Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1e4d87a-b7f7-4800-92e5-4b947e6b37d1.roa
File:                     d1e4d87a-b7f7-4800-92e5-4b947e6b37d1.roa (raw, json)
Hash identifier:          azcnYg6j2B5UyYwYl61B+2bmZH+5fRMBEKXdm1+KeD0=
Subject key identifier:   E7:F4:E7:9D:2B:0A:66:9F:F2:E9:42:98:3F:F6:8B:4B:C6:AA:93:39
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       62156E8C5802C0F5278921E1A25C411E3FCCD2CF
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1e4d87a-b7f7-4800-92e5-4b947e6b37d1.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:8040::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:15:6e:8c:58:02:c0:f5:27:89:21:e1:a2:5c:41:1e:3f:cc:d2:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=5d68f3272d679a4c474a196a9414166ab2dd59a1b943227a7c975558481bc290, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:de:31:74:b7:55:3a:cf:d0:f4:22:26:8a:63:
                    b6:a3:8d:33:cc:ff:b9:b2:4c:ee:f4:48:7f:5b:cc:
                    a7:04:a3:85:a0:ba:56:83:29:28:60:6b:41:dd:30:
                    1d:42:e8:52:0e:90:cf:62:5b:a6:1b:eb:ec:ed:8f:
                    33:ac:c6:7f:5d:bb:23:42:66:c1:4c:00:06:47:e4:
                    01:2b:05:a9:52:61:cc:42:c9:53:42:53:7e:67:e8:
                    ee:ba:74:e1:72:34:65:c8:90:4f:3a:58:3f:14:a7:
                    02:f2:cf:42:42:52:d3:f2:a6:1a:e2:cb:3a:38:16:
                    ac:15:53:90:f4:a2:0f:2f:7c:dd:f0:30:07:f6:7e:
                    34:77:35:8f:8d:84:88:90:6d:8a:48:9e:26:56:95:
                    cd:87:18:a3:78:9a:25:6e:67:92:53:01:5e:a3:13:
                    35:3a:2e:41:a4:70:67:c1:83:8c:0c:be:ad:b1:10:
                    da:9e:be:e3:80:d8:1b:69:71:74:2a:11:09:19:79:
                    bb:09:e2:17:11:a8:64:22:ce:b6:c1:5e:3d:e9:7d:
                    91:95:f1:fe:b4:44:13:8f:71:f2:ce:63:c7:43:d3:
                    9f:18:65:06:d0:8e:09:2d:c8:2d:53:99:17:a2:a2:
                    c1:dc:ac:78:f5:f3:bd:65:03:1d:32:4f:41:3a:27:
                    fb:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:F4:E7:9D:2B:0A:66:9F:F2:E9:42:98:3F:F6:8B:4B:C6:AA:93:39
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d1e4d87a-b7f7-4800-92e5-4b947e6b37d1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:8040::/46

    Signature Algorithm: sha256WithRSAEncryption
         38:f3:db:00:7e:15:05:61:68:bb:17:b8:8c:ea:10:85:17:da:
         a6:de:08:16:21:94:4d:36:b4:65:a4:2b:03:93:64:58:ca:a1:
         66:88:02:ea:72:2f:48:92:f4:40:c2:0d:07:15:e9:77:12:86:
         7e:d6:be:a3:52:dc:e6:9f:62:1c:e0:fe:b7:21:5e:f9:7a:5c:
         bc:a0:41:17:94:65:fd:8d:ca:13:f0:62:62:d5:d6:cf:37:12:
         90:1c:18:5e:fd:f3:c2:d9:70:6d:ab:40:cf:84:07:c9:06:a5:
         5b:67:e4:7b:d1:c6:21:7a:68:51:f2:55:22:1c:3b:7c:e1:48:
         e9:1b:46:c3:e9:3b:f9:2f:1d:eb:5b:93:92:66:63:a7:e1:0f:
         95:a6:e2:5f:17:02:24:a4:03:80:a2:22:9f:76:6d:99:96:e3:
         2a:97:d9:49:a2:1d:48:4b:26:1e:4e:6b:61:ab:12:e2:c7:5b:
         2b:90:fa:b2:ed:88:f5:fb:dd:17:ca:86:50:29:f9:9a:4f:bf:
         db:16:03:e6:bb:40:86:98:9b:42:e3:8e:e2:56:e9:bf:0c:51:
         f5:1c:a6:07:de:05:45:2d:06:43:37:dc:0e:24:8a:de:f8:02:
         b7:d1:14:b9:5c:84:d0:6d:4d:ef:60:fd:68:21:99:62:5c:52:
         cc:a2:e7:2c
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUYhVujFgCwPUniSHholxBHj/M0s8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWQ2OGYzMjcyZDY3OWE0YzQ3NGEx
OTZhOTQxNDE2NmFiMmRkNTlhMWI5NDMyMjdhN2M5NzU1NTg0ODFiYzI5MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm94xdLdVOs/Q9CImimO2o40zzP+5
skzu9Eh/W8ynBKOFoLpWgykoYGtB3TAdQuhSDpDPYlumG+vs7Y8zrMZ/XbsjQmbB
TAAGR+QBKwWpUmHMQslTQlN+Z+juunThcjRlyJBPOlg/FKcC8s9CQlLT8qYa4ss6
OBasFVOQ9KIPL3zd8DAH9n40dzWPjYSIkG2KSJ4mVpXNhxijeJolbmeSUwFeoxM1
Oi5BpHBnwYOMDL6tsRDanr7jgNgbaXF0KhEJGXm7CeIXEahkIs62wV496X2RlfH+
tEQTj3HyzmPHQ9OfGGUG0I4JLcgtU5kXoqLB3Kx49fO9ZQMdMk9BOif7kwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOf0550rCmaf8ulCmD/2i0vGqpM5MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QxZTRkODdhLWI3ZjctNDgwMC05MmU1LTRiOTQ3ZTZiMzdkMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+4BAMA0GCSqGSIb3DQEBCwUAA4IBAQA489sAfhUFYWi7F7iM
6hCFF9qm3ggWIZRNNrRlpCsDk2RYyqFmiALqci9IkvRAwg0HFel3EoZ+1r6jUtzm
n2Ic4P63IV75ely8oEEXlGX9jcoT8GJi1dbPNxKQHBhe/fPC2XBtq0DPhAfJBqVb
Z+R70cYhemhR8lUiHDt84UjpG0bD6Tv5Lx3rW5OSZmOn4Q+VpuJfFwIkpAOAoiKf
dm2ZluMql9lJoh1ISyYeTmthqxLix1srkPqy7Yj1+90XyoZQKfmaT7/bFgPmu0CG
mJtC447iVum/DFH1HKYH3gVFLQZDN9wOJIre+AK30RS5XITQbU3vYP1oIZliXFLM
oucs
-----END CERTIFICATE-----