Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a743602a-d845-4844-9c21-e83cce7c9b6a.roa
File:                     a743602a-d845-4844-9c21-e83cce7c9b6a.roa (raw, json)
Hash identifier:          cP2qlkyZWX2tJfKO9qQkkpb8oYu83IQIDF45ZZqPK6Y=
Subject key identifier:   68:52:52:C2:45:A9:88:24:30:A6:CC:88:F5:2B:52:B6:F0:03:13:F6
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       358785CCD29D7712683447A879092C81E1BF5F0C
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a743602a-d845-4844-9c21-e83cce7c9b6a.roa
Signing time:             Fri 03 Oct 2025 00:51:14 +0000
ROA not before:           Fri 03 Oct 2025 00:51:14 +0000
ROA not after:            Fri 07 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        99.77.163.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:87:85:cc:d2:9d:77:12:68:34:47:a8:79:09:2c:81:e1:bf:5f:0c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct  3 00:51:14 2025 GMT
            Not After : Nov  7 23:59:59 2025 GMT
        Subject: serialNumber=5cc2b223511b22404c820f884b89a38f3f42e3cb257aec7d274838eaaf9b6943, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:a8:31:5c:af:ac:b8:dc:6c:a6:03:56:d0:dd:
                    d0:00:04:5c:6c:04:d3:f1:57:1e:e5:85:92:84:4d:
                    c9:e4:af:18:40:6c:be:cb:01:b0:0d:f1:e6:2b:49:
                    63:be:47:f4:ab:86:2c:7c:e4:ea:fb:a0:4a:6f:4d:
                    23:e3:1f:77:2b:5d:cb:fb:59:35:b4:22:23:4f:1a:
                    f4:0c:71:7b:d2:9c:b2:b7:79:0c:fa:0e:57:ff:c9:
                    f3:9f:c6:b6:05:12:b6:ab:c5:cc:a8:13:63:a6:1d:
                    8c:48:9e:44:b4:44:a6:a8:94:ff:d9:05:9a:7f:86:
                    d2:17:f4:4e:0a:e9:0f:49:a2:68:37:e0:59:59:8f:
                    c7:f6:a3:bd:68:82:51:3a:bd:34:08:13:62:c1:b2:
                    a7:d5:08:67:3c:a6:56:70:59:ac:40:15:c2:50:47:
                    25:e8:3b:ba:e5:40:30:42:d7:6f:7d:c9:56:65:a2:
                    27:8b:27:cd:1c:67:db:df:39:76:a8:24:10:64:56:
                    50:da:39:27:66:e1:3b:d5:83:ac:bc:2f:35:30:45:
                    d3:f5:54:49:a9:b5:10:34:f0:33:14:24:d6:d4:61:
                    d1:51:10:41:f4:e3:11:2f:b8:4d:e0:8e:22:cc:b4:
                    8c:85:1a:7a:b9:cc:a9:6a:14:cf:e5:7b:a6:0d:8c:
                    31:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:52:52:C2:45:A9:88:24:30:A6:CC:88:F5:2B:52:B6:F0:03:13:F6
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/a743602a-d845-4844-9c21-e83cce7c9b6a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  99.77.163.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0f:6d:3b:5c:99:cc:db:4b:bf:c5:0e:a0:8c:68:2d:bb:06:f0:
         02:da:65:75:38:84:f4:a9:ae:05:a7:de:ee:6b:c1:7c:14:f0:
         13:8b:ac:6f:78:71:46:e9:c9:26:7f:28:a7:1e:da:71:bb:a9:
         01:5f:3a:49:d9:cc:92:ba:d8:8d:3a:b8:bb:e2:14:94:2d:bb:
         3a:ae:f9:a3:74:85:f0:e9:3c:41:5a:9e:13:98:ac:30:15:03:
         91:a5:06:1e:d7:d3:e5:51:aa:e2:44:d4:93:98:72:02:5b:e2:
         02:74:22:9d:9e:87:47:2e:9f:b5:76:2c:bd:cd:84:60:e3:1e:
         9e:82:aa:af:74:fb:62:93:e3:70:c7:b9:d9:d2:52:1b:f2:8e:
         d9:0d:2e:f9:d2:53:28:c8:23:a5:21:e5:b5:40:58:c5:34:1c:
         e8:36:17:2d:3e:3a:e8:b0:cd:a0:1e:c4:fc:03:50:7e:7f:bc:
         82:0b:d0:ea:a4:86:2d:c2:7e:1a:51:84:a1:b2:88:a6:6d:87:
         d7:e5:6d:0b:dd:b2:cb:14:a1:e4:9b:40:de:19:c1:85:ce:08:
         f0:5c:ae:8e:da:6e:47:57:95:a0:e7:fc:e9:1d:d8:f6:43:6c:
         ba:5a:95:bc:a7:20:c7:a3:63:f9:e5:e9:ff:3e:cf:84:b8:c8:
         3d:3d:99:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNYeFzNKddxJoNEeoeQksgeG/XwwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDAzMDA1MTE0WhcNMjUxMTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1Y2MyYjIyMzUxMWIyMjQwNGM4MjBmODg0Yjg5YTM4ZjNm
NDJlM2NiMjU3YWVjN2QyNzQ4MzhlYWFmOWI2OTQzMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDfqDFcr6y43GymA1bQ3dAABFxsBNPxVx7lhZKETcnkrxhA
bL7LAbAN8eYrSWO+R/Srhix85Or7oEpvTSPjH3crXcv7WTW0IiNPGvQMcXvSnLK3
eQz6Dlf/yfOfxrYFErarxcyoE2OmHYxInkS0RKaolP/ZBZp/htIX9E4K6Q9Jomg3
4FlZj8f2o71oglE6vTQIE2LBsqfVCGc8plZwWaxAFcJQRyXoO7rlQDBC1299yVZl
oieLJ80cZ9vfOXaoJBBkVlDaOSdm4TvVg6y8LzUwRdP1VEmptRA08DMUJNbUYdFR
EEH04xEvuE3gjiLMtIyFGnq5zKlqFM/le6YNjDGLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUaFJSwkWpiCQwpsyI9StStvADE/YwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2E3NDM2MDJhLWQ4NDUtNDg0NC05YzIxLWU4M2NjZTdjOWI2YS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABjTaMwDQYJKoZIhvcNAQELBQADggEBAA9tO1yZzNtLv8UOoIxoLbsG8ALa
ZXU4hPSprgWn3u5rwXwU8BOLrG94cUbpySZ/KKce2nG7qQFfOknZzJK62I06uLvi
FJQtuzqu+aN0hfDpPEFanhOYrDAVA5GlBh7X0+VRquJE1JOYcgJb4gJ0Ip2eh0cu
n7V2LL3NhGDjHp6Cqq90+2KT43DHudnSUhvyjtkNLvnSUyjII6Uh5bVAWMU0HOg2
Fy0+OuiwzaAexPwDUH5/vIIL0Oqkhi3CfhpRhKGyiKZth9flbQvdsssUoeSbQN4Z
wYXOCPBcro7abkdXlaDn/Okd2PZDbLpalbynIMejY/nl6f8+z4S4yD09meE=
-----END CERTIFICATE-----