Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa
File:                     acf96eac-505d-42a3-ad3b-20402c0f43ed.roa (raw, json)
Hash identifier:          lo+/MEP8UjHdTejim5YgSnLtLWhDWPLTgReZJMGuOgk=
Subject key identifier:   9B:DB:B0:80:E0:B2:98:74:74:86:1C:13:54:CF:65:4F:F0:6B:D8:D4
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       360C187C498D152735C9C710B1A974522CB63F7B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa
Signing time:             Fri 10 Jan 2025 00:00:00 +0000
ROA not before:           Fri 10 Jan 2025 00:00:00 +0000
ROA not after:            Fri 14 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da1d::/36 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:0c:18:7c:49:8d:15:27:35:c9:c7:10:b1:a9:74:52:2c:b6:3f:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 10 00:00:00 2025 GMT
            Not After : Feb 14 23:59:59 2025 GMT
        Subject: serialNumber=770cf3f9c819a9e2155700c8eeaafe3623caf8141d47a90b70beaf3e0ceeb643, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:90:79:26:93:10:a6:e7:51:b6:ab:bf:d6:a3:
                    0b:0a:f3:9d:bb:c7:7f:0c:7d:59:c3:9b:64:c1:45:
                    f8:b1:ea:27:e1:68:dd:88:22:19:b6:7e:da:5c:25:
                    49:56:e1:09:73:f2:ff:17:1a:b6:2d:43:73:33:9e:
                    5d:34:60:0b:ad:0b:94:32:15:10:c4:5d:32:ce:54:
                    87:04:1f:f6:b2:29:fa:33:40:02:bb:1c:56:8a:cf:
                    a0:ab:e3:40:4c:b4:e3:d8:18:94:41:3d:e1:3e:86:
                    25:7c:33:b6:cd:c6:4e:d4:e6:03:b3:19:9c:1d:df:
                    55:f0:95:f7:e6:47:79:45:9c:86:92:0a:83:61:33:
                    d7:d0:9d:c3:33:10:93:d4:07:ec:6c:24:72:42:c9:
                    ac:25:63:b0:7c:6d:2e:05:2d:94:63:d9:9e:fe:c0:
                    d2:fa:c0:93:41:89:71:43:35:ec:e4:ad:65:ed:9b:
                    20:f5:e9:19:b4:fa:e6:ec:f4:37:b6:6f:5c:33:1f:
                    66:94:cd:37:4c:c2:04:2f:bc:e4:e8:df:23:7a:fe:
                    92:72:b3:72:69:3f:32:6b:21:00:a1:e6:49:a4:36:
                    8d:60:ed:19:09:48:1e:d9:91:58:7c:de:a7:84:50:
                    c5:51:c2:33:22:1a:07:54:e4:0e:80:ce:8c:3f:33:
                    b7:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:DB:B0:80:E0:B2:98:74:74:86:1C:13:54:CF:65:4F:F0:6B:D8:D4
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/acf96eac-505d-42a3-ad3b-20402c0f43ed.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da1d::/36

    Signature Algorithm: sha256WithRSAEncryption
         24:69:9c:27:04:3a:bf:b4:bc:58:e3:bb:0d:20:fa:0b:92:7a:
         f0:03:ad:d1:7b:72:04:ed:5f:6f:e8:5a:39:12:34:44:a3:8e:
         74:27:35:95:2f:cc:52:e7:bb:a7:5a:58:45:85:0b:c5:21:92:
         ef:36:f5:20:a3:ab:bb:77:10:b9:8b:6c:a5:97:84:7a:60:6a:
         83:cd:76:47:f0:8b:be:ef:7d:de:c7:a5:f8:74:48:7b:2a:ee:
         a2:0b:0c:9d:b4:c6:dc:f2:a0:25:c7:8c:6d:95:ed:18:74:4a:
         cd:a2:6f:36:d0:ae:44:bd:15:3e:b6:3f:28:3a:45:63:97:81:
         22:2b:6b:e7:c0:5b:cc:ab:7e:ab:bb:1c:38:df:b3:d7:2d:59:
         18:fe:b7:94:9d:a0:76:dd:2f:ad:75:6c:05:64:46:73:45:e2:
         ce:57:30:4e:0b:09:fd:55:80:6f:14:65:25:e7:33:bf:7b:a7:
         f1:80:0c:0b:8f:cb:23:93:af:44:7e:e4:84:8f:70:44:f8:71:
         9f:f5:cb:ee:59:72:ed:8c:ff:34:a8:e6:81:7e:cf:40:e4:c4:
         2a:db:13:fc:b0:1f:f8:1d:9c:b1:c0:e6:ed:f6:b8:98:9a:b5:
         e4:07:6a:e6:ab:7b:d7:34:b1:a7:2c:1f:ea:0c:0c:d5:d4:44:
         54:f0:7f:7b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNgwYfEmNFSc1yccQsal0Uiy2P3swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNANzcwY2YzZjljODE5YTllMjE1NTcw
MGM4ZWVhYWZlMzYyM2NhZjgxNDFkNDdhOTBiNzBiZWFmM2UwY2VlYjY0MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpB5JpMQpudRtqu/1qMLCvOdu8d/
DH1Zw5tkwUX4seon4WjdiCIZtn7aXCVJVuEJc/L/Fxq2LUNzM55dNGALrQuUMhUQ
xF0yzlSHBB/2sin6M0ACuxxWis+gq+NATLTj2BiUQT3hPoYlfDO2zcZO1OYDsxmc
Hd9V8JX35kd5RZyGkgqDYTPX0J3DMxCT1AfsbCRyQsmsJWOwfG0uBS2UY9me/sDS
+sCTQYlxQzXs5K1l7Zsg9ekZtPrm7PQ3tm9cMx9mlM03TMIEL7zk6N8jev6ScrNy
aT8yayEAoeZJpDaNYO0ZCUge2ZFYfN6nhFDFUcIzIhoHVOQOgM6MPzO34wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJvbsIDgsph0dIYcE1TPZU/wa9jUMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FjZjk2ZWFjLTUwNWQtNDJhMy1hZDNiLTIwNDAyYzBmNDNlZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaHQAwDQYJKoZIhvcNAQELBQADggEBACRpnCcEOr+0vFjjuw0g
+guSevADrdF7cgTtX2/oWjkSNESjjnQnNZUvzFLnu6daWEWFC8Uhku829SCjq7t3
ELmLbKWXhHpgaoPNdkfwi77vfd7Hpfh0SHsq7qILDJ20xtzyoCXHjG2V7Rh0Ss2i
bzbQrkS9FT62Pyg6RWOXgSIra+fAW8yrfqu7HDjfs9ctWRj+t5SdoHbdL611bAVk
RnNF4s5XME4LCf1VgG8UZSXnM797p/GADAuPyyOTr0R+5ISPcET4cZ/1y+5Zcu2M
/zSo5oF+z0DkxCrbE/ywH/gdnLHA5u32uJiateQHauare9c0sacsH+oMDNXURFTw
f3s=
-----END CERTIFICATE-----