Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0103940-c8dc-4a4c-aa6b-d83e680f8abf.roa
File:                     f0103940-c8dc-4a4c-aa6b-d83e680f8abf.roa (raw, json)
Hash identifier:          U6sdVG4CU6L/zHN9x5U6Z3kZOOztb7avEjeX+y4gCBw=
Subject key identifier:   3A:06:11:C2:60:89:65:22:47:F8:58:9E:F4:DA:C1:BB:76:E2:2B:17
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6D2BAB95C1E4116B07A5C49B72D0DA5EB70B4F11
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0103940-c8dc-4a4c-aa6b-d83e680f8abf.roa
Signing time:             Sat 15 Nov 2025 00:30:15 +0000
ROA not before:           Sat 15 Nov 2025 00:30:15 +0000
ROA not after:            Sat 20 Dec 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        88.106.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:2b:ab:95:c1:e4:11:6b:07:a5:c4:9b:72:d0:da:5e:b7:0b:4f:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Nov 15 00:30:15 2025 GMT
            Not After : Dec 20 23:59:59 2025 GMT
        Subject: serialNumber=c851f1c809e07118e6b00f6a3a40093e4056998dc77691374c5bf8e8eebba793, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:48:8e:8c:14:a7:72:d6:ab:3f:a1:a1:ac:0e:
                    78:1d:4a:19:b6:ec:ee:07:b3:93:82:8f:3a:29:c6:
                    44:c0:c2:5c:cf:7f:64:63:43:b1:95:97:72:c6:d9:
                    11:00:e9:52:9f:d9:a8:e4:5b:65:f2:5c:35:27:f4:
                    06:15:93:03:b1:97:12:f9:f2:6d:bb:d5:af:3e:a2:
                    4f:fe:46:93:54:aa:88:f7:11:ac:ff:5f:f9:9c:85:
                    a1:54:b3:d0:5b:78:f8:87:a5:4c:97:1c:28:9f:fc:
                    22:8a:be:06:cb:1b:f5:f5:c3:85:4c:30:ad:7a:f2:
                    40:59:c4:70:00:b7:42:0d:00:5f:af:77:c8:6f:48:
                    5b:36:e9:ea:d2:9b:ef:64:6c:87:99:17:35:1c:75:
                    f0:f4:23:5d:ad:9d:df:fe:bd:48:69:d2:cb:14:ab:
                    35:05:28:8c:a7:78:c3:e2:23:95:9b:e4:64:ef:5c:
                    e9:3b:6f:17:95:95:c1:16:b4:44:31:d2:5f:86:98:
                    d3:dd:fb:9b:68:41:a1:de:2d:0f:0f:26:d0:9f:0b:
                    5a:9c:24:19:03:31:c0:67:54:ae:f6:d9:57:2b:a0:
                    d4:ed:23:1a:ec:18:b4:10:79:bf:a0:dd:25:b7:08:
                    7a:fe:6f:a1:09:37:a8:15:92:94:27:30:71:82:f8:
                    ef:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:06:11:C2:60:89:65:22:47:F8:58:9E:F4:DA:C1:BB:76:E2:2B:17
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f0103940-c8dc-4a4c-aa6b-d83e680f8abf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  88.106.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         ab:96:ea:04:84:b4:fb:5f:96:b4:d3:7c:c0:43:15:92:92:49:
         8b:97:90:f0:43:f2:bc:1e:dd:a2:3e:33:f0:e9:f2:df:bb:c8:
         4a:e1:4c:3c:8c:de:ea:6b:48:41:a8:5d:95:80:62:cf:62:6f:
         75:d8:c4:a5:25:51:c4:4d:d5:44:e9:40:6d:d3:c7:41:de:6c:
         51:15:12:95:b6:79:87:b7:98:2c:97:f7:dd:92:ae:28:8e:51:
         f9:37:f6:fa:25:65:2f:24:fa:46:cd:4f:a6:8a:3c:44:a8:05:
         3b:c4:25:b2:16:7f:ff:3c:88:ce:5f:40:6e:03:39:42:0f:bf:
         24:c3:39:0e:d5:5d:57:64:ca:e5:99:56:7e:1b:5b:b9:ab:ab:
         cc:62:28:72:33:0f:cb:af:99:c5:1e:61:6e:24:6b:09:e9:fc:
         64:74:61:3e:3b:e7:06:44:16:57:64:17:6d:ea:63:48:ad:2a:
         cd:3e:aa:ef:89:ac:35:5e:5c:a5:94:27:56:f8:22:f0:ad:cd:
         f6:e7:50:96:fd:75:09:e9:2e:94:60:b5:42:51:e4:ef:e3:73:
         a3:af:4a:60:9b:01:a7:44:3b:57:35:90:7f:2b:af:a1:7a:34:
         2b:b4:34:cb:5d:0c:45:99:8b:cf:15:ea:69:9d:22:f5:e4:c5:
         d9:f8:32:0e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbSurlcHkEWsHpcSbctDaXrcLTxEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTE1MDAzMDE1WhcNMjUxMjIwMjM1OTU5
WjB6MUkwRwYDVQQFE0BjODUxZjFjODA5ZTA3MTE4ZTZiMDBmNmEzYTQwMDkzZTQw
NTY5OThkYzc3NjkxMzc0YzViZjhlOGVlYmJhNzkzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCySI6MFKdy1qs/oaGsDngdShm27O4Hs5OCjzopxkTAwlzP
f2RjQ7GVl3LG2REA6VKf2ajkW2XyXDUn9AYVkwOxlxL58m271a8+ok/+RpNUqoj3
Eaz/X/mchaFUs9BbePiHpUyXHCif/CKKvgbLG/X1w4VMMK168kBZxHAAt0INAF+v
d8hvSFs26erSm+9kbIeZFzUcdfD0I12tnd/+vUhp0ssUqzUFKIyneMPiI5Wb5GTv
XOk7bxeVlcEWtEQx0l+GmNPd+5toQaHeLQ8PJtCfC1qcJBkDMcBnVK722VcroNTt
IxrsGLQQeb+g3SW3CHr+b6EJN6gVkpQnMHGC+O+/AgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUOgYRwmCJZSJH+Fie9NrBu3biKxcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YwMTAzOTQwLWM4ZGMtNGE0Yy1hYTZiLWQ4M2U2ODBmOGFiZi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwFYajANBgkqhkiG9w0BAQsFAAOCAQEAq5bqBIS0+1+WtNN8wEMVkpJJi5eQ
8EPyvB7doj4z8Ony37vISuFMPIze6mtIQahdlYBiz2JvddjEpSVRxE3VROlAbdPH
Qd5sURUSlbZ5h7eYLJf33ZKuKI5R+Tf2+iVlLyT6Rs1Ppoo8RKgFO8QlshZ//zyI
zl9AbgM5Qg+/JMM5DtVdV2TK5ZlWfhtbuaurzGIocjMPy6+ZxR5hbiRrCen8ZHRh
PjvnBkQWV2QXbepjSK0qzT6q74msNV5cpZQnVvgi8K3N9udQlv11CekulGC1QlHk
7+Nzo69KYJsBp0Q7VzWQfyuvoXo0K7Q0y10MRZmLzxXqaZ0i9eTF2fgyDg==
-----END CERTIFICATE-----