Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830000fc-9d46-461c-8155-e409ef5fadcc.roa
File:                     830000fc-9d46-461c-8155-e409ef5fadcc.roa (raw, json)
Hash identifier:          vrSA0PuAPcK/Nng6E7iTa4AMwZxvVDMADmfkXPCTDH8=
Subject key identifier:   BD:C2:8B:D1:27:AA:C3:A5:C3:44:B8:2F:73:4E:77:DB:D5:F9:D4:5E
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       42434BFC799037902C594C80BB8D91839876EE90
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830000fc-9d46-461c-8155-e409ef5fadcc.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da61:f080::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:43:4b:fc:79:90:37:90:2c:59:4c:80:bb:8d:91:83:98:76:ee:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=c84eea221781cba59bf87fa82039114efc035db4f9a3c13209d560dd01496f35, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:59:ee:ad:0d:ec:71:bf:2b:46:ef:33:94:fd:
                    8d:eb:84:9a:76:2d:51:d2:f5:d3:e6:e7:d5:d3:05:
                    63:02:67:69:5e:5b:c5:00:51:6d:a1:10:0e:e1:b7:
                    fc:fc:fb:c1:3c:13:31:73:93:24:a1:3c:4b:24:c3:
                    8b:e5:35:c8:79:ec:c1:4f:30:5b:89:55:a8:1a:82:
                    fd:21:23:15:0f:4d:cc:1e:ea:07:80:fe:4f:57:06:
                    18:00:49:90:fd:fb:4d:bc:96:8a:e3:d0:f4:b3:6a:
                    11:c3:10:32:4d:c2:15:07:6c:cd:1a:fe:40:e1:55:
                    d6:a8:36:ea:5e:da:ea:f1:29:cc:0d:6f:6b:16:be:
                    94:e5:1c:ba:05:11:51:57:0c:e4:0c:2d:83:85:96:
                    a4:57:89:c8:9a:59:65:86:40:66:96:22:38:fb:76:
                    70:98:9d:33:12:fa:18:83:fc:30:79:83:8b:ba:88:
                    f1:8a:2b:31:69:c3:e8:30:a5:b8:e9:d0:ea:c7:4d:
                    fa:00:e7:b3:f3:9b:b2:d3:c2:8e:5b:57:61:2e:31:
                    d6:42:48:ef:50:68:91:29:b0:82:09:06:de:91:12:
                    b5:4b:75:22:c5:a4:08:f1:77:d5:e1:b1:ae:37:f9:
                    9a:f4:d6:bd:62:47:95:37:9e:2d:b9:b9:59:ec:66:
                    d9:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:C2:8B:D1:27:AA:C3:A5:C3:44:B8:2F:73:4E:77:DB:D5:F9:D4:5E
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/830000fc-9d46-461c-8155-e409ef5fadcc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da61:f080::/48

    Signature Algorithm: sha256WithRSAEncryption
         6f:6e:74:27:79:c9:bd:4b:74:e2:73:94:fc:5d:79:ca:28:40:
         3b:c8:f4:2b:f6:02:83:23:c2:e1:e9:04:04:2f:1d:e4:d8:85:
         a9:3e:9e:5c:1c:ee:af:31:67:98:e2:9e:67:7e:3b:55:2d:0b:
         10:d1:1e:f7:95:92:fc:20:2c:a2:dc:42:b7:fa:a6:a0:15:d9:
         77:31:59:02:c7:24:16:90:97:f0:18:ca:f6:0a:fa:eb:68:a0:
         c2:3e:25:c5:e6:57:a5:50:b6:87:ef:b2:f8:81:b4:d8:76:67:
         1a:82:e0:22:62:96:a4:db:4c:5e:dc:8a:89:6f:55:0b:17:74:
         d9:32:fe:6b:ea:cd:10:09:6b:93:a4:d8:f2:c6:0b:64:7a:17:
         37:8f:07:a3:c8:76:df:75:6e:7b:88:79:b1:80:10:c6:aa:89:
         e1:74:a5:ec:c5:7b:2e:9d:05:4e:09:8c:39:90:59:7f:ee:25:
         5f:93:33:b4:e1:39:7f:a8:eb:1b:0c:36:de:b5:77:4a:3a:2d:
         36:1b:d9:f3:26:25:56:84:80:3b:81:d9:7c:47:ee:1a:bb:6e:
         bb:41:d0:67:9d:3c:59:df:9f:22:6d:c0:bf:78:98:25:7e:af:
         1f:2c:9b:ac:48:0d:4d:b9:01:03:f0:ac:f4:bd:4f:62:99:6b:
         0c:1d:df:a9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUQkNL/HmQN5AsWUyAu42Rg5h27pAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYzg0ZWVhMjIxNzgxY2JhNTliZjg3
ZmE4MjAzOTExNGVmYzAzNWRiNGY5YTNjMTMyMDlkNTYwZGQwMTQ5NmYzNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FnurQ3scb8rRu8zlP2N64Sadi1R
0vXT5ufV0wVjAmdpXlvFAFFtoRAO4bf8/PvBPBMxc5MkoTxLJMOL5TXIeezBTzBb
iVWoGoL9ISMVD03MHuoHgP5PVwYYAEmQ/ftNvJaK49D0s2oRwxAyTcIVB2zNGv5A
4VXWqDbqXtrq8SnMDW9rFr6U5Ry6BRFRVwzkDC2DhZakV4nImlllhkBmliI4+3Zw
mJ0zEvoYg/wweYOLuojxiisxacPoMKW46dDqx036AOez85uy08KOW1dhLjHWQkjv
UGiRKbCCCQbekRK1S3UixaQI8XfV4bGuN/ma9Na9YkeVN54tublZ7GbZBwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFL3Ci9EnqsOlw0S4L3NOd9vV+dReMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgzMDAwMGZjLTlkNDYtNDYxYy04MTU1LWU0MDllZjVmYWRjYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYfCAMA0GCSqGSIb3DQEBCwUAA4IBAQBvbnQnecm9S3Tic5T8
XXnKKEA7yPQr9gKDI8Lh6QQELx3k2IWpPp5cHO6vMWeY4p5nfjtVLQsQ0R73lZL8
ICyi3EK3+qagFdl3MVkCxyQWkJfwGMr2CvrraKDCPiXF5lelULaH77L4gbTYdmca
guAiYpak20xe3IqJb1ULF3TZMv5r6s0QCWuTpNjyxgtkehc3jwejyHbfdW57iHmx
gBDGqonhdKXsxXsunQVOCYw5kFl/7iVfkzO04Tl/qOsbDDbetXdKOi02G9nzJiVW
hIA7gdl8R+4au267QdBnnTxZ358ibcC/eJglfq8fLJusSA1NuQED8Kz0vU9imWsM
Hd+p
-----END CERTIFICATE-----