Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa
File:                     931330f5-9897-4b1f-9582-a81df9bb0324.roa (raw, json)
Hash identifier:          8OFgnZBvI4xxWSzvkwJjYu0jgz+TPwI19hdsz6iFBS8=
Subject key identifier:   28:8A:59:59:1F:08:E5:65:1A:D1:00:84:20:9D:07:00:76:5C:F1:C5
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1C241D53A522AC0628E9EEE49DB48CA10BA68275
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafe:6000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:24:1d:53:a5:22:ac:06:28:e9:ee:e4:9d:b4:8c:a1:0b:a6:82:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=7b253e1a686251754c2f29bef7b522ea29c676b3041fa06c7d7508500e4454f6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:ab:f1:95:b5:67:85:63:9e:b2:6b:03:aa:8f:
                    5f:05:d3:74:f3:f3:c9:b2:dc:59:ec:49:14:19:ef:
                    54:ef:85:6f:83:0e:7a:be:5a:4c:60:7a:cc:65:b6:
                    6d:c5:49:7d:a7:87:db:3d:ef:e9:76:b6:55:6c:9a:
                    44:eb:ab:ac:ba:14:20:87:b6:52:de:38:3a:d0:ae:
                    0c:5b:78:ac:dd:d4:d2:11:e6:35:2b:bb:b0:92:35:
                    6c:79:24:9f:1f:8d:69:f9:d0:d8:fe:11:3a:56:99:
                    97:f4:d7:06:78:f7:ca:9a:a1:d5:7c:9c:26:2d:bc:
                    8a:4f:e6:21:36:ce:d2:62:ac:74:b9:b2:24:14:fb:
                    d6:2a:57:6c:63:34:a9:7c:a1:55:92:06:38:35:ee:
                    07:5a:bd:79:64:5b:0b:26:2f:1c:a4:9c:38:eb:e7:
                    4c:08:60:75:a8:3d:7e:cc:cc:16:68:3e:28:cc:52:
                    e2:cc:84:83:10:90:a8:55:2e:f8:68:67:16:77:2f:
                    bd:46:85:0e:7f:9b:ac:bb:88:8f:ed:32:8a:20:9a:
                    e8:50:4e:ed:54:f4:86:6b:66:8c:ff:a6:bc:21:e6:
                    3f:f4:f4:0a:c8:b8:7f:78:20:39:c8:01:c1:5a:7d:
                    20:93:57:c8:53:5d:34:20:f6:c8:ac:e4:6d:0e:bc:
                    cd:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:8A:59:59:1F:08:E5:65:1A:D1:00:84:20:9D:07:00:76:5C:F1:C5
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/931330f5-9897-4b1f-9582-a81df9bb0324.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafe:6000::/40

    Signature Algorithm: sha256WithRSAEncryption
         63:b7:24:1b:ad:e7:be:11:ca:a9:9c:94:ec:4b:7c:c0:b4:ee:
         a1:44:4a:69:15:7a:74:8b:f7:a1:d1:92:ed:34:85:1e:2f:0f:
         a3:ab:4c:b5:56:ec:bc:93:f5:2e:a3:cc:a1:4b:80:5b:39:18:
         7e:6c:f9:61:a8:2b:68:5a:fc:3b:d4:a6:71:5c:68:72:54:c2:
         62:78:28:a6:e3:f5:ce:8a:cc:85:02:ee:ae:7c:e5:cc:70:fc:
         0b:a4:5f:c8:60:21:9c:3f:c9:0e:d8:3e:83:4a:5a:d3:e2:7a:
         7e:e4:94:d0:50:67:d3:da:76:d5:50:29:46:1a:f8:e0:c3:e7:
         ce:42:d0:ac:aa:49:d7:a1:e3:46:55:30:92:c1:16:4d:8f:bb:
         3a:d0:e0:be:a9:6b:02:11:b1:fc:0e:b5:78:26:44:db:a5:69:
         ae:83:94:3f:85:4d:75:78:59:f0:7a:ed:1f:3f:ed:55:e7:fa:
         af:6b:7e:a5:9d:ea:1e:20:6c:04:84:95:32:8f:df:0d:aa:f9:
         54:80:8d:d8:d2:3b:6a:96:01:fd:3f:d3:6c:c3:3c:2b:5f:d5:
         9b:a6:4e:23:5a:a2:cc:df:96:a1:37:c5:69:90:2e:6a:05:8b:
         f0:66:95:52:42:4b:10:96:7e:e1:bf:49:54:1c:23:5c:29:76:
         b8:e9:a2:f9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHCQdU6UirAYo6e7knbSMoQumgnUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAN2IyNTNlMWE2ODYyNTE3NTRjMmYy
OWJlZjdiNTIyZWEyOWM2NzZiMzA0MWZhMDZjN2Q3NTA4NTAwZTQ0NTRmNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqvxlbVnhWOesmsDqo9fBdN08/PJ
stxZ7EkUGe9U74Vvgw56vlpMYHrMZbZtxUl9p4fbPe/pdrZVbJpE66usuhQgh7ZS
3jg60K4MW3is3dTSEeY1K7uwkjVseSSfH41p+dDY/hE6VpmX9NcGePfKmqHVfJwm
LbyKT+YhNs7SYqx0ubIkFPvWKldsYzSpfKFVkgY4Ne4HWr15ZFsLJi8cpJw46+dM
CGB1qD1+zMwWaD4ozFLizISDEJCoVS74aGcWdy+9RoUOf5usu4iP7TKKIJroUE7t
VPSGa2aM/6a8IeY/9PQKyLh/eCA5yAHBWn0gk1fIU100IPbIrORtDrzNmQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCiKWVkfCOVlGtEAhCCdBwB2XPHFMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkzMTMzMGY1LTk4OTctNGIxZi05NTgyLWE4MWRmOWJiMDMyNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/mAwDQYJKoZIhvcNAQELBQADggEBAGO3JBut574RyqmclOxL
fMC07qFESmkVenSL96HRku00hR4vD6OrTLVW7LyT9S6jzKFLgFs5GH5s+WGoK2ha
/DvUpnFcaHJUwmJ4KKbj9c6KzIUC7q585cxw/AukX8hgIZw/yQ7YPoNKWtPien7k
lNBQZ9PadtVQKUYa+ODD585C0KyqSdeh40ZVMJLBFk2PuzrQ4L6pawIRsfwOtXgm
RNulaa6DlD+FTXV4WfB67R8/7VXn+q9rfqWd6h4gbASElTKP3w2q+VSAjdjSO2qW
Af0/02zDPCtf1ZumTiNaoszflqE3xWmQLmoFi/BmlVJCSxCWfuG/SVQcI1wpdrjp
ovk=
-----END CERTIFICATE-----