Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa
File:                     80672242-3fdf-44d8-88c6-841fcfbe1251.roa (raw, json)
Hash identifier:          qLpwPp3D7JNStClo28cTMrebKsw+mQ/2I5KQtJMvvMc=
Subject key identifier:   A3:8A:90:D4:D2:C1:63:61:70:0A:51:30:E9:6B:FE:05:3B:FC:5E:BF
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       10FAE1BDEE83CDF1EDD43FAD9523CA6888A410B1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da69:8800::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:fa:e1:bd:ee:83:cd:f1:ed:d4:3f:ad:95:23:ca:68:88:a4:10:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=18f4f03de24d87081186ebe9f88efb5ecbcee9f3f7d7746c83dcd859f2bc4dfa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:b2:ba:c2:85:f0:cd:c6:5b:a4:c0:57:ef:5c:
                    97:74:14:00:37:fc:8a:ea:34:c5:88:d8:d6:09:37:
                    eb:f1:3c:26:2f:6b:3c:a9:1e:a1:0b:95:08:ed:8e:
                    4b:8f:9b:6a:39:10:c2:b3:be:32:89:12:e0:4a:2d:
                    dc:dd:6d:16:27:fd:cf:1a:c8:15:15:a0:ef:b3:85:
                    b3:aa:2d:b3:03:81:d9:d4:b2:d8:23:6e:b1:1c:b3:
                    59:07:80:46:ff:9b:e1:67:84:5e:1a:6d:37:00:1a:
                    d3:e9:35:fd:49:75:37:d5:8f:40:a3:dd:54:90:f1:
                    cb:e3:d3:fb:46:d9:b2:81:3b:7c:aa:28:c0:f2:1e:
                    d1:49:ce:e0:d9:ff:dc:25:28:a8:ec:d5:83:18:0f:
                    01:47:b7:98:04:14:1a:11:c9:35:49:d0:41:a8:62:
                    c9:02:02:6a:04:2b:f8:37:52:03:58:4e:ab:58:19:
                    f2:45:ec:f3:9f:29:f4:57:f5:53:3b:28:e2:ea:45:
                    7b:4c:61:4e:9d:44:76:c0:19:db:ce:a3:68:2e:da:
                    d3:37:24:bd:53:70:ab:64:04:d1:95:7d:59:4f:f8:
                    a6:81:60:ef:81:a1:9d:db:15:8a:c3:b5:31:29:3f:
                    02:1b:48:2c:80:04:b6:25:c1:f1:70:0b:90:19:53:
                    d5:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:8A:90:D4:D2:C1:63:61:70:0A:51:30:E9:6B:FE:05:3B:FC:5E:BF
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da69:8800::/40

    Signature Algorithm: sha256WithRSAEncryption
         26:b9:97:38:cb:44:e1:a1:5a:c5:88:c9:91:2a:50:3f:44:11:
         ba:e6:4b:ea:c9:ad:27:90:da:6f:e4:5f:ce:5c:b8:fb:00:24:
         72:96:b1:cb:28:14:a4:4d:df:38:96:72:f3:46:e9:0e:2b:a4:
         49:a4:53:70:a6:d0:d8:69:5f:ef:16:80:f4:af:ce:75:c0:48:
         17:93:f2:78:65:06:d9:27:63:1c:7f:31:7e:41:94:95:b7:c3:
         53:3c:28:88:58:81:3e:97:3f:2b:7f:75:c6:e8:22:7e:0c:1d:
         f8:dd:bd:68:5e:94:90:4e:41:40:7e:4a:c4:db:5a:53:48:a3:
         60:92:1e:18:eb:8c:33:fa:c6:20:ee:23:9a:75:0c:d7:1b:96:
         3f:11:31:f2:71:d3:88:3f:11:8a:f3:0b:2d:ab:8e:69:2d:f7:
         03:95:e1:ea:78:4c:82:db:0b:6d:2c:bd:ee:ad:13:66:d5:db:
         a8:bf:f8:01:90:d6:bb:da:40:7c:9a:c2:3f:6f:6d:b5:4b:eb:
         66:02:66:7c:72:97:1a:59:e4:89:4f:ba:0e:e5:67:57:4f:4a:
         07:dc:8e:ef:d6:1c:58:6c:49:dd:d3:09:4b:eb:5d:80:c6:f1:
         da:14:1c:89:41:7c:d2:66:bb:86:71:c0:01:fb:3d:98:b9:f1:
         bf:05:fc:65
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUEPrhve6DzfHt1D+tlSPKaIikELEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMThmNGYwM2RlMjRkODcwODExODZl
YmU5Zjg4ZWZiNWVjYmNlZTlmM2Y3ZDc3NDZjODNkY2Q4NTlmMmJjNGRmYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7K6woXwzcZbpMBX71yXdBQAN/yK
6jTFiNjWCTfr8TwmL2s8qR6hC5UI7Y5Lj5tqORDCs74yiRLgSi3c3W0WJ/3PGsgV
FaDvs4Wzqi2zA4HZ1LLYI26xHLNZB4BG/5vhZ4ReGm03ABrT6TX9SXU31Y9Ao91U
kPHL49P7RtmygTt8qijA8h7RSc7g2f/cJSio7NWDGA8BR7eYBBQaEck1SdBBqGLJ
AgJqBCv4N1IDWE6rWBnyRezznyn0V/VTOyji6kV7TGFOnUR2wBnbzqNoLtrTNyS9
U3CrZATRlX1ZT/imgWDvgaGd2xWKw7UxKT8CG0gsgAS2JcHxcAuQGVPVNwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKOKkNTSwWNhcApRMOlr/gU7/F6/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgwNjcyMjQyLTNmZGYtNDRkOC04OGM2LTg0MWZjZmJlMTI1MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaYgwDQYJKoZIhvcNAQELBQADggEBACa5lzjLROGhWsWIyZEq
UD9EEbrmS+rJrSeQ2m/kX85cuPsAJHKWscsoFKRN3ziWcvNG6Q4rpEmkU3Cm0Nhp
X+8WgPSvznXASBeT8nhlBtknYxx/MX5BlJW3w1M8KIhYgT6XPyt/dcboIn4MHfjd
vWhelJBOQUB+SsTbWlNIo2CSHhjrjDP6xiDuI5p1DNcblj8RMfJx04g/EYrzCy2r
jmkt9wOV4ep4TILbC20sve6tE2bV26i/+AGQ1rvaQHyawj9vbbVL62YCZnxylxpZ
5IlPug7lZ1dPSgfcju/WHFhsSd3TCUvrXYDG8doUHIlBfNJmu4ZxwAH7PZi58b8F
/GU=
-----END CERTIFICATE-----