Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c82f6061-7db7-45ee-988a-56a3a004d938.roa
File:                     c82f6061-7db7-45ee-988a-56a3a004d938.roa (raw, json)
Hash identifier:          2mLS4/dqBGD1bvCep6MaXRo6BT14A0Hk9MKhcrJ+bw4=
Subject key identifier:   33:0D:9F:E1:54:98:EE:56:C6:1A:A9:C9:7A:CF:57:7B:89:65:04:25
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       547254120248D0C6F56A8A2CA4CFA631199BE474
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c82f6061-7db7-45ee-988a-56a3a004d938.roa
Signing time:             Sat 01 Nov 2025 00:10:09 +0000
ROA not before:           Sat 01 Nov 2025 00:10:09 +0000
ROA not after:            Sat 06 Dec 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        184.73.0.0/16 maxlen: 16
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:72:54:12:02:48:d0:c6:f5:6a:8a:2c:a4:cf:a6:31:19:9b:e4:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:10:09 2025 GMT
            Not After : Dec  6 23:59:59 2025 GMT
        Subject: serialNumber=dc8e1cd0bab38ca317486af838f9135844d0b0bd0dd5b162f71d87a03a252e93, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:89:2c:b1:ba:cc:51:5c:18:4f:88:83:1b:74:
                    74:52:9c:04:f8:14:cc:08:ce:d0:0c:77:51:7f:c4:
                    4e:fb:63:7d:07:3b:d4:84:1c:06:60:14:a0:47:7e:
                    cb:88:b1:59:ce:bb:10:67:d0:e3:b9:f1:e5:55:69:
                    a5:3d:da:48:bf:25:b2:5a:9d:07:69:f6:79:2f:1b:
                    d3:58:ea:1c:0a:bf:7c:86:9e:e1:7f:42:91:9a:79:
                    fe:b0:28:c5:a8:64:8d:22:77:66:6a:d6:b3:c6:83:
                    28:b8:73:c6:c7:7d:a0:67:0c:80:82:07:15:d4:45:
                    5f:a2:93:8c:e8:5a:96:75:0c:00:54:2d:72:92:1a:
                    8e:ee:15:e8:35:ef:6a:ee:c6:68:6a:9d:40:ae:7e:
                    3a:a8:15:4e:bf:df:b4:96:14:f4:00:fc:e3:19:d6:
                    02:d0:e0:c7:5c:57:8f:1d:a0:8f:58:53:55:ea:97:
                    f6:33:d6:31:da:64:ab:bd:bc:7b:72:71:ed:76:55:
                    86:a9:6c:23:d6:a7:b0:a6:a3:6d:38:12:8d:ca:62:
                    24:41:ae:97:3c:87:fb:e0:71:b8:3e:43:74:c4:c9:
                    51:77:4d:32:74:02:a5:6c:eb:e0:97:b5:ad:82:f5:
                    04:79:1d:bb:19:8b:61:ce:e8:2f:6a:15:f0:30:86:
                    8c:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:0D:9F:E1:54:98:EE:56:C6:1A:A9:C9:7A:CF:57:7B:89:65:04:25
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c82f6061-7db7-45ee-988a-56a3a004d938.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  184.73.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         91:5e:bd:5f:18:48:80:be:10:11:26:29:30:b6:c4:d8:b4:38:
         ac:a6:a2:52:76:5d:00:a0:8d:a2:41:48:5e:13:1a:2d:ef:0e:
         02:5b:b6:1c:45:73:cc:9e:fd:05:12:f2:a3:ed:75:75:6d:cc:
         24:dc:c2:f9:49:c4:e8:50:44:2b:ab:8d:35:f1:b9:0b:02:d0:
         73:d8:9c:00:c5:cd:9f:fb:72:50:bb:f2:ac:ca:5a:07:b9:43:
         91:e3:4f:2f:4a:10:b3:2d:0b:ef:2c:a2:23:27:4f:cc:e0:01:
         6e:d0:41:85:ac:b2:f4:44:24:3b:32:ba:43:03:b0:91:08:5d:
         ba:24:56:61:6f:69:96:9c:97:60:4d:04:90:f8:80:78:70:a0:
         02:7d:dc:90:c2:69:44:3b:73:8d:86:d2:00:64:88:5e:69:10:
         52:96:0c:98:4f:1b:e5:02:25:c2:14:05:be:4d:e1:b4:8f:3f:
         80:5c:14:7c:38:f7:d1:3f:b2:a0:70:84:58:35:ed:a4:80:7a:
         67:df:43:58:14:69:92:30:c0:7a:26:bc:38:19:11:50:1f:57:
         80:e4:9b:2e:91:33:7f:e3:c3:74:d3:07:d2:ff:dd:60:b8:c3:
         4c:dd:3d:24:bb:b8:a0:28:56:69:b3:d1:98:db:6b:2c:97:b1:
         af:08:b8:3b
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVHJUEgJI0Mb1aoospM+mMRmb5HQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDAxMDA5WhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYzhlMWNkMGJhYjM4Y2EzMTc0ODZhZjgzOGY5MTM1ODQ0
ZDBiMGJkMGRkNWIxNjJmNzFkODdhMDNhMjUyZTkzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDiiSyxusxRXBhPiIMbdHRSnAT4FMwIztAMd1F/xE77Y30H
O9SEHAZgFKBHfsuIsVnOuxBn0OO58eVVaaU92ki/JbJanQdp9nkvG9NY6hwKv3yG
nuF/QpGaef6wKMWoZI0id2Zq1rPGgyi4c8bHfaBnDICCBxXURV+ik4zoWpZ1DABU
LXKSGo7uFeg172ruxmhqnUCufjqoFU6/37SWFPQA/OMZ1gLQ4MdcV48doI9YU1Xq
l/Yz1jHaZKu9vHtyce12VYapbCPWp7Cmo204Eo3KYiRBrpc8h/vgcbg+Q3TEyVF3
TTJ0AqVs6+CXta2C9QR5HbsZi2HO6C9qFfAwhoyDAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUMw2f4VSY7lbGGqnJes9Xe4llBCUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M4MmY2MDYxLTdkYjctNDVlZS05ODhhLTU2YTNhMDA0ZDkzOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwC4STANBgkqhkiG9w0BAQsFAAOCAQEAkV69XxhIgL4QESYpMLbE2LQ4rKai
UnZdAKCNokFIXhMaLe8OAlu2HEVzzJ79BRLyo+11dW3MJNzC+UnE6FBEK6uNNfG5
CwLQc9icAMXNn/tyULvyrMpaB7lDkeNPL0oQsy0L7yyiIydPzOABbtBBhayy9EQk
OzK6QwOwkQhduiRWYW9plpyXYE0EkPiAeHCgAn3ckMJpRDtzjYbSAGSIXmkQUpYM
mE8b5QIlwhQFvk3htI8/gFwUfDj30T+yoHCEWDXtpIB6Z99DWBRpkjDAeia8OBkR
UB9XgOSbLpEzf+PDdNMH0v/dYLjDTN09JLu4oChWabPRmNtrLJexrwi4Ow==
-----END CERTIFICATE-----