Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55712bd4-af68-4d81-b0b4-0e9c08700a5d.roa
File:                     55712bd4-af68-4d81-b0b4-0e9c08700a5d.roa (raw, json)
Hash identifier:          eRmGtw+ieu2cj9cx177ZDqOYN3Z/Dh8xLv2FhFNuIYA=
Subject key identifier:   74:41:5A:02:26:E8:85:4C:7D:03:E7:B3:D8:50:FC:25:7D:F8:D2:8A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       71BDE72AE055737B63D27183B803E8FD6FD7DE73
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55712bd4-af68-4d81-b0b4-0e9c08700a5d.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da61:4880::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:bd:e7:2a:e0:55:73:7b:63:d2:71:83:b8:03:e8:fd:6f:d7:de:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=5f701753bddee7870dc375a60218ae9d10b1564bb7d36ec33ff046272a8e326d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:17:eb:8d:53:01:43:8f:f6:01:4d:70:0d:7f:
                    b3:3f:f4:ba:ab:d8:36:83:41:89:11:61:3c:52:19:
                    6f:9a:a9:5a:1f:ee:55:5a:b1:ba:cc:70:af:e3:27:
                    91:13:c8:12:ed:66:e1:d7:19:46:76:f1:35:f7:e7:
                    26:46:da:ee:78:ae:12:c7:57:a5:b3:a5:a2:a3:6f:
                    c4:41:e3:f1:a3:c7:1d:81:84:1a:51:9d:fc:57:82:
                    f0:c9:d9:33:2f:fb:dd:d8:c3:d0:44:d3:12:7d:6e:
                    88:c7:93:67:dc:d6:cc:27:23:c4:1b:c5:f8:c4:48:
                    e6:51:3f:40:71:d4:bf:c6:f9:51:6a:7e:6a:e4:6f:
                    6b:ce:92:24:c1:ba:36:1b:71:dc:9b:84:90:a2:53:
                    e8:58:29:59:91:9c:ac:b4:cf:05:bb:44:5d:da:f2:
                    bb:2b:05:44:3e:fc:34:a3:67:0c:33:c6:f6:64:fb:
                    19:ea:2f:98:1a:06:b2:90:f9:b1:ed:c5:d4:0d:26:
                    c1:bd:fa:71:e5:fc:51:7b:32:4b:fd:d5:86:3c:3d:
                    71:d2:24:be:29:7a:f1:95:76:d9:e5:e7:28:23:ea:
                    a7:90:45:50:d5:65:3e:64:75:c3:86:38:02:5e:84:
                    04:f9:4a:8a:60:7b:d6:48:86:96:de:51:98:be:88:
                    00:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:41:5A:02:26:E8:85:4C:7D:03:E7:B3:D8:50:FC:25:7D:F8:D2:8A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/55712bd4-af68-4d81-b0b4-0e9c08700a5d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da61:4880::/48

    Signature Algorithm: sha256WithRSAEncryption
         48:aa:41:09:08:90:e7:a2:df:1e:82:67:f2:96:4c:27:d8:ea:
         6c:62:b2:e5:84:a2:f3:cb:b3:ca:16:00:e4:2c:de:0a:61:8b:
         82:47:e0:8d:50:c3:d9:2a:10:05:2b:81:66:b8:02:5b:cf:2f:
         dc:13:c4:48:55:13:77:ca:eb:80:59:19:59:93:ed:46:76:f4:
         84:31:c2:5a:30:27:93:44:03:66:a6:ea:06:15:f6:7b:36:24:
         38:5a:86:e1:1f:da:59:56:24:c4:06:48:23:28:0a:a2:5f:a6:
         58:87:47:7e:5e:3c:7c:f2:36:05:aa:ce:c5:5c:eb:38:8a:6d:
         1f:71:c5:1d:ff:01:79:7c:21:69:2a:ff:b5:cb:be:81:2a:5c:
         83:e1:71:19:c1:0f:57:a7:95:e0:cb:02:fa:b0:c1:4d:93:1a:
         ae:fe:76:7c:57:67:4b:15:75:32:bb:3e:19:f6:d5:29:9d:90:
         8a:e8:1a:39:28:75:b4:d3:0e:c2:7e:a3:56:24:9a:b7:c4:e1:
         18:74:fb:e0:89:bf:f3:ee:9e:9c:1b:a8:44:e7:0c:19:6c:ab:
         14:76:47:5a:e8:dc:e5:45:05:79:1a:71:37:40:ca:f3:4f:a3:
         7e:99:c5:77:c4:b4:9d:9e:11:98:8e:91:f4:85:8c:21:f2:23:
         3a:b9:da:10
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUcb3nKuBVc3tj0nGDuAPo/W/X3nMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWY3MDE3NTNiZGRlZTc4NzBkYzM3
NWE2MDIxOGFlOWQxMGIxNTY0YmI3ZDM2ZWMzM2ZmMDQ2MjcyYThlMzI2ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBfrjVMBQ4/2AU1wDX+zP/S6q9g2
g0GJEWE8UhlvmqlaH+5VWrG6zHCv4yeRE8gS7Wbh1xlGdvE19+cmRtrueK4Sx1el
s6Wio2/EQePxo8cdgYQaUZ38V4LwydkzL/vd2MPQRNMSfW6Ix5Nn3NbMJyPEG8X4
xEjmUT9AcdS/xvlRan5q5G9rzpIkwbo2G3Hcm4SQolPoWClZkZystM8Fu0Rd2vK7
KwVEPvw0o2cMM8b2ZPsZ6i+YGgaykPmx7cXUDSbBvfpx5fxRezJL/dWGPD1x0iS+
KXrxlXbZ5ecoI+qnkEVQ1WU+ZHXDhjgCXoQE+UqKYHvWSIaW3lGYvogAUQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHRBWgIm6IVMfQPns9hQ/CV9+NKKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU1NzEyYmQ0LWFmNjgtNGQ4MS1iMGI0LTBlOWMwODcwMGE1ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYUiAMA0GCSqGSIb3DQEBCwUAA4IBAQBIqkEJCJDnot8egmfy
lkwn2OpsYrLlhKLzy7PKFgDkLN4KYYuCR+CNUMPZKhAFK4FmuAJbzy/cE8RIVRN3
yuuAWRlZk+1GdvSEMcJaMCeTRANmpuoGFfZ7NiQ4WobhH9pZViTEBkgjKAqiX6ZY
h0d+Xjx88jYFqs7FXOs4im0fccUd/wF5fCFpKv+1y76BKlyD4XEZwQ9Xp5XgywL6
sMFNkxqu/nZ8V2dLFXUyuz4Z9tUpnZCK6Bo5KHW00w7CfqNWJJq3xOEYdPvgib/z
7p6cG6hE5wwZbKsUdkda6NzlRQV5GnE3QMrzT6N+mcV3xLSdnhGYjpH0hYwh8iM6
udoQ
-----END CERTIFICATE-----