Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7b377b-906b-49a0-87a2-73168e0d8254.roa
File:                     5a7b377b-906b-49a0-87a2-73168e0d8254.roa (raw, json)
Hash identifier:          XlKzu9L3I6+ALQdFMduQBH8A+yR5yRGecagePpfs1SE=
Subject key identifier:   52:E4:4A:2E:A5:0C:56:95:C4:E4:47:68:46:FF:6E:52:5C:1E:CC:F6
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       75426AB488B60AEAE4CA6EAF28A41A6A2E2143F6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7b377b-906b-49a0-87a2-73168e0d8254.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:c840::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:42:6a:b4:88:b6:0a:ea:e4:ca:6e:af:28:a4:1a:6a:2e:21:43:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=437bfe2295f45694aa8dd98ee69dd3c6cca6747ec5cd5c47365ec539e8b60faf, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:35:16:7d:40:98:fb:a0:89:27:9b:c3:69:3e:
                    7d:d0:3b:bc:fb:29:67:81:d9:ba:1b:98:9c:fc:19:
                    63:7a:66:d4:ef:49:c6:71:b1:f0:51:13:3e:d4:5c:
                    63:7e:b8:ad:f4:c3:5d:34:f9:6d:7d:0c:98:0d:e1:
                    88:eb:b9:97:fe:3e:a2:07:64:48:b1:a9:3d:a8:8c:
                    93:5b:55:74:87:3b:d0:73:9d:fc:93:78:5a:88:9d:
                    98:16:de:34:79:c5:e9:c6:73:94:4d:de:3d:59:7f:
                    d1:a0:54:fb:4b:e5:f9:91:38:53:f7:ae:7a:00:c2:
                    fd:f2:c5:26:10:58:92:f8:dc:75:52:2a:07:3c:86:
                    37:4f:cd:3a:f7:de:69:8b:2c:aa:41:9a:49:2d:ac:
                    99:ee:3d:10:06:ae:1a:02:e1:93:4a:72:42:45:2f:
                    3e:b9:1d:97:7d:b6:29:49:1d:12:e4:18:56:5e:66:
                    9f:74:6f:6c:d3:b3:63:bb:23:8a:99:39:c9:a9:28:
                    98:cc:dc:c5:c9:4e:78:fd:b4:89:c5:93:2b:6d:9f:
                    67:f6:37:7c:a7:ec:fc:7d:a7:c2:7a:b2:bb:aa:1c:
                    27:7a:02:f8:2b:40:8d:73:f4:13:3c:66:23:d8:1f:
                    81:5c:e7:f6:66:2c:4d:1b:85:0b:19:f1:97:40:8c:
                    5b:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:E4:4A:2E:A5:0C:56:95:C4:E4:47:68:46:FF:6E:52:5C:1E:CC:F6
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5a7b377b-906b-49a0-87a2-73168e0d8254.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:c840::/48

    Signature Algorithm: sha256WithRSAEncryption
         4d:c5:2d:30:68:48:17:15:05:99:e8:88:96:61:ff:ea:7f:9d:
         19:8c:18:e8:3c:47:bc:a5:88:88:87:b8:f0:02:33:eb:23:1b:
         9b:fe:2c:2e:46:a5:cb:fa:fb:56:e8:16:7e:e5:48:93:c0:a4:
         34:f0:0a:0e:49:92:05:17:63:d8:3a:66:84:52:f5:48:fb:95:
         fb:0e:8e:e9:31:32:60:de:35:b7:74:4c:77:47:3d:93:04:ce:
         c3:30:d8:b9:70:a9:00:05:c5:92:84:05:62:3e:e0:57:2a:17:
         7f:82:69:ee:bd:3a:e4:c0:c3:1a:43:81:da:38:29:4d:f6:a5:
         b4:4f:a3:8e:56:25:08:5c:25:bb:8d:c7:e2:a0:b6:23:47:dc:
         15:92:8e:e1:35:17:ee:41:0a:af:43:30:28:17:97:c3:f9:2f:
         df:5e:fe:e7:22:25:b0:dd:0e:88:e3:35:c9:8b:2a:3d:90:a0:
         4e:be:8d:eb:56:99:bf:72:86:61:c9:c1:9b:f1:8c:2b:bc:c2:
         d3:6f:51:13:ab:ad:16:b1:99:f8:83:d4:99:24:ee:68:2e:8d:
         ff:a0:e3:93:b7:47:af:d1:c6:6f:11:21:99:4b:f6:fb:eb:b2:
         f9:25:c7:00:30:8d:e6:e6:b5:2d:a3:2e:9d:ae:63:a3:b2:e1:
         0f:7a:cf:2b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUdUJqtIi2Curkym6vKKQaai4hQ/YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANDM3YmZlMjI5NWY0NTY5NGFhOGRk
OThlZTY5ZGQzYzZjY2E2NzQ3ZWM1Y2Q1YzQ3MzY1ZWM1MzllOGI2MGZhZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljUWfUCY+6CJJ5vDaT590Du8+yln
gdm6G5ic/BljembU70nGcbHwURM+1Fxjfrit9MNdNPltfQyYDeGI67mX/j6iB2RI
sak9qIyTW1V0hzvQc538k3haiJ2YFt40ecXpxnOUTd49WX/RoFT7S+X5kThT9656
AML98sUmEFiS+Nx1UioHPIY3T806995piyyqQZpJLayZ7j0QBq4aAuGTSnJCRS8+
uR2XfbYpSR0S5BhWXmafdG9s07NjuyOKmTnJqSiYzNzFyU54/bSJxZMrbZ9n9jd8
p+z8fafCerK7qhwnegL4K0CNc/QTPGYj2B+BXOf2ZixNG4ULGfGXQIxbgwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFFLkSi6lDFaVxORHaEb/blJcHsz2MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVhN2IzNzdiLTkwNmItNDlhMC04N2EyLTczMTY4ZTBkODI1NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9MhAMA0GCSqGSIb3DQEBCwUAA4IBAQBNxS0waEgXFQWZ6IiW
Yf/qf50ZjBjoPEe8pYiIh7jwAjPrIxub/iwuRqXL+vtW6BZ+5UiTwKQ08AoOSZIF
F2PYOmaEUvVI+5X7Do7pMTJg3jW3dEx3Rz2TBM7DMNi5cKkABcWShAViPuBXKhd/
gmnuvTrkwMMaQ4HaOClN9qW0T6OOViUIXCW7jcfioLYjR9wVko7hNRfuQQqvQzAo
F5fD+S/fXv7nIiWw3Q6I4zXJiyo9kKBOvo3rVpm/coZhycGb8YwrvMLTb1ETq60W
sZn4g9SZJO5oLo3/oOOTt0ev0cZvESGZS/b767L5JccAMI3m5rUtoy6drmOjsuEP
es8r
-----END CERTIFICATE-----