Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa
File:                     5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa (raw, json)
Hash identifier:          /zVuCiCqnR0t09Nv2SEybn8dL5rLTHqIOB0N3Fww2yk=
Subject key identifier:   2F:CE:CD:99:86:14:28:EF:40:74:82:45:B8:28:95:1D:43:DE:E6:1F
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0FCD65DCCC99F7CFCD5838B7F1D30CBAB1FC8987
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:60c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:cd:65:dc:cc:99:f7:cf:cd:58:38:b7:f1:d3:0c:ba:b1:fc:89:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=95b0f8bcc2d861ade3d9e5ce7a205622deb236e9efc3e0f65d22221b0873bafd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:e5:f8:15:04:1d:0b:c1:2f:a7:a8:39:1d:05:
                    30:18:0f:94:41:cc:d9:20:be:9e:44:e4:ca:f3:f3:
                    77:fb:89:33:ce:02:f7:d2:0f:a8:d7:55:48:17:c3:
                    8b:cb:16:a6:66:9f:df:fa:56:56:e5:cd:56:4f:98:
                    af:e6:c2:2b:80:d1:f8:fd:55:42:fa:6a:ec:ba:2e:
                    c6:d0:8f:c6:36:14:bc:be:d2:55:49:79:39:c7:f7:
                    36:8d:28:03:d9:62:18:d1:35:71:f8:dc:11:a1:e1:
                    61:20:dc:de:02:d5:d1:04:88:73:48:64:60:4b:4c:
                    28:20:fb:d7:c0:5b:a9:f1:3a:a1:89:6c:74:20:52:
                    ef:eb:40:60:dc:94:fb:af:96:36:b4:b2:94:be:be:
                    6a:62:9a:06:fc:d2:f7:b9:a3:20:6e:b1:2f:70:24:
                    5d:b3:f1:4a:ca:a2:c0:ae:59:4e:e8:ab:4f:35:cf:
                    5a:21:ab:a7:e8:e4:fc:51:7a:aa:1b:05:ae:97:11:
                    66:f4:22:4b:b5:0e:6b:2d:24:73:a8:b7:3d:73:c5:
                    06:d1:63:bb:1c:56:27:1c:4f:58:ec:9b:cc:c7:63:
                    36:1d:f4:54:8b:62:73:bc:4b:e0:6a:bb:04:6f:3c:
                    9a:a3:9c:2d:29:45:f6:a2:47:13:83:78:07:0c:5e:
                    c0:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:CE:CD:99:86:14:28:EF:40:74:82:45:B8:28:95:1D:43:DE:E6:1F
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5ac76ccb-4f57-4185-ad2f-05bf338ba35d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:60c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         22:5f:a7:ff:54:41:2f:b2:58:22:53:87:69:ef:21:54:0a:85:
         89:04:15:7a:8f:a2:18:e4:00:9b:ce:09:1d:0e:df:46:b4:5d:
         89:5d:a3:16:52:8f:37:44:f4:f6:34:e3:2a:c8:91:c5:3f:a0:
         75:64:a9:ad:59:e4:30:65:91:f7:d8:ca:39:6b:f8:8e:83:a3:
         d6:e7:7f:1a:9b:df:c9:62:04:cc:2f:00:32:9e:d1:22:ac:a1:
         8c:51:32:7d:93:4a:6c:e2:e3:47:1c:43:1d:ac:69:51:43:e2:
         de:3c:53:ea:ef:2e:6e:98:c2:9d:4d:1f:2f:1b:7b:ff:58:e9:
         b0:87:09:4c:b1:de:06:07:2f:65:17:3c:b1:c2:8a:54:9f:48:
         7b:b9:fe:bc:61:35:ce:f4:bd:8e:be:dd:22:0d:b8:ed:48:70:
         23:2c:0f:f0:5d:24:49:27:29:84:52:3d:26:d2:95:6b:4e:1f:
         64:7c:f9:e0:a0:3a:3c:49:cc:ef:15:dc:9d:1a:a4:43:0a:94:
         60:8d:95:71:b9:ae:b4:50:b5:d6:16:87:8b:ed:c3:1a:cb:3e:
         7b:6a:32:71:7e:73:01:03:e8:40:bc:90:bd:95:04:5d:05:34:
         10:86:01:76:bc:42:4f:d2:fb:86:24:17:85:e0:28:19:bf:e7:
         a6:23:20:e2
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUD81l3MyZ98/NWDi38dMMurH8iYcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOTViMGY4YmNjMmQ4NjFhZGUzZDll
NWNlN2EyMDU2MjJkZWIyMzZlOWVmYzNlMGY2NWQyMjIyMWIwODczYmFmZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOX4FQQdC8Evp6g5HQUwGA+UQczZ
IL6eROTK8/N3+4kzzgL30g+o11VIF8OLyxamZp/f+lZW5c1WT5iv5sIrgNH4/VVC
+mrsui7G0I/GNhS8vtJVSXk5x/c2jSgD2WIY0TVx+NwRoeFhINzeAtXRBIhzSGRg
S0woIPvXwFup8TqhiWx0IFLv60Bg3JT7r5Y2tLKUvr5qYpoG/NL3uaMgbrEvcCRd
s/FKyqLArllO6KtPNc9aIaun6OT8UXqqGwWulxFm9CJLtQ5rLSRzqLc9c8UG0WO7
HFYnHE9Y7JvMx2M2HfRUi2JzvEvgarsEbzyao5wtKUX2okcTg3gHDF7ADQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFC/OzZmGFCjvQHSCRbgolR1D3uYfMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVhYzc2Y2NiLTRmNTctNDE4NS1hZDJmLTA1YmYzMzhiYTM1ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaWDAMA0GCSqGSIb3DQEBCwUAA4IBAQAiX6f/VEEvslgiU4dp
7yFUCoWJBBV6j6IY5ACbzgkdDt9GtF2JXaMWUo83RPT2NOMqyJHFP6B1ZKmtWeQw
ZZH32Mo5a/iOg6PW538am9/JYgTMLwAyntEirKGMUTJ9k0ps4uNHHEMdrGlRQ+Le
PFPq7y5umMKdTR8vG3v/WOmwhwlMsd4GBy9lFzyxwopUn0h7uf68YTXO9L2Ovt0i
DbjtSHAjLA/wXSRJJymEUj0m0pVrTh9kfPngoDo8SczvFdydGqRDCpRgjZVxua60
ULXWFoeL7cMayz57ajJxfnMBA+hAvJC9lQRdBTQQhgF2vEJP0vuGJBeF4CgZv+em
IyDi
-----END CERTIFICATE-----