Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa
File:                     5caef593-3e1a-4239-836f-142b22751593.roa (raw, json)
Hash identifier:          /a+PY+g46AIM3yUxa1aTvecQh9rz4/3Nsfv3yV3x1yU=
Subject key identifier:   93:9C:A6:23:63:E3:9A:39:2B:77:63:EB:7E:6B:2F:17:A5:DF:58:09
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       723FB551F967EE5849A27A5B3A936F78537707FC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa
Signing time:             Fri 10 Jan 2025 00:00:00 +0000
ROA not before:           Fri 10 Jan 2025 00:00:00 +0000
ROA not after:            Fri 14 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab9:1000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:3f:b5:51:f9:67:ee:58:49:a2:7a:5b:3a:93:6f:78:53:77:07:fc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 10 00:00:00 2025 GMT
            Not After : Feb 14 23:59:59 2025 GMT
        Subject: serialNumber=89ca7ce00a41583b3542c7fe7761f3bb2f244dda4077a394a4d1c9a94c7a8fdc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:6d:59:61:d1:33:be:3c:4e:a8:9c:a7:a3:03:
                    70:f2:f8:75:30:70:96:a1:a8:bb:50:5d:e1:f7:aa:
                    a5:13:7d:e7:15:50:0a:06:13:24:d8:3f:4a:b6:94:
                    d0:cd:de:f7:5e:52:b2:09:af:63:18:7e:a1:ff:d7:
                    b8:e6:ed:2b:26:b6:1a:5e:b1:8f:c2:1a:0a:31:e9:
                    f3:08:52:75:87:0a:a7:f7:84:a7:4d:10:ee:f6:b7:
                    a3:e9:da:57:25:8c:e8:e9:55:2a:31:87:da:9a:13:
                    cd:fd:a6:96:24:f3:6d:3e:7f:88:50:7d:e5:c6:27:
                    33:b4:c2:a4:af:9c:d1:01:10:4c:08:2c:16:62:bb:
                    03:db:55:e0:2b:c6:c9:2d:b7:51:00:14:a4:eb:fb:
                    22:3d:06:90:ca:89:e9:bd:ff:c7:f2:22:96:7b:3b:
                    b6:d7:f0:7f:2b:36:f6:0d:48:90:16:d2:cb:a6:14:
                    87:3e:6f:9e:7e:1c:42:ac:13:01:44:60:aa:58:28:
                    ab:cd:68:72:2c:d8:87:ae:17:7b:3e:cc:18:55:60:
                    cf:f6:f1:1e:f7:b0:ad:27:df:aa:97:c4:8e:a6:ab:
                    91:c6:1c:cf:f3:2c:29:6e:80:80:1c:80:fb:a4:6e:
                    41:26:8e:56:7b:60:2b:45:32:62:5e:45:73:f0:8a:
                    22:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:9C:A6:23:63:E3:9A:39:2B:77:63:EB:7E:6B:2F:17:A5:DF:58:09
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5caef593-3e1a-4239-836f-142b22751593.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab9:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         a3:f0:7a:be:c3:f3:d9:9d:d1:18:1b:7f:33:88:ea:30:9d:d1:
         c6:d9:3e:a8:08:ff:1b:3a:36:74:48:c4:6a:2e:a4:3b:5b:b7:
         29:7b:d1:c3:c4:da:e6:7a:da:a8:89:d6:f3:4d:7f:b9:06:e0:
         fc:36:49:cf:0a:03:a1:ab:f7:3d:cc:d7:02:e4:40:7c:4f:2d:
         59:55:3a:78:65:ee:fd:ae:e9:5c:9e:f7:55:6d:08:77:42:28:
         f3:e4:c8:38:a0:0d:99:26:2f:4f:ac:d2:02:54:99:b3:f8:43:
         c3:dc:2d:82:a0:5d:97:c7:e2:3e:ab:b7:51:51:e0:97:ad:53:
         82:68:18:3a:7d:9e:97:61:71:97:59:12:1d:57:45:0e:a4:10:
         11:6a:ad:47:1a:53:2c:79:6c:2b:87:6c:4b:d8:a0:6e:d6:a7:
         0e:ec:61:cf:75:f2:5c:ef:2a:6e:32:93:f6:c3:6d:aa:52:57:
         0c:24:92:34:13:dd:98:5c:fe:8f:bd:68:5e:6e:37:53:4e:5a:
         ab:f5:33:b7:d0:ed:cb:7e:5c:ca:67:34:e2:86:17:49:af:51:
         8c:86:cd:82:b9:25:b9:07:6f:5d:66:d4:98:d6:e9:55:3b:f6:
         fe:6c:09:26:40:c5:40:47:17:14:51:05:d6:8d:b9:e4:6e:7c:
         5c:fa:73:21
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUcj+1Ufln7lhJonpbOpNveFN3B/wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAODljYTdjZTAwYTQxNTgzYjM1NDJj
N2ZlNzc2MWYzYmIyZjI0NGRkYTQwNzdhMzk0YTRkMWM5YTk0YzdhOGZkYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoG1ZYdEzvjxOqJynowNw8vh1MHCW
oai7UF3h96qlE33nFVAKBhMk2D9KtpTQzd73XlKyCa9jGH6h/9e45u0rJrYaXrGP
whoKMenzCFJ1hwqn94SnTRDu9rej6dpXJYzo6VUqMYfamhPN/aaWJPNtPn+IUH3l
xicztMKkr5zRARBMCCwWYrsD21XgK8bJLbdRABSk6/siPQaQyonpvf/H8iKWezu2
1/B/Kzb2DUiQFtLLphSHPm+efhxCrBMBRGCqWCirzWhyLNiHrhd7PswYVWDP9vEe
97CtJ9+ql8SOpquRxhzP8ywpboCAHID7pG5BJo5We2ArRTJiXkVz8IoiJQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJOcpiNj45o5K3dj635rLxel31gJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVjYWVmNTkzLTNlMWEtNDIzOS04MzZmLTE0MmIyMjc1MTU5My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauRAwDQYJKoZIhvcNAQELBQADggEBAKPwer7D89md0RgbfzOI
6jCd0cbZPqgI/xs6NnRIxGoupDtbtyl70cPE2uZ62qiJ1vNNf7kG4Pw2Sc8KA6Gr
9z3M1wLkQHxPLVlVOnhl7v2u6Vye91VtCHdCKPPkyDigDZkmL0+s0gJUmbP4Q8Pc
LYKgXZfH4j6rt1FR4JetU4JoGDp9npdhcZdZEh1XRQ6kEBFqrUcaUyx5bCuHbEvY
oG7Wpw7sYc918lzvKm4yk/bDbapSVwwkkjQT3Zhc/o+9aF5uN1NOWqv1M7fQ7ct+
XMpnNOKGF0mvUYyGzYK5JbkHb11m1JjW6VU79v5sCSZAxUBHFxRRBdaNueRufFz6
cyE=
-----END CERTIFICATE-----