Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa
File:                     e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa (raw, json)
Hash identifier:          EWC9qq2sb7NRUmQBK3D0HXIIaFIu8lw6S+lW4xMwxsQ=
Subject key identifier:   8B:10:FA:0C:8E:83:6A:61:B6:E5:25:B1:5D:8A:D2:6B:43:71:2A:05
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       7DBD707064A4187FBD658880BB459F32D01CA7EB
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa
Signing time:             Tue 30 Sep 2025 00:02:54 +0000
ROA not before:           Tue 30 Sep 2025 00:02:54 +0000
ROA not after:            Tue 04 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        159.47.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:bd:70:70:64:a4:18:7f:bd:65:88:80:bb:45:9f:32:d0:1c:a7:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Sep 30 00:02:54 2025 GMT
            Not After : Nov  4 23:59:59 2025 GMT
        Subject: serialNumber=b0cb926de0e145695bad0cbe001851ad435084a61e858003a25c63d063e883ef, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:a7:ab:88:27:e8:2c:ad:e6:7d:ce:92:dd:86:
                    b7:88:22:f0:3b:cd:f7:a1:90:d5:93:89:7d:b8:06:
                    f4:30:cc:1c:0b:22:6c:48:15:31:56:f9:b2:a8:02:
                    09:e9:41:8a:1c:a8:e6:ca:5e:a3:a4:20:73:66:2e:
                    e3:a1:2d:15:49:53:c4:65:5b:3a:80:e3:31:4c:c3:
                    6c:ad:0c:b5:2e:66:27:94:eb:e1:0a:91:ec:c3:fb:
                    56:19:81:21:16:16:36:04:68:d2:91:8b:80:76:df:
                    81:e9:c7:7b:6f:90:93:81:f1:a9:ab:ce:96:6f:f3:
                    5f:db:a1:18:f4:41:11:a7:18:29:cd:d4:d4:08:77:
                    ed:25:45:4f:3a:65:83:bf:37:5d:22:7f:e0:4d:9c:
                    69:a0:a8:7b:0f:a9:ca:eb:8e:bb:e9:17:de:31:85:
                    8a:40:2c:1e:fc:81:89:b8:47:5f:aa:31:15:d3:7a:
                    33:3c:93:e4:5d:8c:a0:49:3a:93:c1:8f:b9:9d:55:
                    c0:4d:bb:54:51:ee:fc:bc:14:a7:e5:99:31:4a:cd:
                    60:4b:74:48:95:7c:68:8e:eb:f3:bc:4a:40:12:c3:
                    9e:91:ac:1b:db:1e:b1:24:f8:02:48:0d:ed:6e:5d:
                    be:19:ce:78:c0:44:e8:19:1b:b6:ea:78:1b:77:ef:
                    f3:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:10:FA:0C:8E:83:6A:61:B6:E5:25:B1:5D:8A:D2:6B:43:71:2A:05
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/e76ba888-e1ac-48a5-816f-85ff90dc2f98.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.47.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         47:37:2a:04:a9:27:c5:d6:e0:0e:59:d3:64:9d:c5:52:59:88:
         28:d5:60:37:83:6a:0d:4c:05:22:8f:c1:d7:07:59:30:49:d1:
         56:bd:fd:c7:3d:7b:53:b6:25:ea:26:5e:e3:32:1b:13:1c:21:
         d9:25:9a:15:78:0c:97:92:0b:ef:ef:b3:e4:8c:e0:11:00:c6:
         79:c7:73:86:3f:b1:3f:3e:cf:a1:b3:93:59:e3:d5:7f:38:03:
         7c:98:ac:3e:69:b0:0b:f6:5b:fb:99:07:be:91:f5:2e:49:4b:
         b4:53:ac:ee:e0:21:35:b4:f0:be:ec:3b:8e:07:62:2b:3a:48:
         a9:4e:5d:0b:47:f6:f5:f5:28:e7:8b:4c:92:84:be:f7:ee:83:
         56:25:73:7b:ea:e5:79:35:f3:22:e5:ee:f9:c7:09:d5:ce:ea:
         35:53:6d:d3:cd:f9:2e:23:8e:97:84:4a:7c:d4:1a:d7:7a:ad:
         68:17:56:c2:f6:1b:cf:91:69:3d:26:7e:4f:9c:c4:1e:2b:85:
         c3:06:77:32:44:3e:1e:6a:5e:93:d3:9e:90:5d:75:80:36:f9:
         77:b4:14:2d:66:5f:ef:7d:f3:87:8a:23:ee:bf:85:ec:fa:4a:
         a8:59:7d:27:61:16:61:2b:f1:38:52:e6:6c:ae:78:00:08:29:
         29:89:47:8c
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUfb1wcGSkGH+9ZYiAu0WfMtAcp+swDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwOTMwMDAwMjU0WhcNMjUxMTA0MjM1OTU5
WjB6MUkwRwYDVQQFE0BiMGNiOTI2ZGUwZTE0NTY5NWJhZDBjYmUwMDE4NTFhZDQz
NTA4NGE2MWU4NTgwMDNhMjVjNjNkMDYzZTg4M2VmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCYp6uIJ+gsreZ9zpLdhreIIvA7zfehkNWTiX24BvQwzBwL
ImxIFTFW+bKoAgnpQYocqObKXqOkIHNmLuOhLRVJU8RlWzqA4zFMw2ytDLUuZieU
6+EKkezD+1YZgSEWFjYEaNKRi4B234Hpx3tvkJOB8amrzpZv81/boRj0QRGnGCnN
1NQId+0lRU86ZYO/N10if+BNnGmgqHsPqcrrjrvpF94xhYpALB78gYm4R1+qMRXT
ejM8k+RdjKBJOpPBj7mdVcBNu1RR7vy8FKflmTFKzWBLdEiVfGiO6/O8SkASw56R
rBvbHrEk+AJIDe1uXb4ZznjAROgZG7bqeBt37/OrAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUixD6DI6DamG25SWxXYrSa0NxKgUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2U3NmJhODg4LWUxYWMtNDhhNS04MTZmLTg1ZmY5MGRjMmY5OC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwCfLzANBgkqhkiG9w0BAQsFAAOCAQEARzcqBKknxdbgDlnTZJ3FUlmIKNVg
N4NqDUwFIo/B1wdZMEnRVr39xz17U7Yl6iZe4zIbExwh2SWaFXgMl5IL7++z5Izg
EQDGecdzhj+xPz7PobOTWePVfzgDfJisPmmwC/Zb+5kHvpH1LklLtFOs7uAhNbTw
vuw7jgdiKzpIqU5dC0f29fUo54tMkoS+9+6DViVze+rleTXzIuXu+ccJ1c7qNVNt
0835LiOOl4RKfNQa13qtaBdWwvYbz5FpPSZ+T5zEHiuFwwZ3MkQ+Hmpek9OekF11
gDb5d7QULWZf733zh4oj7r+F7PpKqFl9J2EWYSvxOFLmbK54AAgpKYlHjA==
-----END CERTIFICATE-----