Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa
File:                     a894812d-493e-43f7-8c3a-76a64ad96de7.roa (raw, json)
Hash identifier:          IjJwu4OC7HyHUY/CGfuymCjfwl9QPmNjrsuuN/mj51I=
Subject key identifier:   47:E7:C7:09:AF:EB:97:18:7D:32:E9:86:05:B9:CC:D9:AC:1B:1C:D7
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       59FD55CD222DEE358ECE22E6314F49E6B18BBDE3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da61:4040::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:fd:55:cd:22:2d:ee:35:8e:ce:22:e6:31:4f:49:e6:b1:8b:bd:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=46a82f62645cd14c716ea6451683b6e0ec7e79c07d22f07050d475e49f28bbed, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:ad:dd:3d:18:e2:7e:94:1e:ea:6a:b3:e6:28:
                    76:c8:42:a0:e1:fc:0b:82:e9:60:f1:39:ff:76:60:
                    0a:ba:00:2f:44:5a:45:84:3d:62:17:45:d2:fe:53:
                    78:c6:23:92:85:11:f8:63:48:f6:3f:da:2b:c2:e2:
                    e5:6e:2d:eb:4a:c8:dc:20:ac:88:a5:97:98:29:fc:
                    95:d8:e9:66:40:06:59:a9:e8:00:51:33:0d:0d:e9:
                    38:7d:fe:2f:d4:43:7a:ef:7c:e1:2f:95:33:5c:52:
                    11:2d:98:76:87:0f:6d:b8:7c:39:1f:62:a3:eb:49:
                    4c:c8:54:63:02:8a:bf:40:62:f9:51:30:c0:cd:47:
                    e8:85:ee:95:61:0f:da:b4:29:28:59:65:5b:1f:3c:
                    86:42:46:a0:b1:3a:a3:62:aa:c3:dc:fd:b3:2d:26:
                    76:b5:94:e7:9f:20:75:f9:76:67:03:2a:f6:c6:49:
                    30:8b:0c:0a:62:bb:ec:3c:30:a8:2a:96:2b:83:b8:
                    a3:a5:0c:b0:ab:8f:c8:19:50:87:5e:4c:79:50:2a:
                    67:e3:93:36:87:46:8d:a9:9e:5a:f9:7c:1f:f1:68:
                    94:e8:82:d1:45:1a:70:ed:55:fe:70:be:11:42:f6:
                    63:81:77:f0:ef:d2:61:9b:a5:0a:3c:62:30:5e:8e:
                    2f:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:E7:C7:09:AF:EB:97:18:7D:32:E9:86:05:B9:CC:D9:AC:1B:1C:D7
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a894812d-493e-43f7-8c3a-76a64ad96de7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da61:4040::/48

    Signature Algorithm: sha256WithRSAEncryption
         98:1f:ff:5a:de:9a:db:fd:e1:3d:c9:78:01:25:7a:b5:c2:15:
         ae:33:af:eb:f2:1b:db:d7:c9:dc:25:d4:0f:ca:5f:ad:cf:4b:
         55:63:b5:3a:b2:bf:00:33:06:6b:a3:91:a8:95:f1:34:5a:e1:
         db:ad:eb:f5:ba:6f:57:84:a4:5c:d5:26:b1:5d:0b:09:65:81:
         17:98:89:e7:4c:05:4b:13:34:bf:0b:fc:fd:18:f6:f5:94:30:
         e1:fc:0e:e6:e1:c9:b6:05:cc:6d:1d:1b:b0:fd:9f:21:53:da:
         1a:44:f1:f6:12:46:a3:18:16:66:02:3e:c8:9a:55:d0:ca:69:
         f5:17:92:b0:a4:91:57:5f:53:35:77:00:f4:62:fa:e9:44:f2:
         94:54:09:84:67:87:7f:c4:db:c6:13:3f:1c:78:94:7e:dc:46:
         08:7a:58:0e:b0:ea:6c:6a:d4:e6:a2:c9:23:3b:99:f9:c6:85:
         be:f8:8a:8f:80:4a:7e:1c:fb:1d:e6:8d:fc:af:a5:22:f2:c5:
         56:81:30:a6:2a:68:cd:d6:00:1f:f2:5d:c5:2f:2e:63:f6:44:
         60:df:3b:0e:a7:18:2a:43:9c:24:58:0e:d7:fd:f5:a3:28:54:
         f3:b1:30:c0:6c:fc:19:0f:24:9d:f3:ee:57:4b:b6:31:d9:2d:
         cb:84:2b:97
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWf1VzSIt7jWOziLmMU9J5rGLveMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANDZhODJmNjI2NDVjZDE0YzcxNmVh
NjQ1MTY4M2I2ZTBlYzdlNzljMDdkMjJmMDcwNTBkNDc1ZTQ5ZjI4YmJlZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK3dPRjifpQe6mqz5ih2yEKg4fwL
gulg8Tn/dmAKugAvRFpFhD1iF0XS/lN4xiOShRH4Y0j2P9orwuLlbi3rSsjcIKyI
pZeYKfyV2OlmQAZZqegAUTMNDek4ff4v1EN673zhL5UzXFIRLZh2hw9tuHw5H2Kj
60lMyFRjAoq/QGL5UTDAzUfohe6VYQ/atCkoWWVbHzyGQkagsTqjYqrD3P2zLSZ2
tZTnnyB1+XZnAyr2xkkwiwwKYrvsPDCoKpYrg7ijpQywq4/IGVCHXkx5UCpn45M2
h0aNqZ5a+Xwf8WiU6ILRRRpw7VX+cL4RQvZjgXfw79Jhm6UKPGIwXo4vEQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEfnxwmv65cYfTLphgW5zNmsGxzXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E4OTQ4MTJkLTQ5M2UtNDNmNy04YzNhLTc2YTY0YWQ5NmRlNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYUBAMA0GCSqGSIb3DQEBCwUAA4IBAQCYH/9a3prb/eE9yXgB
JXq1whWuM6/r8hvb18ncJdQPyl+tz0tVY7U6sr8AMwZro5GolfE0WuHbrev1um9X
hKRc1SaxXQsJZYEXmInnTAVLEzS/C/z9GPb1lDDh/A7m4cm2BcxtHRuw/Z8hU9oa
RPH2EkajGBZmAj7ImlXQymn1F5KwpJFXX1M1dwD0YvrpRPKUVAmEZ4d/xNvGEz8c
eJR+3EYIelgOsOpsatTmoskjO5n5xoW++IqPgEp+HPsd5o38r6Ui8sVWgTCmKmjN
1gAf8l3FLy5j9kRg3zsOpxgqQ5wkWA7X/fWjKFTzsTDAbPwZDySd8+5XS7Yx2S3L
hCuX
-----END CERTIFICATE-----