Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a583480e-e1d9-4d35-8137-1605a5cfffc9.roa
File:                     a583480e-e1d9-4d35-8137-1605a5cfffc9.roa (raw, json)
Hash identifier:          GfTlAB1ooxJDALW/pwilaEIpyID5UQwq1z0bo+cr+Tg=
Subject key identifier:   95:02:46:E1:7E:49:57:71:A7:67:34:7C:C2:66:FA:64:13:BC:91:61
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       128D559ACB39990332F84FF97FC0636518FE9B6E
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a583480e-e1d9-4d35-8137-1605a5cfffc9.roa
Signing time:             Fri 31 Oct 2025 01:00:42 +0000
ROA not before:           Fri 31 Oct 2025 01:00:42 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        37.203.184.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:8d:55:9a:cb:39:99:03:32:f8:4f:f9:7f:c0:63:65:18:fe:9b:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 01:00:42 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=4a4a7b523db3476c72e38f65a04f518833f69483531baeff97ddfdbb880f1e4c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:0a:51:f7:19:62:67:c3:5d:cf:d5:80:c4:70:
                    f9:d2:bd:49:4d:7b:b5:6a:6e:f7:ec:0e:7d:c5:0d:
                    56:2d:9e:02:28:63:8e:54:35:2d:54:de:e6:6a:f5:
                    73:f1:dc:e4:c8:96:c4:47:e9:a8:5b:b5:d2:bc:1a:
                    71:b4:8b:b4:e1:5c:25:c8:50:f3:14:76:78:f1:a3:
                    9b:10:54:e4:35:4e:d9:ee:fb:82:fe:ce:38:d3:cc:
                    29:0c:af:87:7b:97:1b:5d:b2:c5:61:16:cb:5e:a0:
                    4b:7a:28:a4:ad:4d:aa:b3:64:d1:10:8f:5d:da:11:
                    ec:5b:12:55:d5:7c:4a:38:3a:cf:3b:b9:ce:55:69:
                    87:03:ee:c4:3f:5d:40:b7:ff:0b:66:b1:62:b6:87:
                    2a:a5:cc:14:37:28:52:87:59:78:b5:4c:84:04:84:
                    80:06:4d:3b:0a:4e:bb:b5:5b:07:09:9b:c4:4d:56:
                    14:f6:78:26:98:6e:ee:18:2c:89:53:14:59:74:70:
                    2e:a2:fc:4a:39:17:5a:d0:18:94:8e:b3:c2:8b:8c:
                    27:2c:09:4b:d4:e2:ee:64:13:37:0f:bd:cf:e2:1a:
                    bd:f9:30:c5:f0:b0:0b:e1:7d:58:ab:41:89:23:ff:
                    88:e7:21:e2:1f:06:bb:ee:2a:06:41:4d:b6:65:5e:
                    9d:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:02:46:E1:7E:49:57:71:A7:67:34:7C:C2:66:FA:64:13:BC:91:61
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a583480e-e1d9-4d35-8137-1605a5cfffc9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.203.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:bc:0c:07:fe:d4:6f:41:67:71:b5:a9:59:94:d2:1d:74:57:
         12:2c:ab:19:eb:f5:3a:2b:2a:30:84:d6:f2:bc:da:d1:0b:52:
         af:65:a3:a2:b2:b7:73:20:81:6b:25:10:f9:ec:e9:67:db:c1:
         fc:6f:4e:ee:5a:31:93:3f:69:bf:2f:68:64:04:af:47:3a:49:
         c3:0b:96:15:d1:cb:40:12:aa:12:6f:e5:d7:41:cb:af:a6:7e:
         e3:78:dd:2f:8e:29:0c:40:0d:01:95:c4:b7:fb:32:70:81:8b:
         8e:55:85:53:5a:47:c1:f1:eb:5c:6f:13:b6:5b:30:d4:a5:dc:
         6a:e2:17:38:1a:58:1f:25:51:94:c2:f8:b2:e2:af:68:bd:56:
         ef:73:78:bb:b0:c7:69:37:47:52:91:a8:53:bf:15:da:f5:a6:
         ab:e4:b7:f7:61:f2:69:79:af:e8:0c:92:b2:41:ca:66:af:68:
         c9:62:c6:c8:c9:94:ef:86:ae:36:0f:f4:16:19:79:ce:db:8e:
         1b:0f:99:4d:53:48:1b:a9:e3:e1:ec:5d:0f:c4:7c:6f:97:9c:
         ce:ec:a3:d6:8f:7c:f9:fe:58:58:6f:73:69:93:22:9f:5f:0f:
         78:fc:06:e8:5f:bc:b2:30:2c:83:66:01:f5:63:4c:20:8a:4b:
         0c:d1:54:11
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUEo1Vmss5mQMy+E/5f8BjZRj+m24wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDEwMDQyWhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YTRhN2I1MjNkYjM0NzZjNzJlMzhmNjVhMDRmNTE4ODMz
ZjY5NDgzNTMxYmFlZmY5N2RkZmRiYjg4MGYxZTRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQClH3GWJnw13P1YDEcPnSvUlNe7VqbvfsDn3FDVYtngIo
Y45UNS1U3uZq9XPx3OTIlsRH6ahbtdK8GnG0i7ThXCXIUPMUdnjxo5sQVOQ1Ttnu
+4L+zjjTzCkMr4d7lxtdssVhFsteoEt6KKStTaqzZNEQj13aEexbElXVfEo4Os87
uc5VaYcD7sQ/XUC3/wtmsWK2hyqlzBQ3KFKHWXi1TIQEhIAGTTsKTru1WwcJm8RN
VhT2eCaYbu4YLIlTFFl0cC6i/Eo5F1rQGJSOs8KLjCcsCUvU4u5kEzcPvc/iGr35
MMXwsAvhfVirQYkj/4jnIeIfBrvuKgZBTbZlXp2DAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUlQJG4X5JV3GnZzR8wmb6ZBO8kWEwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1ODM0ODBlLWUxZDktNGQzNS04MTM3LTE2MDVhNWNmZmZjOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAly7gwDQYJKoZIhvcNAQELBQADggEBAHW8DAf+1G9BZ3G1qVmU0h10VxIs
qxnr9TorKjCE1vK82tELUq9lo6Kyt3MggWslEPns6WfbwfxvTu5aMZM/ab8vaGQE
r0c6ScMLlhXRy0ASqhJv5ddBy6+mfuN43S+OKQxADQGVxLf7MnCBi45VhVNaR8Hx
61xvE7ZbMNSl3GriFzgaWB8lUZTC+LLir2i9Vu9zeLuwx2k3R1KRqFO/Fdr1pqvk
t/dh8ml5r+gMkrJBymavaMlixsjJlO+GrjYP9BYZec7bjhsPmU1TSBup4+HsXQ/E
fG+XnM7so9aPfPn+WFhvc2mTIp9fD3j8BuhfvLIwLINmAfVjTCCKSwzRVBE=
-----END CERTIFICATE-----