Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/91d77916-88a8-437e-b451-0d53bdaea4bd.roa
File:                     91d77916-88a8-437e-b451-0d53bdaea4bd.roa (raw, json)
Hash identifier:          YSq6k0rES+IvOLFjpma5c56/67vj6IiK7GQxOWElG3A=
Subject key identifier:   0A:E4:21:6A:27:49:58:46:6F:5F:80:93:27:DA:08:7D:DD:B3:D3:D0
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       43E8DA940C515A88967C435F480D69B9C15F7680
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/91d77916-88a8-437e-b451-0d53bdaea4bd.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da00:a0c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:e8:da:94:0c:51:5a:88:96:7c:43:5f:48:0d:69:b9:c1:5f:76:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=4d33beada030d51e0d7bb9255cb3a5acc60bceba3273dd06b4e7bd7b409b9f50, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:47:4b:16:de:a3:8a:97:4d:59:4d:7e:10:42:
                    39:ed:7d:f4:7f:2c:39:b6:7c:ca:ee:4f:4e:ac:75:
                    ca:8b:87:1e:5e:1b:17:b1:84:cc:03:bb:d8:e1:6d:
                    a1:b1:7e:d4:e6:e7:ae:db:33:b9:40:2c:2c:a1:b9:
                    81:21:85:51:0e:35:69:ae:9d:fa:a4:ce:a6:c7:bc:
                    ef:4a:3e:eb:37:dc:2e:de:6e:a4:24:40:16:74:e3:
                    49:c7:a1:6e:14:c1:ff:b6:80:5c:3e:33:b7:8a:65:
                    02:82:c1:1f:5b:3b:5e:c1:b1:92:f0:ad:0c:bd:90:
                    0c:07:55:df:50:f7:8a:78:04:c3:3f:88:f1:3c:f4:
                    f6:c1:fc:9d:dc:0d:b3:88:16:a1:b1:39:ac:dc:2d:
                    d7:b7:63:e5:79:41:0f:2b:3d:25:24:e2:09:14:7b:
                    50:00:47:9e:7f:a9:aa:10:4d:14:85:88:c0:c2:74:
                    0a:e5:da:cc:fe:cc:33:f2:77:70:e7:d1:a6:e9:d3:
                    f3:2a:c1:b9:26:92:dd:48:a7:6d:c1:c7:cd:a6:0e:
                    95:7a:6e:fc:88:d7:07:9a:d4:0a:61:fb:5f:77:df:
                    c2:d5:0f:45:69:bb:b5:99:c7:6c:af:0f:4e:9f:0c:
                    65:3e:99:77:af:b1:78:63:68:3f:3b:31:f2:e2:db:
                    ca:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:E4:21:6A:27:49:58:46:6F:5F:80:93:27:DA:08:7D:DD:B3:D3:D0
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/91d77916-88a8-437e-b451-0d53bdaea4bd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da00:a0c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         38:b5:0e:9b:21:ed:56:74:2b:b6:99:1b:f2:77:95:6b:ac:e0:
         79:c5:3c:e8:d3:56:b7:9b:9a:53:6d:f3:d5:43:2a:7c:36:b9:
         a8:9b:73:a5:e0:a1:33:e8:44:9d:13:72:65:91:06:c6:16:9f:
         f4:0d:98:1c:f9:ca:c1:53:f7:22:36:e9:13:77:d4:6f:75:e2:
         fe:20:e5:01:fb:01:fa:09:f0:fe:52:c3:50:92:2d:fa:62:f8:
         83:6a:08:e8:e6:2f:8e:a0:b6:ad:ee:5c:6f:d3:9f:2a:52:84:
         1a:bc:ff:fa:80:3c:c9:0c:17:5d:cb:10:25:94:89:31:a3:08:
         67:ee:b9:de:ba:52:38:f7:c2:1d:93:33:f0:81:e4:f0:7d:42:
         99:39:31:86:17:4e:b2:fa:80:d8:f0:b8:a4:b7:27:c7:9a:4f:
         ab:91:c6:51:a6:8e:05:ac:b2:35:28:35:2d:85:cd:dd:27:6d:
         00:76:62:5a:17:61:45:a6:a0:bf:b7:b4:8f:e5:4d:cc:a4:6c:
         ea:6f:9e:1c:8e:d2:55:d4:0c:29:a0:81:ed:e1:5f:54:fe:4d:
         6b:0d:62:4a:2a:85:13:ed:03:b7:88:4c:9d:ff:88:34:80:f1:
         e9:3d:86:e3:91:a8:88:0e:25:2f:44:ab:5a:05:32:83:1b:2e:
         75:13:7c:ef
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUQ+jalAxRWoiWfENfSA1pucFfdoAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANGQzM2JlYWRhMDMwZDUxZTBkN2Ji
OTI1NWNiM2E1YWNjNjBiY2ViYTMyNzNkZDA2YjRlN2JkN2I0MDliOWY1MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUdLFt6jipdNWU1+EEI57X30fyw5
tnzK7k9OrHXKi4ceXhsXsYTMA7vY4W2hsX7U5ueu2zO5QCwsobmBIYVRDjVprp36
pM6mx7zvSj7rN9wu3m6kJEAWdONJx6FuFMH/toBcPjO3imUCgsEfWztewbGS8K0M
vZAMB1XfUPeKeATDP4jxPPT2wfyd3A2ziBahsTms3C3Xt2PleUEPKz0lJOIJFHtQ
AEeef6mqEE0UhYjAwnQK5drM/swz8ndw59Gm6dPzKsG5JpLdSKdtwcfNpg6Vem78
iNcHmtQKYftfd9/C1Q9Fabu1mcdsrw9OnwxlPpl3r7F4Y2g/OzHy4tvKFQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFArkIWonSVhGb1+AkyfaCH3ds9PQMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkxZDc3OTE2LTg4YTgtNDM3ZS1iNDUxLTBkNTNiZGFlYTRiZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaAKDAMA0GCSqGSIb3DQEBCwUAA4IBAQA4tQ6bIe1WdCu2mRvy
d5VrrOB5xTzo01a3m5pTbfPVQyp8Nrmom3Ol4KEz6ESdE3JlkQbGFp/0DZgc+crB
U/ciNukTd9RvdeL+IOUB+wH6CfD+UsNQki36YviDagjo5i+OoLat7lxv058qUoQa
vP/6gDzJDBddyxAllIkxowhn7rneulI498IdkzPwgeTwfUKZOTGGF06y+oDY8Lik
tyfHmk+rkcZRpo4FrLI1KDUthc3dJ20AdmJaF2FFpqC/t7SP5U3MpGzqb54cjtJV
1AwpoIHt4V9U/k1rDWJKKoUT7QO3iEyd/4g0gPHpPYbjkaiIDiUvRKtaBTKDGy51
E3zv
-----END CERTIFICATE-----