Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa
File:                     4a75b2a7-15e5-4501-aaaf-4737a678d996.roa (raw, json)
Hash identifier:          0FEwrG/D0CY76b9CIiyWTvoAIyq6xh3l7laIIPypoXA=
Subject key identifier:   B2:BC:D9:58:A2:B5:AE:64:B6:A9:FC:FA:03:5B:85:45:37:CB:74:A3
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       116378BB95D9BCE565CA233CCDFD0630AF6A7D96
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da68:7000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:63:78:bb:95:d9:bc:e5:65:ca:23:3c:cd:fd:06:30:af:6a:7d:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=2fcca02510afb57c2f28bbd8ee1949bf7ce39122215ebaf1e55d7c843201b8a9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:89:2a:4b:82:66:7b:74:d3:70:6a:03:d3:f5:
                    02:18:6b:6e:2a:89:b2:c7:b4:43:1e:82:6a:e1:4f:
                    5d:de:a1:fe:d4:8c:52:9e:1a:76:fb:cc:ed:90:df:
                    0e:27:68:b4:e7:38:c4:fa:f5:c4:f6:b8:c3:3c:5f:
                    61:12:f5:e2:be:61:87:62:67:11:7f:0c:5e:a6:51:
                    4f:29:42:90:51:b1:05:24:eb:b7:09:36:f2:71:06:
                    45:0b:b9:a2:2a:08:ad:2b:ed:85:1a:70:8f:44:79:
                    f5:f7:95:c6:aa:95:09:26:22:6a:4a:99:61:e1:f2:
                    f8:cb:74:46:f5:ad:1b:1d:97:09:90:b4:2f:0f:13:
                    77:a1:86:93:4b:60:f3:c5:66:39:d8:48:6a:77:c1:
                    f9:10:ae:72:0d:2b:91:0f:02:9a:4d:88:d1:bb:33:
                    e2:5f:5f:63:b7:d4:93:82:3f:84:f8:bf:b9:70:e7:
                    71:8c:ba:e7:c7:e3:c0:2d:21:62:4d:ff:15:46:4a:
                    2a:4c:e4:a8:86:da:22:f5:69:93:b4:dd:15:2c:2b:
                    d6:c9:d8:a3:3f:10:df:32:9d:6c:c0:4b:32:24:cd:
                    69:24:8d:a4:e5:1c:d7:ee:90:27:8e:32:2d:6a:6e:
                    8c:30:a5:b7:77:45:e3:74:84:ab:4d:72:4e:79:1d:
                    bc:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:BC:D9:58:A2:B5:AE:64:B6:A9:FC:FA:03:5B:85:45:37:CB:74:A3
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4a75b2a7-15e5-4501-aaaf-4737a678d996.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da68:7000::/40

    Signature Algorithm: sha256WithRSAEncryption
         62:00:dd:69:fa:82:0d:ab:f6:b8:ad:82:44:e3:c3:3b:d3:4b:
         26:d8:b2:37:bc:85:a5:ef:a4:86:72:98:50:d5:06:de:6a:9b:
         0f:99:a4:83:d1:a1:43:76:28:02:ff:26:63:1d:af:9b:54:73:
         10:b0:df:0c:3e:2a:47:f3:5e:18:5e:48:fc:84:39:83:ba:af:
         a7:a2:ef:5c:d8:a2:24:4f:fe:e2:39:f2:b5:39:11:54:1a:e3:
         45:c0:d4:10:75:aa:e5:6d:89:50:b8:f9:02:56:c2:aa:55:3b:
         2f:26:0e:ce:30:01:7a:29:f9:b3:55:a5:a6:ee:9c:df:8d:37:
         32:ce:90:98:8b:d9:bb:e3:ae:50:ac:2e:8b:e0:f8:bb:e2:3b:
         0c:0e:b7:43:54:f3:9f:58:71:da:1b:44:15:a9:ce:20:f6:19:
         b8:85:a6:34:af:44:b9:6d:ed:d6:59:c2:a3:1e:df:a7:cb:8e:
         45:03:8b:85:eb:9c:4a:7d:68:88:95:a9:84:8f:64:2d:14:4e:
         ca:51:95:4f:69:97:36:f1:8f:42:0e:dd:04:b1:98:c9:13:4d:
         b6:10:38:34:09:09:28:3c:16:fb:75:5e:ce:56:1c:fa:2e:76:
         06:b0:d4:e7:0b:34:7f:cc:52:1a:41:3e:ed:65:a5:5d:cb:27:
         fd:f0:23:72
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUEWN4u5XZvOVlyiM8zf0GMK9qfZYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAMmZjY2EwMjUxMGFmYjU3YzJmMjhi
YmQ4ZWUxOTQ5YmY3Y2UzOTEyMjIxNWViYWYxZTU1ZDdjODQzMjAxYjhhOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYkqS4Jme3TTcGoD0/UCGGtuKomy
x7RDHoJq4U9d3qH+1IxSnhp2+8ztkN8OJ2i05zjE+vXE9rjDPF9hEvXivmGHYmcR
fwxeplFPKUKQUbEFJOu3CTbycQZFC7miKgitK+2FGnCPRHn195XGqpUJJiJqSplh
4fL4y3RG9a0bHZcJkLQvDxN3oYaTS2DzxWY52Ehqd8H5EK5yDSuRDwKaTYjRuzPi
X19jt9STgj+E+L+5cOdxjLrnx+PALSFiTf8VRkoqTOSohtoi9WmTtN0VLCvWydij
PxDfMp1swEsyJM1pJI2k5RzX7pAnjjItam6MMKW3d0XjdISrTXJOeR28owIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLK82Viita5ktqn8+gNbhUU3y3SjMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRhNzViMmE3LTE1ZTUtNDUwMS1hYWFmLTQ3MzdhNjc4ZDk5Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaHAwDQYJKoZIhvcNAQELBQADggEBAGIA3Wn6gg2r9ritgkTj
wzvTSybYsje8haXvpIZymFDVBt5qmw+ZpIPRoUN2KAL/JmMdr5tUcxCw3ww+Kkfz
XhheSPyEOYO6r6ei71zYoiRP/uI58rU5EVQa40XA1BB1quVtiVC4+QJWwqpVOy8m
Ds4wAXop+bNVpabunN+NNzLOkJiL2bvjrlCsLovg+LviOwwOt0NU859YcdobRBWp
ziD2GbiFpjSvRLlt7dZZwqMe36fLjkUDi4XrnEp9aIiVqYSPZC0UTspRlU9plzbx
j0IO3QSxmMkTTbYQODQJCSg8Fvt1Xs5WHPoudgaw1OcLNH/MUhpBPu1lpV3LJ/3w
I3I=
-----END CERTIFICATE-----