Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e261541c-5236-438a-addf-e0379cb8428e.roa
File:                     e261541c-5236-438a-addf-e0379cb8428e.roa (raw, json)
Hash identifier:          W1psxNS2hSSc6N1cBQSYlIweHVnQnRXSl3SVn+ztPl8=
Subject key identifier:   B5:AB:D6:42:9B:75:DF:88:0D:A7:5D:C6:42:44:21:8F:7D:EF:98:AB
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       74817917694CA558662E34319FE36960C0B0D10D
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e261541c-5236-438a-addf-e0379cb8428e.roa
Signing time:             Sat 01 Nov 2025 00:30:20 +0000
ROA not before:           Sat 01 Nov 2025 00:30:20 +0000
ROA not after:            Sat 06 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.162.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:81:79:17:69:4c:a5:58:66:2e:34:31:9f:e3:69:60:c0:b0:d1:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  1 00:30:20 2025 GMT
            Not After : Dec  6 23:59:59 2025 GMT
        Subject: serialNumber=56f7311cb8ed992a6d641d9f7bc641c64957ae18fefa6398528add8cc3948244, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:67:90:b4:72:c2:ed:4c:ce:d6:dc:be:f3:ac:
                    7b:38:05:ad:b7:ab:3d:4f:6d:a0:5c:e8:7d:fe:9e:
                    10:01:64:c8:7c:3d:5e:9d:2d:3d:67:5b:0f:00:66:
                    b6:32:cf:4b:d6:34:de:b9:24:ed:e7:db:45:41:e7:
                    c0:b1:ae:98:c3:3d:a0:e6:05:26:de:48:38:fd:19:
                    e7:85:c9:6f:b6:56:d6:3c:3c:f0:26:b8:c7:7e:74:
                    6e:73:94:73:9c:09:8f:74:58:17:8b:1f:7d:79:3e:
                    64:f4:71:32:bf:a4:77:8c:06:4b:43:d3:cc:e6:b8:
                    f3:88:69:14:a1:b7:77:ef:55:3e:3c:41:a0:f1:b5:
                    e8:30:fd:20:76:61:c1:3f:0a:2c:a6:97:af:13:30:
                    5b:62:0b:37:74:3d:a8:fa:95:3b:69:a1:aa:31:0f:
                    6b:6c:fe:90:7b:0a:7b:da:4d:37:38:14:a6:6d:5a:
                    8e:b6:19:f0:0d:9d:54:80:62:75:94:28:dd:58:66:
                    b3:c2:91:24:0d:4f:24:4f:a5:e7:52:b5:73:90:d6:
                    fb:27:e3:9c:eb:9b:bd:6f:52:4e:41:8c:ab:4a:8d:
                    b1:b3:aa:f4:90:e3:95:da:1e:51:08:33:12:03:23:
                    74:58:71:12:43:98:74:4b:d9:52:a6:80:44:bb:9d:
                    30:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:AB:D6:42:9B:75:DF:88:0D:A7:5D:C6:42:44:21:8F:7D:EF:98:AB
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e261541c-5236-438a-addf-e0379cb8428e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.162.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         21:7e:71:df:56:03:a6:6a:2e:bc:d4:c0:e1:57:2c:8f:82:7b:
         77:26:95:fd:ee:c9:d8:67:84:e8:42:04:05:a6:72:23:75:44:
         7b:00:21:06:d2:42:43:13:32:e2:de:e8:89:47:9a:5e:ec:47:
         4d:0a:4e:78:dc:87:c2:4a:26:c5:38:92:3c:22:86:ea:d0:5c:
         2a:fc:6a:97:59:1c:18:ef:96:10:9f:b0:b9:21:a6:97:b5:98:
         83:92:48:77:68:70:4f:a3:b1:47:2d:7d:ed:c5:c1:dd:5b:17:
         22:18:70:60:a4:24:55:71:fb:6c:a4:3c:5b:22:5a:61:b0:17:
         60:c2:8e:8b:9e:ad:78:36:8c:84:16:5c:e9:31:c0:e9:42:54:
         dc:c8:64:d4:43:b0:09:2a:53:d2:19:ed:ea:35:5d:86:ca:f8:
         3d:13:12:c9:11:67:74:9f:5c:7b:92:81:f7:0e:ba:28:68:39:
         a3:64:92:54:dd:db:95:ae:2a:fa:17:6a:54:be:9a:7f:9e:bf:
         c5:6a:63:f0:04:c2:a7:40:c2:6e:0c:3f:04:81:fa:ec:83:96:
         39:8c:f1:84:0f:9c:ca:d7:63:82:e5:96:e2:d0:3c:28:40:5e:
         8b:4d:b3:27:f1:16:fa:7f:4e:22:23:aa:48:b4:d5:ed:2e:f8:
         4d:63:49:83
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUdIF5F2lMpVhmLjQxn+NpYMCw0Q0wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDAzMDIwWhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A1NmY3MzExY2I4ZWQ5OTJhNmQ2NDFkOWY3YmM2NDFjNjQ5
NTdhZTE4ZmVmYTYzOTg1MjhhZGQ4Y2MzOTQ4MjQ0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDoZ5C0csLtTM7W3L7zrHs4Ba23qz1PbaBc6H3+nhABZMh8
PV6dLT1nWw8AZrYyz0vWNN65JO3n20VB58CxrpjDPaDmBSbeSDj9GeeFyW+2VtY8
PPAmuMd+dG5zlHOcCY90WBeLH315PmT0cTK/pHeMBktD08zmuPOIaRSht3fvVT48
QaDxtegw/SB2YcE/Ciyml68TMFtiCzd0Paj6lTtpoaoxD2ts/pB7CnvaTTc4FKZt
Wo62GfANnVSAYnWUKN1YZrPCkSQNTyRPpedStXOQ1vsn45zrm71vUk5BjKtKjbGz
qvSQ45XaHlEIMxIDI3RYcRJDmHRL2VKmgES7nTCPAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUtavWQpt134gNp13GQkQhj33vmKswHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UyNjE1NDFjLTUyMzYtNDM4YS1hZGRmLWUwMzc5Y2I4NDI4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4ojANBgkqhkiG9w0BAQsFAAOCAQEAIX5x31YDpmouvNTA4Vcsj4J7dyaV
/e7J2GeE6EIEBaZyI3VEewAhBtJCQxMy4t7oiUeaXuxHTQpOeNyHwkomxTiSPCKG
6tBcKvxql1kcGO+WEJ+wuSGml7WYg5JId2hwT6OxRy197cXB3VsXIhhwYKQkVXH7
bKQ8WyJaYbAXYMKOi56teDaMhBZc6THA6UJU3Mhk1EOwCSpT0hnt6jVdhsr4PRMS
yRFndJ9ce5KB9w66KGg5o2SSVN3bla4q+hdqVL6af56/xWpj8ATCp0DCbgw/BIH6
7IOWOYzxhA+cytdjguWW4tA8KEBei02zJ/EW+n9OIiOqSLTV7S74TWNJgw==
-----END CERTIFICATE-----