Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90250894-227b-4244-97af-9b2216446b2c.roa
File:                     90250894-227b-4244-97af-9b2216446b2c.roa (raw, json)
Hash identifier:          CwR0t+kT0UftjiXT/kLi/Bw61LSpz692ZMleniR8X0A=
Subject key identifier:   F6:2C:51:F9:27:3D:9F:C6:4D:9C:A1:58:1F:80:26:EE:4D:2E:2F:B0
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1A3ABEB8433912400260C6A5B610ED0AA7B19FAD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90250894-227b-4244-97af-9b2216446b2c.roa
Signing time:             Fri 31 Oct 2025 00:20:46 +0000
ROA not before:           Fri 31 Oct 2025 00:20:46 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     6167
IP address blocks:        204.126.24.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:3a:be:b8:43:39:12:40:02:60:c6:a5:b6:10:ed:0a:a7:b1:9f:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:20:46 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=a68b2c01e62df664c05437f87f17fd3d945d09abf6a5572e951616fa20b271f4, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:dd:6a:7c:e6:ca:9c:2b:fe:50:c3:e2:66:c0:
                    ac:44:bc:6b:58:1d:c2:36:30:3e:bb:22:23:4c:d5:
                    bc:0f:d5:80:53:3f:83:2c:8f:1d:4f:00:de:c8:6a:
                    3a:e6:ad:64:9e:08:cf:78:9c:9f:59:53:72:50:52:
                    35:68:c1:ab:9a:24:4a:60:14:9b:e0:c4:15:1b:b7:
                    a8:84:22:62:9a:b6:f9:bc:bb:b0:a5:b9:72:cf:a6:
                    b5:89:8e:03:9b:c9:c0:6a:39:01:e1:0e:55:15:42:
                    d3:57:be:41:9a:85:c1:53:27:3e:17:26:e7:02:0c:
                    5c:a5:0e:15:a1:d3:c8:5c:b0:68:0e:76:1c:9d:02:
                    97:0f:95:e9:96:07:b0:ec:63:c9:e1:27:19:18:39:
                    67:f8:65:16:45:14:6b:1f:b5:c5:66:19:ae:c7:ea:
                    fb:54:f3:3c:b5:9f:a4:48:5e:e4:e5:1e:06:12:64:
                    44:fc:8a:9d:d7:f3:79:1e:a1:6f:7c:e5:fc:db:e7:
                    96:62:af:db:26:65:c7:0b:9e:cc:11:98:0f:b4:ab:
                    b0:bc:e3:10:52:9a:00:d9:e8:0c:80:d9:02:f5:89:
                    f6:5b:ab:60:73:d0:b9:40:64:59:ae:c5:67:92:56:
                    c1:9b:9d:76:96:a8:f1:93:47:81:c7:0c:53:90:07:
                    48:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:2C:51:F9:27:3D:9F:C6:4D:9C:A1:58:1F:80:26:EE:4D:2E:2F:B0
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90250894-227b-4244-97af-9b2216446b2c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.126.24.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:0c:ae:db:ac:ae:27:40:a6:09:8d:79:f5:3c:1e:40:70:57:
         aa:9e:2b:f8:b7:3f:06:92:cf:0e:dd:ca:be:92:c6:ce:e8:22:
         2b:23:6b:c8:93:7e:86:ef:69:c9:f3:a8:e9:83:4d:1a:29:b3:
         c0:55:29:d3:45:0d:33:17:f9:f7:08:56:d3:1e:08:11:f1:2c:
         b9:87:85:f9:f2:c4:fd:14:fd:8d:a7:b7:17:5b:6b:a5:c0:51:
         2b:5b:3f:ea:4d:cf:e1:f9:27:6d:9a:31:2d:33:3a:84:01:9a:
         3c:50:43:b6:ea:8a:23:01:a6:68:cd:71:28:0a:33:78:89:a3:
         85:a1:20:88:ee:72:40:92:e7:f4:db:72:5a:a8:40:4a:07:75:
         68:07:4b:9c:a7:f9:50:1f:fd:79:b5:50:99:15:84:96:a3:a0:
         fc:3a:8a:e6:3c:63:04:32:b6:a5:ef:23:d1:49:63:27:35:00:
         92:27:81:d1:6f:c6:3d:79:66:3f:c9:8f:45:52:f9:9f:ea:db:
         3a:ce:7b:3b:91:31:08:37:38:9e:f2:46:4f:d9:d2:51:df:fe:
         84:96:f6:4a:4d:66:c1:ad:d3:e4:00:09:93:0e:a6:74:54:bf:
         62:05:5a:50:86:ee:b2:ca:22:90:8f:dd:f8:7d:9c:5a:5e:8d:
         36:b4:d8:54
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUGjq+uEM5EkACYMalthDtCqexn60wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDAyMDQ2WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjhiMmMwMWU2MmRmNjY0YzA1NDM3Zjg3ZjE3ZmQzZDk0
NWQwOWFiZjZhNTU3MmU5NTE2MTZmYTIwYjI3MWY0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr3Wp85sqcK/5Qw+JmwKxEvGtYHcI2MD67IiNM1bwP1YBT
P4Msjx1PAN7IajrmrWSeCM94nJ9ZU3JQUjVowauaJEpgFJvgxBUbt6iEImKatvm8
u7CluXLPprWJjgObycBqOQHhDlUVQtNXvkGahcFTJz4XJucCDFylDhWh08hcsGgO
dhydApcPlemWB7DsY8nhJxkYOWf4ZRZFFGsftcVmGa7H6vtU8zy1n6RIXuTlHgYS
ZET8ip3X83keoW985fzb55Zir9smZccLnswRmA+0q7C84xBSmgDZ6AyA2QL1ifZb
q2Bz0LlAZFmuxWeSVsGbnXaWqPGTR4HHDFOQB0h9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9ixR+Sc9n8ZNnKFYH4Am7k0uL7AwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwMjUwODk0LTIyN2ItNDI0NC05N2FmLTliMjIxNjQ0NmIyYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHMfhgwDQYJKoZIhvcNAQELBQADggEBACAMrtusridApgmNefU8HkBwV6qe
K/i3PwaSzw7dyr6Sxs7oIisja8iTfobvacnzqOmDTRops8BVKdNFDTMX+fcIVtMe
CBHxLLmHhfnyxP0U/Y2ntxdba6XAUStbP+pNz+H5J22aMS0zOoQBmjxQQ7bqiiMB
pmjNcSgKM3iJo4WhIIjuckCS5/TbclqoQEoHdWgHS5yn+VAf/Xm1UJkVhJajoPw6
iuY8YwQytqXvI9FJYyc1AJIngdFvxj15Zj/Jj0VS+Z/q2zrOezuRMQg3OJ7yRk/Z
0lHf/oSW9kpNZsGt0+QACZMOpnRUv2IFWlCG7rLKIpCP3fh9nFpejTa02FQ=
-----END CERTIFICATE-----