Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c03fcda-0ad1-41fc-8c42-94116582146a.roa
File:                     7c03fcda-0ad1-41fc-8c42-94116582146a.roa (raw, json)
Hash identifier:          +kjxkvBktr3sAvXPE0H0DyiCMWD3d5M/RUdMCsY9hLc=
Subject key identifier:   18:DB:E4:04:53:5F:FE:23:8A:17:93:99:88:26:6A:E5:03:3D:FE:BD
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       6DAB2D0554DDC109F20BF21281AC18CD854A23C9
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c03fcda-0ad1-41fc-8c42-94116582146a.roa
Signing time:             Tue 30 Sep 2025 00:02:07 +0000
ROA not before:           Tue 30 Sep 2025 00:02:07 +0000
ROA not after:            Tue 04 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        13.150.0.0/15 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:ab:2d:05:54:dd:c1:09:f2:0b:f2:12:81:ac:18:cd:85:4a:23:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 30 00:02:07 2025 GMT
            Not After : Nov  4 23:59:59 2025 GMT
        Subject: serialNumber=7fac33f3656c353cd9d298bf4b8979811c5aa4068166037951eee3d62329fc14, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:b5:79:58:44:c0:4e:8c:a1:3c:5f:fd:72:5a:
                    1a:38:8d:01:da:02:e3:49:e9:75:61:d4:86:d7:08:
                    92:33:09:b6:c0:b2:6c:c7:9f:5d:04:68:1d:3a:0f:
                    fd:ca:ea:e6:ca:97:49:31:98:ab:1e:a5:da:6f:d4:
                    6e:f9:cc:76:1e:0e:c6:0d:64:c0:d9:12:1e:2c:15:
                    a7:4d:84:c1:fd:38:11:af:84:5f:98:ea:70:93:b1:
                    ba:d0:33:2b:37:d0:a2:a9:47:5a:ed:a5:8e:7c:82:
                    9d:79:2a:f9:86:93:76:2a:02:72:4b:db:26:8c:49:
                    24:0c:34:0a:24:63:f1:22:66:55:06:cf:21:1e:71:
                    a6:25:d4:04:6a:10:f0:f0:c1:bf:e8:df:7a:0c:fd:
                    73:2a:3b:5b:17:e7:ac:09:ec:e3:68:e0:43:24:23:
                    b4:77:98:b9:67:c2:4f:28:28:27:10:1d:8d:5e:90:
                    8e:5e:f0:12:4b:5a:ed:bf:c7:b2:12:ca:bd:fe:9b:
                    79:4a:7f:e3:92:b9:11:2b:36:19:e4:31:63:28:db:
                    50:a8:9c:99:16:6a:8d:d5:c2:73:bb:c3:3c:73:49:
                    85:49:8c:8c:3e:67:8d:f4:b0:d3:74:1e:5f:23:02:
                    0c:75:65:8a:44:da:05:8b:c9:90:ff:42:1c:a7:0a:
                    81:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:DB:E4:04:53:5F:FE:23:8A:17:93:99:88:26:6A:E5:03:3D:FE:BD
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/7c03fcda-0ad1-41fc-8c42-94116582146a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  13.150.0.0/15

    Signature Algorithm: sha256WithRSAEncryption
         b0:43:75:53:65:0f:1f:f2:ff:d1:0a:60:f0:b0:91:9f:c7:72:
         fc:19:39:01:8c:6d:23:9f:0c:dd:99:8d:5e:8d:7e:8f:64:19:
         41:83:c6:c5:11:73:bd:c0:e3:e7:d0:ed:2b:77:fd:01:7b:d2:
         98:ec:c0:04:b3:c0:c1:c4:d0:45:e6:f6:40:9e:20:e7:f6:70:
         60:18:e0:5e:75:cf:3a:ad:c6:05:22:ac:7a:bc:ab:75:e5:e0:
         b9:1c:2e:d2:1a:c1:48:4a:78:bf:9f:87:e9:86:5a:e4:99:3f:
         4b:f9:4a:20:13:43:ac:08:05:bd:d3:c3:20:80:06:dd:5d:ed:
         38:7f:60:d1:c5:95:46:ac:b2:d5:9d:42:9a:3d:60:ca:ee:f4:
         5a:36:74:ec:ee:0d:26:31:f3:8f:59:77:07:a4:46:ed:4b:53:
         12:82:52:fb:3f:83:2b:04:44:00:38:9c:97:a3:65:89:64:7f:
         09:39:51:e7:37:40:f0:78:05:70:4c:fa:ae:38:99:a2:97:ca:
         56:6d:3b:6a:46:f0:0b:fd:f5:bb:4d:c7:71:8e:96:58:40:d8:
         25:28:c8:f2:32:ee:2e:bc:a2:ac:d4:8c:5c:5f:f3:a5:56:e9:
         9f:af:4f:9b:48:fe:d5:40:b4:e2:f0:53:ef:46:fd:0a:9a:91:
         10:38:26:3e
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUbastBVTdwQnyC/ISgawYzYVKI8kwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAwMjA3WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ZmFjMzNmMzY1NmMzNTNjZDlkMjk4YmY0Yjg5Nzk4MTFj
NWFhNDA2ODE2NjAzNzk1MWVlZTNkNjIzMjlmYzE0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDNtXlYRMBOjKE8X/1yWho4jQHaAuNJ6XVh1IbXCJIzCbbA
smzHn10EaB06D/3K6ubKl0kxmKsepdpv1G75zHYeDsYNZMDZEh4sFadNhMH9OBGv
hF+Y6nCTsbrQMys30KKpR1rtpY58gp15KvmGk3YqAnJL2yaMSSQMNAokY/EiZlUG
zyEecaYl1ARqEPDwwb/o33oM/XMqO1sX56wJ7ONo4EMkI7R3mLlnwk8oKCcQHY1e
kI5e8BJLWu2/x7ISyr3+m3lKf+OSuRErNhnkMWMo21ConJkWao3VwnO7wzxzSYVJ
jIw+Z430sNN0Hl8jAgx1ZYpE2gWLyZD/QhynCoHNAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUGNvkBFNf/iOKF5OZiCZq5QM9/r0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzdjMDNmY2RhLTBhZDEtNDFmYy04YzQyLTk0MTE2NTgyMTQ2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwENljANBgkqhkiG9w0BAQsFAAOCAQEAsEN1U2UPH/L/0Qpg8LCRn8dy/Bk5
AYxtI58M3ZmNXo1+j2QZQYPGxRFzvcDj59DtK3f9AXvSmOzABLPAwcTQReb2QJ4g
5/ZwYBjgXnXPOq3GBSKseryrdeXguRwu0hrBSEp4v5+H6YZa5Jk/S/lKIBNDrAgF
vdPDIIAG3V3tOH9g0cWVRqyy1Z1Cmj1gyu70WjZ07O4NJjHzj1l3B6RG7UtTEoJS
+z+DKwREADicl6NliWR/CTlR5zdA8HgFcEz6rjiZopfKVm07akbwC/31u03HcY6W
WEDYJSjI8jLuLryirNSMXF/zpVbpn69Pm0j+1UC04vBT70b9CpqREDgmPg==
-----END CERTIFICATE-----