e9:86:69:80:15:6f:05:23:2d:
                    f5:29:cc:a8:54:c0:64:3e:d8:7e:df:90:47:2d:b8:
                    51:77:1d:36:ca:80:3a:f5:75:cd:7c:03:98:8e:52:
                    b0:25:40:0d:b3:9a:55:64:c5:16:ec:78:2b:07:e2:
                    d5:9d:db:09:f1:72:35:5c:81:ce:7d:da:27:44:e2:
                    51:00:fb:61:e4:a2:1b:39:ef:e4:e7:f6:3c:e5:d7:
                    2f:9e:0c:f8:c7:a0:3e:44:35:4f:69:de:c8:bd:50:
                    76:a8:13:cd:0d:23:1f:7c:06:80:cc:d2:51:34:ea:
                    0f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:7C:F4:01:42:F9:1D:F1:BC:C8:CD:6C:CE:4B:4C:7B:9D:3E:E6:FC
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/85990add-2190-4b72-b762-5667ee04b800.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.130.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7a:31:3a:52:e5:8f:f4:02:f5:ad:2c:a1:a5:1e:5b:56:b9:dd:
         17:16:56:ab:72:65:a6:69:94:96:43:89:2c:c1:62:6d:87:c7:
         03:16:e3:16:b2:4b:28:e5:2e:7e:5e:47:dc:6f:6d:0e:77:e3:
         66:a1:cd:49:7a:e8:b2:5d:f7:5e:84:a5:99:7a:37:a4:26:ff:
         28:ca:5d:a6:41:f9:24:b4:5b:dd:e5:95:8d:02:d6:43:58:ab:
         01:0b:1e:fd:66:e4:71:1a:b5:61:4d:35:d6:64:86:e6:4c:23:
         0c:d2:9a:b9:fc:fd:d1:c3:85:ad:df:18:0b:d9:51:a3:d8:fc:
         35:6e:3c:2a:5b:af:99:39:c6:60:2e:32:87:72:af:45:07:aa:
         e1:75:12:eb:f2:2c:8e:aa:bc:64:a9:89:f4:35:5b:f2:9e:de:
         bd:54:d5:64:1f:fb:3d:97:35:ab:7f:8e:04:f0:ab:a1:b4:01:
         1c:e7:53:4e:dc:63:c3:d3:93:dc:1a:48:b2:8f:03:d3:5f:13:
         17:6a:75:32:ab:3e:f1:df:70:f4:f8:fc:78:e0:ce:83:a9:45:
         b8:a9:65:06:20:95:1a:9b:eb:45:3b:af:64:8c:37:b1:31:71:
         8a:60:16:0d:e1:43:8f:1a:05:f8:1c:c9:f7:aa:ca:c9:cf:0a:
         77:3c:b8:32
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURz7+4E1bseEtuExk2VExtIT92W0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAxMDA0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNzNmOTE3ZTAwZDU0NTQxMmRkNDZjMmYwZmZhNjQ1NTE2
M2FjZGQyZmE4Y2NmNzZkNTlkN2QyN2JlNjdhNjU1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz3WRpgvPjUN0aIymSRHSeb0hzXckgMzdhUO8/WtoymQu+
TN5/H9BMoXxBJZE/GH88Wq/X733VaEN//GM5ajj7PEAdbRneUlrm3PG/17sgOZ0o
R4kEev7/BqaVC/jOaCiTYAnyHKpd0V/If08mCNKxzpd4hZc34BBLcPlfV2JG7O8c
evaoAiyMsINKYemGaYAVbwUjLfUpzKhUwGQ+2H7fkEctuFF3HTbKgDr1dc18A5iO
UrAlQA2zmlVkxRbseCsH4tWd2wnxcjVcgc592idE4lEA+2Hkohs57+Tn9jzl1y+e
DPjHoD5ENU9p3si9UHaoE80NIx98BoDM0lE06g89AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUA3z0AUL5HfG8yM1szktMe50+5vwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzg1OTkwYWRkLTIxOTAtNGI3Mi1iNzYyLTU2NjdlZTA0YjgwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNgggwDQYJKoZIhvcNAQELBQADggEBAHoxOlLlj/QC9a0soaUeW1a53RcW
VqtyZaZplJZDiSzBYm2HxwMW4xaySyjlLn5eR9xvbQ5342ahzUl66LJd916EpZl6
N6Qm/yjKXaZB+SS0W93llY0C1kNYqwELHv1m5HEatWFNNdZkhuZMIwzSmrn8/dHD
ha3fGAvZUaPY/DVuPCpbr5k5xmAuModyr0UHquF1EuvyLI6qvGSpifQ1W/Ke3r1U
1WQf+z2XNat/jgTwq6G0ARznU07cY8PTk9waSLKPA9NfExdqdTKrPvHfcPT4/Hjg
zoOpRbipZQYglRqb60U7r2SMN7ExcYpgFg3hQ48aBfgcyfeqysnPCnc8uDI=
-----END CERTIFICATE-----