Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2a754c4-0b3d-441b-81c9-2750f00e6d7e.roa
File:                     f2a754c4-0b3d-441b-81c9-2750f00e6d7e.roa (raw, json)
Hash identifier:          IsZEXN2UpUfW0OrQqxAHDDEyHwfl8oLan3KY6R8VO3M=
Subject key identifier:   54:F4:0C:6A:E4:29:2D:1F:E2:D9:1D:92:78:3D:46:A4:A4:BB:08:F5
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       44B65DB368DDF9E29158E5EFD5FDF7B2D8B4A35A
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2a754c4-0b3d-441b-81c9-2750f00e6d7e.roa
Signing time:             Sun 26 Oct 2025 00:30:18 +0000
ROA not before:           Sun 26 Oct 2025 00:30:18 +0000
ROA not after:            Sun 30 Nov 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        96.0.56.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:b6:5d:b3:68:dd:f9:e2:91:58:e5:ef:d5:fd:f7:b2:d8:b4:a3:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Oct 26 00:30:18 2025 GMT
            Not After : Nov 30 23:59:59 2025 GMT
        Subject: serialNumber=817d25195c4e80eae5252609aff2842e9a7e539117b771fa86175ee57a81e538, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:2f:fb:39:48:79:36:58:f6:74:1b:5c:ea:a9:
                    f0:bd:14:82:8b:f8:4b:16:97:3a:dd:8f:ea:cf:83:
                    7c:a6:63:59:03:47:4e:12:83:48:f0:3e:6f:60:27:
                    99:99:ce:02:1b:47:14:de:b3:65:81:d2:d5:b2:64:
                    3d:58:fa:73:28:21:15:09:8f:dc:b6:74:6b:91:f6:
                    e7:d5:5e:cc:c0:cb:d0:78:d7:0c:c6:17:19:94:60:
                    4f:b6:48:60:1c:8a:7a:7f:94:53:39:12:30:52:a9:
                    55:3c:5b:08:2e:30:53:3b:b5:52:03:6f:a5:0e:e9:
                    f7:a7:04:a3:46:1f:8f:a3:7a:7f:0a:d3:7c:e9:d7:
                    bb:83:75:7f:3e:45:b0:d2:19:82:ee:ac:d4:cc:68:
                    15:25:86:33:69:32:76:f8:3d:66:6e:18:3e:a5:ad:
                    c2:64:61:2a:2e:14:44:f4:79:78:11:3f:b8:73:d0:
                    e1:b2:51:c6:82:04:10:be:60:55:f5:c1:0b:79:e5:
                    f0:e2:8e:21:e9:5e:82:7e:c7:2a:9d:c5:fa:42:f2:
                    3b:05:ca:e5:63:ee:b9:92:9d:da:83:85:d8:9b:c6:
                    2a:27:bb:dd:9f:58:2e:b9:29:90:87:45:03:fd:84:
                    4a:13:4d:7e:ba:2e:b1:d1:b3:9e:3e:25:46:6a:f6:
                    e9:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:F4:0C:6A:E4:29:2D:1F:E2:D9:1D:92:78:3D:46:A4:A4:BB:08:F5
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/f2a754c4-0b3d-441b-81c9-2750f00e6d7e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.0.56.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:be:9b:20:ae:03:a4:87:63:86:59:17:32:68:3c:c2:72:d9:
         d3:2e:7f:b4:33:61:a9:85:51:82:1d:c3:6a:a9:79:45:95:63:
         76:e5:05:16:7f:86:43:40:ad:cc:38:a1:a2:96:01:e7:08:f1:
         0a:eb:1a:90:1f:26:75:32:b6:10:fc:f7:70:07:95:be:80:ce:
         d9:84:b6:98:21:b5:34:ad:ae:8f:3d:42:f3:d9:8e:89:a2:54:
         b4:29:e7:69:18:2e:9e:1c:99:35:ef:70:67:a8:95:80:d3:d5:
         81:6c:da:16:21:d3:69:71:28:d0:84:77:00:ca:87:15:5e:e0:
         73:0c:13:32:8d:21:a3:c3:53:15:39:de:b9:20:e5:3a:4d:c0:
         ed:a2:41:c1:bf:ff:7f:3c:8f:28:8f:62:9d:25:a7:a6:10:b8:
         08:4b:43:df:58:81:9c:00:78:24:a9:d7:5d:19:bb:00:bb:9a:
         9b:f9:0a:aa:dd:55:ef:3a:92:4b:8a:bd:d6:10:d3:21:95:98:
         f0:b1:52:e1:41:df:4a:6b:bd:b9:09:8c:dc:63:e5:99:30:9f:
         65:49:aa:5a:07:d2:da:fa:60:92:1a:79:ef:0d:75:08:0a:4a:
         28:af:7d:31:5a:48:b1:03:3b:d4:92:a0:b2:46:90:f7:4d:fa:
         81:14:c6:10
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIURLZds2jd+eKRWOXv1f33sti0o1owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMDI2MDAzMDE4WhcNMjUxMTMwMjM1OTU5
WjB6MUkwRwYDVQQFE0A4MTdkMjUxOTVjNGU4MGVhZTUyNTI2MDlhZmYyODQyZTlh
N2U1MzkxMTdiNzcxZmE4NjE3NWVlNTdhODFlNTM4MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDeL/s5SHk2WPZ0G1zqqfC9FIKL+EsWlzrdj+rPg3ymY1kD
R04Sg0jwPm9gJ5mZzgIbRxTes2WB0tWyZD1Y+nMoIRUJj9y2dGuR9ufVXszAy9B4
1wzGFxmUYE+2SGAcinp/lFM5EjBSqVU8WwguMFM7tVIDb6UO6fenBKNGH4+jen8K
03zp17uDdX8+RbDSGYLurNTMaBUlhjNpMnb4PWZuGD6lrcJkYSouFET0eXgRP7hz
0OGyUcaCBBC+YFX1wQt55fDijiHpXoJ+xyqdxfpC8jsFyuVj7rmSndqDhdibxion
u92fWC65KZCHRQP9hEoTTX66LrHRs54+JUZq9um7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVPQMauQpLR/i2R2SeD1GpKS7CPUwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2YyYTc1NGM0LTBiM2QtNDQxYi04MWM5LTI3NTBmMDBlNmQ3ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJgADgwDQYJKoZIhvcNAQELBQADggEBAGK+myCuA6SHY4ZZFzJoPMJy2dMu
f7QzYamFUYIdw2qpeUWVY3blBRZ/hkNArcw4oaKWAecI8QrrGpAfJnUythD893AH
lb6AztmEtpghtTStro89QvPZjomiVLQp52kYLp4cmTXvcGeolYDT1YFs2hYh02lx
KNCEdwDKhxVe4HMMEzKNIaPDUxU53rkg5TpNwO2iQcG//388jyiPYp0lp6YQuAhL
Q99YgZwAeCSp110ZuwC7mpv5CqrdVe86kkuKvdYQ0yGVmPCxUuFB30prvbkJjNxj
5Zkwn2VJqloH0tr6YJIaee8NdQgKSiivfTFaSLEDO9SSoLJGkPdN+oEUxhA=
-----END CERTIFICATE-----