Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa
File:                     542149ac-13e8-419c-b3c9-46274c8943df.roa (raw, json)
Hash identifier:          BUsKuC3NHQf/Yvl3jEdBOozI7IGKAqU5P2BNlYoDk50=
Subject key identifier:   2A:CA:B0:CD:96:08:6D:E3:78:96:23:C5:11:B5:6F:FC:B3:6A:8C:2B
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       45D32AC94717D8589FE7DAD84AF3E4D564696C02
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:8c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:d3:2a:c9:47:17:d8:58:9f:e7:da:d8:4a:f3:e4:d5:64:69:6c:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=16a05874243027ab6017ff215d4dd4bee7976c647a1c419603f41a5debf81679, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:55:34:eb:2a:bd:88:d3:27:6b:9a:13:1c:dd:
                    6a:52:f7:e9:73:6f:3f:c5:31:6d:03:1d:e4:d4:a5:
                    bc:09:b5:91:95:e8:df:a0:55:50:bf:79:24:02:c2:
                    05:7f:3d:24:e1:50:2e:1f:9e:a1:31:54:62:d3:60:
                    f4:4f:11:78:fe:d9:f3:12:e4:76:08:ef:04:64:02:
                    8b:da:74:f7:a8:7e:ce:fb:9c:5a:55:87:ae:61:f8:
                    9a:30:dd:91:16:a5:e1:70:87:a2:6f:3c:f0:5f:3b:
                    c1:7b:9f:5d:05:82:f9:36:c6:10:be:4b:e9:88:8e:
                    fc:b1:fd:d4:1f:47:c7:22:30:da:e3:d1:23:58:be:
                    48:f1:e8:d4:c5:6d:e9:70:ec:76:12:bb:77:66:f9:
                    32:f8:e9:ba:61:24:3e:25:b5:c5:6c:72:c3:d1:01:
                    34:e6:2c:a1:41:d1:30:03:fb:33:6f:59:aa:5a:11:
                    ce:93:f6:c3:e0:0c:1f:ff:0c:30:5f:a6:a1:de:17:
                    12:ea:f4:dd:b2:8f:b5:ef:9a:fd:09:31:7c:62:98:
                    33:cb:07:3c:7a:46:b6:56:6c:c0:26:89:91:ad:e4:
                    1f:55:02:c8:72:fc:df:93:23:08:bf:8c:c0:54:bf:
                    06:f8:a4:8c:07:2b:7c:93:69:ff:04:36:15:a3:1a:
                    0c:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:CA:B0:CD:96:08:6D:E3:78:96:23:C5:11:B5:6F:FC:B3:6A:8C:2B
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/542149ac-13e8-419c-b3c9-46274c8943df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:8c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         9e:47:09:7d:9a:21:2f:ab:3b:f4:b5:a1:d9:da:d7:b4:6a:47:
         d0:07:f3:b9:cf:f7:e7:cb:c7:ab:bd:e8:0c:5e:c0:ae:a0:9a:
         34:5c:b8:f8:4c:f0:fa:86:18:07:a2:fa:c9:eb:af:07:28:00:
         96:97:08:8b:f7:22:a6:d5:e5:06:f5:46:c6:f4:b8:e5:97:32:
         5d:ef:2e:a1:27:b8:8b:66:0c:ce:d1:ab:4c:66:b2:81:20:86:
         4a:fc:6c:df:17:40:c8:41:73:45:44:e6:c4:ac:0f:29:63:30:
         8c:f8:bd:04:7b:61:bc:d1:f6:3c:2d:d9:0e:d7:ba:8f:ae:ed:
         3b:77:74:ae:39:f2:d6:1a:e1:bd:e1:f6:dc:38:24:43:6f:c5:
         b9:cc:da:bd:9a:97:34:f3:69:e2:2c:55:28:f4:2c:08:c9:b5:
         4a:9c:59:de:a0:94:20:74:2d:17:f2:4b:3c:56:59:52:0f:a8:
         fe:fb:80:97:a1:f9:99:4a:6e:36:2c:b5:01:5f:2e:45:0a:45:
         79:57:32:a9:fb:24:aa:b9:31:e5:6a:66:2d:c5:b7:d8:81:f1:
         9c:75:5f:56:6d:05:cb:6c:a4:54:39:85:43:79:4b:94:2a:f1:
         5d:aa:eb:d1:c5:1e:d5:5b:59:13:05:ea:74:16:c3:6f:10:0c:
         c1:fd:e6:6d
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIURdMqyUcX2Fif59rYSvPk1WRpbAIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMTZhMDU4NzQyNDMwMjdhYjYwMTdm
ZjIxNWQ0ZGQ0YmVlNzk3NmM2NDdhMWM0MTk2MDNmNDFhNWRlYmY4MTY3OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FU06yq9iNMna5oTHN1qUvfpc28/
xTFtAx3k1KW8CbWRlejfoFVQv3kkAsIFfz0k4VAuH56hMVRi02D0TxF4/tnzEuR2
CO8EZAKL2nT3qH7O+5xaVYeuYfiaMN2RFqXhcIeibzzwXzvBe59dBYL5NsYQvkvp
iI78sf3UH0fHIjDa49EjWL5I8ejUxW3pcOx2Ert3Zvky+Om6YSQ+JbXFbHLD0QE0
5iyhQdEwA/szb1mqWhHOk/bD4Awf/wwwX6ah3hcS6vTdso+175r9CTF8Ypgzywc8
eka2VmzAJomRreQfVQLIcvzfkyMIv4zAVL8G+KSMByt8k2n/BDYVoxoMKQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCrKsM2WCG3jeJYjxRG1b/yzaowrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU0MjE0OWFjLTEzZTgtNDE5Yy1iM2M5LTQ2Mjc0Yzg5NDNkZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaQjAMA0GCSqGSIb3DQEBCwUAA4IBAQCeRwl9miEvqzv0taHZ
2te0akfQB/O5z/fny8ervegMXsCuoJo0XLj4TPD6hhgHovrJ668HKACWlwiL9yKm
1eUG9UbG9LjllzJd7y6hJ7iLZgzO0atMZrKBIIZK/GzfF0DIQXNFRObErA8pYzCM
+L0Ee2G80fY8LdkO17qPru07d3SuOfLWGuG94fbcOCRDb8W5zNq9mpc082niLFUo
9CwIybVKnFneoJQgdC0X8ks8VllSD6j++4CXofmZSm42LLUBXy5FCkV5VzKp+ySq
uTHlamYtxbfYgfGcdV9WbQXLbKRUOYVDeUuUKvFdquvRxR7VW1kTBep0FsNvEAzB
/eZt
-----END CERTIFICATE-----