Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f02c5e6-ffee-4777-b0fd-d0651418af2b.roa
File:                     5f02c5e6-ffee-4777-b0fd-d0651418af2b.roa (raw, json)
Hash identifier:          rC29QB18u5h+yA4YWeyu3p9it9HOrcxRau3+KinBoFE=
Subject key identifier:   65:F5:FB:F5:D8:83:45:42:4B:8B:F9:15:C0:DE:8E:07:D8:59:ED:66
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       41295AF837027C22779A3840867C9500144461C0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f02c5e6-ffee-4777-b0fd-d0651418af2b.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:2020::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:29:5a:f8:37:02:7c:22:77:9a:38:40:86:7c:95:00:14:44:61:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=8b956dc0275ae3fee4f5e56b75b7466101212cb615e72ec3fbfed45c78872fd0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:8e:29:32:2e:27:ee:28:3a:a2:b7:aa:7f:f3:
                    14:81:1f:c7:61:3e:58:ae:2a:06:8b:07:82:e2:15:
                    55:f8:29:72:1b:ac:07:21:3b:5f:8a:ab:62:2b:0a:
                    14:8d:08:30:d1:81:18:9f:18:6d:c1:44:a0:69:99:
                    7b:18:85:28:b3:63:7c:49:be:89:fe:ff:3e:76:ab:
                    7f:fb:64:ba:e8:42:31:8e:db:8b:30:0a:0f:64:94:
                    2d:80:62:9e:8a:d1:6f:fb:5f:85:b7:44:b2:c6:77:
                    4c:c5:7b:7b:b8:ba:65:4d:fc:9b:0b:12:9b:17:85:
                    27:80:54:c1:8d:45:28:ff:5e:9c:5e:93:30:16:05:
                    fb:28:01:f7:dc:f4:4a:82:94:88:a0:2a:93:cd:6f:
                    f1:67:21:c8:5b:10:b9:6b:f5:ca:5a:3b:ef:8c:b3:
                    c7:f1:be:a8:62:c8:b3:3b:27:6e:8a:6a:f2:43:14:
                    48:80:60:ee:4d:c2:b5:80:8e:6f:7b:ff:71:c1:9a:
                    5f:f4:6c:bf:71:98:ce:fb:3f:42:11:1b:b7:37:64:
                    87:56:79:b2:f8:c6:a7:67:29:17:36:ad:79:30:ee:
                    af:a7:43:7f:e0:41:31:4a:4a:6e:60:9f:7c:27:73:
                    e8:18:e6:a4:e6:9b:8b:ef:65:49:c5:72:cc:80:dc:
                    34:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:F5:FB:F5:D8:83:45:42:4B:8B:F9:15:C0:DE:8E:07:D8:59:ED:66
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5f02c5e6-ffee-4777-b0fd-d0651418af2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:2020::/46

    Signature Algorithm: sha256WithRSAEncryption
         c5:db:3c:98:08:d7:f4:2b:83:1d:92:ee:1e:94:0c:6d:2c:fa:
         85:0e:95:c3:85:c0:29:56:48:86:25:d6:9f:84:d1:3b:25:31:
         38:dd:c4:0f:cf:bb:ca:84:d9:07:cc:eb:bf:f8:c1:13:aa:8f:
         a1:21:55:9a:1c:32:b4:d8:d3:41:0c:b1:74:48:e5:6b:29:64:
         8e:7d:e7:79:1f:3f:2b:4a:71:94:0b:2b:b6:a5:59:aa:ca:f1:
         1c:e4:43:83:0c:7e:e1:a1:b2:47:8a:18:52:c6:00:35:0a:14:
         38:e6:13:90:0a:6a:95:d1:5b:78:d1:0f:0e:9c:e9:e2:ad:21:
         09:a3:69:d3:1a:1f:ec:f8:ef:eb:6d:d3:43:82:a4:f4:2c:53:
         c0:59:63:0d:83:c0:32:6a:be:8e:cd:4e:7e:d2:07:11:f5:af:
         64:f9:45:f0:6b:96:26:60:76:33:f9:f8:0f:28:50:ba:c0:fa:
         36:4b:b4:a4:10:2c:b3:2a:9f:31:fb:04:21:ef:c8:1e:86:e8:
         ee:a7:7a:93:db:67:90:ca:04:76:27:e7:02:f0:30:71:bc:54:
         58:f7:ae:97:dd:d2:5c:0f:f2:59:08:a3:24:4b:ff:7e:8c:c1:
         92:0e:c9:b7:36:8d:b9:e4:7f:de:95:0c:1c:1d:48:4a:bd:07:
         03:c7:b5:ae
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUQSla+DcCfCJ3mjhAhnyVABREYcAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOGI5NTZkYzAyNzVhZTNmZWU0ZjVl
NTZiNzViNzQ2NjEwMTIxMmNiNjE1ZTcyZWMzZmJmZWQ0NWM3ODg3MmZkMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuI4pMi4n7ig6oreqf/MUgR/HYT5Y
rioGiweC4hVV+ClyG6wHITtfiqtiKwoUjQgw0YEYnxhtwUSgaZl7GIUos2N8Sb6J
/v8+dqt/+2S66EIxjtuLMAoPZJQtgGKeitFv+1+Ft0SyxndMxXt7uLplTfybCxKb
F4UngFTBjUUo/16cXpMwFgX7KAH33PRKgpSIoCqTzW/xZyHIWxC5a/XKWjvvjLPH
8b6oYsizOyduimryQxRIgGDuTcK1gI5ve/9xwZpf9Gy/cZjO+z9CERu3N2SHVnmy
+ManZykXNq15MO6vp0N/4EExSkpuYJ98J3PoGOak5puL72VJxXLMgNw0iwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGX1+/XYg0VCS4v5FcDejgfYWe1mMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVmMDJjNWU2LWZmZWUtNDc3Ny1iMGZkLWQwNjUxNDE4YWYyYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+yAgMA0GCSqGSIb3DQEBCwUAA4IBAQDF2zyYCNf0K4Mdku4e
lAxtLPqFDpXDhcApVkiGJdafhNE7JTE43cQPz7vKhNkHzOu/+METqo+hIVWaHDK0
2NNBDLF0SOVrKWSOfed5Hz8rSnGUCyu2pVmqyvEc5EODDH7hobJHihhSxgA1ChQ4
5hOQCmqV0Vt40Q8OnOnirSEJo2nTGh/s+O/rbdNDgqT0LFPAWWMNg8Ayar6OzU5+
0gcR9a9k+UXwa5YmYHYz+fgPKFC6wPo2S7SkECyzKp8x+wQh78gehujup3qT22eQ
ygR2J+cC8DBxvFRY966X3dJcD/JZCKMkS/9+jMGSDsm3No255H/elQwcHUhKvQcD
x7Wu
-----END CERTIFICATE-----