Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b30f0045-88bf-4cab-804d-bca257af8bb6.roa
File:                     b30f0045-88bf-4cab-804d-bca257af8bb6.roa (raw, json)
Hash identifier:          Bl/m1uUQ8AhxOU4/D0EHU4urnKsApz1qOvUPz+K4iHk=
Subject key identifier:   7C:95:26:A2:73:B7:8A:E8:82:77:55:FC:71:5A:93:2A:1D:06:3B:81
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       02592EC1E6A5C06C5F083F37D6BDE714BC40DF64
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b30f0045-88bf-4cab-804d-bca257af8bb6.roa
Signing time:             Sun 16 Nov 2025 00:20:47 +0000
ROA not before:           Sun 16 Nov 2025 00:20:47 +0000
ROA not after:            Sun 21 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        207.207.64.0/19 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:59:2e:c1:e6:a5:c0:6c:5f:08:3f:37:d6:bd:e7:14:bc:40:df:64
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 16 00:20:47 2025 GMT
            Not After : Dec 21 23:59:59 2025 GMT
        Subject: serialNumber=52fcbc16870a106bcfa47491ccb7b759326b6b2e65c29ac43a9e88a4dcfe30dc, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:6d:e5:63:54:b1:c0:ab:e1:35:2b:6f:0f:61:
                    3f:45:10:b0:6a:eb:30:f7:ff:5f:c9:02:ca:c7:03:
                    03:8d:21:bc:53:35:3a:b1:b9:8b:e7:7d:01:28:b0:
                    6f:88:e9:80:32:e5:fc:85:db:60:61:0d:6e:a8:f3:
                    21:d5:3b:7c:7f:83:9a:9a:25:e2:0f:cd:0d:30:57:
                    5d:f5:ec:fa:3d:be:66:dc:7b:a0:a2:8b:54:51:0a:
                    e2:07:3f:6e:de:bc:21:8c:e3:4d:7e:8b:43:69:e1:
                    21:43:c5:c0:d2:2f:b3:9e:81:e6:7a:51:48:29:b2:
                    18:0b:60:83:be:e8:7a:26:20:c9:f5:e8:28:75:7a:
                    54:c9:06:be:b2:9e:b6:6c:2f:1e:34:e8:43:25:ef:
                    02:62:d4:06:a2:3d:40:6e:1d:ab:71:55:c6:f6:98:
                    60:95:99:eb:43:07:cc:3e:4f:b5:1f:73:a7:1a:a7:
                    5f:aa:56:be:34:6f:46:26:88:7d:b7:d7:00:0c:c2:
                    59:f1:7f:da:27:d4:37:28:41:29:c5:4a:e0:5c:7b:
                    99:94:37:98:a1:42:02:c3:73:65:5a:80:ad:7d:77:
                    15:58:ad:36:f6:12:08:fa:90:d6:cd:84:fb:eb:53:
                    59:5f:29:03:c1:20:85:28:17:26:e5:8a:78:66:2f:
                    a7:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:95:26:A2:73:B7:8A:E8:82:77:55:FC:71:5A:93:2A:1D:06:3B:81
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/b30f0045-88bf-4cab-804d-bca257af8bb6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.207.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c4:23:b7:6f:7e:ce:74:35:d4:69:92:93:75:57:44:81:fa:93:
         17:e0:37:16:ec:d9:7c:1a:f7:24:00:57:00:99:1c:eb:78:a8:
         31:65:dd:4b:d6:1c:c1:00:15:b8:ac:5e:84:d4:f3:d5:30:ec:
         74:e8:69:70:e3:63:98:c4:a4:67:ee:d0:b8:19:3a:3e:e4:34:
         09:9b:d0:2e:0c:11:c7:5a:9b:97:b2:3c:60:88:99:1f:ae:c6:
         9f:f0:c9:fc:4b:d6:ef:be:3a:0d:1c:c4:8e:19:12:a7:c1:95:
         ed:19:75:bb:7f:b4:d9:0f:89:28:80:70:fe:35:80:93:22:42:
         3d:b2:a3:d0:3a:97:0f:53:69:b8:c8:b1:8e:d1:aa:b7:99:95:
         8f:96:8c:e6:7a:a4:7a:9b:53:01:c7:fe:26:24:61:fa:b5:e0:
         f2:b4:b8:70:ec:cf:70:ea:9c:f7:7d:c4:f7:c8:66:32:87:c5:
         80:8b:2a:19:fc:aa:dc:19:06:9f:a7:9b:62:bb:ea:b4:61:db:
         d1:eb:eb:ad:c9:ff:22:78:c1:6b:57:2d:77:0e:99:5a:91:8a:
         54:07:23:ba:2b:70:00:f9:6c:30:f1:8f:63:2d:35:f8:83:d4:
         04:82:b3:9c:40:e9:5e:e6:bc:26:d7:5a:05:f0:6c:1b:b7:f1:
         b5:41:88:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUAlkuwealwGxfCD831r3nFLxA32QwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE2MDAyMDQ3WhcNMjUxMjIxMjM1OTU5
WjB6MUkwRwYDVQQFE0A1MmZjYmMxNjg3MGExMDZiY2ZhNDc0OTFjY2I3Yjc1OTMy
NmI2YjJlNjVjMjlhYzQzYTllODhhNGRjZmUzMGRjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC7beVjVLHAq+E1K28PYT9FELBq6zD3/1/JAsrHAwONIbxT
NTqxuYvnfQEosG+I6YAy5fyF22BhDW6o8yHVO3x/g5qaJeIPzQ0wV1317Po9vmbc
e6Cii1RRCuIHP27evCGM401+i0Np4SFDxcDSL7OegeZ6UUgpshgLYIO+6HomIMn1
6Ch1elTJBr6ynrZsLx406EMl7wJi1AaiPUBuHatxVcb2mGCVmetDB8w+T7Ufc6ca
p1+qVr40b0YmiH231wAMwlnxf9on1DcoQSnFSuBce5mUN5ihQgLDc2VagK19dxVY
rTb2Egj6kNbNhPvrU1lfKQPBIIUoFyblinhmL6eRAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUfJUmonO3iuiCd1X8cVqTKh0GO4EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2IzMGYwMDQ1LTg4YmYtNGNhYi04MDRkLWJjYTI1N2FmOGJiNi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAXPz0AwDQYJKoZIhvcNAQELBQADggEBAMQjt29+znQ11GmSk3VXRIH6kxfg
Nxbs2Xwa9yQAVwCZHOt4qDFl3UvWHMEAFbisXoTU89Uw7HToaXDjY5jEpGfu0LgZ
Oj7kNAmb0C4MEcdam5eyPGCImR+uxp/wyfxL1u++Og0cxI4ZEqfBle0Zdbt/tNkP
iSiAcP41gJMiQj2yo9A6lw9TabjIsY7RqreZlY+WjOZ6pHqbUwHH/iYkYfq14PK0
uHDsz3DqnPd9xPfIZjKHxYCLKhn8qtwZBp+nm2K76rRh29Hr663J/yJ4wWtXLXcO
mVqRilQHI7orcAD5bDDxj2MtNfiD1ASCs5xA6V7mvCbXWgXwbBu38bVBiIQ=
-----END CERTIFICATE-----