Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa
File:                     6966423c-fa27-4cd5-898f-a147e75cdcb6.roa (raw, json)
Hash identifier:          qD/aaXWrcm8umWsW+f0Npz/1OaQY//10ji+hTxUhAiI=
Subject key identifier:   E5:7A:C1:19:02:F8:BD:77:ED:21:40:35:85:4E:79:A2:D3:44:04:F5
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6ED6F49818A6ACCAC806ACB63B1B809A23E60720
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa
Signing time:             Fri 10 Jan 2025 00:00:00 +0000
ROA not before:           Fri 10 Jan 2025 00:00:00 +0000
ROA not after:            Fri 14 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dab9:a000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:d6:f4:98:18:a6:ac:ca:c8:06:ac:b6:3b:1b:80:9a:23:e6:07:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 10 00:00:00 2025 GMT
            Not After : Feb 14 23:59:59 2025 GMT
        Subject: serialNumber=bd15bff04d609f5531c4388494187c9091ecfc5d7d8e47d7a80ee945ee4214ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:34:c1:c2:e0:b5:0b:7d:2a:a6:7c:83:ed:77:
                    4b:68:f1:4a:82:5a:85:91:af:64:d5:b8:7c:6b:85:
                    37:ba:84:c5:7a:d9:66:9f:88:6f:bd:f8:77:c4:70:
                    a8:2f:90:ef:85:34:07:a1:8d:94:4a:45:1a:9d:80:
                    57:31:78:42:e8:6c:f7:dd:5a:ce:78:48:f5:46:ca:
                    0c:6b:8b:03:a8:b9:3c:2f:1f:fb:6f:01:a7:72:c3:
                    27:07:56:97:ab:48:41:dc:86:53:af:c5:72:8b:02:
                    58:46:b7:64:1e:79:72:0c:cc:8d:e9:79:33:c3:f1:
                    87:83:9a:ce:d9:e8:1e:24:24:de:0f:68:55:59:00:
                    16:2b:f2:65:d9:68:d7:c2:54:46:d5:ed:2b:fd:16:
                    ff:5e:71:a1:4f:0f:a2:59:cc:db:21:5a:e5:c8:3b:
                    c5:39:c8:e9:bc:b9:16:2b:5c:7a:1b:8c:73:5a:55:
                    c6:a4:26:42:3a:6a:25:05:e5:d9:bf:a3:1c:97:b1:
                    e2:ac:eb:9a:42:fe:e6:fa:94:18:0b:30:4d:c8:73:
                    c3:3c:6c:72:29:e0:90:69:65:21:6f:1c:f0:ca:06:
                    ff:8a:8f:62:26:e9:be:61:1a:ed:06:6f:b9:64:d4:
                    56:85:05:95:ed:c3:91:94:c4:58:07:c2:54:46:0f:
                    6b:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E5:7A:C1:19:02:F8:BD:77:ED:21:40:35:85:4E:79:A2:D3:44:04:F5
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6966423c-fa27-4cd5-898f-a147e75cdcb6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dab9:a000::/40

    Signature Algorithm: sha256WithRSAEncryption
         31:e6:01:ad:da:33:15:1b:65:1b:1f:0a:ee:2d:f5:23:3a:8f:
         a5:17:e0:a6:72:f3:c7:7f:df:10:4c:70:62:83:fb:11:a8:da:
         49:c4:6a:1c:43:b1:3c:4d:e7:b0:b8:21:2d:68:e5:1c:d9:9e:
         db:50:f6:2f:6c:75:da:4e:f2:2b:39:b6:ac:8b:b9:54:0b:40:
         6a:19:31:9a:ab:58:57:d6:7c:3e:40:9b:54:a5:60:d7:7f:89:
         8f:25:04:b5:06:f8:f8:47:63:11:fa:48:10:8b:e8:10:65:87:
         48:7c:4f:89:9f:fc:7f:6e:79:96:8f:e2:52:55:c4:c3:16:b4:
         7d:b7:ac:59:9f:e4:a9:32:45:ee:fb:97:b7:19:59:b1:46:15:
         da:ef:2f:8e:aa:c5:13:77:33:bf:c4:53:8d:22:6b:ee:bb:e1:
         47:a2:0a:1b:23:94:59:1d:e7:6c:2f:96:a1:06:9f:64:a5:3b:
         54:87:0a:b2:cf:93:e1:c1:3a:af:50:f6:fc:21:14:02:33:a7:
         78:9f:e4:49:d2:9d:59:24:f4:da:b1:39:76:3b:d8:a2:50:43:
         86:fe:5a:45:23:0c:b7:ef:9c:4a:7e:52:df:bd:da:e7:55:f3:
         19:3d:6f:b8:3c:69:55:44:21:b8:1f:e1:8b:32:23:07:75:ab:
         5a:12:d7:1b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbtb0mBimrMrIBqy2OxuAmiPmByAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAYmQxNWJmZjA0ZDYwOWY1NTMxYzQz
ODg0OTQxODdjOTA5MWVjZmM1ZDdkOGU0N2Q3YTgwZWU5NDVlZTQyMTRhZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDTBwuC1C30qpnyD7XdLaPFKglqF
ka9k1bh8a4U3uoTFetlmn4hvvfh3xHCoL5DvhTQHoY2USkUanYBXMXhC6Gz33VrO
eEj1RsoMa4sDqLk8Lx/7bwGncsMnB1aXq0hB3IZTr8VyiwJYRrdkHnlyDMyN6Xkz
w/GHg5rO2egeJCTeD2hVWQAWK/Jl2WjXwlRG1e0r/Rb/XnGhTw+iWczbIVrlyDvF
OcjpvLkWK1x6G4xzWlXGpCZCOmolBeXZv6Mcl7HirOuaQv7m+pQYCzBNyHPDPGxy
KeCQaWUhbxzwygb/io9iJum+YRrtBm+5ZNRWhQWV7cORlMRYB8JURg9rqQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOV6wRkC+L137SFANYVOeaLTRAT1MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY5NjY0MjNjLWZhMjctNGNkNS04OThmLWExNDdlNzVjZGNiNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauaAwDQYJKoZIhvcNAQELBQADggEBADHmAa3aMxUbZRsfCu4t
9SM6j6UX4KZy88d/3xBMcGKD+xGo2knEahxDsTxN57C4IS1o5RzZnttQ9i9sddpO
8is5tqyLuVQLQGoZMZqrWFfWfD5Am1SlYNd/iY8lBLUG+PhHYxH6SBCL6BBlh0h8
T4mf/H9ueZaP4lJVxMMWtH23rFmf5KkyRe77l7cZWbFGFdrvL46qxRN3M7/EU40i
a+674UeiChsjlFkd52wvlqEGn2SlO1SHCrLPk+HBOq9Q9vwhFAIzp3if5EnSnVkk
9NqxOXY72KJQQ4b+WkUjDLfvnEp+Ut+92udV8xk9b7g8aVVEIbgf4YsyIwd1q1oS
1xs=
-----END CERTIFICATE-----