Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b82c715e-5b6d-400a-a87e-497b43db313b.roa
File:                     b82c715e-5b6d-400a-a87e-497b43db313b.roa (raw, json)
Hash identifier:          XVS3mXB+CIGhaqu17PG/PWuFvAPZEC20+gHjtFWGVAo=
Subject key identifier:   6A:10:35:93:2E:65:EE:2A:D4:47:C1:F0:D0:CA:FB:E8:D8:A0:FB:F9
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       7CD056AF0A6AB081746A21887862F247EFCF5B81
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b82c715e-5b6d-400a-a87e-497b43db313b.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf2:28c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:d0:56:af:0a:6a:b0:81:74:6a:21:88:78:62:f2:47:ef:cf:5b:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=02308e579956e1bf8a7e1135f50f6f944d2134e12d13d05f112688d75f97cd8d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:68:d2:02:07:fc:7b:45:5c:0e:33:58:90:fa:
                    d0:b9:a0:3b:66:43:c7:f0:e4:1e:4a:41:24:ab:5e:
                    73:e4:90:26:be:07:bf:1f:5e:8f:8f:90:83:a4:2a:
                    09:3b:b9:69:10:07:7e:c5:97:36:78:0f:89:ee:b9:
                    f8:be:87:ca:e0:1e:d7:a1:3c:d3:f5:0e:a2:a7:d7:
                    0b:81:c3:fd:e5:b9:96:8f:71:86:84:4c:13:f0:65:
                    93:4f:d2:49:36:21:11:dd:85:ac:55:3e:0a:9f:bf:
                    c6:89:a2:fa:eb:f9:48:24:94:15:ba:e3:36:c6:06:
                    0c:eb:9e:e4:d7:83:d9:fd:b0:6b:5f:26:2a:f4:f0:
                    75:75:6a:b0:3e:3f:2e:64:92:4c:ed:06:05:78:b2:
                    f0:57:c8:31:09:70:be:f8:7d:6f:ee:50:bf:7d:f1:
                    cd:2e:77:0a:98:e9:52:4a:b2:c8:e3:a0:33:fc:e0:
                    a4:9d:45:7d:cc:81:c9:55:8b:a2:4f:cb:92:88:4b:
                    b8:52:d7:5e:0d:91:43:91:76:d2:45:5a:71:f5:1f:
                    9e:25:aa:2c:5f:b5:68:15:a0:16:65:2f:27:e6:d0:
                    75:97:29:ed:cb:bd:31:17:5c:d7:ff:c8:ea:1d:17:
                    c7:0e:53:82:5c:6c:05:d8:f7:e4:fd:6e:9d:77:ee:
                    95:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:10:35:93:2E:65:EE:2A:D4:47:C1:F0:D0:CA:FB:E8:D8:A0:FB:F9
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b82c715e-5b6d-400a-a87e-497b43db313b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf2:28c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         0b:fe:37:1f:45:d5:99:bd:87:15:cc:20:4d:4e:3c:1a:80:62:
         f5:c0:15:d5:87:12:cf:1a:01:a1:c5:21:68:78:ea:f7:08:42:
         bb:ca:50:9c:55:2a:50:bf:b2:c4:ab:a3:33:38:8b:72:90:f6:
         58:7e:aa:f2:b2:3b:c0:d1:d9:3a:55:91:a3:54:e3:c7:34:e7:
         12:36:26:4e:3e:46:da:f7:1c:72:cf:66:b4:11:e2:f1:34:99:
         b4:fd:8c:a5:ce:64:5a:a4:ba:d5:fc:f8:63:17:d3:b5:ae:29:
         21:de:72:7f:6f:68:0c:ca:6e:e9:19:a5:7f:19:6e:11:98:65:
         55:03:dc:95:4b:7b:81:6a:6b:28:e8:42:42:5b:5e:f0:6c:fa:
         f0:c4:b1:3f:b2:c2:89:fd:42:27:fb:f6:86:31:d3:b1:ae:b1:
         d4:a8:96:22:8c:3d:98:0e:a2:44:3a:59:61:1b:4d:1e:e3:13:
         9f:96:26:14:ec:36:41:8d:a0:16:e8:3a:5d:de:13:f3:1b:32:
         dc:e7:38:c2:0f:c2:df:04:bd:9e:c3:0f:a4:b9:72:64:cd:4f:
         8d:82:27:7c:7c:5a:28:cd:09:00:6f:39:28:32:44:1d:1b:36:
         eb:3d:74:95:03:5c:cf:9a:df:14:64:01:ca:af:eb:ca:94:4a:
         b3:a1:24:7a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUfNBWrwpqsIF0aiGIeGLyR+/PW4EwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMDIzMDhlNTc5OTU2ZTFiZjhhN2Ux
MTM1ZjUwZjZmOTQ0ZDIxMzRlMTJkMTNkMDVmMTEyNjg4ZDc1Zjk3Y2Q4ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WjSAgf8e0VcDjNYkPrQuaA7ZkPH
8OQeSkEkq15z5JAmvge/H16Pj5CDpCoJO7lpEAd+xZc2eA+J7rn4vofK4B7XoTzT
9Q6ip9cLgcP95bmWj3GGhEwT8GWTT9JJNiER3YWsVT4Kn7/GiaL66/lIJJQVuuM2
xgYM657k14PZ/bBrXyYq9PB1dWqwPj8uZJJM7QYFeLLwV8gxCXC++H1v7lC/ffHN
LncKmOlSSrLI46Az/OCknUV9zIHJVYuiT8uSiEu4UtdeDZFDkXbSRVpx9R+eJaos
X7VoFaAWZS8n5tB1lynty70xF1zX/8jqHRfHDlOCXGwF2Pfk/W6dd+6VowIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGoQNZMuZe4q1EfB8NDK++jYoPv5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I4MmM3MTVlLTViNmQtNDAwYS1hODdlLTQ5N2I0M2RiMzEzYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba8ijAMA0GCSqGSIb3DQEBCwUAA4IBAQAL/jcfRdWZvYcVzCBN
TjwagGL1wBXVhxLPGgGhxSFoeOr3CEK7ylCcVSpQv7LEq6MzOItykPZYfqrysjvA
0dk6VZGjVOPHNOcSNiZOPkba9xxyz2a0EeLxNJm0/YylzmRapLrV/PhjF9O1rikh
3nJ/b2gMym7pGaV/GW4RmGVVA9yVS3uBamso6EJCW17wbPrwxLE/ssKJ/UIn+/aG
MdOxrrHUqJYijD2YDqJEOllhG00e4xOfliYU7DZBjaAW6Dpd3hPzGzLc5zjCD8Lf
BL2eww+kuXJkzU+Ngid8fFoozQkAbzkoMkQdGzbrPXSVA1zPmt8UZAHKr+vKlEqz
oSR6
-----END CERTIFICATE-----