Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75497e55-5575-445f-b58d-7aebff6310e8.roa
File:                     75497e55-5575-445f-b58d-7aebff6310e8.roa (raw, json)
Hash identifier:          HXyPYXyBWMsQOHCPtuifH2yh45eXncmlKrEr80NrpCY=
Subject key identifier:   64:C7:69:74:5C:78:BB:0F:31:0E:A4:45:27:AE:E5:86:F4:54:44:17
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6E8046CF9B2D43B5FF94CD6212A4BE2B94C6CF82
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75497e55-5575-445f-b58d-7aebff6310e8.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da00:c0c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:80:46:cf:9b:2d:43:b5:ff:94:cd:62:12:a4:be:2b:94:c6:cf:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=cec2c2b4470fcbedff3212eefaeeb25aae94a2373a3d8393195e6f1209772d93, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:9c:2e:ba:5a:48:86:29:2f:c0:c6:be:29:c1:
                    0c:d3:15:51:57:2b:c6:eb:77:17:90:b2:73:2e:fd:
                    a6:8b:d7:5b:25:a2:11:96:9a:db:7f:4b:aa:08:c8:
                    ce:97:8b:19:3f:52:b9:a2:cc:7f:92:24:1f:1c:92:
                    47:b3:b0:06:a3:0a:23:e9:90:10:b9:99:fc:c2:d4:
                    1b:45:97:29:bc:37:5a:17:82:58:83:f2:7d:ce:b5:
                    3d:6f:e8:dc:39:01:f7:a0:f5:04:97:0b:8d:e2:42:
                    7d:ab:0b:b9:e3:b6:99:f8:a4:af:37:ed:f3:05:6d:
                    9d:62:eb:3f:90:1b:63:c4:c0:16:44:f3:d4:de:09:
                    09:01:aa:4e:7a:b4:41:1d:8e:02:40:3c:e2:e3:5b:
                    3e:92:6b:80:55:17:b9:04:21:10:ea:79:0a:28:dc:
                    15:77:76:3b:30:af:8c:b1:a3:0b:c7:cd:22:f8:cd:
                    a8:58:fb:4e:cc:bf:f2:e9:40:35:14:63:18:81:82:
                    df:a6:7e:ee:c9:9c:d2:59:48:50:ab:54:f5:a2:91:
                    a2:4b:67:25:6d:f3:4e:99:f0:5e:f6:75:b6:63:81:
                    4f:3d:ed:ab:be:1a:28:b0:aa:5e:56:9a:74:4c:e4:
                    57:0a:6d:1a:cd:58:58:dc:6b:44:e8:5a:5c:ac:1a:
                    bc:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:C7:69:74:5C:78:BB:0F:31:0E:A4:45:27:AE:E5:86:F4:54:44:17
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75497e55-5575-445f-b58d-7aebff6310e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da00:c0c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         9c:a3:94:b5:e8:90:16:a7:6a:48:96:6b:78:83:d5:86:c2:e1:
         5f:38:ce:21:65:6b:02:0d:d3:33:5d:a8:56:a6:94:1d:3e:ca:
         6b:bc:0a:1a:36:dd:7c:23:79:1d:89:c7:f2:3d:0b:6f:2e:0e:
         21:03:38:aa:43:96:50:68:b6:a9:50:c3:00:b3:13:3b:53:8a:
         eb:a9:40:da:69:ce:94:14:71:67:4c:8b:9e:da:f3:07:67:50:
         ed:35:f0:a4:7b:0f:d2:23:e4:6d:82:8d:b7:8a:2f:84:93:6b:
         f6:8c:17:fa:38:d0:d8:d6:0d:3f:0b:f0:a1:e2:8a:b5:12:f4:
         39:0c:ba:72:3a:c2:87:86:43:e8:4b:0e:ea:bd:5c:f0:69:06:
         99:d7:ef:9d:1c:55:7e:48:b4:76:bf:3c:b1:d5:30:de:3e:e0:
         cc:5a:89:a8:97:00:51:2f:e5:4b:f5:be:98:3e:b3:54:87:62:
         d0:ad:1a:08:97:47:97:d5:9e:ee:6f:77:6b:92:39:85:9f:59:
         9d:62:de:0b:5c:e7:6f:ea:e5:1f:d6:ab:93:a1:03:a2:d6:96:
         76:06:f1:91:86:1f:34:36:e2:9e:d9:4a:8b:e3:22:6d:4e:d2:
         f7:eb:ce:2c:46:88:94:42:91:7e:9d:50:c4:77:b0:0f:6e:56:
         9d:37:62:90
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUboBGz5stQ7X/lM1iEqS+K5TGz4IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAY2VjMmMyYjQ0NzBmY2JlZGZmMzIx
MmVlZmFlZWIyNWFhZTk0YTIzNzNhM2Q4MzkzMTk1ZTZmMTIwOTc3MmQ5MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJwuulpIhikvwMa+KcEM0xVRVyvG
63cXkLJzLv2mi9dbJaIRlprbf0uqCMjOl4sZP1K5osx/kiQfHJJHs7AGowoj6ZAQ
uZn8wtQbRZcpvDdaF4JYg/J9zrU9b+jcOQH3oPUElwuN4kJ9qwu547aZ+KSvN+3z
BW2dYus/kBtjxMAWRPPU3gkJAapOerRBHY4CQDzi41s+kmuAVRe5BCEQ6nkKKNwV
d3Y7MK+MsaMLx80i+M2oWPtOzL/y6UA1FGMYgYLfpn7uyZzSWUhQq1T1opGiS2cl
bfNOmfBe9nW2Y4FPPe2rvhoosKpeVpp0TORXCm0azVhY3GtE6FpcrBq8lwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGTHaXRceLsPMQ6kRSeu5Yb0VEQXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc1NDk3ZTU1LTU1NzUtNDQ1Zi1iNThkLTdhZWJmZjYzMTBlOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAMDAMA0GCSqGSIb3DQEBCwUAA4IBAQCco5S16JAWp2pIlmt4
g9WGwuFfOM4hZWsCDdMzXahWppQdPsprvAoaNt18I3kdicfyPQtvLg4hAziqQ5ZQ
aLapUMMAsxM7U4rrqUDaac6UFHFnTIue2vMHZ1DtNfCkew/SI+Rtgo23ii+Ek2v2
jBf6ONDY1g0/C/Ch4oq1EvQ5DLpyOsKHhkPoSw7qvVzwaQaZ1++dHFV+SLR2vzyx
1TDePuDMWomolwBRL+VL9b6YPrNUh2LQrRoIl0eX1Z7ub3drkjmFn1mdYt4LXOdv
6uUf1quToQOi1pZ2BvGRhh80NuKe2UqL4yJtTtL3684sRoiUQpF+nVDEd7APblad
N2KQ
-----END CERTIFICATE-----