Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a50d7bcf-9913-4efa-99b5-5b8cf64769dd.roa
File:                     a50d7bcf-9913-4efa-99b5-5b8cf64769dd.roa (raw, json)
Hash identifier:          Nm72V0iIE23lev/U6TqfDkd3HiWMCDuOWfNQbZ+FR2s=
Subject key identifier:   EA:F5:99:F5:65:4C:71:B1:38:54:AF:8D:95:B7:30:F9:44:57:BD:1C
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       1BD0D0C0F25746116D36543BD31E8C30187A26A1
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a50d7bcf-9913-4efa-99b5-5b8cf64769dd.roa
Signing time:             Sat 04 Oct 2025 00:52:31 +0000
ROA not before:           Sat 04 Oct 2025 00:52:31 +0000
ROA not after:            Sat 08 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2600:1ff3:60c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:d0:d0:c0:f2:57:46:11:6d:36:54:3b:d3:1e:8c:30:18:7a:26:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  4 00:52:31 2025 GMT
            Not After : Nov  8 23:59:59 2025 GMT
        Subject: serialNumber=bffc7519ce7dbaa68b60351f3e48eb417fb94adb55514e3e3bfc6b80e9299f04, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:df:86:a9:a1:f3:71:c8:cc:58:5b:37:b4:91:
                    72:5c:73:4a:37:01:da:30:cf:84:04:cc:3e:95:da:
                    67:05:ea:63:e9:95:60:88:7d:0a:04:24:03:19:1f:
                    dc:53:84:52:d2:ed:4d:bd:0d:e4:f2:fb:66:25:b0:
                    08:ba:42:76:f2:de:27:de:7a:b8:c6:b8:92:74:48:
                    31:8f:03:5c:5b:51:18:35:04:ef:5d:5e:5c:54:9c:
                    92:cf:91:64:22:95:17:54:c0:c5:d3:e7:a4:d2:b5:
                    12:18:b0:ed:51:43:1d:c0:29:08:07:02:63:36:7f:
                    1d:23:fc:1b:36:fa:d7:90:01:dc:50:db:68:6f:4f:
                    43:d6:46:12:fd:71:c5:51:4c:7d:32:3d:9a:53:39:
                    c5:0b:96:25:74:a8:38:88:47:f5:dd:8e:32:1c:ef:
                    4d:b5:f3:f3:45:a1:71:14:73:75:4e:4a:18:78:30:
                    e3:00:f3:ee:f0:7a:53:95:ef:15:7c:5c:5d:be:8d:
                    6c:11:75:ca:49:a3:70:cf:72:56:fd:2a:87:a0:2f:
                    a7:fb:42:9a:08:be:2b:00:f9:d7:2e:67:59:e0:74:
                    e5:5d:51:6e:27:30:e8:f9:25:d6:53:e5:a5:79:24:
                    da:55:56:9b:d1:5d:29:ee:1f:28:f3:71:e3:6a:74:
                    e8:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EA:F5:99:F5:65:4C:71:B1:38:54:AF:8D:95:B7:30:F9:44:57:BD:1C
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a50d7bcf-9913-4efa-99b5-5b8cf64769dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1ff3:60c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         1e:e1:a8:ea:6f:0f:f1:fd:0f:97:66:da:d5:29:8e:b3:e6:2f:
         29:81:b9:1b:57:38:9a:b9:83:b4:ba:4a:57:e6:0b:12:11:28:
         41:df:4d:d8:e3:01:3d:73:2c:38:e6:72:83:eb:f6:d2:9f:8f:
         20:3a:77:73:59:03:c0:60:a3:0b:86:77:2f:eb:c1:dd:bd:fb:
         3b:c1:80:be:e2:bd:6d:04:b9:a6:c8:14:c2:e5:ef:00:05:d1:
         56:57:ac:dc:c9:7b:bd:2c:d2:c0:5f:8c:a4:24:d7:a3:1a:18:
         eb:9d:08:06:66:62:bb:8b:ab:90:03:e5:6f:d5:7d:1b:48:f9:
         47:64:a6:2a:15:49:42:e0:e6:4d:70:b1:38:32:31:37:bf:49:
         12:fa:1f:37:7a:1c:b0:b8:69:3a:a1:44:6c:9f:bc:35:87:50:
         03:d2:b2:cb:4c:dc:be:6e:77:33:e2:e6:21:7c:c6:6f:69:34:
         ab:32:49:96:e3:73:2d:7f:65:ef:92:6e:ad:31:17:90:45:15:
         a6:7d:cf:d6:5d:6f:ca:6f:b8:16:84:fa:31:a9:6c:ab:6d:f2:
         45:04:05:7a:00:de:31:b4:ab:51:fc:59:aa:e3:ac:b3:df:a5:
         a9:c7:ca:7c:a4:1b:92:bb:59:ae:92:52:5d:02:e6:8c:84:8e:
         42:11:1b:e6
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUG9DQwPJXRhFtNlQ70x6MMBh6JqEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDA0MDA1MjMxWhcNMjUxMTA4MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZmZjNzUxOWNlN2RiYWE2OGI2MDM1MWYzZTQ4ZWI0MTdm
Yjk0YWRiNTU1MTRlM2UzYmZjNmI4MGU5Mjk5ZjA0MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCf34apofNxyMxYWze0kXJcc0o3Adowz4QEzD6V2mcF6mPp
lWCIfQoEJAMZH9xThFLS7U29DeTy+2YlsAi6Qnby3ifeerjGuJJ0SDGPA1xbURg1
BO9dXlxUnJLPkWQilRdUwMXT56TStRIYsO1RQx3AKQgHAmM2fx0j/Bs2+teQAdxQ
22hvT0PWRhL9ccVRTH0yPZpTOcULliV0qDiIR/XdjjIc70218/NFoXEUc3VOShh4
MOMA8+7welOV7xV8XF2+jWwRdcpJo3DPclb9KoegL6f7QpoIvisA+dcuZ1ngdOVd
UW4nMOj5JdZT5aV5JNpVVpvRXSnuHyjzceNqdOifAgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQU6vWZ9WVMcbE4VK+Nlbcw+URXvRwwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E1MGQ3YmNmLTk5MTMtNGVmYS05OWI1LTViOGNmNjQ3NjlkZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwImAB/zYMAwDQYJKoZIhvcNAQELBQADggEBAB7hqOpvD/H9D5dm2tUpjrPm
LymBuRtXOJq5g7S6SlfmCxIRKEHfTdjjAT1zLDjmcoPr9tKfjyA6d3NZA8BgowuG
dy/rwd29+zvBgL7ivW0EuabIFMLl7wAF0VZXrNzJe70s0sBfjKQk16MaGOudCAZm
YruLq5AD5W/VfRtI+UdkpioVSULg5k1wsTgyMTe/SRL6Hzd6HLC4aTqhRGyfvDWH
UAPSsstM3L5udzPi5iF8xm9pNKsySZbjcy1/Ze+Sbq0xF5BFFaZ9z9Zdb8pvuBaE
+jGpbKtt8kUEBXoA3jG0q1H8WarjrLPfpanHynykG5K7Wa6SUl0C5oyEjkIRG+Y=
-----END CERTIFICATE-----