Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba1f6ba7-aecf-4871-a9f2-3e20ff35714b.roa
File:                     ba1f6ba7-aecf-4871-a9f2-3e20ff35714b.roa (raw, json)
Hash identifier:          pAE24f3g/PIsnPgVXDN4gfPGnzg+nwc3Dvw5JwmR5GQ=
Subject key identifier:   0E:7B:1A:04:97:56:B8:D7:9A:0C:C1:21:67:B2:55:2E:55:76:95:F4
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       49E6194B216CB64EDC36041E4E35DEEBA157E42D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba1f6ba7-aecf-4871-a9f2-3e20ff35714b.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daa0:2000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:e6:19:4b:21:6c:b6:4e:dc:36:04:1e:4e:35:de:eb:a1:57:e4:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=a6a530c3845f521cee9869e16cddb7cfe74ad55426b17c0e3a4fc69f9758643f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:59:89:65:15:0e:ef:f5:0c:e8:cb:2e:6c:62:
                    0f:0d:51:4f:7a:55:5a:75:c0:4d:d7:1b:86:7c:b8:
                    c4:e5:1b:1e:22:b9:fc:01:f8:69:52:0b:49:98:a9:
                    72:54:10:cb:6a:05:33:64:7a:e0:82:8f:59:89:4f:
                    0e:36:0e:af:44:cd:fd:54:23:af:e5:c5:84:0a:d6:
                    b4:07:9b:bc:0c:1d:c8:96:83:8d:01:96:2a:8f:1d:
                    17:e0:8b:69:21:0e:6d:39:97:c0:49:58:92:3c:bf:
                    b8:40:13:ff:9b:a1:5b:d6:bd:89:8b:e4:7c:62:e6:
                    1b:3c:ad:61:f9:a3:db:3a:77:98:0c:e4:ca:ec:46:
                    e1:03:d0:1d:de:68:21:d1:d4:cb:9d:63:7b:90:75:
                    a7:d9:65:4b:28:62:59:6c:dd:3d:82:70:dc:c8:f7:
                    eb:ea:71:6f:28:44:86:ef:ed:ce:0f:99:91:1a:2e:
                    a2:7f:9e:f8:fe:4d:fb:a7:4d:3d:93:dc:e9:81:31:
                    dc:70:e4:ab:a1:33:34:11:53:dc:68:67:34:eb:86:
                    21:5b:21:ce:2f:b8:b3:04:2f:00:2b:5d:71:ef:a5:
                    d1:63:34:94:e7:b6:c4:6e:eb:9f:0c:e9:27:34:2f:
                    16:b1:39:27:32:f1:98:67:1d:35:ed:7d:b2:b6:b7:
                    ad:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:7B:1A:04:97:56:B8:D7:9A:0C:C1:21:67:B2:55:2E:55:76:95:F4
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ba1f6ba7-aecf-4871-a9f2-3e20ff35714b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daa0:2000::/40

    Signature Algorithm: sha256WithRSAEncryption
         ac:70:ea:38:c2:fc:94:5f:43:56:37:24:6f:5e:77:ce:3f:76:
         8c:0e:24:3f:38:1a:07:a7:34:79:8b:a2:ad:67:91:95:0a:1b:
         23:a8:22:fc:83:ed:55:b8:b4:81:a2:07:75:7e:28:1d:0e:00:
         69:a9:6f:a5:df:a5:ad:88:da:5c:fa:f0:4e:10:37:1f:dd:fe:
         11:66:f4:35:54:f1:b2:4d:14:33:1b:35:97:bd:2a:d2:44:87:
         cc:3e:75:de:53:9c:fc:19:65:ab:e3:7e:6f:33:5c:a9:fe:61:
         7b:92:0b:f8:f0:04:d8:c8:c4:38:49:ea:80:05:1d:f2:4b:cd:
         3e:72:54:d8:84:4e:b3:de:ff:6d:d2:41:f2:98:5e:b0:ba:67:
         94:ef:b5:c0:0f:8b:2a:f4:8e:44:af:66:69:9e:e9:5d:78:23:
         5b:78:bc:3e:c4:e7:5c:a9:9a:e1:f5:ae:a5:e3:ba:44:b5:3e:
         5f:d6:b4:a4:9a:a7:ee:c8:a2:99:a2:cd:b3:80:14:64:03:3c:
         af:8b:b5:98:28:a0:79:2a:1a:83:94:56:7d:2b:6a:1a:3a:f6:
         b2:ec:49:14:8c:2c:a1:23:c2:67:2b:b7:77:29:48:8f:74:5e:
         22:af:92:8c:f9:fa:08:fa:2f:17:a3:6f:54:04:77:0c:d0:c8:
         de:4e:c4:2d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUSeYZSyFstk7cNgQeTjXe66FX5C0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAYTZhNTMwYzM4NDVmNTIxY2VlOTg2
OWUxNmNkZGI3Y2ZlNzRhZDU1NDI2YjE3YzBlM2E0ZmM2OWY5NzU4NjQzZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFmJZRUO7/UM6MsubGIPDVFPelVa
dcBN1xuGfLjE5RseIrn8AfhpUgtJmKlyVBDLagUzZHrggo9ZiU8ONg6vRM39VCOv
5cWECta0B5u8DB3IloONAZYqjx0X4ItpIQ5tOZfASViSPL+4QBP/m6Fb1r2Ji+R8
YuYbPK1h+aPbOneYDOTK7EbhA9Ad3mgh0dTLnWN7kHWn2WVLKGJZbN09gnDcyPfr
6nFvKESG7+3OD5mRGi6if574/k37p009k9zpgTHccOSroTM0EVPcaGc064YhWyHO
L7izBC8AK11x76XRYzSU57bEbuufDOknNC8WsTknMvGYZx017X2ytretgQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFA57GgSXVrjXmgzBIWeyVS5VdpX0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JhMWY2YmE3LWFlY2YtNDg3MS1hOWYyLTNlMjBmZjM1NzE0Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaoCAwDQYJKoZIhvcNAQELBQADggEBAKxw6jjC/JRfQ1Y3JG9e
d84/dowOJD84GgenNHmLoq1nkZUKGyOoIvyD7VW4tIGiB3V+KB0OAGmpb6Xfpa2I
2lz68E4QNx/d/hFm9DVU8bJNFDMbNZe9KtJEh8w+dd5TnPwZZavjfm8zXKn+YXuS
C/jwBNjIxDhJ6oAFHfJLzT5yVNiETrPe/23SQfKYXrC6Z5TvtcAPiyr0jkSvZmme
6V14I1t4vD7E51ypmuH1rqXjukS1Pl/WtKSap+7IopmizbOAFGQDPK+LtZgooHkq
GoOUVn0raho69rLsSRSMLKEjwmcrt3cpSI90XiKvkoz5+gj6Lxejb1QEdwzQyN5O
xC0=
-----END CERTIFICATE-----