Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa
File:                     3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa (raw, json)
Hash identifier:          uK29Cdl7VMPvkeUAi2XYedvAN9VGuRZUre1hRF0JLkA=
Subject key identifier:   F5:06:B9:06:EC:A8:7D:17:D0:47:A4:54:89:F1:C7:5F:AA:2A:D1:D3
Certificate issuer:       /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial:       4202629793F0CDF61EA1633589F817AD34ABC8FC
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa
Signing time:             Wed 15 Jan 2025 00:00:00 +0000
ROA not before:           Wed 15 Jan 2025 00:00:00 +0000
ROA not after:            Wed 19 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        160.235.0.0/16 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:02:62:97:93:f0:cd:f6:1e:a1:63:35:89:f8:17:ad:34:ab:c8:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
        Validity
            Not Before: Jan 15 00:00:00 2025 GMT
            Not After : Feb 19 23:59:59 2025 GMT
        Subject: serialNumber=61389017e02482268fbfa90a94b5725fc0d4343652bc2662ca3bf2cf8a2acf57, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:d9:e8:cb:eb:25:1c:13:f4:c4:8c:f1:ef:cc:
                    54:65:cb:47:98:15:be:ff:95:71:6b:8a:6a:be:3a:
                    55:2f:be:77:b9:e0:d7:c9:48:ba:23:94:90:94:63:
                    b4:29:02:ec:73:22:b3:d0:a5:5f:b4:ba:e2:e1:38:
                    3f:14:c0:cb:75:c1:e7:90:e4:5b:da:ed:42:ae:3b:
                    fb:fb:82:d1:5f:d7:9d:59:e5:11:62:9a:d9:36:36:
                    95:e5:49:a1:b6:e7:80:ff:94:f1:0a:df:c3:c8:6b:
                    76:93:a2:5f:cf:55:a4:11:18:4f:ac:a5:06:56:dc:
                    98:0b:ad:db:f3:b0:f3:c2:15:2e:8f:b0:11:d7:80:
                    f6:1f:da:03:d7:a5:8e:69:dd:48:b0:08:1e:be:d0:
                    4d:fa:4a:1e:d7:fc:c1:e5:2a:b9:90:57:12:dc:69:
                    40:2b:e6:86:48:5e:47:38:60:09:66:cb:a0:81:e6:
                    53:1b:59:2a:56:f5:c6:93:44:2f:a9:4e:6a:7b:d9:
                    ae:99:00:8e:bd:68:58:c3:ec:d0:0b:2d:78:70:1b:
                    0c:9e:ae:9f:ce:b2:20:74:a3:d8:8d:0d:38:39:de:
                    b7:24:47:f6:d8:f4:6c:46:6b:ef:3e:ea:50:95:de:
                    b2:52:77:a0:61:6d:06:72:0a:a6:34:44:8a:96:0a:
                    24:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:06:B9:06:EC:A8:7D:17:D0:47:A4:54:89:F1:C7:5F:AA:2A:D1:D3
            X509v3 Authority Key Identifier:
                keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3d1fb1c7-6140-4c57-928f-1a59586f9e2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.235.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         16:0f:5c:10:ed:3e:ae:fd:a2:c7:93:de:36:b3:74:09:b1:8d:
         d1:db:10:51:8b:7b:b6:22:d3:e6:14:d5:dc:5b:be:58:ca:10:
         01:69:77:34:cb:49:51:59:b9:7d:7e:4c:aa:c5:cd:3d:6e:b6:
         c5:12:2d:cb:24:dc:67:65:7c:0f:70:e3:a2:76:8f:72:2f:e2:
         17:52:12:d8:d8:0a:0b:0f:1c:63:05:3c:ae:11:3e:98:b1:32:
         e0:14:98:bc:2c:25:bb:59:96:f0:42:e6:8d:f0:e5:15:1d:80:
         b8:1a:3e:4e:70:f9:8c:3f:47:a9:20:7d:af:79:ca:db:85:42:
         df:9e:58:8c:cb:d8:92:66:86:24:51:6f:22:87:c7:f8:af:6b:
         70:a5:68:e9:61:44:36:dc:03:a4:00:3b:2b:11:cf:65:29:f8:
         9f:1d:6f:e6:2b:88:7f:d4:4e:91:ac:ad:18:03:f4:34:7e:e5:
         88:a7:cf:6a:b6:00:d6:5e:f4:71:e1:45:3e:b6:d9:d7:89:27:
         5f:ff:b5:86:24:5b:d4:e4:55:c8:23:9f:25:6d:95:a5:09:c6:
         12:5c:4f:fe:05:d2:22:02:55:52:a6:ff:c9:b2:64:34:b0:7b:
         c3:ed:d2:8e:c6:80:cc:3b:48:a2:e7:a4:f2:02:10:f2:ca:2a:
         bd:3b:9f:d8
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUQgJil5PwzfYeoWM1ifgXrTSryPwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI1MDExNTAwMDAwMFoX
DTI1MDIxOTIzNTk1OVowejFJMEcGA1UEBRNANjEzODkwMTdlMDI0ODIyNjhmYmZh
OTBhOTRiNTcyNWZjMGQ0MzQzNjUyYmMyNjYyY2EzYmYyY2Y4YTJhY2Y1NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA49noy+slHBP0xIzx78xUZctHmBW+
/5Vxa4pqvjpVL753ueDXyUi6I5SQlGO0KQLscyKz0KVftLri4Tg/FMDLdcHnkORb
2u1Crjv7+4LRX9edWeURYprZNjaV5UmhtueA/5TxCt/DyGt2k6Jfz1WkERhPrKUG
VtyYC63b87DzwhUuj7AR14D2H9oD16WOad1IsAgevtBN+koe1/zB5Sq5kFcS3GlA
K+aGSF5HOGAJZsuggeZTG1kqVvXGk0QvqU5qe9mumQCOvWhYw+zQCy14cBsMnq6f
zrIgdKPYjQ04Od63JEf22PRsRmvvPupQld6yUnegYW0GcgqmNESKlgokXwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFPUGuQbsqH0X0EekVInxx1+qKtHTMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNkMWZiMWM3LTYxNDAtNGM1Ny05MjhmLTFhNTk1ODZmOWUyYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBABYPXBDtPq79oseT3jazdAmx
jdHbEFGLe7Yi0+YU1dxbvljKEAFpdzTLSVFZuX1+TKrFzT1utsUSLcsk3GdlfA9w
46J2j3Iv4hdSEtjYCgsPHGMFPK4RPpixMuAUmLwsJbtZlvBC5o3w5RUdgLgaPk5w
+Yw/R6kgfa95ytuFQt+eWIzL2JJmhiRRbyKHx/iva3ClaOlhRDbcA6QAOysRz2Up
+J8db+YriH/UTpGsrRgD9DR+5Yinz2q2ANZe9HHhRT622deJJ1//tYYkW9TkVcgj
nyVtlaUJxhJcT/4F0iICVVKm/8myZDSwe8Pt0o7GgMw7SKLnpPICEPLKKr07n9g=
-----END CERTIFICATE-----