Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d7c305d-06f0-41db-a157-3260a182f100.roa
File:                     4d7c305d-06f0-41db-a157-3260a182f100.roa (raw, json)
Hash identifier:          VSwccj611/ZCa64wtRsKshWOW8TusFbn1Px6Yh7H6sg=
Subject key identifier:   54:94:91:A3:AC:66:BF:26:B4:9A:C5:B2:3E:34:FF:9F:EB:60:3A:EE
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6F634124E9399C660D923F36589354E8E38DE992
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d7c305d-06f0-41db-a157-3260a182f100.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da36:4800::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:63:41:24:e9:39:9c:66:0d:92:3f:36:58:93:54:e8:e3:8d:e9:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=9838b7392c9dd9d68e66ed145ab245cc17c586986f9eb2442327b4e60330c6c9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:bf:c7:27:ae:56:85:86:4b:fa:40:ed:10:96:
                    e0:6e:3b:f9:a8:a4:60:c4:f4:da:a3:e3:cc:9f:45:
                    d0:f7:28:9e:c7:e0:e2:9c:55:ea:85:be:c8:e2:58:
                    83:4a:4a:44:95:9a:5d:ce:ac:6b:3c:1e:f0:c6:dc:
                    fe:fc:a4:63:2e:6e:6d:a1:21:43:0a:6a:5a:cb:89:
                    cc:0c:1d:a2:e2:d7:6d:c3:92:6f:fa:3b:b6:cf:7c:
                    d4:19:80:7b:03:45:d4:fa:a9:fe:f7:cb:37:4d:5a:
                    ea:f7:f8:78:db:23:19:d1:44:55:e0:5e:92:3d:c6:
                    ad:b3:1d:7d:e6:29:15:9a:52:39:84:b6:13:f2:27:
                    f0:4c:65:3b:55:09:aa:6f:60:f9:33:24:6c:08:a1:
                    3b:2f:55:17:e5:91:1a:89:23:db:cb:4a:f6:16:89:
                    74:af:64:cd:15:3c:71:b0:a7:9e:64:35:43:c1:56:
                    8a:d7:55:b6:5c:c3:3a:65:70:8e:21:9d:aa:12:0b:
                    4c:eb:25:c0:67:53:f9:47:f7:cc:7d:32:bf:b5:aa:
                    2e:e9:15:8d:42:40:ce:da:09:fe:54:a8:fd:db:b1:
                    71:17:90:47:b2:67:8f:1b:c7:6e:1f:35:88:4b:20:
                    46:d4:07:15:2a:b3:88:38:37:e7:95:a6:f6:34:e8:
                    75:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:94:91:A3:AC:66:BF:26:B4:9A:C5:B2:3E:34:FF:9F:EB:60:3A:EE
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4d7c305d-06f0-41db-a157-3260a182f100.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da36:4800::/40

    Signature Algorithm: sha256WithRSAEncryption
         a0:25:a9:9e:50:5b:af:81:33:c6:84:80:49:cb:4e:fc:b3:b8:
         a6:01:b3:15:4b:46:9b:51:0e:e7:b9:c9:b5:7d:d4:2d:4b:4f:
         6a:64:b8:72:0e:6c:67:38:01:38:80:40:f7:a9:0c:94:a6:52:
         31:89:12:64:03:b3:47:a3:70:3e:4e:c1:63:08:e9:1d:b1:81:
         ae:26:44:56:b4:9c:be:5a:23:a9:e1:7f:1c:ec:70:3d:cf:53:
         f0:3b:fa:b7:3b:d8:59:41:11:b0:ee:15:38:52:58:33:0c:f1:
         80:eb:56:f5:66:6d:bd:28:a2:ed:19:c7:5a:8a:0a:5d:d1:cf:
         69:f1:35:92:d5:8d:84:59:81:6c:cc:62:85:33:96:c4:13:e5:
         61:0e:b5:c1:77:b7:b0:77:ae:bb:a4:56:f6:7a:7c:95:25:eb:
         8f:c1:f9:64:26:f2:6d:5a:67:5e:b8:57:56:ab:ba:11:1d:49:
         a3:11:e5:59:b8:aa:d0:85:ab:d8:19:09:06:cf:43:be:e4:38:
         87:b9:4a:d5:a7:74:26:6a:86:0f:7a:75:0c:f4:56:03:d8:2f:
         fc:e8:5c:b9:8e:09:bd:93:a0:6d:c2:af:7e:84:84:f6:83:70:
         06:3a:42:61:06:0a:17:6b:db:68:79:41:a2:38:87:a6:eb:61:
         07:e4:6e:e7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUb2NBJOk5nGYNkj82WJNU6OON6ZIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOTgzOGI3MzkyYzlkZDlkNjhlNjZl
ZDE0NWFiMjQ1Y2MxN2M1ODY5ODZmOWViMjQ0MjMyN2I0ZTYwMzMwYzZjOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyb/HJ65WhYZL+kDtEJbgbjv5qKRg
xPTao+PMn0XQ9yiex+DinFXqhb7I4liDSkpElZpdzqxrPB7wxtz+/KRjLm5toSFD
Cmpay4nMDB2i4tdtw5Jv+ju2z3zUGYB7A0XU+qn+98s3TVrq9/h42yMZ0URV4F6S
Pcatsx195ikVmlI5hLYT8ifwTGU7VQmqb2D5MyRsCKE7L1UX5ZEaiSPby0r2Fol0
r2TNFTxxsKeeZDVDwVaK11W2XMM6ZXCOIZ2qEgtM6yXAZ1P5R/fMfTK/taou6RWN
QkDO2gn+VKj927FxF5BHsmePG8duHzWISyBG1AcVKrOIODfnlab2NOh1TwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFSUkaOsZr8mtJrFsj40/5/rYDruMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRkN2MzMDVkLTA2ZjAtNDFkYi1hMTU3LTMyNjBhMTgyZjEwMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaNkgwDQYJKoZIhvcNAQELBQADggEBAKAlqZ5QW6+BM8aEgEnL
TvyzuKYBsxVLRptRDue5ybV91C1LT2pkuHIObGc4ATiAQPepDJSmUjGJEmQDs0ej
cD5OwWMI6R2xga4mRFa0nL5aI6nhfxzscD3PU/A7+rc72FlBEbDuFThSWDMM8YDr
VvVmbb0oou0Zx1qKCl3Rz2nxNZLVjYRZgWzMYoUzlsQT5WEOtcF3t7B3rrukVvZ6
fJUl64/B+WQm8m1aZ164V1aruhEdSaMR5Vm4qtCFq9gZCQbPQ77kOIe5StWndCZq
hg96dQz0VgPYL/zoXLmOCb2ToG3Cr36EhPaDcAY6QmEGChdr22h5QaI4h6brYQfk
buc=
-----END CERTIFICATE-----