Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa
File:                     289cedd6-78dc-4ef5-9358-e95987fd7c36.roa (raw, json)
Hash identifier:          sZiaNCBY88AdOs3hh6IfaYAsxIUOA/KJNeVEhsfhiWg=
Subject key identifier:   B0:A9:DE:E7:BA:25:F7:EE:96:71:E9:C1:40:EA:30:AE:C9:21:FA:06
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6D5A1DDAC205B973D656D89C87653F6C15DE67FA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:2080::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:5a:1d:da:c2:05:b9:73:d6:56:d8:9c:87:65:3f:6c:15:de:67:fa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=9a08408332d74c4f4036c0268a673fb435dabd6a3906af9f01f60ea37a2458db, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:12:11:27:8a:56:0e:03:70:6a:83:b4:9b:be:
                    35:df:c5:cc:41:ec:a2:09:e7:ae:e0:20:ca:60:6d:
                    6e:d4:68:08:ec:a2:71:c2:b5:60:f9:33:a2:53:b9:
                    cb:99:cb:07:c8:5e:38:ac:aa:df:4b:9b:b2:04:4d:
                    5f:5b:e4:b2:2e:f2:72:d5:05:bb:ef:d9:db:89:ba:
                    ea:ce:b2:e5:98:4f:6b:5a:13:fa:f7:3c:b9:e1:ab:
                    4c:05:c4:2f:23:7f:cf:12:34:3c:17:e9:1a:ef:a3:
                    ea:af:2c:b3:88:b4:f7:db:fc:44:43:d1:40:ac:ac:
                    15:0e:3d:58:47:22:05:6d:82:f8:ab:ce:7a:9d:85:
                    c1:c9:00:ab:62:cb:d6:f0:af:bf:42:48:f2:8c:ed:
                    01:6d:56:fb:90:06:36:d6:fe:be:73:94:7f:0d:46:
                    4e:4e:2d:e5:16:b3:93:e2:e2:2d:1a:a1:ac:14:c6:
                    b1:36:8c:31:70:1f:e4:46:3e:05:ec:69:32:a7:bb:
                    28:af:2e:31:99:da:03:72:3b:b8:ce:14:94:00:2e:
                    a6:b7:21:24:c7:cc:d7:52:2f:fc:ad:cd:14:63:ea:
                    f4:eb:28:00:b5:3c:c1:2f:e3:b8:e1:e7:fa:db:2e:
                    96:0f:e4:80:f9:ff:e5:20:a7:56:9e:5f:23:5a:70:
                    d0:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:A9:DE:E7:BA:25:F7:EE:96:71:E9:C1:40:EA:30:AE:C9:21:FA:06
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:2080::/46

    Signature Algorithm: sha256WithRSAEncryption
         c0:d0:4a:62:0e:ba:4c:6f:b0:df:86:76:a5:e5:6b:dc:0f:60:
         d2:92:ab:5d:a9:8a:7c:5c:dd:82:d1:ef:28:66:63:d6:59:a2:
         1c:66:77:88:1e:68:63:35:df:01:54:c1:86:57:67:f7:c3:5a:
         5a:9f:1f:16:a8:cb:84:f5:ef:d7:09:7b:85:65:fe:50:8e:a9:
         28:62:5f:d6:bf:6c:58:4c:ba:6d:b6:5c:94:85:2a:23:a7:21:
         84:c2:30:ff:fe:60:cf:46:84:7c:31:e2:20:af:42:c6:49:b4:
         51:0e:c3:eb:95:de:b0:ad:a6:b8:38:50:3b:4a:3b:b9:48:b1:
         db:47:29:6b:26:90:c5:12:63:4b:77:31:7d:d6:ba:99:c8:42:
         ad:7d:2b:80:1a:b9:6d:e3:3d:c7:8a:13:65:50:3f:e9:62:30:
         fe:9b:eb:2b:67:99:ce:08:d2:c9:b7:2d:5a:87:9f:e3:d9:be:
         80:af:06:1e:58:3d:8a:16:73:b0:3f:93:fc:f7:15:69:b4:fc:
         be:d9:2d:8e:56:76:e2:ae:59:c6:f3:47:6a:5d:42:0c:63:da:
         19:88:c2:fa:a7:b9:37:c2:68:ca:b8:0e:65:39:95:e5:3e:89:
         03:ee:8a:d6:dd:a1:61:f5:24:a0:65:65:a5:0e:95:96:c1:c0:
         cf:f7:67:36
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUbVod2sIFuXPWVtich2U/bBXeZ/owDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOWEwODQwODMzMmQ3NGM0ZjQwMzZj
MDI2OGE2NzNmYjQzNWRhYmQ2YTM5MDZhZjlmMDFmNjBlYTM3YTI0NThkYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoRIRJ4pWDgNwaoO0m74138XMQeyi
Ceeu4CDKYG1u1GgI7KJxwrVg+TOiU7nLmcsHyF44rKrfS5uyBE1fW+SyLvJy1QW7
79nbibrqzrLlmE9rWhP69zy54atMBcQvI3/PEjQ8F+ka76PqryyziLT32/xEQ9FA
rKwVDj1YRyIFbYL4q856nYXByQCrYsvW8K+/QkjyjO0BbVb7kAY21v6+c5R/DUZO
Ti3lFrOT4uItGqGsFMaxNowxcB/kRj4F7Gkyp7sory4xmdoDcju4zhSUAC6mtyEk
x8zXUi/8rc0UY+r06ygAtTzBL+O44ef62y6WD+SA+f/lIKdWnl8jWnDQTwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLCp3ue6JffulnHpwUDqMK7JIfoGMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI4OWNlZGQ2LTc4ZGMtNGVmNS05MzU4LWU5NTk4N2ZkN2MzNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+yCAMA0GCSqGSIb3DQEBCwUAA4IBAQDA0EpiDrpMb7Dfhnal
5WvcD2DSkqtdqYp8XN2C0e8oZmPWWaIcZneIHmhjNd8BVMGGV2f3w1panx8WqMuE
9e/XCXuFZf5QjqkoYl/Wv2xYTLpttlyUhSojpyGEwjD//mDPRoR8MeIgr0LGSbRR
DsPrld6wraa4OFA7Sju5SLHbRylrJpDFEmNLdzF91rqZyEKtfSuAGrlt4z3HihNl
UD/pYjD+m+srZ5nOCNLJty1ah5/j2b6ArwYeWD2KFnOwP5P89xVptPy+2S2OVnbi
rlnG80dqXUIMY9oZiML6p7k3wmjKuA5lOZXlPokD7orW3aFh9SSgZWWlDpWWwcDP
92c2
-----END CERTIFICATE-----