Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa
File:                     b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa (raw, json)
Hash identifier:          eZVTfFdBcXKyezE6ybBi5JP1k63wbJoliCjLR4Ga9Mk=
Subject key identifier:   BF:9F:2D:3A:99:9B:98:73:EA:50:E4:A6:32:40:13:F8:D3:63:57:13
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6ECD5360C8BF9FB27F09DB8E0784963B813D8BED
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da68:b000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:cd:53:60:c8:bf:9f:b2:7f:09:db:8e:07:84:96:3b:81:3d:8b:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=679c05b9b79da7cc368b143bfaf3c609b3ace7bd4a06d0ef14d4b458ee1655b4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:97:df:34:cc:3a:e6:75:96:89:11:fa:b2:c1:
                    fd:40:47:82:74:c4:bf:f4:3d:48:40:63:82:d1:2f:
                    cb:3b:36:78:76:7a:70:f4:4c:6f:32:eb:d0:ee:00:
                    57:f0:3a:a1:9c:ca:a9:64:c8:11:54:1a:8f:d4:21:
                    b9:82:60:d2:a3:9f:58:44:31:eb:20:61:9f:12:c1:
                    da:53:3f:2f:78:59:4b:d6:60:9d:f7:1e:ae:ef:5a:
                    e3:5b:5f:c2:3e:76:29:da:d9:64:fd:91:5b:fe:f0:
                    a4:5a:b9:45:6b:7f:9d:5d:da:8e:ea:e9:89:aa:0e:
                    bb:1d:08:88:61:0f:f4:32:dc:cf:0c:e0:46:de:b4:
                    9c:19:00:a6:d9:71:ea:d4:56:6a:39:70:eb:9d:0e:
                    d5:1c:a2:0b:96:ec:0b:46:0a:18:20:c4:20:02:87:
                    4b:84:75:ce:3d:41:52:eb:da:ab:7f:b5:be:51:cb:
                    b4:39:dc:81:83:b8:bf:36:25:f1:66:d0:17:16:e6:
                    78:24:32:f8:3c:e4:cf:27:d1:cb:95:13:85:88:0a:
                    04:23:1a:ab:ca:e3:de:7b:78:10:91:63:1e:89:b4:
                    65:c8:84:ec:f1:88:68:10:e5:83:43:b5:ee:3a:32:
                    b3:79:f2:73:80:33:b4:f5:c5:bf:fd:32:02:17:d9:
                    91:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:9F:2D:3A:99:9B:98:73:EA:50:E4:A6:32:40:13:F8:D3:63:57:13
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b7148a1a-4b2d-4045-ae74-1ae201ddcacc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da68:b000::/40

    Signature Algorithm: sha256WithRSAEncryption
         50:b8:4c:07:1f:b2:20:86:a0:82:e9:fc:71:89:f2:8c:55:3b:
         d4:91:c1:62:d4:05:dc:ab:d3:5b:a6:e2:7c:56:01:b9:69:03:
         e5:f6:40:eb:fe:26:c7:77:b6:37:d2:dc:2b:22:b9:5c:87:ff:
         65:8b:30:92:9b:ec:b5:35:16:4d:96:18:02:7c:5d:46:87:58:
         a1:5b:10:5d:0d:e6:96:68:97:af:e6:24:04:ff:7c:82:98:80:
         53:8f:78:ac:30:a4:36:bd:5a:57:bb:9c:1f:08:be:fb:8c:83:
         c4:87:c1:6f:cd:5e:aa:2f:de:62:93:55:8d:7f:a8:eb:cd:a1:
         ac:10:6e:39:c3:5f:9d:89:be:84:bd:21:5c:a5:cc:46:6a:9b:
         33:45:a0:44:0f:38:77:63:01:f2:df:17:fb:f0:dc:d5:51:b6:
         bf:80:31:f3:c3:60:ad:34:d8:1d:2a:72:23:9e:2b:c8:0e:cd:
         cb:e7:0a:14:04:cd:2a:13:ad:cc:ac:28:03:e5:37:12:59:d2:
         d0:f0:62:52:93:ea:4c:ac:4f:b2:48:43:07:07:f7:1b:e8:b4:
         c8:e8:8f:e9:b7:3d:37:38:ba:31:f7:a6:58:58:ee:64:4e:fc:
         01:f4:b1:bc:31:d4:14:81:3d:a7:99:6e:c4:31:12:46:cb:4d:
         67:d2:c4:ef
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbs1TYMi/n7J/CduOB4SWO4E9i+0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNANjc5YzA1YjliNzlkYTdjYzM2OGIx
NDNiZmFmM2M2MDliM2FjZTdiZDRhMDZkMGVmMTRkNGI0NThlZTE2NTViNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZffNMw65nWWiRH6ssH9QEeCdMS/
9D1IQGOC0S/LOzZ4dnpw9ExvMuvQ7gBX8DqhnMqpZMgRVBqP1CG5gmDSo59YRDHr
IGGfEsHaUz8veFlL1mCd9x6u71rjW1/CPnYp2tlk/ZFb/vCkWrlFa3+dXdqO6umJ
qg67HQiIYQ/0MtzPDOBG3rScGQCm2XHq1FZqOXDrnQ7VHKILluwLRgoYIMQgAodL
hHXOPUFS69qrf7W+Ucu0OdyBg7i/NiXxZtAXFuZ4JDL4POTPJ9HLlROFiAoEIxqr
yuPee3gQkWMeibRlyITs8YhoEOWDQ7XuOjKzefJzgDO09cW//TICF9mRYwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFL+fLTqZm5hz6lDkpjJAE/jTY1cTMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I3MTQ4YTFhLTRiMmQtNDA0NS1hZTc0LTFhZTIwMWRkY2FjYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaLAwDQYJKoZIhvcNAQELBQADggEBAFC4TAcfsiCGoILp/HGJ
8oxVO9SRwWLUBdyr01um4nxWAblpA+X2QOv+Jsd3tjfS3CsiuVyH/2WLMJKb7LU1
Fk2WGAJ8XUaHWKFbEF0N5pZol6/mJAT/fIKYgFOPeKwwpDa9Wle7nB8IvvuMg8SH
wW/NXqov3mKTVY1/qOvNoawQbjnDX52JvoS9IVylzEZqmzNFoEQPOHdjAfLfF/vw
3NVRtr+AMfPDYK002B0qciOeK8gOzcvnChQEzSoTrcysKAPlNxJZ0tDwYlKT6kys
T7JIQwcH9xvotMjoj+m3PTc4ujH3plhY7mRO/AH0sbwx1BSBPaeZbsQxEkbLTWfS
xO8=
-----END CERTIFICATE-----