Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/793b1d13-c592-4627-ae73-33658faf9052.roa
File:                     793b1d13-c592-4627-ae73-33658faf9052.roa (raw, json)
Hash identifier:          XDkdSh7vnnLhEhkktYA9wPmwFcxvP//gW/sqYjQ/x/0=
Subject key identifier:   FA:9B:BE:B6:17:8E:09:E2:9A:B9:D2:C5:CA:69:6A:67:A3:1C:F3:3E
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       562ADDC74267421FF7E987E4489A70E7A852576F
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/793b1d13-c592-4627-ae73-33658faf9052.roa
Signing time:             Thu 13 Nov 2025 00:20:39 +0000
ROA not before:           Thu 13 Nov 2025 00:20:39 +0000
ROA not after:            Thu 18 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        56.183.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:2a:dd:c7:42:67:42:1f:f7:e9:87:e4:48:9a:70:e7:a8:52:57:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 13 00:20:39 2025 GMT
            Not After : Dec 18 23:59:59 2025 GMT
        Subject: serialNumber=8428d8d80afdcc1146631b424937a57a7a548695a37cf5a234b98289382e6412, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:4b:d0:47:77:d7:db:92:7c:39:69:de:29:79:
                    63:c0:4d:87:91:ca:64:d3:14:83:7a:99:7b:79:48:
                    81:25:70:d6:19:9d:c0:05:aa:17:35:cd:c4:85:47:
                    2e:65:12:bc:c5:1c:c5:1b:f3:54:38:ca:a4:f7:c4:
                    40:ba:45:7b:43:c5:18:0f:4b:ad:6f:1f:c8:a0:ab:
                    a1:9c:a8:5f:74:eb:ea:06:ee:3d:9b:db:f7:92:f8:
                    bc:a1:1a:2d:af:64:50:49:d0:88:05:db:38:e5:a9:
                    94:18:b1:ba:82:11:1e:b2:85:b0:20:22:c6:23:8b:
                    d6:99:00:4e:13:cc:71:ec:c5:81:b6:14:52:9c:d2:
                    0a:c9:9a:2c:44:b5:7a:be:d3:44:ae:5a:37:bc:94:
                    a9:ed:27:a5:09:fe:db:dd:08:b7:95:11:e0:e1:39:
                    5b:2f:6a:53:fd:9c:31:e9:b8:16:c4:86:3e:1c:9b:
                    66:bc:1b:31:25:b0:f6:e4:8b:f0:34:39:85:2a:54:
                    75:bb:38:e0:b7:a5:7b:50:4a:83:c6:03:f3:58:23:
                    c8:ca:d2:69:72:38:9c:88:dc:8b:61:72:2b:23:5f:
                    75:fd:9c:fa:fb:30:11:c2:50:33:4b:e8:00:0e:14:
                    6f:7f:42:af:51:f9:3e:0a:26:3a:02:3a:7f:dc:fc:
                    bc:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:9B:BE:B6:17:8E:09:E2:9A:B9:D2:C5:CA:69:6A:67:A3:1C:F3:3E
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/793b1d13-c592-4627-ae73-33658faf9052.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  56.183.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         9d:d2:3f:ae:d1:8b:e6:6e:83:38:bd:ff:ab:27:29:fe:35:94:
         10:43:35:b4:32:f9:3f:c1:e6:f1:9c:f9:06:12:a2:88:2d:87:
         89:3d:e8:91:69:64:b5:8b:4e:f0:26:85:38:7f:bc:26:8e:6d:
         d4:9f:0c:d8:33:74:0b:df:56:9d:d1:68:5e:28:68:db:3d:89:
         10:b6:61:48:c9:a3:dd:f1:50:2e:20:bf:0b:48:2e:32:59:06:
         7c:3c:29:59:97:ef:33:6a:97:5f:3b:5a:97:da:66:6c:f9:92:
         2a:2a:8a:03:f6:6d:0a:62:e1:11:18:37:ed:44:36:82:11:ea:
         e8:98:fc:d6:b0:aa:dd:62:07:23:39:33:a2:91:18:ab:ca:a0:
         96:32:45:ee:48:56:33:1c:8c:f2:cf:1b:cb:e3:82:d5:d0:65:
         38:58:5d:db:ed:8f:f0:58:3a:71:01:aa:7d:4c:aa:9a:b5:c6:
         99:5a:0c:e0:30:d2:58:c4:97:dd:51:99:b9:70:c8:81:54:42:
         f1:b5:09:52:30:13:64:45:f9:0d:9b:19:d2:81:18:45:1a:bb:
         1f:f5:2a:f5:d1:73:b5:f1:66:46:32:75:da:6f:09:02:92:95:
         3c:18:3e:09:c6:b8:0e:5a:37:c9:63:33:e1:06:47:83:9f:21:
         4e:a4:7a:d9
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUVirdx0JnQh/36YfkSJpw56hSV28wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTEzMDAyMDM5WhcNMjUxMjE4MjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDI4ZDhkODBhZmRjYzExNDY2MzFiNDI0OTM3YTU3YTdh
NTQ4Njk1YTM3Y2Y1YTIzNGI5ODI4OTM4MmU2NDEyMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvS9BHd9fbknw5ad4peWPATYeRymTTFIN6mXt5SIElcNYZ
ncAFqhc1zcSFRy5lErzFHMUb81Q4yqT3xEC6RXtDxRgPS61vH8igq6GcqF906+oG
7j2b2/eS+LyhGi2vZFBJ0IgF2zjlqZQYsbqCER6yhbAgIsYji9aZAE4TzHHsxYG2
FFKc0grJmixEtXq+00SuWje8lKntJ6UJ/tvdCLeVEeDhOVsvalP9nDHpuBbEhj4c
m2a8GzElsPbki/A0OYUqVHW7OOC3pXtQSoPGA/NYI8jK0mlyOJyI3IthcisjX3X9
nPr7MBHCUDNL6AAOFG9/Qq9R+T4KJjoCOn/c/LxvAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQU+pu+theOCeKaudLFymlqZ6Mc8z4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzc5M2IxZDEzLWM1OTItNDYyNy1hZTczLTMzNjU4ZmFmOTA1Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwA4tzANBgkqhkiG9w0BAQsFAAOCAQEAndI/rtGL5m6DOL3/qycp/jWUEEM1
tDL5P8Hm8Zz5BhKiiC2HiT3okWlktYtO8CaFOH+8Jo5t1J8M2DN0C99WndFoXiho
2z2JELZhSMmj3fFQLiC/C0guMlkGfDwpWZfvM2qXXztal9pmbPmSKiqKA/ZtCmLh
ERg37UQ2ghHq6Jj81rCq3WIHIzkzopEYq8qgljJF7khWMxyM8s8by+OC1dBlOFhd
2+2P8Fg6cQGqfUyqmrXGmVoM4DDSWMSX3VGZuXDIgVRC8bUJUjATZEX5DZsZ0oEY
RRq7H/Uq9dFztfFmRjJ12m8JApKVPBg+Cca4Dlo3yWMz4QZHg58hTqR62Q==
-----END CERTIFICATE-----