Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c1c8ae50-47d8-4c2f-8704-ebdeba5ec511.roa
File:                     c1c8ae50-47d8-4c2f-8704-ebdeba5ec511.roa (raw, json)
Hash identifier:          TqGIHtqkjMGuzZH0qThCSl+m0Fg9SYX+I3R9Wvk1Cnc=
Subject key identifier:   5F:1B:DA:FB:92:0A:28:51:0F:BC:06:F1:4B:0E:82:2C:1C:4B:40:F4
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       5E14847853B734C30704AB9307FE46AC1AF11A23
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c1c8ae50-47d8-4c2f-8704-ebdeba5ec511.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:2880::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:14:84:78:53:b7:34:c3:07:04:ab:93:07:fe:46:ac:1a:f1:1a:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=658c6382092bb86bed85db40bd932ad6004749b847d37985b99cec71391d5464, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:1f:e6:04:8d:3e:8a:91:9f:bd:3d:e1:e9:0b:
                    65:5a:ac:93:06:d7:a2:cf:15:70:2b:72:cd:31:cd:
                    32:b3:d6:10:0b:54:cf:20:cf:ca:a0:58:d2:05:53:
                    be:d4:b8:72:6d:64:16:03:37:77:58:a4:37:62:d6:
                    a3:bf:b2:9e:20:b1:4d:11:5e:c9:7d:83:13:d7:49:
                    cf:48:41:9d:82:3a:f7:7d:5b:c1:f7:fb:ad:43:f7:
                    e8:62:94:8d:88:37:93:a0:f2:b6:25:5d:a7:eb:74:
                    92:31:ca:42:32:c6:b6:c6:51:c1:f3:98:da:9c:83:
                    0b:cc:a1:43:51:bc:8d:b7:13:67:fe:53:f4:1d:fa:
                    86:85:bc:45:1b:db:4c:0c:b5:c6:52:5b:da:83:d7:
                    7a:5f:49:49:f0:f8:2d:24:fb:9d:13:5a:cc:34:95:
                    c3:ff:13:89:69:cc:19:cc:29:69:c5:b8:c7:de:03:
                    da:3e:66:dc:02:f1:8f:db:38:fa:da:33:12:a9:65:
                    b7:a0:ae:37:96:68:30:d2:8f:42:c8:31:55:79:fc:
                    12:5d:69:fa:2f:33:31:f3:f4:71:ef:ac:cd:1a:da:
                    d5:26:cc:69:1f:53:5c:08:15:58:8a:e1:56:f8:a9:
                    5f:3f:5a:a8:8d:43:7b:99:b8:4c:fa:60:96:aa:05:
                    0e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:1B:DA:FB:92:0A:28:51:0F:BC:06:F1:4B:0E:82:2C:1C:4B:40:F4
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c1c8ae50-47d8-4c2f-8704-ebdeba5ec511.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:2880::/46

    Signature Algorithm: sha256WithRSAEncryption
         93:c4:b2:cc:9a:a5:89:87:96:ab:c2:48:57:e5:5a:56:50:74:
         bf:e3:6f:75:86:3c:70:47:95:34:f1:42:5f:20:5f:5e:95:80:
         d3:e4:ad:59:5c:4f:fb:33:14:f2:e7:eb:ea:23:02:4a:76:db:
         8c:7b:a0:44:82:c6:a0:ec:fe:b3:c2:81:28:e1:65:20:f7:5c:
         d6:04:8d:06:7d:e9:ab:44:e7:88:f5:6a:c7:b3:46:4f:be:85:
         ea:6c:24:7a:b6:ab:8f:fe:99:0c:87:d3:5a:f3:49:5e:28:5d:
         c2:41:aa:ca:0f:48:3b:26:c5:93:2f:c8:25:3f:ae:d3:40:4f:
         c4:97:f5:43:ec:b0:06:87:37:ab:d7:2a:a0:aa:fc:42:9d:24:
         6c:6a:2d:3f:ba:03:6c:f5:45:7d:b6:aa:2e:0e:aa:5f:62:47:
         cb:f2:82:c0:fc:17:44:f8:6e:26:d5:d3:64:4a:41:bd:31:8b:
         e2:98:d9:5b:17:79:c6:1b:35:8a:a4:53:bd:f4:22:58:5f:d1:
         a5:1b:39:e9:83:9e:47:79:41:af:12:a0:cf:8e:5a:78:14:7f:
         75:74:e1:fc:36:26:cf:06:56:a2:9b:72:1f:7d:05:f8:2a:2a:
         c6:ed:0a:09:f4:8a:01:b9:60:70:68:eb:a5:13:f4:95:25:6c:
         c3:7f:b3:70
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUXhSEeFO3NMMHBKuTB/5GrBrxGiMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANjU4YzYzODIwOTJiYjg2YmVkODVk
YjQwYmQ5MzJhZDYwMDQ3NDliODQ3ZDM3OTg1Yjk5Y2VjNzEzOTFkNTQ2NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB/mBI0+ipGfvT3h6QtlWqyTBtei
zxVwK3LNMc0ys9YQC1TPIM/KoFjSBVO+1LhybWQWAzd3WKQ3Ytajv7KeILFNEV7J
fYMT10nPSEGdgjr3fVvB9/utQ/foYpSNiDeToPK2JV2n63SSMcpCMsa2xlHB85ja
nIMLzKFDUbyNtxNn/lP0HfqGhbxFG9tMDLXGUlvag9d6X0lJ8PgtJPudE1rMNJXD
/xOJacwZzClpxbjH3gPaPmbcAvGP2zj62jMSqWW3oK43lmgw0o9CyDFVefwSXWn6
LzMx8/Rx76zNGtrVJsxpH1NcCBVYiuFW+KlfP1qojUN7mbhM+mCWqgUOtQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFF8b2vuSCihRD7wG8UsOgiwcS0D0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MxYzhhZTUwLTQ3ZDgtNGMyZi04NzA0LWViZGViYTVlYzUxMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9yiAMA0GCSqGSIb3DQEBCwUAA4IBAQCTxLLMmqWJh5arwkhX
5VpWUHS/4291hjxwR5U08UJfIF9elYDT5K1ZXE/7MxTy5+vqIwJKdtuMe6BEgsag
7P6zwoEo4WUg91zWBI0GfemrROeI9WrHs0ZPvoXqbCR6tquP/pkMh9Na80leKF3C
QarKD0g7JsWTL8glP67TQE/El/VD7LAGhzer1yqgqvxCnSRsai0/ugNs9UV9tqou
DqpfYkfL8oLA/BdE+G4m1dNkSkG9MYvimNlbF3nGGzWKpFO99CJYX9GlGznpg55H
eUGvEqDPjlp4FH91dOH8NibPBlaim3IffQX4KirG7QoJ9IoBuWBwaOulE/SVJWzD
f7Nw
-----END CERTIFICATE-----