Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fd6073f-de4a-40ca-a45c-593a1364a858.roa
File:                     0fd6073f-de4a-40ca-a45c-593a1364a858.roa (raw, json)
Hash identifier:          Y/zUvHBqPUOlgnpf5uWPKs+rkg4vyUXhvQKwttKCxEU=
Subject key identifier:   6A:22:39:42:F0:3E:49:85:A0:F2:35:EF:F1:4D:7C:63:42:73:D4:3C
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1BE04CC2CCA5B3539210315B6CD732049A657152
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fd6073f-de4a-40ca-a45c-593a1364a858.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da36:2000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:e0:4c:c2:cc:a5:b3:53:92:10:31:5b:6c:d7:32:04:9a:65:71:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=5a0a4c24de9b8e0e2373c0b0ecf17a53e85a288f68c7606750ae6a5b6b8bca82, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:14:be:84:fa:11:d7:14:4e:6d:05:4e:9b:5e:
                    f7:b7:e1:47:a9:33:04:d2:f7:52:04:14:52:b0:5b:
                    71:0d:ef:80:d4:09:cc:28:cc:d1:aa:0f:93:c8:75:
                    5e:4e:c5:6d:3f:ae:13:a5:f2:1b:0e:8a:4d:3c:c2:
                    41:47:7e:bf:bf:fc:12:84:69:54:96:8a:76:13:77:
                    07:d8:04:45:3e:97:4f:2e:c8:39:25:82:68:6b:55:
                    b3:97:87:41:5f:bb:66:af:2d:33:96:0c:45:41:4e:
                    6e:a6:f9:2f:44:e3:4a:bb:46:67:2c:f6:a4:8d:dd:
                    e5:50:0d:13:f3:a2:4e:4c:69:58:bf:c6:14:0f:36:
                    c1:63:b1:05:3a:d6:39:76:54:1e:a2:f7:cf:71:3f:
                    c7:94:90:af:0c:af:de:67:7b:5b:75:c8:b7:8c:64:
                    66:18:29:d3:f5:08:b5:a4:0c:ca:d5:bc:56:ce:02:
                    9e:ac:bf:4e:67:76:b9:5d:20:99:b4:81:e6:c0:b6:
                    ee:96:38:1b:77:a2:c8:08:33:9d:e4:6c:82:5f:06:
                    2a:56:da:f3:3d:51:eb:db:7f:13:56:18:3c:b8:c6:
                    e2:49:f8:e3:a9:a4:75:d0:2b:0c:72:14:8d:26:b2:
                    d3:dd:b7:9c:27:62:a3:e1:1c:f2:a3:eb:6e:8c:30:
                    a9:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:22:39:42:F0:3E:49:85:A0:F2:35:EF:F1:4D:7C:63:42:73:D4:3C
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0fd6073f-de4a-40ca-a45c-593a1364a858.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da36:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         6d:67:52:a9:3e:f4:22:c8:12:ff:8f:1f:b2:8a:c9:69:a0:73:
         2e:bc:0c:24:ba:53:66:4a:26:01:07:93:cd:d1:22:56:6c:69:
         52:76:d0:66:4a:84:b4:2c:cc:f7:51:e0:44:0e:4e:49:c2:b9:
         95:bf:f7:16:b7:33:90:6f:0f:e9:56:57:9c:98:8a:24:4a:d8:
         f8:d9:0f:88:c6:13:b4:a0:fa:5d:ba:42:66:27:d1:09:ef:01:
         2f:da:8f:2a:3b:72:67:49:32:ae:2e:d0:af:fb:57:f0:49:f3:
         d2:1a:b8:e1:31:7a:4b:97:09:e6:6e:eb:c2:f0:12:ab:47:8d:
         54:a7:2c:cb:f8:5f:25:6c:37:99:24:e7:be:dd:2e:e0:7b:26:
         82:1f:37:c6:9d:bf:08:cf:bf:fe:b8:e8:2f:2c:04:50:fa:78:
         db:1c:35:df:84:0d:5e:4c:e3:3f:be:19:d2:d4:f6:11:1e:b5:
         90:07:3c:44:1d:aa:64:2a:c1:7d:f4:a5:f8:aa:0c:83:d3:39:
         8b:f6:d3:23:cd:5e:b6:0a:4d:94:37:e1:eb:bf:e7:72:30:24:
         d1:12:68:22:65:41:b8:e4:d0:64:d4:2c:42:b8:18:62:bd:ef:
         bb:73:0b:e7:81:4d:ac:82:35:10:2a:07:46:2f:c4:d0:46:41:
         4b:c9:28:b4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUG+BMwsyls1OSEDFbbNcyBJplcVIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWEwYTRjMjRkZTliOGUwZTIzNzNj
MGIwZWNmMTdhNTNlODVhMjg4ZjY4Yzc2MDY3NTBhZTZhNWI2YjhiY2E4MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxS+hPoR1xRObQVOm173t+FHqTME
0vdSBBRSsFtxDe+A1AnMKMzRqg+TyHVeTsVtP64TpfIbDopNPMJBR36/v/wShGlU
lop2E3cH2ARFPpdPLsg5JYJoa1Wzl4dBX7tmry0zlgxFQU5upvkvRONKu0ZnLPak
jd3lUA0T86JOTGlYv8YUDzbBY7EFOtY5dlQeovfPcT/HlJCvDK/eZ3tbdci3jGRm
GCnT9Qi1pAzK1bxWzgKerL9OZ3a5XSCZtIHmwLbuljgbd6LICDOd5GyCXwYqVtrz
PVHr238TVhg8uMbiSfjjqaR10CsMchSNJrLT3becJ2Kj4Rzyo+tujDCp5wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGoiOULwPkmFoPI17/FNfGNCc9Q8MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBmZDYwNzNmLWRlNGEtNDBjYS1hNDVjLTU5M2ExMzY0YTg1OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaNiAwDQYJKoZIhvcNAQELBQADggEBAG1nUqk+9CLIEv+PH7KK
yWmgcy68DCS6U2ZKJgEHk83RIlZsaVJ20GZKhLQszPdR4EQOTknCuZW/9xa3M5Bv
D+lWV5yYiiRK2PjZD4jGE7Sg+l26QmYn0QnvAS/ajyo7cmdJMq4u0K/7V/BJ89Ia
uOExekuXCeZu68LwEqtHjVSnLMv4XyVsN5kk577dLuB7JoIfN8advwjPv/646C8s
BFD6eNscNd+EDV5M4z++GdLU9hEetZAHPEQdqmQqwX30pfiqDIPTOYv20yPNXrYK
TZQ34eu/53IwJNESaCJlQbjk0GTULEK4GGK977tzC+eBTayCNRAqB0YvxNBGQUvJ
KLQ=
-----END CERTIFICATE-----