Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6940231-ac58-4517-8512-d463ed29c0e3.roa
File:                     d6940231-ac58-4517-8512-d463ed29c0e3.roa (raw, json)
Hash identifier:          LsIGfUvwjRh/sg1ycWX0uwmYUUPdGzaPGvOQLX6hbL4=
Subject key identifier:   70:C5:09:59:82:DB:7A:27:A7:EA:D0:92:89:90:C7:7E:B9:72:8C:B3
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       2BB547669E22488EA1939958407391C15780D0A4
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6940231-ac58-4517-8512-d463ed29c0e3.roa
Signing time:             Sun 26 Oct 2025 00:50:39 +0000
ROA not before:           Sun 26 Oct 2025 00:50:39 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        141.231.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:b5:47:66:9e:22:48:8e:a1:93:99:58:40:73:91:c1:57:80:d0:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:50:39 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=dfa5a4afb6e48d93c0390e612fd699276c93c2c24a4545e6921cfe08df521ff0, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:17:6c:32:ab:d1:08:7f:6a:7e:44:2f:0c:e4:
                    00:19:be:d3:93:0a:b0:9b:70:59:30:c3:c5:dd:97:
                    27:64:b2:46:9e:ca:00:18:0a:99:06:59:d2:f8:6e:
                    3b:57:94:d3:d6:54:22:80:02:85:47:b2:18:15:f3:
                    87:9a:e9:e7:17:76:f1:1f:99:f1:de:dc:f6:a7:58:
                    05:2c:9e:eb:ed:e8:57:e4:3d:a6:7c:d2:0d:47:2c:
                    ed:d2:3f:66:45:14:a0:14:1f:e6:b5:8e:49:5f:06:
                    fc:64:81:69:a3:28:55:70:23:02:0c:c6:e6:85:f5:
                    80:45:56:d6:e7:6b:a4:c3:c3:2e:1b:09:e5:c3:55:
                    24:46:a3:d2:69:e6:dd:d2:99:ee:ca:67:d8:06:58:
                    19:bb:6d:3f:bd:7e:e0:15:fd:c2:78:18:bc:3a:7c:
                    9f:14:00:ac:ba:f0:f3:aa:af:e7:aa:b6:ee:34:89:
                    65:c2:ed:93:82:16:b3:47:bd:c3:46:ae:2b:02:c3:
                    e9:1a:fc:74:66:bd:6a:c7:b0:9f:76:72:5c:f9:79:
                    84:a7:91:c3:ca:c3:48:91:c9:0e:16:11:fb:61:32:
                    c9:5b:8c:cb:47:25:56:bf:e3:0b:82:27:d0:45:04:
                    75:49:2b:22:59:e0:dd:08:9c:d6:54:8a:79:83:9f:
                    ad:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:C5:09:59:82:DB:7A:27:A7:EA:D0:92:89:90:C7:7E:B9:72:8C:B3
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/d6940231-ac58-4517-8512-d463ed29c0e3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.231.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         07:77:76:e5:8c:7f:04:74:26:b0:d7:44:26:93:62:20:a8:aa:
         cf:84:4f:fe:a8:0f:87:44:4e:c4:2d:66:80:88:39:ec:b6:ac:
         03:a2:a7:7c:fa:52:5d:68:c9:a5:1b:00:9a:97:ac:0b:48:61:
         7e:45:78:af:ba:78:dd:b0:92:27:2a:46:86:ba:96:f9:73:94:
         ca:c0:31:d7:64:3b:3a:46:91:07:eb:7a:ce:6b:be:45:6e:06:
         bc:f6:a5:c4:4c:58:f1:0e:1f:22:40:a0:da:39:12:0b:1d:aa:
         e7:a6:11:a6:2a:73:33:cb:38:e7:4e:76:84:b1:e4:b4:3f:68:
         07:cb:db:49:79:47:bd:a5:02:0c:ce:7f:e6:d1:3a:6d:20:70:
         e1:38:c9:19:40:35:d2:45:03:fa:74:af:5a:ba:81:03:d9:9e:
         36:f9:be:97:63:af:0c:66:73:35:02:7d:bd:64:51:1f:8d:26:
         11:21:f3:28:eb:65:24:08:82:0d:76:19:f3:e8:59:e2:da:1e:
         31:88:5f:4f:12:e7:54:8c:0d:a8:b1:27:de:95:31:da:89:25:
         dc:3d:64:1c:92:93:81:9f:2d:cd:d2:5a:10:84:49:b7:b0:83:
         84:16:55:00:c0:9a:de:13:36:45:e0:41:7b:40:29:6c:08:4b:
         09:54:43:7d
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUK7VHZp4iSI6hk5lYQHORwVeA0KQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDA1MDM5WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BkZmE1YTRhZmI2ZTQ4ZDkzYzAzOTBlNjEyZmQ2OTkyNzZj
OTNjMmMyNGE0NTQ1ZTY5MjFjZmUwOGRmNTIxZmYwMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC4F2wyq9EIf2p+RC8M5AAZvtOTCrCbcFkww8Xdlydkskae
ygAYCpkGWdL4bjtXlNPWVCKAAoVHshgV84ea6ecXdvEfmfHe3PanWAUsnuvt6Ffk
PaZ80g1HLO3SP2ZFFKAUH+a1jklfBvxkgWmjKFVwIwIMxuaF9YBFVtbna6TDwy4b
CeXDVSRGo9Jp5t3Sme7KZ9gGWBm7bT+9fuAV/cJ4GLw6fJ8UAKy68POqr+eqtu40
iWXC7ZOCFrNHvcNGrisCw+ka/HRmvWrHsJ92clz5eYSnkcPKw0iRyQ4WEfthMslb
jMtHJVa/4wuCJ9BFBHVJKyJZ4N0InNZUinmDn63rAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUcMUJWYLbeien6tCSiZDHfrlyjLMwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2Q2OTQwMjMxLWFjNTgtNDUxNy04NTEyLWQ0NjNlZDI5YzBlMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCN5zANBgkqhkiG9w0BAQsFAAOCAQEAB3d25Yx/BHQmsNdEJpNiIKiqz4RP
/qgPh0ROxC1mgIg57LasA6KnfPpSXWjJpRsAmpesC0hhfkV4r7p43bCSJypGhrqW
+XOUysAx12Q7OkaRB+t6zmu+RW4GvPalxExY8Q4fIkCg2jkSCx2q56YRpipzM8s4
5052hLHktD9oB8vbSXlHvaUCDM5/5tE6bSBw4TjJGUA10kUD+nSvWrqBA9meNvm+
l2OvDGZzNQJ9vWRRH40mESHzKOtlJAiCDXYZ8+hZ4toeMYhfTxLnVIwNqLEn3pUx
2okl3D1kHJKTgZ8tzdJaEIRJt7CDhBZVAMCa3hM2ReBBe0ApbAhLCVRDfQ==
-----END CERTIFICATE-----