Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/726baa71-dd0a-43f5-88eb-b1cc1999500e.roa
File:                     726baa71-dd0a-43f5-88eb-b1cc1999500e.roa (raw, json)
Hash identifier:          mT1tYVFhsc82HiVGNez1YjF47b3tQFCk6ENO7ePzLtI=
Subject key identifier:   CC:47:59:32:DC:81:14:C4:D0:39:17:0C:E7:82:50:3C:59:06:28:C7
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       25C4F87387EFBF6332AB104C559961FA87F950E5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/726baa71-dd0a-43f5-88eb-b1cc1999500e.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:c8c0::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:c4:f8:73:87:ef:bf:63:32:ab:10:4c:55:99:61:fa:87:f9:50:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=27b5bbebeed16586be702e660c99873161759eb58d1a8d290cd61e428d6be114, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:fb:c8:c1:49:b5:f0:2d:1b:ba:9a:71:15:30:
                    3e:a3:9d:89:79:fd:41:ed:35:4d:e8:bb:47:48:0f:
                    6b:65:75:ed:87:ad:43:33:26:ee:23:2b:94:15:a7:
                    68:cc:ef:f4:79:69:c9:dd:94:f2:80:e2:a0:ca:60:
                    72:05:6a:b6:a3:49:85:43:08:ad:4e:27:36:10:69:
                    77:46:eb:fd:01:d3:90:a7:ba:5d:6b:77:a2:21:b2:
                    8b:14:ad:9b:8a:f5:ee:da:55:bb:16:89:1f:16:eb:
                    0a:ad:dd:b4:96:6e:fe:b8:2d:5e:c1:0d:12:1e:67:
                    01:ba:e0:85:62:78:b8:1b:5b:4c:02:23:c5:11:d6:
                    a8:b7:cf:2b:02:c5:c3:b8:47:ed:69:83:0f:38:2a:
                    0e:12:cf:74:9c:cb:e8:4d:5f:cf:7b:e9:b4:3e:35:
                    e4:b2:07:b4:c1:f7:86:61:4c:6e:ec:b8:e2:84:99:
                    86:aa:31:ee:96:d5:4d:34:1f:ad:c3:ac:e1:7a:f3:
                    f5:cf:74:93:b4:37:82:dd:cf:1b:82:af:51:ca:5d:
                    94:06:51:ee:7b:9c:57:57:3c:43:be:92:2f:67:0e:
                    00:ba:23:19:d8:14:dc:f1:c0:d4:1a:06:98:d2:f8:
                    5c:8c:b6:82:e6:20:4b:34:64:98:d1:23:58:3b:4e:
                    a2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:47:59:32:DC:81:14:C4:D0:39:17:0C:E7:82:50:3C:59:06:28:C7
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/726baa71-dd0a-43f5-88eb-b1cc1999500e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:c8c0::/46

    Signature Algorithm: sha256WithRSAEncryption
         a0:a3:1b:e9:1d:3d:fc:30:b3:c5:69:20:6c:d4:53:7d:68:d9:
         db:b8:3e:c0:54:2b:bf:53:b3:8f:2a:eb:40:f5:7f:55:f7:2c:
         14:1b:b5:4f:1f:43:f7:79:0e:f4:8a:2f:25:e9:58:e5:a6:a2:
         08:c0:db:a8:1e:46:73:02:ec:de:fa:02:32:40:08:53:c6:88:
         ca:87:3a:e8:33:b2:6b:83:e9:0c:7a:91:6d:a3:2b:99:43:bd:
         dc:27:1b:84:b3:1c:f3:5d:c1:43:c7:49:2e:b1:94:3f:a3:da:
         c4:17:32:48:c4:6a:ce:fa:a1:d0:23:ce:07:9a:4b:46:7a:5d:
         9c:e1:b4:5e:95:32:d5:c1:0f:a3:c9:ba:45:3e:1b:f8:8a:2d:
         be:b1:65:56:19:f9:45:eb:b7:e0:98:e3:5f:bc:66:c3:c2:37:
         22:c6:cf:e4:3c:29:66:19:d5:e0:bb:21:68:33:7a:0e:4b:49:
         81:31:72:a6:8e:f6:a1:49:da:ee:41:19:a7:fe:3b:b9:f2:b2:
         20:16:9b:02:05:30:31:3c:03:2f:bd:88:90:43:86:b4:0a:90:
         30:87:a0:8c:30:b3:a0:d2:3c:bb:b2:ee:03:46:fe:40:08:11:
         df:82:ac:bf:84:9f:f6:14:22:cd:9b:03:db:52:82:a6:f0:23:
         b9:0c:ea:39
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJcT4c4fvv2MyqxBMVZlh+of5UOUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjdiNWJiZWJlZWQxNjU4NmJlNzAy
ZTY2MGM5OTg3MzE2MTc1OWViNThkMWE4ZDI5MGNkNjFlNDI4ZDZiZTExNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPvIwUm18C0buppxFTA+o52Jef1B
7TVN6LtHSA9rZXXth61DMybuIyuUFadozO/0eWnJ3ZTygOKgymByBWq2o0mFQwit
Tic2EGl3Ruv9AdOQp7pda3eiIbKLFK2bivXu2lW7FokfFusKrd20lm7+uC1ewQ0S
HmcBuuCFYni4G1tMAiPFEdaot88rAsXDuEftaYMPOCoOEs90nMvoTV/Pe+m0PjXk
sge0wfeGYUxu7LjihJmGqjHultVNNB+tw6zhevP1z3STtDeC3c8bgq9Ryl2UBlHu
e5xXVzxDvpIvZw4AuiMZ2BTc8cDUGgaY0vhcjLaC5iBLNGSY0SNYO06ixwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMxHWTLcgRTE0DkXDOeCUDxZBijHMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzcyNmJhYTcxLWRkMGEtNDNmNS04OGViLWIxY2MxOTk5NTAwZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+8jAMA0GCSqGSIb3DQEBCwUAA4IBAQCgoxvpHT38MLPFaSBs
1FN9aNnbuD7AVCu/U7OPKutA9X9V9ywUG7VPH0P3eQ70ii8l6VjlpqIIwNuoHkZz
Auze+gIyQAhTxojKhzroM7Jrg+kMepFtoyuZQ73cJxuEsxzzXcFDx0kusZQ/o9rE
FzJIxGrO+qHQI84HmktGel2c4bRelTLVwQ+jybpFPhv4ii2+sWVWGflF67fgmONf
vGbDwjcixs/kPClmGdXguyFoM3oOS0mBMXKmjvahSdruQRmn/ju58rIgFpsCBTAx
PAMvvYiQQ4a0CpAwh6CMMLOg0jy7su4DRv5ACBHfgqy/hJ/2FCLNmwPbUoKm8CO5
DOo5
-----END CERTIFICATE-----