Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3efb515-ba78-4d38-a2d5-bc14f4911d60.roa
File:                     b3efb515-ba78-4d38-a2d5-bc14f4911d60.roa (raw, json)
Hash identifier:          bJAkOd9nUIURvpPUhUUmb6WHwyrqZAPdi2dqVT7EpHk=
Subject key identifier:   3E:A9:F5:0D:E0:37:76:3C:88:EA:39:21:A0:01:9D:0A:3A:26:7E:C8
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       2711EA371A9E52611D8396553291CFEB5BC1D34C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3efb515-ba78-4d38-a2d5-bc14f4911d60.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da61:1080::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:11:ea:37:1a:9e:52:61:1d:83:96:55:32:91:cf:eb:5b:c1:d3:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=a3902d36808e15b1157bd2e47bd273d374d768e215c2854db5f6a86009e595af, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d7:2c:13:2e:8d:52:b6:c2:fe:01:da:16:af:
                    d8:7d:dd:a0:54:41:7b:1a:f9:9e:44:f7:b4:20:88:
                    8f:c8:42:e0:ae:0e:da:16:26:81:0d:e4:e6:6f:45:
                    c1:50:2a:be:89:69:62:9e:9f:bc:25:cb:e8:a0:8a:
                    20:90:a6:22:57:1b:7d:8e:76:92:47:57:77:0b:6b:
                    a7:60:2e:22:4a:04:fc:eb:da:fb:ae:f5:1b:e4:e1:
                    e3:bf:82:9a:77:a8:e1:d0:63:b4:b7:6b:36:95:ff:
                    3e:fd:d7:a1:b8:4c:e1:ed:a9:d6:87:c7:32:55:4e:
                    b6:03:92:34:7f:af:af:6d:21:8e:c7:4f:6e:4c:f6:
                    2a:d5:8f:7d:66:49:31:02:23:24:08:fc:22:66:58:
                    0b:60:07:70:7f:71:7e:f8:ec:0f:3d:bd:94:4e:f4:
                    8a:b6:f0:7c:2b:63:39:69:f1:23:14:25:3f:35:bb:
                    5c:7c:7f:d0:65:ac:74:2f:30:95:4b:8e:de:fd:0b:
                    4c:6e:f3:29:30:d3:86:f6:bb:f9:53:67:cd:1b:44:
                    e0:4d:7e:40:13:f2:11:d0:5c:86:f9:56:fa:d6:ce:
                    9d:d1:a9:24:d8:72:af:9d:a5:97:73:1b:f1:ed:dc:
                    7f:21:c9:7f:68:99:cf:23:17:fe:e5:e3:df:3f:bb:
                    60:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:A9:F5:0D:E0:37:76:3C:88:EA:39:21:A0:01:9D:0A:3A:26:7E:C8
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3efb515-ba78-4d38-a2d5-bc14f4911d60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da61:1080::/48

    Signature Algorithm: sha256WithRSAEncryption
         c8:0d:5d:57:11:9f:e5:1f:fd:d0:67:0a:8a:a4:05:35:52:00:
         93:cf:48:18:61:3a:7c:2d:da:88:b1:1e:58:b9:9f:ca:fb:8b:
         fb:86:50:d9:9f:5b:31:c6:5f:01:07:c5:71:1a:66:c7:16:6f:
         fc:16:d2:40:83:cd:b4:53:e1:1f:73:b3:16:4d:cf:18:4f:09:
         3f:6a:1f:c7:eb:ed:b5:a3:d7:38:41:c5:77:8b:45:3b:ff:06:
         61:1b:b5:38:5e:87:aa:47:39:24:d6:06:fe:9c:d3:59:70:2e:
         80:dc:df:9d:82:21:7f:f9:b5:b1:a5:ab:e8:e0:52:f5:05:b0:
         a5:55:d6:73:9a:13:2a:5d:dc:0d:e8:85:66:9f:5f:92:d7:28:
         0a:96:92:78:93:83:6b:de:bc:7d:bd:df:d5:f9:75:c9:0e:c9:
         1f:5e:af:62:ed:47:c7:11:35:aa:8f:02:1d:9c:d1:3f:91:a2:
         b9:e8:ba:88:d4:41:59:3e:3d:5f:23:0b:e7:68:13:c6:35:17:
         5b:dd:8d:88:92:19:29:45:69:9c:36:1b:dd:99:ae:b1:f6:83:
         0d:84:e6:5d:ed:a6:a2:0a:9f:8c:ec:c0:6b:3a:3d:28:0d:16:
         06:4a:8b:bd:ca:c5:26:a7:0a:cf:90:bf:d2:32:17:1e:24:5e:
         c0:28:4a:2b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJxHqNxqeUmEdg5ZVMpHP61vB00wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYTM5MDJkMzY4MDhlMTViMTE1N2Jk
MmU0N2JkMjczZDM3NGQ3NjhlMjE1YzI4NTRkYjVmNmE4NjAwOWU1OTVhZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotcsEy6NUrbC/gHaFq/Yfd2gVEF7
GvmeRPe0IIiPyELgrg7aFiaBDeTmb0XBUCq+iWlinp+8JcvooIogkKYiVxt9jnaS
R1d3C2unYC4iSgT869r7rvUb5OHjv4Kad6jh0GO0t2s2lf8+/dehuEzh7anWh8cy
VU62A5I0f6+vbSGOx09uTPYq1Y99ZkkxAiMkCPwiZlgLYAdwf3F++OwPPb2UTvSK
tvB8K2M5afEjFCU/NbtcfH/QZax0LzCVS47e/QtMbvMpMNOG9rv5U2fNG0TgTX5A
E/IR0FyG+Vb61s6d0akk2HKvnaWXcxvx7dx/Icl/aJnPIxf+5ePfP7tgtwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFD6p9Q3gN3Y8iOo5IaABnQo6Jn7IMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2IzZWZiNTE1LWJhNzgtNGQzOC1hMmQ1LWJjMTRmNDkxMWQ2MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYRCAMA0GCSqGSIb3DQEBCwUAA4IBAQDIDV1XEZ/lH/3QZwqK
pAU1UgCTz0gYYTp8LdqIsR5YuZ/K+4v7hlDZn1sxxl8BB8VxGmbHFm/8FtJAg820
U+Efc7MWTc8YTwk/ah/H6+21o9c4QcV3i0U7/wZhG7U4XoeqRzkk1gb+nNNZcC6A
3N+dgiF/+bWxpavo4FL1BbClVdZzmhMqXdwN6IVmn1+S1ygKlpJ4k4Nr3rx9vd/V
+XXJDskfXq9i7UfHETWqjwIdnNE/kaK56LqI1EFZPj1fIwvnaBPGNRdb3Y2Ikhkp
RWmcNhvdma6x9oMNhOZd7aaiCp+M7MBrOj0oDRYGSou9ysUmpwrPkL/SMhceJF7A
KEor
-----END CERTIFICATE-----