Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/359ec231-6db5-4986-92a6-b2cf6ca2ad72.roa
File:                     359ec231-6db5-4986-92a6-b2cf6ca2ad72.roa (raw, json)
Hash identifier:          rBUGofH/G4wQN6/C/TJ6AmPPMMu5QZIU/w3alyPnEEY=
Subject key identifier:   31:B4:B4:7E:23:D3:20:5E:19:8F:1E:CC:16:9D:60:7B:13:3C:DB:AB
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       542BF8A518567FF05A0F6D048DA6E9728BFEC88F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/359ec231-6db5-4986-92a6-b2cf6ca2ad72.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf6:9000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:2b:f8:a5:18:56:7f:f0:5a:0f:6d:04:8d:a6:e9:72:8b:fe:c8:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=06e5b66a39f08344060cbeeadc889233634f3ea297a46a08ef02311a94b5743f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:bd:52:fb:1e:23:c0:4b:21:d0:34:f9:de:28:
                    12:01:63:75:b6:0c:07:54:d5:24:59:b7:77:ba:a5:
                    a9:67:00:61:39:97:c4:0f:97:ae:43:79:c0:54:30:
                    c7:d1:26:f7:66:70:40:ab:07:6f:d5:5e:14:37:70:
                    65:3f:3e:7b:20:bd:f8:fc:68:3f:8b:2d:e0:2f:68:
                    02:02:28:8f:ec:3c:88:6c:b5:1f:f2:ca:66:df:bc:
                    f4:ec:3e:da:88:35:f8:d9:0f:87:a6:ff:91:9c:86:
                    1a:ef:4b:1c:1a:22:b2:67:e1:24:02:ce:26:7c:23:
                    d5:93:a5:2f:c9:ff:5c:98:99:3e:2a:75:cc:f7:31:
                    37:38:e8:f1:e3:c9:90:95:e7:43:4a:62:17:6e:01:
                    2d:df:ea:3c:c9:3f:b7:09:ac:da:6f:19:be:0f:58:
                    81:e3:de:74:8a:9e:02:77:5e:92:72:b0:06:52:dd:
                    ab:97:f8:77:9a:99:7a:39:e8:e8:2b:a1:ac:37:47:
                    d8:cc:3b:66:0a:dc:e7:ec:94:12:10:da:b9:83:fb:
                    93:32:28:5d:ec:67:85:73:87:dd:fa:22:ac:7a:35:
                    37:8e:dd:e2:c5:e2:87:09:01:fd:95:e1:4f:d4:9c:
                    99:6b:f1:97:bb:bc:ff:31:a6:24:1b:74:70:7d:ad:
                    50:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:B4:B4:7E:23:D3:20:5E:19:8F:1E:CC:16:9D:60:7B:13:3C:DB:AB
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/359ec231-6db5-4986-92a6-b2cf6ca2ad72.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf6:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a7:c6:ee:e7:71:bc:6b:2c:60:ed:8f:bf:82:70:5f:15:15:71:
         46:46:da:2a:40:cc:ad:c5:b4:df:3d:70:ae:fb:d7:ed:72:be:
         2b:be:3a:e3:63:e9:76:43:df:99:56:57:0e:27:68:0c:01:ad:
         15:61:fe:fb:b0:80:2d:98:55:16:f7:63:e8:58:d5:9f:5c:34:
         a8:e9:dc:20:5b:80:c8:32:b1:ea:a0:00:4c:c7:e0:ee:f5:9a:
         ef:b0:57:e1:27:58:f6:21:4f:b1:f7:e9:39:f3:cf:ca:d0:b3:
         e4:fe:55:3f:19:e5:23:4a:36:80:fd:38:c2:4a:14:d6:83:0a:
         75:01:22:fa:c4:f8:1b:2f:c5:a5:39:b6:b8:08:4f:d3:e9:9c:
         d4:17:96:5c:b0:0d:12:9d:0d:51:b8:44:35:a2:ae:a9:8d:11:
         79:e3:c2:6d:a5:af:25:a8:2e:ce:1b:7b:01:54:0b:71:33:9d:
         a4:13:f0:e3:a3:9c:da:6a:d3:bc:40:ef:f2:6f:c3:ed:86:5b:
         e1:ea:4d:4a:07:30:13:6b:f0:33:2e:78:25:a2:ad:dc:a8:ca:
         bd:a5:d1:6a:93:06:6f:f7:64:3b:26:ef:fd:c4:dd:71:4f:2e:
         a5:f9:14:fa:d8:89:69:a0:f5:b0:0a:27:ef:35:cf:06:c7:53:
         35:23:b5:3d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVCv4pRhWf/BaD20Ejabpcov+yI8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMDZlNWI2NmEzOWYwODM0NDA2MGNi
ZWVhZGM4ODkyMzM2MzRmM2VhMjk3YTQ2YTA4ZWYwMjMxMWE5NGI1NzQzZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb1S+x4jwEsh0DT53igSAWN1tgwH
VNUkWbd3uqWpZwBhOZfED5euQ3nAVDDH0Sb3ZnBAqwdv1V4UN3BlPz57IL34/Gg/
iy3gL2gCAiiP7DyIbLUf8spm37z07D7aiDX42Q+Hpv+RnIYa70scGiKyZ+EkAs4m
fCPVk6Uvyf9cmJk+KnXM9zE3OOjx48mQledDSmIXbgEt3+o8yT+3Cazabxm+D1iB
4950ip4Cd16ScrAGUt2rl/h3mpl6OejoK6GsN0fYzDtmCtzn7JQSENq5g/uTMihd
7GeFc4fd+iKsejU3jt3ixeKHCQH9leFP1JyZa/GXu7z/MaYkG3Rwfa1QhQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDG0tH4j0yBeGY8ezBadYHsTPNurMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM1OWVjMjMxLTZkYjUtNDk4Ni05MmE2LWIyY2Y2Y2EyYWQ3Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9pAwDQYJKoZIhvcNAQELBQADggEBAKfG7udxvGssYO2Pv4Jw
XxUVcUZG2ipAzK3FtN89cK771+1yviu+OuNj6XZD35lWVw4naAwBrRVh/vuwgC2Y
VRb3Y+hY1Z9cNKjp3CBbgMgyseqgAEzH4O71mu+wV+EnWPYhT7H36Tnzz8rQs+T+
VT8Z5SNKNoD9OMJKFNaDCnUBIvrE+BsvxaU5trgIT9PpnNQXllywDRKdDVG4RDWi
rqmNEXnjwm2lryWoLs4bewFUC3EznaQT8OOjnNpq07xA7/Jvw+2GW+HqTUoHMBNr
8DMueCWirdyoyr2l0WqTBm/3ZDsm7/3E3XFPLqX5FPrYiWmg9bAKJ+81zwbHUzUj
tT0=
-----END CERTIFICATE-----