Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2be6533c-e8ed-4bc7-b79f-49a16d1618de.roa
File:                     2be6533c-e8ed-4bc7-b79f-49a16d1618de.roa (raw, json)
Hash identifier:          iXpdkLouKeCGVWF3XkXibF9L71UZfQ2A+TDGD1rZ7nQ=
Subject key identifier:   B4:5F:8F:93:83:97:51:A8:46:85:35:C9:45:C9:CE:EC:5F:68:AB:9B
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5D04A42B9DE516FE4B73F5092010CCD10FACBC9B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2be6533c-e8ed-4bc7-b79f-49a16d1618de.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:40c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:04:a4:2b:9d:e5:16:fe:4b:73:f5:09:20:10:cc:d1:0f:ac:bc:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=234a5be79b3a67b168d8e3fc4117784b57c23401f93a29ec9dacd58d9d0dce19, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:b7:4c:69:67:8d:31:46:bf:50:a3:0d:a2:69:
                    b2:4c:88:14:db:82:cd:c6:fd:09:d9:61:70:ca:c6:
                    e6:03:33:7f:96:cf:4e:f2:cd:cd:47:87:02:42:d7:
                    1f:bb:44:e8:78:93:49:6c:c4:7a:0e:47:b4:94:f0:
                    7f:c3:32:7b:77:43:32:f6:96:31:88:b4:0e:bc:35:
                    c5:e8:9e:cc:2d:45:a5:78:e1:55:6e:b0:8d:89:c7:
                    b1:66:0f:07:66:97:c2:96:04:8b:25:94:8f:51:77:
                    ed:27:81:3d:80:6f:bf:27:b0:c1:d1:e6:dd:20:90:
                    6e:a8:49:a8:c2:02:59:a6:42:c0:46:09:c8:0e:c8:
                    15:44:a8:bd:13:12:ac:05:d0:93:db:3d:f3:a5:39:
                    7e:3a:88:fe:ae:36:d0:41:79:6f:52:d9:95:8d:6b:
                    0a:3a:9a:dc:e8:84:fd:07:b8:7a:09:72:fc:d9:07:
                    3c:71:6d:23:db:fe:23:03:8f:fa:30:7e:15:65:21:
                    ae:9e:cf:88:e1:47:59:dd:a1:94:b4:39:b6:19:f6:
                    de:3b:23:64:46:9a:f4:e9:63:ed:93:3c:77:d9:07:
                    cb:08:4e:a0:0f:2c:56:6b:2b:e5:5c:a0:f1:1b:e2:
                    28:03:ba:7e:df:ef:d4:42:2c:77:57:db:c7:04:05:
                    cc:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:5F:8F:93:83:97:51:A8:46:85:35:C9:45:C9:CE:EC:5F:68:AB:9B
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2be6533c-e8ed-4bc7-b79f-49a16d1618de.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:40c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         5d:45:cf:a3:37:a9:66:69:8a:27:f0:d8:01:3c:94:13:2c:0a:
         5c:d5:c1:04:09:fb:4a:d8:0c:28:b3:2e:a8:7f:81:5e:65:00:
         e0:f5:85:97:40:ab:2f:e4:97:d0:51:cf:20:60:9a:2d:9e:ec:
         16:cd:3e:0b:99:32:2e:49:c2:94:56:f8:5a:9a:e5:25:4c:3a:
         d4:a9:ee:0c:76:82:8d:58:e2:42:5b:1c:ed:f5:4c:5a:a5:8e:
         56:3a:bf:e8:ac:e5:6f:5e:01:97:4d:e4:82:7b:4d:87:8b:64:
         a6:09:28:df:5a:d0:8c:7d:75:22:6a:2c:1f:23:51:ad:53:f7:
         ff:b5:f3:35:b5:27:94:06:c6:29:0c:43:96:d5:fa:f9:d8:31:
         fa:af:50:ff:79:41:90:cc:27:fd:62:4b:c4:31:0b:f3:26:b2:
         2f:f2:06:ce:a8:bd:c0:bb:f9:45:b4:36:02:42:7f:6c:8a:b0:
         3c:98:c7:7f:17:91:88:e8:bb:6b:1e:1b:bb:d0:dc:8a:95:d0:
         8b:f0:78:84:aa:63:a6:d1:5b:41:cb:c8:37:64:74:c0:85:3b:
         f6:11:d4:28:40:b5:e9:08:d0:82:71:d8:57:2f:a0:b8:78:a2:
         41:d7:af:cb:3d:13:51:c7:36:11:a8:4b:78:b7:b8:e5:81:ed:
         89:7f:a6:71
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUXQSkK53lFv5Lc/UJIBDM0Q+svJswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjM0YTViZTc5YjNhNjdiMTY4ZDhl
M2ZjNDExNzc4NGI1N2MyMzQwMWY5M2EyOWVjOWRhY2Q1OGQ5ZDBkY2UxOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprdMaWeNMUa/UKMNommyTIgU24LN
xv0J2WFwysbmAzN/ls9O8s3NR4cCQtcfu0ToeJNJbMR6Dke0lPB/wzJ7d0My9pYx
iLQOvDXF6J7MLUWleOFVbrCNicexZg8HZpfClgSLJZSPUXftJ4E9gG+/J7DB0ebd
IJBuqEmowgJZpkLARgnIDsgVRKi9ExKsBdCT2z3zpTl+Ooj+rjbQQXlvUtmVjWsK
Oprc6IT9B7h6CXL82Qc8cW0j2/4jA4/6MH4VZSGuns+I4UdZ3aGUtDm2GfbeOyNk
Rpr06WPtkzx32QfLCE6gDyxWayvlXKDxG+IoA7p+3+/UQix3V9vHBAXMUQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLRfj5ODl1GoRoU1yUXJzuxfaKubMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJiZTY1MzNjLWU4ZWQtNGJjNy1iNzlmLTQ5YTE2ZDE2MThkZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaUDAMA0GCSqGSIb3DQEBCwUAA4IBAQBdRc+jN6lmaYon8NgB
PJQTLApc1cEECftK2Awosy6of4FeZQDg9YWXQKsv5JfQUc8gYJotnuwWzT4LmTIu
ScKUVvhamuUlTDrUqe4MdoKNWOJCWxzt9UxapY5WOr/orOVvXgGXTeSCe02Hi2Sm
CSjfWtCMfXUiaiwfI1GtU/f/tfM1tSeUBsYpDEOW1fr52DH6r1D/eUGQzCf9YkvE
MQvzJrIv8gbOqL3Au/lFtDYCQn9sirA8mMd/F5GI6LtrHhu70NyKldCL8HiEqmOm
0VtBy8g3ZHTAhTv2EdQoQLXpCNCCcdhXL6C4eKJB16/LPRNRxzYRqEt4t7jlge2J
f6Zx
-----END CERTIFICATE-----