Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d51c104f-0ea9-4699-94dd-2eaaf66f34d2.roa
File:                     d51c104f-0ea9-4699-94dd-2eaaf66f34d2.roa (raw, json)
Hash identifier:          xOqMzf3sINmBT7it6Jq1vH4zkx5haSj+jiMeNChSpys=
Subject key identifier:   50:84:2B:EF:F3:EE:66:6E:30:D2:77:C9:88:9D:4E:11:61:B2:6E:C5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       46D8F8C724C64B97BE95FC0CC19A25AB02A6FABD
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d51c104f-0ea9-4699-94dd-2eaaf66f34d2.roa
Signing time:             Sat 01 Nov 2025 00:50:59 +0000
ROA not before:           Sat 01 Nov 2025 00:50:59 +0000
ROA not after:            Sat 06 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        209.92.52.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:d8:f8:c7:24:c6:4b:97:be:95:fc:0c:c1:9a:25:ab:02:a6:fa:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:50:59 2025 GMT
            Not After : Dec  6 23:59:59 2025 GMT
        Subject: serialNumber=98254dad07ed17ceccc7471527c95a465cbd945d3d3e8072f47b3217d40eda35, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d0:3a:cd:ae:80:bb:a2:95:38:c1:f3:44:0f:
                    59:00:73:aa:99:82:9c:05:0a:18:6d:4f:3b:26:1b:
                    2d:75:1a:00:7b:e7:bb:b5:1c:02:b1:b4:dd:ed:d0:
                    99:e0:6b:58:c0:6c:84:5f:fc:de:d6:e3:2a:00:83:
                    e6:83:c8:e3:c3:3b:56:c3:3e:2e:76:e3:89:a3:10:
                    9a:63:d1:77:f4:87:bb:91:c5:16:f8:d4:77:d1:3d:
                    8e:5d:92:51:f4:0d:2f:2c:14:d0:50:7a:e3:6e:51:
                    2e:2f:4a:d6:51:33:af:25:c9:53:aa:fe:56:2a:26:
                    27:01:df:b6:75:3c:45:34:2b:7c:f5:02:06:ee:61:
                    30:12:99:98:b5:f8:f5:3b:08:be:cb:ac:25:66:9c:
                    33:00:ae:66:b1:8d:d0:2f:f3:a9:cc:20:10:a9:87:
                    f2:f1:b1:fb:fd:34:93:26:6e:19:4c:05:52:b7:66:
                    06:5e:f1:f4:c1:0d:47:81:9d:b8:1d:d6:d2:64:e6:
                    ef:52:02:8f:e2:59:65:db:4e:b4:16:9f:19:e1:65:
                    92:94:c9:88:e1:d7:40:9f:62:4e:b4:9e:a8:5e:3f:
                    8d:60:e5:5d:1d:6c:2a:be:b8:a2:67:14:6d:f2:b7:
                    da:bf:98:e1:bd:61:d0:1c:48:b4:16:b9:06:db:ea:
                    04:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:84:2B:EF:F3:EE:66:6E:30:D2:77:C9:88:9D:4E:11:61:B2:6E:C5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d51c104f-0ea9-4699-94dd-2eaaf66f34d2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.92.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:e5:36:d6:8f:9c:cd:f0:c2:23:88:a2:ba:8c:71:23:37:2f:
         44:ae:18:3e:46:3c:4e:23:bf:bf:5f:45:c6:65:a6:b1:02:14:
         2f:ef:96:a8:9d:6c:b8:32:ca:3c:a2:a5:e7:0c:45:5f:f8:6f:
         69:21:cf:aa:2d:8c:72:d3:8b:a7:1c:15:f6:03:27:bf:11:2e:
         93:3e:31:2e:ec:18:ab:a4:d9:bf:13:3f:4d:ee:25:47:35:1d:
         b0:07:b7:09:5d:57:f8:d6:fa:c7:f6:88:8a:98:35:91:c5:f0:
         c3:c4:e3:f8:a7:59:b6:9a:fd:93:fe:fc:5c:f9:66:77:73:37:
         b4:e9:87:46:01:25:e6:7c:db:a4:64:f3:08:f1:81:ff:34:4a:
         3a:0c:43:15:e3:d9:1f:24:5f:1c:a3:69:e6:3a:ff:56:75:ba:
         cb:31:df:1a:b1:57:95:12:97:f4:05:e7:58:bd:fe:94:b8:9e:
         50:6b:19:80:53:ff:1b:aa:17:83:0c:14:f4:f0:62:c9:91:5c:
         3b:e2:3f:a4:87:cb:49:59:8b:01:c4:80:d1:2b:df:44:a0:de:
         e1:53:31:a2:ff:07:18:6c:43:7f:c4:75:85:66:6d:bf:a1:09:
         da:b8:d8:eb:f1:19:22:86:10:e3:9d:a5:2b:e4:ff:63:e9:b9:
         c7:e9:2c:60
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURtj4xyTGS5e+lfwMwZolqwKm+r0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDA1MDU5WhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A5ODI1NGRhZDA3ZWQxN2NlY2NjNzQ3MTUyN2M5NWE0NjVj
YmQ5NDVkM2QzZTgwNzJmNDdiMzIxN2Q0MGVkYTM1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC80DrNroC7opU4wfNED1kAc6qZgpwFChhtTzsmGy11GgB7
57u1HAKxtN3t0Jnga1jAbIRf/N7W4yoAg+aDyOPDO1bDPi5244mjEJpj0Xf0h7uR
xRb41HfRPY5dklH0DS8sFNBQeuNuUS4vStZRM68lyVOq/lYqJicB37Z1PEU0K3z1
AgbuYTASmZi1+PU7CL7LrCVmnDMArmaxjdAv86nMIBCph/Lxsfv9NJMmbhlMBVK3
ZgZe8fTBDUeBnbgd1tJk5u9SAo/iWWXbTrQWnxnhZZKUyYjh10CfYk60nqheP41g
5V0dbCq+uKJnFG3yt9q/mOG9YdAcSLQWuQbb6gTfAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUIQr7/PuZm4w0nfJiJ1OEWGybsUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q1MWMxMDRmLTBlYTktNDY5OS05NGRkLTJlYWFmNjZmMzRkMi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADRXDQwDQYJKoZIhvcNAQELBQADggEBAHflNtaPnM3wwiOIorqMcSM3L0Su
GD5GPE4jv79fRcZlprECFC/vlqidbLgyyjyipecMRV/4b2khz6otjHLTi6ccFfYD
J78RLpM+MS7sGKuk2b8TP03uJUc1HbAHtwldV/jW+sf2iIqYNZHF8MPE4/inWbaa
/ZP+/Fz5ZndzN7Tph0YBJeZ826Rk8wjxgf80SjoMQxXj2R8kXxyjaeY6/1Z1ussx
3xqxV5USl/QF51i9/pS4nlBrGYBT/xuqF4MMFPTwYsmRXDviP6SHy0lZiwHEgNEr
30Sg3uFTMaL/BxhsQ3/EdYVmbb+hCdq42OvxGSKGEOOdpSvk/2PpucfpLGA=
-----END CERTIFICATE-----