Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34a80fd0-1d05-40ef-96b9-bc2d39948a88.roa
File:                     34a80fd0-1d05-40ef-96b9-bc2d39948a88.roa (raw, json)
Hash identifier:          RWsr2DovLgzkt62D+BpwUq2frF1dYbdwt3NLLCmpTTs=
Subject key identifier:   FA:31:C8:EC:8F:1B:E3:BC:56:8B:44:98:C7:6C:E1:75:CF:43:05:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       79CEFB9B83CB2394E0F650141938CFB5C8B67E37
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34a80fd0-1d05-40ef-96b9-bc2d39948a88.roa
Signing time:             Fri 03 Oct 2025 00:51:14 +0000
ROA not before:           Fri 03 Oct 2025 00:51:14 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.189.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:ce:fb:9b:83:cb:23:94:e0:f6:50:14:19:38:cf:b5:c8:b6:7e:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:51:14 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=05edd716f9436a0ad64064a166ddb0149eacd9029de079a7c1371c85d1ad626c, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b3:62:fb:9a:7a:85:21:ee:05:e9:2f:35:d5:
                    e2:13:00:15:fc:9a:51:62:28:0e:e9:7b:09:1e:2d:
                    a8:5c:ca:4a:44:e6:4c:3f:67:c0:b9:61:14:10:a4:
                    75:62:1c:21:d7:dd:59:e9:fa:0b:b3:91:e0:85:da:
                    71:2a:e3:d2:97:85:d4:40:17:35:ff:ac:77:62:64:
                    bd:dc:f9:6a:a3:d5:9d:dc:66:4c:b6:cd:b3:97:c6:
                    bd:86:eb:25:ff:65:94:56:5a:26:35:59:ee:41:d0:
                    68:7a:62:6c:33:7f:f4:c3:8e:a2:3b:31:f0:f5:0f:
                    ab:70:4c:bb:79:43:f3:6f:8b:26:f6:0a:e9:fc:5c:
                    7c:f7:01:a6:2a:86:ea:d6:f3:f4:85:18:5e:dc:0c:
                    d0:b4:ac:5b:bf:9c:7f:b8:83:db:67:9e:af:26:be:
                    cb:c7:59:5b:cf:f2:90:46:8c:36:55:6a:3c:18:a9:
                    ad:fd:ad:4b:28:2d:ff:da:4a:35:db:f5:75:61:5d:
                    6b:4d:69:6b:46:52:e9:f1:49:9a:73:e5:c8:48:56:
                    de:27:de:76:41:4c:65:dc:b6:f4:6c:19:03:ca:1d:
                    13:d3:60:42:6d:e9:65:7e:78:83:01:35:dd:3f:cd:
                    47:7f:04:1e:13:02:e7:5b:df:f8:4b:a4:19:50:d2:
                    fd:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:31:C8:EC:8F:1B:E3:BC:56:8B:44:98:C7:6C:E1:75:CF:43:05:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/34a80fd0-1d05-40ef-96b9-bc2d39948a88.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:75:85:9e:7f:9c:b1:1e:6d:87:13:5f:9f:50:2c:97:d8:5e:
         69:3d:69:1c:bc:6f:40:b2:71:de:e5:14:8c:fe:a6:8d:a2:a0:
         75:11:a3:66:09:d3:9b:ea:0c:e3:9f:ec:99:8c:ab:54:ce:43:
         de:ab:4e:18:23:2e:79:d6:65:7a:b7:69:1c:1c:e6:f8:ad:7e:
         c2:ab:8a:ed:d6:29:21:f7:b1:b3:d1:26:59:35:10:35:1e:d4:
         ff:cf:ac:8c:c3:9e:2e:87:a3:4a:ea:af:55:cb:f2:26:4e:21:
         61:41:5b:3b:f1:06:c9:c4:e7:af:dc:a5:d7:8d:af:62:8c:58:
         92:fa:19:05:70:72:10:2c:3c:ed:02:6e:82:7a:88:a8:21:6c:
         14:b5:32:bb:f7:0d:12:dd:06:6f:e8:23:32:d9:76:d0:69:a4:
         47:b7:96:a2:68:d4:26:fb:f2:eb:9f:bb:6a:a0:79:af:f1:b7:
         a9:63:3b:24:df:55:97:e5:74:e2:09:f0:98:3d:07:0f:1a:78:
         3a:80:39:93:24:ad:97:fe:31:27:34:1a:97:8f:2f:63:85:68:
         aa:9b:ec:ea:ee:05:fd:f9:ca:ab:97:7d:4b:fc:66:a6:e3:fb:
         81:08:2d:b1:57:08:3e:be:64:7d:cc:a7:eb:f0:24:c1:7e:0d:
         9b:80:32:db
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUec77m4PLI5Tg9lAUGTjPtci2fjcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MTE0WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0AwNWVkZDcxNmY5NDM2YTBhZDY0MDY0YTE2NmRkYjAxNDll
YWNkOTAyOWRlMDc5YTdjMTM3MWM4NWQxYWQ2MjZjMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDRs2L7mnqFIe4F6S811eITABX8mlFiKA7pewkeLahcykpE
5kw/Z8C5YRQQpHViHCHX3Vnp+guzkeCF2nEq49KXhdRAFzX/rHdiZL3c+Wqj1Z3c
Zky2zbOXxr2G6yX/ZZRWWiY1We5B0Gh6Ymwzf/TDjqI7MfD1D6twTLt5Q/Nviyb2
Cun8XHz3AaYqhurW8/SFGF7cDNC0rFu/nH+4g9tnnq8mvsvHWVvP8pBGjDZVajwY
qa39rUsoLf/aSjXb9XVhXWtNaWtGUunxSZpz5chIVt4n3nZBTGXctvRsGQPKHRPT
YEJt6WV+eIMBNd0/zUd/BB4TAudb3/hLpBlQ0v0pAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU+jHI7I8b47xWi0SYx2zhdc9DBZ8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzM0YTgwZmQwLTFkMDUtNDBlZi05NmI5LWJjMmQzOTk0OGE4OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTb0wDQYJKoZIhvcNAQELBQADggEBAGh1hZ5/nLEebYcTX59QLJfYXmk9
aRy8b0Cycd7lFIz+po2ioHURo2YJ05vqDOOf7JmMq1TOQ96rThgjLnnWZXq3aRwc
5vitfsKriu3WKSH3sbPRJlk1EDUe1P/PrIzDni6Ho0rqr1XL8iZOIWFBWzvxBsnE
56/cpdeNr2KMWJL6GQVwchAsPO0CboJ6iKghbBS1Mrv3DRLdBm/oIzLZdtBppEe3
lqJo1Cb78uufu2qgea/xt6ljOyTfVZfldOIJ8Jg9Bw8aeDqAOZMkrZf+MSc0GpeP
L2OFaKqb7OruBf35yquXfUv8Zqbj+4EILbFXCD6+ZH3Mp+vwJMF+DZuAMts=
-----END CERTIFICATE-----