Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa
File:                     3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa (raw, json)
Hash identifier:          KXStBWBN4YRXijWsCxXX/dk9O8YsZSCK68nKBqfva2Y=
Subject key identifier:   C4:28:74:28:2F:3E:63:35:B2:A3:1F:AD:CA:78:00:C0:E0:1D:3C:12
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6DCFCC6F0D0CD7DE9E39B988CB16163A9CD94C2D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa
Signing time:             Fri 31 Jan 2025 00:00:00 +0000
ROA not before:           Fri 31 Jan 2025 00:00:00 +0000
ROA not after:            Fri 07 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf6:c000::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:cf:cc:6f:0d:0c:d7:de:9e:39:b9:88:cb:16:16:3a:9c:d9:4c:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 31 00:00:00 2025 GMT
            Not After : Mar  7 23:59:59 2025 GMT
        Subject: serialNumber=ae2a37fbc02c4dba8736635702e6ba5b6b5ac24bfab6216b015db8125ad5eda3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:ae:00:65:b4:fa:90:7a:ae:3f:a6:55:12:56:
                    ab:e5:82:65:34:8c:f6:85:a0:bd:1f:77:77:28:3a:
                    37:79:28:08:87:51:26:eb:ad:25:46:8a:d7:84:0f:
                    79:b1:e5:1c:c7:25:e3:ab:d3:ab:74:4b:6f:51:17:
                    5a:c5:47:a7:06:05:43:e5:b1:78:82:13:01:f7:86:
                    b0:14:85:dc:77:9c:ce:6e:a6:99:20:ac:80:7d:8d:
                    9e:d0:71:0e:01:8a:9f:16:f7:07:a9:f2:0a:8b:6f:
                    e9:f0:0b:3d:21:83:eb:43:7f:16:d6:f8:ff:23:6d:
                    c4:68:a2:6b:4f:27:08:c2:c9:d0:dc:5b:fd:c4:57:
                    54:f6:41:1a:68:d7:75:20:2b:3a:68:6f:c8:03:cc:
                    16:92:df:58:40:ad:fb:8c:74:51:b3:0f:1f:e5:41:
                    39:f5:c4:ea:33:c5:e7:8a:fd:d0:ae:21:38:ca:17:
                    6f:b1:8d:68:ee:d1:19:12:13:a5:aa:0e:ef:3d:e4:
                    0e:fd:1f:c9:af:e8:ce:b4:fd:6a:d6:cd:2e:1a:89:
                    58:55:65:5a:21:39:13:e9:ea:71:20:62:0c:2b:2b:
                    5c:e3:14:2a:86:0b:87:c5:77:49:51:8c:d6:ac:c5:
                    eb:0c:53:0c:9f:d4:6b:ed:00:4e:2e:7b:48:12:aa:
                    6d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:28:74:28:2F:3E:63:35:B2:A3:1F:AD:CA:78:00:C0:E0:1D:3C:12
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e316e1b-d1e7-47c4-a799-78ecfb9511d6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf6:c000::/48

    Signature Algorithm: sha256WithRSAEncryption
         92:07:99:b2:74:8e:47:6d:94:ad:ba:6e:1d:c6:b4:36:f4:66:
         bb:ab:19:ee:2c:ba:e8:ad:67:d8:59:24:e8:7b:4a:07:09:20:
         1c:b5:70:d5:d2:ed:b1:30:22:c7:58:7a:f5:46:e5:5b:d6:bf:
         38:cc:8e:b9:a5:11:b7:1a:5c:b2:cd:1f:c5:36:ff:98:7a:2e:
         25:58:86:75:68:10:61:8b:cc:e9:83:4e:0b:42:be:e9:f5:38:
         2e:f1:f5:1f:d7:ff:17:f6:8d:4e:fe:1b:6e:91:ff:d9:08:0c:
         bd:97:29:c9:63:d8:70:85:7f:80:52:0b:81:4b:e5:4d:8b:63:
         da:fd:8c:13:76:9d:4a:40:a3:e9:e0:16:d3:6b:a7:5b:33:b8:
         6a:06:94:64:25:40:13:11:4c:c3:76:7d:d9:b8:18:59:bf:e0:
         3c:98:c2:5f:14:49:a3:2a:1b:ba:32:b8:a1:2a:af:4f:f6:7a:
         0b:2c:cd:9c:82:4c:aa:a3:2f:9f:2e:3e:f7:a9:d3:65:66:12:
         db:d1:9a:2a:79:bf:04:f0:77:60:ff:e3:21:97:45:1b:f7:0a:
         7a:b5:f5:e4:05:f7:b7:87:55:89:31:c8:e5:de:f0:ff:c6:d0:
         98:d8:30:0f:85:54:aa:c1:32:6c:30:81:91:99:98:ee:0e:09:
         fc:42:97:bd
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUbc/Mbw0M196eObmIyxYWOpzZTC0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEzMTAwMDAwMFoX
DTI1MDMwNzIzNTk1OVowejFJMEcGA1UEBRNAYWUyYTM3ZmJjMDJjNGRiYTg3MzY2
MzU3MDJlNmJhNWI2YjVhYzI0YmZhYjYyMTZiMDE1ZGI4MTI1YWQ1ZWRhMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8q4AZbT6kHquP6ZVElar5YJlNIz2
haC9H3d3KDo3eSgIh1Em660lRorXhA95seUcxyXjq9OrdEtvURdaxUenBgVD5bF4
ghMB94awFIXcd5zObqaZIKyAfY2e0HEOAYqfFvcHqfIKi2/p8As9IYPrQ38W1vj/
I23EaKJrTycIwsnQ3Fv9xFdU9kEaaNd1ICs6aG/IA8wWkt9YQK37jHRRsw8f5UE5
9cTqM8Xniv3QriE4yhdvsY1o7tEZEhOlqg7vPeQO/R/Jr+jOtP1q1s0uGolYVWVa
ITkT6epxIGIMKytc4xQqhguHxXdJUYzWrMXrDFMMn9Rr7QBOLntIEqptSwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMQodCgvPmM1sqMfrcp4AMDgHTwSMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNlMzE2ZTFiLWQxZTctNDdjNC1hNzk5LTc4ZWNmYjk1MTFkNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9sAAMA0GCSqGSIb3DQEBCwUAA4IBAQCSB5mydI5HbZStum4d
xrQ29Ga7qxnuLLrorWfYWSToe0oHCSActXDV0u2xMCLHWHr1RuVb1r84zI65pRG3
GlyyzR/FNv+Yei4lWIZ1aBBhi8zpg04LQr7p9Tgu8fUf1/8X9o1O/htukf/ZCAy9
lynJY9hwhX+AUguBS+VNi2Pa/YwTdp1KQKPp4BbTa6dbM7hqBpRkJUATEUzDdn3Z
uBhZv+A8mMJfFEmjKhu6MrihKq9P9noLLM2cgkyqoy+fLj73qdNlZhLb0Zoqeb8E
8Hdg/+Mhl0Ub9wp6tfXkBfe3h1WJMcjl3vD/xtCY2DAPhVSqwTJsMIGRmZjuDgn8
Qpe9
-----END CERTIFICATE-----