Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e3e0b246-1615-4ed2-bcc8-a85ed79e8915.roa
File:                     e3e0b246-1615-4ed2-bcc8-a85ed79e8915.roa (raw, json)
Hash identifier:          h3ERbMsb9QseprOscueqJUXQwk73EaYUIh3YGybQqlk=
Subject key identifier:   8C:B1:5D:6A:9C:C6:D1:E4:C4:2E:1C:74:98:B7:7A:83:5E:D2:AA:92
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7747882534B6E923616317E4F86D063559426E26
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e3e0b246-1615-4ed2-bcc8-a85ed79e8915.roa
Signing time:             Wed 05 Nov 2025 00:30:55 +0000
ROA not before:           Wed 05 Nov 2025 00:30:55 +0000
ROA not after:            Wed 10 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        206.217.224.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:47:88:25:34:b6:e9:23:61:63:17:e4:f8:6d:06:35:59:42:6e:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov  5 00:30:55 2025 GMT
            Not After : Dec 10 23:59:59 2025 GMT
        Subject: serialNumber=db575bc989a45d66c4c7b2c433ee8560c63006b3d8b505f28cca3d0c27952f0b, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:04:12:c4:58:d2:4d:58:55:88:88:d5:b5:2e:
                    b4:03:cb:49:a2:8c:06:40:ab:21:6c:59:b9:b0:c2:
                    1a:db:3b:85:3d:ce:39:97:bc:6b:5e:7a:e5:32:e5:
                    58:30:c0:8f:8f:af:f0:53:ea:78:f7:a7:0f:31:d1:
                    f1:0a:00:1d:93:48:bc:bb:30:50:e0:38:b0:54:ec:
                    01:9f:a3:b9:36:9f:36:6d:9a:c1:7a:bf:9d:2e:1d:
                    80:a4:0c:5c:d9:b6:43:a4:2c:cd:5d:d8:49:bf:a6:
                    fb:40:7b:ba:3a:7b:4b:47:b7:f9:19:19:d3:bd:0c:
                    43:b2:31:85:ae:03:73:1a:25:50:88:6e:29:2b:f4:
                    5e:19:a5:8a:8f:d3:21:4c:86:cb:a5:1d:00:c5:f0:
                    38:cb:24:dd:b3:16:72:0b:8f:23:ef:9e:65:94:ab:
                    21:41:02:ee:b0:e5:11:a2:c1:d0:d7:f4:b3:9c:df:
                    3f:b3:54:e1:17:55:7e:3c:f4:c0:53:cd:68:13:b6:
                    9c:26:e8:02:88:23:08:48:ab:a1:2b:bc:a3:e9:59:
                    07:13:37:7b:00:16:e6:53:ba:cb:53:bb:a9:d7:26:
                    0d:85:2c:c8:49:b7:42:6e:e1:e4:04:84:f5:f6:3b:
                    58:40:a8:74:3a:18:78:da:09:af:76:69:ae:1e:fb:
                    16:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:B1:5D:6A:9C:C6:D1:E4:C4:2E:1C:74:98:B7:7A:83:5E:D2:AA:92
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e3e0b246-1615-4ed2-bcc8-a85ed79e8915.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  206.217.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         a7:4a:72:5c:54:b9:0d:ad:ef:f2:30:54:68:24:17:f0:6b:e9:
         92:a6:5b:c4:16:68:02:e5:05:91:ef:36:d8:bf:ca:2e:88:c5:
         5f:75:04:02:df:bd:dd:27:46:c4:05:2e:9d:d5:01:2b:f3:04:
         a6:24:0c:45:1d:28:f7:75:69:10:c0:6d:89:4e:24:5d:70:63:
         60:a2:ff:37:90:7e:ab:83:3e:aa:b0:21:f5:e6:88:5c:f7:0c:
         bd:c2:f9:db:5a:27:d1:a5:2e:0b:a7:5f:8d:f3:a9:a7:94:7a:
         04:23:6c:75:fc:63:e6:39:14:c1:cd:73:24:89:39:74:72:fc:
         31:9e:3a:f9:e9:ee:e3:16:cc:66:78:a8:01:6c:1f:1f:79:fa:
         13:51:40:77:65:0f:eb:5f:ff:d1:c1:cd:4d:b4:ae:71:dd:c1:
         b5:26:54:32:95:29:b0:5b:89:0e:eb:12:7a:3a:61:11:23:88:
         ed:80:ba:03:e8:fa:03:54:76:d7:5c:95:17:6d:64:6e:3a:34:
         be:fa:ea:c9:b2:5a:84:65:ff:9b:d0:42:d7:1c:66:90:ea:4d:
         26:d8:1d:36:6b:52:9a:14:33:5e:02:d2:a9:6b:7d:e1:d2:41:
         83:b6:00:b8:61:43:e3:fc:b0:61:22:6b:a5:14:b0:38:29:29:
         de:0b:c7:c2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd0eIJTS26SNhYxfk+G0GNVlCbiYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTA1MDAzMDU1WhcNMjUxMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkYjU3NWJjOTg5YTQ1ZDY2YzRjN2IyYzQzM2VlODU2MGM2
MzAwNmIzZDhiNTA1ZjI4Y2NhM2QwYzI3OTUyZjBiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC9BBLEWNJNWFWIiNW1LrQDy0mijAZAqyFsWbmwwhrbO4U9
zjmXvGteeuUy5VgwwI+Pr/BT6nj3pw8x0fEKAB2TSLy7MFDgOLBU7AGfo7k2nzZt
msF6v50uHYCkDFzZtkOkLM1d2Em/pvtAe7o6e0tHt/kZGdO9DEOyMYWuA3MaJVCI
bikr9F4ZpYqP0yFMhsulHQDF8DjLJN2zFnILjyPvnmWUqyFBAu6w5RGiwdDX9LOc
3z+zVOEXVX489MBTzWgTtpwm6AKIIwhIq6ErvKPpWQcTN3sAFuZTustTu6nXJg2F
LMhJt0Ju4eQEhPX2O1hAqHQ6GHjaCa92aa4e+xalAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUjLFdapzG0eTELhx0mLd6g17SqpIwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2UzZTBiMjQ2LTE2MTUtNGVkMi1iY2M4LWE4NWVkNzllODkxNS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXO2eAwDQYJKoZIhvcNAQELBQADggEBAKdKclxUuQ2t7/IwVGgkF/Br6ZKm
W8QWaALlBZHvNti/yi6IxV91BALfvd0nRsQFLp3VASvzBKYkDEUdKPd1aRDAbYlO
JF1wY2Ci/zeQfquDPqqwIfXmiFz3DL3C+dtaJ9GlLgunX43zqaeUegQjbHX8Y+Y5
FMHNcySJOXRy/DGeOvnp7uMWzGZ4qAFsHx95+hNRQHdlD+tf/9HBzU20rnHdwbUm
VDKVKbBbiQ7rEno6YREjiO2AugPo+gNUdtdclRdtZG46NL766smyWoRl/5vQQtcc
ZpDqTSbYHTZrUpoUM14C0qlrfeHSQYO2ALhhQ+P8sGEia6UUsDgpKd4Lx8I=
-----END CERTIFICATE-----