Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa
File:                     d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa (raw, json)
Hash identifier:          tJnAzGLghda/xVIG+WvF4dTnkD+AL2syI9TTXjiBbcU=
Subject key identifier:   7E:7D:AD:54:BF:27:89:BF:0B:5D:65:EE:45:59:C2:A1:9F:BB:27:12
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       42606BC23194F4C4E3076BA9B9B5618F47B23471
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa
Signing time:             Fri 31 Oct 2025 00:50:04 +0000
ROA not before:           Fri 31 Oct 2025 00:50:04 +0000
ROA not after:            Fri 05 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.162.88.0/21 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:60:6b:c2:31:94:f4:c4:e3:07:6b:a9:b9:b5:61:8f:47:b2:34:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 31 00:50:04 2025 GMT
            Not After : Dec  5 23:59:59 2025 GMT
        Subject: serialNumber=54b97f092fb803de5b2d706085c936c0487d2e1194e6ec3422500b6023b770c9, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:47:4b:a8:62:4b:48:e2:32:dd:f0:0c:0b:91:
                    d1:f3:91:77:02:38:7f:19:65:68:d6:41:fc:bc:7b:
                    73:20:e6:bd:c6:0d:5c:80:71:8d:9b:b2:95:50:ff:
                    18:84:c5:4b:97:d3:68:a7:8a:fd:bf:6e:c2:6f:e2:
                    bc:4a:9e:81:82:58:59:04:02:69:30:b0:7c:67:78:
                    f9:76:84:94:8b:28:83:a1:19:fa:11:dd:3a:e0:a4:
                    69:6a:48:35:3f:85:54:af:d1:97:1a:43:6b:ab:54:
                    d5:d4:e6:94:9e:d5:3b:44:ba:d6:e8:75:df:84:7b:
                    38:45:6d:b1:6e:4b:05:57:23:b5:11:e3:f2:1c:88:
                    94:0c:2a:ec:ae:e0:f2:ca:25:62:de:09:d3:05:4b:
                    1f:8e:83:59:e3:1a:5f:01:fc:31:b4:cd:76:ad:01:
                    6c:31:cc:f2:6f:9c:3b:41:2d:8d:29:39:46:da:bc:
                    d8:cf:67:f9:a2:a8:72:40:ef:a5:2b:d5:b1:9a:5e:
                    d0:3e:50:78:0b:f0:1a:c9:08:21:cd:41:42:31:41:
                    2c:d7:af:dc:1d:41:79:a5:2d:b4:65:99:e2:ec:a1:
                    33:8f:89:69:79:5a:26:4f:96:ba:2f:dc:e9:84:69:
                    e5:f1:1c:7c:23:45:c0:8b:51:33:cb:d3:fd:1a:b2:
                    5e:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:7D:AD:54:BF:27:89:BF:0B:5D:65:EE:45:59:C2:A1:9F:BB:27:12
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d33539b3-75f5-4d3f-b4c6-fc82d221db42.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.162.88.0/21

    Signature Algorithm: sha256WithRSAEncryption
         59:85:53:fb:7e:70:ce:8f:7a:21:b6:b4:6b:65:7a:2e:20:90:
         36:5b:37:18:5c:cb:6e:81:d6:74:09:23:46:c6:cf:92:2d:1e:
         55:3d:d9:5e:43:b5:a9:b0:c9:f5:31:c6:60:1a:78:05:e9:62:
         45:50:d0:6a:75:84:8b:64:e1:42:61:d4:a6:7b:93:6e:93:94:
         76:9c:b0:43:3b:e6:8c:60:76:14:31:d7:01:3e:2e:90:02:a4:
         c9:ea:1b:e7:94:8c:09:bb:86:25:ca:81:16:d5:b0:e7:eb:ce:
         c3:38:9a:3f:8c:05:83:8a:c7:e0:2d:9e:60:d2:a7:83:db:6b:
         5c:96:3d:a2:66:23:0e:f5:51:5f:25:38:70:3f:7d:9d:f2:f5:
         55:a7:c4:17:ef:c7:f2:76:6f:43:62:b7:10:f8:55:0f:fa:5e:
         39:c5:a9:6c:81:04:72:68:c8:6f:26:aa:bb:81:e5:49:dd:8b:
         11:5f:db:2e:a3:8f:1f:69:ed:ca:80:a6:22:f8:6b:4e:b7:68:
         df:c7:48:62:ae:6d:74:23:35:5f:e8:a0:1b:6c:23:9c:57:5b:
         04:43:ff:0c:5c:70:62:72:39:df:45:88:d1:30:b2:11:e7:ec:
         e7:b3:c9:4c:c7:6e:ea:c5:4d:18:b6:b6:d2:ad:78:0f:4a:90:
         be:f2:47:1f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUQmBrwjGU9MTjB2upubVhj0eyNHEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDMxMDA1MDA0WhcNMjUxMjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NGI5N2YwOTJmYjgwM2RlNWIyZDcwNjA4NWM5MzZjMDQ4
N2QyZTExOTRlNmVjMzQyMjUwMGI2MDIzYjc3MGM5MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQR0uoYktI4jLd8AwLkdHzkXcCOH8ZZWjWQfy8e3Mg5r3G
DVyAcY2bspVQ/xiExUuX02iniv2/bsJv4rxKnoGCWFkEAmkwsHxnePl2hJSLKIOh
GfoR3TrgpGlqSDU/hVSv0ZcaQ2urVNXU5pSe1TtEutbodd+EezhFbbFuSwVXI7UR
4/IciJQMKuyu4PLKJWLeCdMFSx+Og1njGl8B/DG0zXatAWwxzPJvnDtBLY0pOUba
vNjPZ/miqHJA76Ur1bGaXtA+UHgL8BrJCCHNQUIxQSzXr9wdQXmlLbRlmeLsoTOP
iWl5WiZPlrov3OmEaeXxHHwjRcCLUTPL0/0asl4hAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfn2tVL8nib8LXWXuRVnCoZ+7JxIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2QzMzUzOWIzLTc1ZjUtNGQzZi1iNGM2LWZjODJkMjIxZGI0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMNolgwDQYJKoZIhvcNAQELBQADggEBAFmFU/t+cM6PeiG2tGtlei4gkDZb
Nxhcy26B1nQJI0bGz5ItHlU92V5DtamwyfUxxmAaeAXpYkVQ0Gp1hItk4UJh1KZ7
k26TlHacsEM75oxgdhQx1wE+LpACpMnqG+eUjAm7hiXKgRbVsOfrzsM4mj+MBYOK
x+AtnmDSp4Pba1yWPaJmIw71UV8lOHA/fZ3y9VWnxBfvx/J2b0NitxD4VQ/6XjnF
qWyBBHJoyG8mqruB5UndixFf2y6jjx9p7cqApiL4a063aN/HSGKubXQjNV/ooBts
I5xXWwRD/wxccGJyOd9FiNEwshHn7OezyUzHburFTRi2ttKteA9KkL7yRx8=
-----END CERTIFICATE-----