Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/809f0c96-bf0f-41ef-a664-a5509c777eb1.roa
File:                     809f0c96-bf0f-41ef-a664-a5509c777eb1.roa (raw, json)
Hash identifier:          rKf9cAyRLYI89I1SBb1bmtiVgPgDn2FsN2ua0Ns9YSM=
Subject key identifier:   D5:BF:AE:2C:80:35:56:65:D6:D9:49:E0:EE:73:D3:50:8A:82:DB:7A
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       0512F7657737278CA5177FB77726CC7089CC68E1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/809f0c96-bf0f-41ef-a664-a5509c777eb1.roa
Signing time:             Sat 25 Jan 2025 00:00:00 +0000
ROA not before:           Sat 25 Jan 2025 00:00:00 +0000
ROA not after:            Sat 01 Mar 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf5:6000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:12:f7:65:77:37:27:8c:a5:17:7f:b7:77:26:cc:70:89:cc:68:e1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 25 00:00:00 2025 GMT
            Not After : Mar  1 23:59:59 2025 GMT
        Subject: serialNumber=5bcb28d3c44242e9c9435a3aac3027cdcad1ee7f3f61daf7f22154dc62998960, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:ec:ce:9f:80:91:4d:bd:06:ef:df:b2:22:a2:
                    ee:9f:7f:0a:49:39:cb:21:76:d8:35:82:f3:69:86:
                    60:d3:71:d5:c5:b0:e9:b7:88:f9:4e:ab:28:b5:81:
                    9f:f7:c0:37:7a:ae:7e:cf:b6:f6:74:a9:2c:0d:bd:
                    54:99:3a:fb:c9:42:e2:60:b1:01:2b:62:f7:ea:94:
                    c8:d7:29:e7:55:68:73:3c:1b:fb:7f:1e:48:09:97:
                    ae:c6:2d:a5:ca:e6:0d:4b:47:b9:07:75:5e:2c:69:
                    12:84:b5:21:a1:bc:be:df:d6:1d:4b:7b:21:68:70:
                    21:cb:86:c4:cd:fe:cf:e0:63:8a:d0:c6:ac:ff:2b:
                    61:b1:dd:2f:a1:0a:df:b8:f8:99:1c:4c:0f:4b:6b:
                    65:53:85:7e:fd:d7:41:d9:dc:40:fd:75:23:95:f9:
                    84:83:d4:95:cd:84:e9:99:ce:07:df:4c:1b:a9:fb:
                    47:d8:d0:e6:d9:d7:0b:9b:68:4c:5f:a5:2e:4f:55:
                    1b:d5:90:77:53:4a:fa:b1:5b:c9:c2:08:83:24:cb:
                    d9:1e:f4:b4:b1:93:05:34:f9:e2:d5:ad:af:45:65:
                    9a:2a:72:f3:24:72:aa:e2:cb:86:dd:4e:5a:73:0e:
                    42:09:30:f6:b0:97:8b:8a:8b:ab:94:58:33:ea:7f:
                    6c:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:BF:AE:2C:80:35:56:65:D6:D9:49:E0:EE:73:D3:50:8A:82:DB:7A
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/809f0c96-bf0f-41ef-a664-a5509c777eb1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf5:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         65:df:91:24:b0:2d:1e:f2:59:17:86:32:0f:60:bb:b1:fb:41:
         51:3b:c1:02:b5:33:b7:25:64:f4:ac:1a:04:27:4a:28:a5:31:
         f3:e7:ad:db:58:f6:d0:d7:5f:10:f8:fd:e4:4f:8c:87:ef:f9:
         07:fd:ae:44:7c:c4:3c:b4:6a:e1:c6:08:7b:ab:1a:50:13:87:
         44:4a:39:84:c5:21:9c:44:42:44:5c:22:bb:10:d6:29:e2:73:
         5b:a0:ad:ba:ca:bc:0c:ec:40:1e:4e:bd:3f:dc:69:30:02:d4:
         78:e0:eb:c8:7c:a8:3d:79:ee:ab:04:f8:ed:14:f1:8f:cd:e7:
         4c:9b:30:1f:66:81:60:f5:fd:de:c9:3d:9f:65:ac:91:ea:94:
         37:d0:71:04:6c:43:a4:c8:ec:25:a5:01:cf:35:12:f2:4a:c0:
         df:c0:83:f7:89:ef:1f:31:6a:42:67:40:b0:fe:07:3e:fb:aa:
         34:2f:e4:2f:8e:d8:22:7b:5c:7a:0a:80:bb:31:c9:b0:d3:9b:
         17:15:51:b5:74:46:13:71:5e:a3:af:b8:76:f6:5b:54:1d:0d:
         81:19:9d:de:f9:54:d3:65:60:b3:6e:84:df:7d:94:d6:ba:70:
         45:dc:71:9a:fa:b7:eb:e7:2b:58:f0:0f:f7:1a:c0:d4:2b:98:
         e1:20:d2:92
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBRL3ZXc3J4ylF3+3dybMcInMaOEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNTAwMDAwMFoX
DTI1MDMwMTIzNTk1OVowejFJMEcGA1UEBRNANWJjYjI4ZDNjNDQyNDJlOWM5NDM1
YTNhYWMzMDI3Y2RjYWQxZWU3ZjNmNjFkYWY3ZjIyMTU0ZGM2Mjk5ODk2MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOzOn4CRTb0G79+yIqLun38KSTnL
IXbYNYLzaYZg03HVxbDpt4j5TqsotYGf98A3eq5+z7b2dKksDb1UmTr7yULiYLEB
K2L36pTI1ynnVWhzPBv7fx5ICZeuxi2lyuYNS0e5B3VeLGkShLUhoby+39YdS3sh
aHAhy4bEzf7P4GOK0Mas/ythsd0voQrfuPiZHEwPS2tlU4V+/ddB2dxA/XUjlfmE
g9SVzYTpmc4H30wbqftH2NDm2dcLm2hMX6UuT1Ub1ZB3U0r6sVvJwgiDJMvZHvS0
sZMFNPni1a2vRWWaKnLzJHKq4suG3U5acw5CCTD2sJeLiourlFgz6n9sPwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNW/riyANVZl1tlJ4O5z01CKgtt6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgwOWYwYzk2LWJmMGYtNDFlZi1hNjY0LWE1NTA5Yzc3N2ViMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9WAwDQYJKoZIhvcNAQELBQADggEBAGXfkSSwLR7yWReGMg9g
u7H7QVE7wQK1M7clZPSsGgQnSiilMfPnrdtY9tDXXxD4/eRPjIfv+Qf9rkR8xDy0
auHGCHurGlATh0RKOYTFIZxEQkRcIrsQ1inic1ugrbrKvAzsQB5OvT/caTAC1Hjg
68h8qD157qsE+O0U8Y/N50ybMB9mgWD1/d7JPZ9lrJHqlDfQcQRsQ6TI7CWlAc81
EvJKwN/Ag/eJ7x8xakJnQLD+Bz77qjQv5C+O2CJ7XHoKgLsxybDTmxcVUbV0RhNx
XqOvuHb2W1QdDYEZnd75VNNlYLNuhN99lNa6cEXccZr6t+vnK1jwD/cawNQrmOEg
0pI=
-----END CERTIFICATE-----