Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c135282-3228-4ddd-beca-26ac3dd348e8.roa
File:                     4c135282-3228-4ddd-beca-26ac3dd348e8.roa (raw, json)
Hash identifier:          4J2sxsTDX5m/PG6uN/AQe/5eP9BTDEGlXWXvY256Ln0=
Subject key identifier:   CC:B7:75:17:3D:18:D9:E1:9B:11:46:CA:3C:8C:D7:E2:9C:E1:20:DE
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       54A5EA3179FB236DCA1B1BFC38DFCB4CBEF566C7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c135282-3228-4ddd-beca-26ac3dd348e8.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:60c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:a5:ea:31:79:fb:23:6d:ca:1b:1b:fc:38:df:cb:4c:be:f5:66:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=be26e8046899b49811653d58bb4ef2f826296f1a6777ea302170eeadf64a5a36, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:de:c6:bc:a2:58:da:9f:62:2b:cb:a9:29:cf:
                    35:87:c3:01:c3:55:93:58:ec:06:cb:10:81:a8:05:
                    3b:a4:99:f7:64:fb:d1:48:b1:b8:9a:b7:fb:13:fe:
                    52:65:ce:52:8a:19:a7:d8:e9:e4:1f:87:c7:03:3e:
                    1a:54:f5:a2:68:27:ae:54:80:b5:cc:f4:41:17:f8:
                    4b:41:2f:92:1e:cc:2e:b5:0b:96:b8:ec:da:49:3d:
                    9e:b8:65:6d:98:ae:1d:cd:f8:af:bd:97:61:ba:a0:
                    ef:c0:a5:5b:70:9b:a4:e9:5e:ed:6e:de:d0:28:2d:
                    b3:b5:35:a2:24:cd:cc:d6:7e:a7:e9:5d:22:db:9b:
                    d2:4e:1e:09:87:6b:11:78:6a:63:f7:29:0e:4c:94:
                    ca:28:b0:a8:d7:09:89:b8:9b:28:8c:a3:84:d8:9e:
                    d8:7a:d8:00:ff:a6:c9:85:9f:ac:8b:be:dc:a7:a9:
                    60:fb:22:e5:07:a5:9c:e7:cb:e2:0a:8c:57:40:ea:
                    fe:de:9c:4d:ee:9d:8d:16:dc:f3:da:62:e8:90:84:
                    b3:71:ff:28:d4:e3:87:c7:47:0c:b0:13:4a:e8:a1:
                    b5:30:51:f0:21:b5:53:14:5b:b3:bd:0b:c5:60:72:
                    8a:a6:20:92:fd:f0:7a:85:f7:06:50:18:f5:e0:47:
                    ec:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:B7:75:17:3D:18:D9:E1:9B:11:46:CA:3C:8C:D7:E2:9C:E1:20:DE
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c135282-3228-4ddd-beca-26ac3dd348e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:60c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         9c:ff:c0:82:88:a6:28:9d:5d:da:b5:15:5d:ec:72:c4:1f:f7:
         aa:a1:0d:d5:12:37:56:cb:da:db:97:6f:76:b1:af:b5:1f:cc:
         d9:99:b8:e0:b1:25:2a:ab:71:6a:fc:7a:fc:d4:07:1b:36:a4:
         19:a0:9a:e3:b7:1e:37:bd:03:fb:66:3d:df:8f:43:a1:a0:f8:
         81:78:23:7a:f5:6e:14:5d:93:d8:40:33:b2:ea:ed:81:ec:5a:
         ce:07:3b:87:cf:11:1a:bf:6f:b7:00:b3:30:2e:b3:fb:0a:64:
         14:36:d7:29:16:e9:36:a2:26:e1:0f:c3:10:eb:a2:c0:71:79:
         7b:48:ae:f0:dd:53:09:d4:88:a1:ca:e5:0b:54:31:a6:4a:c7:
         6f:7f:4e:d2:15:aa:62:fb:1d:aa:16:c8:1b:1f:4b:3f:27:86:
         99:4f:e7:5c:56:91:26:8a:ea:05:87:18:26:9a:5d:1b:cb:29:
         08:bf:b0:b0:9b:99:a2:e6:99:af:3d:0c:67:ba:ec:0d:b1:aa:
         71:06:91:f0:17:98:00:b9:eb:a4:4c:18:31:08:be:2e:07:ec:
         f9:32:26:02:24:96:23:dc:40:f3:76:ed:29:67:26:a2:49:ca:
         d2:82:c4:9b:b0:8c:b3:6b:b1:1b:8f:93:0b:cf:02:c1:66:a2:
         f5:1f:5e:f6
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUVKXqMXn7I23KGxv8ON/LTL71ZscwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYmUyNmU4MDQ2ODk5YjQ5ODExNjUz
ZDU4YmI0ZWYyZjgyNjI5NmYxYTY3NzdlYTMwMjE3MGVlYWRmNjRhNWEzNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld7GvKJY2p9iK8upKc81h8MBw1WT
WOwGyxCBqAU7pJn3ZPvRSLG4mrf7E/5SZc5Sihmn2OnkH4fHAz4aVPWiaCeuVIC1
zPRBF/hLQS+SHswutQuWuOzaST2euGVtmK4dzfivvZdhuqDvwKVbcJuk6V7tbt7Q
KC2ztTWiJM3M1n6n6V0i25vSTh4Jh2sReGpj9ykOTJTKKLCo1wmJuJsojKOE2J7Y
etgA/6bJhZ+si77cp6lg+yLlB6Wc58viCoxXQOr+3pxN7p2NFtzz2mLokISzcf8o
1OOHx0cMsBNK6KG1MFHwIbVTFFuzvQvFYHKKpiCS/fB6hfcGUBj14EfswwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMy3dRc9GNnhmxFGyjyM1+Kc4SDeMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRjMTM1MjgyLTMyMjgtNGRkZC1iZWNhLTI2YWMzZGQzNDhlOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+2DAMA0GCSqGSIb3DQEBCwUAA4IBAQCc/8CCiKYonV3atRVd
7HLEH/eqoQ3VEjdWy9rbl292sa+1H8zZmbjgsSUqq3Fq/Hr81AcbNqQZoJrjtx43
vQP7Zj3fj0OhoPiBeCN69W4UXZPYQDOy6u2B7FrOBzuHzxEav2+3ALMwLrP7CmQU
NtcpFuk2oibhD8MQ66LAcXl7SK7w3VMJ1IihyuULVDGmSsdvf07SFapi+x2qFsgb
H0s/J4aZT+dcVpEmiuoFhxgmml0byykIv7Cwm5mi5pmvPQxnuuwNsapxBpHwF5gA
ueukTBgxCL4uB+z5MiYCJJYj3EDzdu0pZyaiScrSgsSbsIyza7Ebj5MLzwLBZqL1
H172
-----END CERTIFICATE-----