Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa
File:                     7ba02025-0c4b-49eb-a560-246362b48585.roa (raw, json)
Hash identifier:          ATL0YmXBIEXR9M12Uyc5rgPFJKi0PIYV/auphQ7JcQk=
Subject key identifier:   56:C0:61:41:6E:2A:DE:D7:89:A4:FA:17:65:BB:6C:49:6C:56:06:03
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       57DC53040E12EB312FB1C010626420D9DB10FFE4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa
Signing time:             Mon 06 Oct 2025 15:39:02 +0000
ROA not before:           Mon 06 Oct 2025 15:39:02 +0000
ROA not after:            Mon 10 Nov 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        24.110.11.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:dc:53:04:0e:12:eb:31:2f:b1:c0:10:62:64:20:d9:db:10:ff:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  6 15:39:02 2025 GMT
            Not After : Nov 10 23:59:59 2025 GMT
        Subject: serialNumber=423882c1f18378d4f9277d8d4a1ac894898fe654e348fd06bd7255895168a747, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:58:e2:57:79:cb:23:03:eb:c2:cf:3f:15:02:
                    cf:d8:16:e0:1e:a1:78:fa:84:4b:f0:11:ec:b0:c3:
                    03:6f:56:79:2b:a4:9d:49:d0:4f:fb:c3:16:07:89:
                    05:5d:d0:ce:13:88:d7:b0:d3:3c:f3:f8:b0:bc:60:
                    e9:ef:8b:26:ef:5a:69:d8:51:d4:a3:1d:47:a7:d5:
                    d4:a4:c6:cc:09:6f:5b:33:df:b4:e1:db:01:94:09:
                    43:8a:08:41:c8:65:41:94:83:56:91:5a:03:c5:13:
                    80:22:0b:5f:e4:8b:0a:95:78:90:a7:6f:32:9b:2b:
                    cf:4c:af:54:27:c3:8c:19:69:4e:42:35:2a:da:82:
                    ef:2a:fb:f0:14:08:eb:22:49:e4:0d:0d:ec:8b:f2:
                    be:54:3a:4b:70:21:6a:8f:90:59:19:73:3d:4a:65:
                    5b:6f:cf:7e:9f:fb:d6:3a:7b:2c:34:bf:1e:6e:23:
                    1d:75:24:14:cd:6b:5a:82:4e:f2:b9:32:d8:12:c2:
                    f7:c2:ec:a7:b7:d7:cf:e3:77:71:c2:b3:19:9b:11:
                    59:c1:7a:3e:bb:99:fe:93:35:ef:69:b4:a8:64:5a:
                    f9:45:20:12:c6:d8:dc:25:8e:dd:15:67:f8:ac:94:
                    89:7c:85:d8:73:70:1f:d5:85:9f:0f:52:49:7b:a5:
                    fb:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                56:C0:61:41:6E:2A:DE:D7:89:A4:FA:17:65:BB:6C:49:6C:56:06:03
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7ba02025-0c4b-49eb-a560-246362b48585.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  24.110.11.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:c3:f2:af:2c:03:47:b2:81:29:dc:25:a0:f9:54:1f:ba:5b:
         d2:9f:38:84:b9:23:90:27:ab:b0:6b:81:20:b1:58:0f:fd:06:
         a9:39:00:5b:87:1d:26:db:79:72:98:e8:b3:9a:2f:78:4c:a5:
         3f:31:cc:df:3f:03:e3:34:9c:c2:38:6b:c6:fd:3d:cc:b2:06:
         9d:88:25:93:fb:0a:84:4a:94:85:0c:3e:00:fb:40:f8:60:68:
         c8:96:cf:9d:c9:fa:3c:cf:cb:02:63:65:ef:e5:03:e3:8e:28:
         cf:c8:94:c6:ea:ee:6b:5e:b4:d0:9d:9c:00:e6:f2:9c:08:be:
         a6:13:90:37:32:29:97:08:8f:3c:a6:a6:d4:db:ac:b6:fc:95:
         fd:28:0b:c9:82:eb:67:ca:c0:1a:00:88:14:46:30:c5:16:50:
         9b:01:14:60:07:ed:2f:8e:4a:c4:04:9e:2d:1c:df:e2:02:b8:
         4e:f8:6b:5f:5c:e8:56:a1:45:df:80:3a:b9:7a:ed:83:71:41:
         59:28:3c:4f:76:3f:c6:71:08:2f:48:c5:f2:48:c9:c5:ef:d7:
         28:c9:c4:59:78:1e:54:77:b6:9a:02:e4:9d:3d:d7:9f:3d:21:
         aa:d5:52:77:be:24:e3:d7:7b:ee:14:42:6f:bd:4d:08:4a:83:
         1e:9d:2c:52
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV9xTBA4S6zEvscAQYmQg2dsQ/+QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA2MTUzOTAyWhcNMjUxMTEwMjM1OTU5
WjB6MUkwRwYDVQQFE0A0MjM4ODJjMWYxODM3OGQ0ZjkyNzdkOGQ0YTFhYzg5NDg5
OGZlNjU0ZTM0OGZkMDZiZDcyNTU4OTUxNjhhNzQ3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZWOJXecsjA+vCzz8VAs/YFuAeoXj6hEvwEeywwwNvVnkr
pJ1J0E/7wxYHiQVd0M4TiNew0zzz+LC8YOnviybvWmnYUdSjHUen1dSkxswJb1sz
37Th2wGUCUOKCEHIZUGUg1aRWgPFE4AiC1/kiwqVeJCnbzKbK89Mr1Qnw4wZaU5C
NSragu8q+/AUCOsiSeQNDeyL8r5UOktwIWqPkFkZcz1KZVtvz36f+9Y6eyw0vx5u
Ix11JBTNa1qCTvK5MtgSwvfC7Ke318/jd3HCsxmbEVnBej67mf6TNe9ptKhkWvlF
IBLG2Nwljt0VZ/islIl8hdhzcB/VhZ8PUkl7pfsxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVsBhQW4q3teJpPoXZbtsSWxWBgMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdiYTAyMDI1LTBjNGItNDllYi1hNTYwLTI0NjM2MmI0ODU4NS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAYbgswDQYJKoZIhvcNAQELBQADggEBAFzD8q8sA0eygSncJaD5VB+6W9Kf
OIS5I5Anq7BrgSCxWA/9Bqk5AFuHHSbbeXKY6LOaL3hMpT8xzN8/A+M0nMI4a8b9
PcyyBp2IJZP7CoRKlIUMPgD7QPhgaMiWz53J+jzPywJjZe/lA+OOKM/IlMbq7mte
tNCdnADm8pwIvqYTkDcyKZcIjzymptTbrLb8lf0oC8mC62fKwBoAiBRGMMUWUJsB
FGAH7S+OSsQEni0c3+ICuE74a19c6FahRd+AOrl67YNxQVkoPE92P8ZxCC9IxfJI
ycXv1yjJxFl4HlR3tpoC5J091589IarVUne+JOPXe+4UQm+9TQhKgx6dLFI=
-----END CERTIFICATE-----