Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa
File:                     1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa (raw, json)
Hash identifier:          LCKhTf8lIk/lz6OszKtTencq5K/LcukjQDQs5WKPJi4=
Subject key identifier:   7D:F3:F0:FF:EA:91:48:B6:DE:DD:18:78:27:54:0A:18:60:67:50:44
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0826E231ABA024B6470D3B4438EFCAD02BEF79A2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf8:7000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:26:e2:31:ab:a0:24:b6:47:0d:3b:44:38:ef:ca:d0:2b:ef:79:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=b61a1c56f0cdb9ce8fec1e464e0aa12a819c505988816dfe14528c9c06a59065, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:d3:69:91:bb:6a:29:9e:9e:7b:ed:94:5a:ac:
                    4c:a8:7e:df:e7:26:a4:c4:13:4b:1e:0f:11:99:ae:
                    32:3c:e2:53:94:10:99:65:db:d3:5a:09:4f:9d:9c:
                    ee:69:4a:39:33:f1:2a:e5:23:5e:25:34:39:05:63:
                    f8:4c:78:7d:98:a6:94:8b:32:e0:27:7a:dd:d8:99:
                    45:26:9d:ad:8d:56:e0:a8:37:45:fe:af:c1:8b:74:
                    63:a9:48:fb:75:60:f3:26:52:aa:5b:a6:1e:1d:ad:
                    b8:36:b5:1c:59:38:1e:be:df:11:51:92:58:32:79:
                    e3:b7:3c:41:63:a5:d6:8c:d1:ab:2a:e5:34:a9:77:
                    0b:77:62:72:56:f5:1c:8f:c4:c3:2c:21:2f:62:a7:
                    93:d8:dd:24:b8:a4:96:ee:a8:05:b2:b0:9f:b5:f1:
                    7b:12:64:ae:d3:a5:8d:a8:fe:ff:43:7c:47:d3:f1:
                    e8:5c:93:ab:5e:1d:9f:30:73:75:f7:3a:24:c0:cc:
                    ee:70:1e:4e:dd:a4:b4:f6:76:7a:dc:cf:ed:59:bd:
                    f0:72:7d:19:9c:ef:27:3f:61:c6:8a:d3:d8:d5:e1:
                    7a:50:00:ad:a4:22:fe:d7:55:ac:83:ed:63:c6:ab:
                    e5:ef:63:ae:e3:82:0d:66:c7:4c:e8:ed:ab:78:4e:
                    1f:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:F3:F0:FF:EA:91:48:B6:DE:DD:18:78:27:54:0A:18:60:67:50:44
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1f704d7c-8714-47ad-ab1e-df728b87b2a4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf8:7000::/40

    Signature Algorithm: sha256WithRSAEncryption
         38:36:d6:e8:f8:eb:ee:92:60:0c:94:e1:9c:bd:e0:d5:d0:49:
         6c:c6:8b:7a:0c:62:f6:1b:3b:38:61:f8:a5:1a:21:ad:ef:0a:
         a7:74:fc:de:9c:d3:d8:67:81:ff:3f:c7:c0:8f:a9:2b:51:ca:
         f1:ab:c4:80:d8:53:fc:95:2a:df:6c:02:0e:bb:1a:f2:8d:f1:
         73:96:46:c3:30:ee:ed:d2:66:f4:34:2e:c8:61:48:68:90:0c:
         24:a1:79:78:82:0b:bb:54:02:54:32:fb:46:93:8c:2c:ef:e6:
         74:ec:83:ae:64:32:cd:2d:df:31:77:b3:ad:9a:a6:e3:28:59:
         f3:80:fa:bf:4a:e2:ce:36:f2:84:2d:65:6c:fd:73:ad:23:b8:
         83:b7:85:0b:ad:7d:9f:9e:e3:3f:e7:4e:bc:ad:49:c6:16:dd:
         cb:84:96:0c:26:6b:b8:21:41:20:25:2d:60:c5:8f:ce:79:aa:
         99:68:4c:a4:bf:24:86:c7:87:6a:0f:76:2a:27:b0:8c:65:77:
         d7:97:7d:0d:5b:34:48:44:7f:3c:59:25:86:ae:86:00:c6:fb:
         83:e0:b7:29:54:e7:e9:e4:bc:16:2d:92:95:3f:55:45:72:a0:
         70:3c:42:a0:30:b5:b3:b2:61:99:72:e9:04:d1:17:b4:e9:d8:
         22:23:dc:9f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUCCbiMaugJLZHDTtEOO/K0CvveaIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAYjYxYTFjNTZmMGNkYjljZThmZWMx
ZTQ2NGUwYWExMmE4MTljNTA1OTg4ODE2ZGZlMTQ1MjhjOWMwNmE1OTA2NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdNpkbtqKZ6ee+2UWqxMqH7f5yak
xBNLHg8Rma4yPOJTlBCZZdvTWglPnZzuaUo5M/Eq5SNeJTQ5BWP4THh9mKaUizLg
J3rd2JlFJp2tjVbgqDdF/q/Bi3RjqUj7dWDzJlKqW6YeHa24NrUcWTgevt8RUZJY
MnnjtzxBY6XWjNGrKuU0qXcLd2JyVvUcj8TDLCEvYqeT2N0kuKSW7qgFsrCftfF7
EmSu06WNqP7/Q3xH0/HoXJOrXh2fMHN19zokwMzucB5O3aS09nZ63M/tWb3wcn0Z
nO8nP2HGitPY1eF6UACtpCL+11Wsg+1jxqvl72Ou44INZsdM6O2reE4fiwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFH3z8P/qkUi23t0YeCdUChhgZ1BEMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFmNzA0ZDdjLTg3MTQtNDdhZC1hYjFlLWRmNzI4Yjg3YjJhNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+HAwDQYJKoZIhvcNAQELBQADggEBADg21uj46+6SYAyU4Zy9
4NXQSWzGi3oMYvYbOzhh+KUaIa3vCqd0/N6c09hngf8/x8CPqStRyvGrxIDYU/yV
Kt9sAg67GvKN8XOWRsMw7u3SZvQ0LshhSGiQDCSheXiCC7tUAlQy+0aTjCzv5nTs
g65kMs0t3zF3s62apuMoWfOA+r9K4s428oQtZWz9c60juIO3hQutfZ+e4z/nTryt
ScYW3cuElgwma7ghQSAlLWDFj855qploTKS/JIbHh2oPdionsIxld9eXfQ1bNEhE
fzxZJYauhgDG+4PgtylU5+nkvBYtkpU/VUVyoHA8QqAwtbOyYZly6QTRF7Tp2CIj
3J8=
-----END CERTIFICATE-----