Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa
File:                     90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa (raw, json)
Hash identifier:          uNI8rFyQC4VkncV/ECbQ4nzBYY5H3gYEoXdcQ6xROUA=
Subject key identifier:   9B:A5:19:18:92:93:9C:F8:D4:0B:AF:21:10:63:AD:21:17:2A:DB:23
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5150E49DD7AA41DEC3468BA4FC583F3FC88B110A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa
Signing time:             Tue 28 Oct 2025 00:10:09 +0000
ROA not before:           Tue 28 Oct 2025 00:10:09 +0000
ROA not after:            Tue 02 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.92.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:50:e4:9d:d7:aa:41:de:c3:46:8b:a4:fc:58:3f:3f:c8:8b:11:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 28 00:10:09 2025 GMT
            Not After : Dec  2 23:59:59 2025 GMT
        Subject: serialNumber=58e39223fbc6637bda9e08e7ebcc9f3bd129edf4265836b4a48d6b6f90713c92, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:53:ff:7f:a5:49:c3:a7:3a:9d:ab:60:7f:27:
                    26:fb:dc:93:7f:11:86:91:c9:43:8f:a4:74:1a:cf:
                    d3:08:2e:6d:53:94:d2:8e:5a:37:f5:a3:0b:1a:24:
                    35:d5:fb:8c:99:c8:66:7e:df:38:fa:c6:00:ab:98:
                    9d:4a:7d:33:9c:e7:da:de:55:b9:12:6c:2c:8a:10:
                    b2:b3:e4:16:de:a8:1a:61:c8:f5:ac:e5:ca:1d:2b:
                    7b:6f:f9:09:50:52:81:37:f7:17:b8:67:0b:4b:e0:
                    f5:84:9f:f1:00:c1:73:01:1e:fc:a3:00:f4:81:34:
                    5c:17:bf:ca:df:0d:64:3d:fc:cd:3b:0c:f8:b2:2b:
                    5c:eb:ce:f9:4d:94:ec:6a:1e:ba:3f:6a:08:62:77:
                    0f:89:02:06:fe:97:fa:23:a2:bb:87:0c:66:08:74:
                    1d:30:78:dc:17:25:e7:6a:1b:e0:e4:41:5a:f0:1f:
                    74:69:7e:d6:d3:c7:3b:b9:1c:33:a3:ee:68:ae:bb:
                    b8:51:0c:ce:7c:e8:bf:89:08:dd:a5:45:43:42:5d:
                    13:25:98:30:81:4e:a5:8d:20:16:87:af:5b:04:47:
                    63:79:fd:3a:3f:1b:6b:15:71:ee:b8:a4:b7:d3:ae:
                    bd:4a:79:1e:74:9a:24:29:06:63:a3:ef:7f:a7:33:
                    2a:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:A5:19:18:92:93:9C:F8:D4:0B:AF:21:10:63:AD:21:17:2A:DB:23
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/90ceb0ee-66d3-4c56-8825-2c68b02e5693.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.92.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a5:df:23:ad:e5:92:c5:5f:38:f1:52:4f:b2:29:1d:bb:b6:b9:
         67:0a:83:f7:9a:29:ff:16:6e:5c:0f:d0:cb:cd:7c:19:b3:db:
         69:99:dc:07:b5:db:8e:eb:8a:24:cc:c7:1f:a0:52:38:29:12:
         8e:0e:74:cd:4c:99:b4:c8:6e:61:3e:ab:74:88:b9:8e:fe:98:
         1d:b0:c1:0f:b7:8b:80:f6:fa:e6:1b:8d:4e:c3:99:7b:8b:00:
         b9:89:26:fe:08:c0:40:c1:a5:73:52:73:f2:06:01:ee:ee:f9:
         90:29:ac:ab:9b:6d:32:9d:10:43:cb:79:a8:db:66:bd:76:cf:
         7e:b5:1d:6f:59:a3:24:8a:e4:20:4b:be:7e:d5:ca:32:6c:fe:
         ef:aa:f5:25:b7:b5:b9:34:5c:a9:e9:1c:98:32:99:d1:81:d9:
         8a:ad:2f:d1:93:76:36:b0:78:e9:09:41:f0:9e:31:66:16:50:
         b5:10:98:0c:a6:fb:05:45:5a:8d:3d:d7:9d:32:fd:a2:69:b3:
         99:86:f8:b9:8b:f9:8a:45:1a:74:e1:3f:1e:16:a4:68:a8:88:
         86:2b:15:3a:8d:45:f0:72:9a:ce:ae:53:db:44:ac:49:89:31:
         0c:82:94:a8:6c:9d:df:74:3c:65:6d:39:f2:dd:2a:3a:e4:f0:
         4e:74:c4:2d
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUUVDkndeqQd7DRouk/Fg/P8iLEQowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI4MDAxMDA5WhcNMjUxMjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0A1OGUzOTIyM2ZiYzY2MzdiZGE5ZTA4ZTdlYmNjOWYzYmQx
MjllZGY0MjY1ODM2YjRhNDhkNmI2ZjkwNzEzYzkyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTU/9/pUnDpzqdq2B/Jyb73JN/EYaRyUOPpHQaz9MILm1T
lNKOWjf1owsaJDXV+4yZyGZ+3zj6xgCrmJ1KfTOc59reVbkSbCyKELKz5BbeqBph
yPWs5codK3tv+QlQUoE39xe4ZwtL4PWEn/EAwXMBHvyjAPSBNFwXv8rfDWQ9/M07
DPiyK1zrzvlNlOxqHro/aghidw+JAgb+l/ojoruHDGYIdB0weNwXJedqG+DkQVrw
H3RpftbTxzu5HDOj7miuu7hRDM586L+JCN2lRUNCXRMlmDCBTqWNIBaHr1sER2N5
/To/G2sVce64pLfTrr1KeR50miQpBmOj73+nMyq1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUm6UZGJKTnPjUC68hEGOtIRcq2yMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzkwY2ViMGVlLTY2ZDMtNGM1Ni04ODI1LTJjNjhiMDJlNTY5My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAFgAFwwDQYJKoZIhvcNAQELBQADggEBAKXfI63lksVfOPFST7IpHbu2uWcK
g/eaKf8WblwP0MvNfBmz22mZ3Ae1247riiTMxx+gUjgpEo4OdM1MmbTIbmE+q3SI
uY7+mB2wwQ+3i4D2+uYbjU7DmXuLALmJJv4IwEDBpXNSc/IGAe7u+ZAprKubbTKd
EEPLeajbZr12z361HW9ZoySK5CBLvn7VyjJs/u+q9SW3tbk0XKnpHJgymdGB2Yqt
L9GTdjaweOkJQfCeMWYWULUQmAym+wVFWo09150y/aJps5mG+LmL+YpFGnThPx4W
pGioiIYrFTqNRfByms6uU9tErEmJMQyClKhsnd90PGVtOfLdKjrk8E50xC0=
-----END CERTIFICATE-----