Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa
File:                     da22e8df-40cd-402b-b04f-8b5954d0b173.roa (raw, json)
Hash identifier:          s4txb5hIN/2LY3n9DYRiUH35/+kTXJv8ZTFsR64TWWk=
Subject key identifier:   C6:31:E3:AB:00:82:2E:04:DC:09:B2:2F:C0:63:3E:B4:A8:76:B6:E0
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6958760CB425DDA2C7ED935DE880B6A46A8E3CC7
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:dafb:a040::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:58:76:0c:b4:25:dd:a2:c7:ed:93:5d:e8:80:b6:a4:6a:8e:3c:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=e9870a8e1158ccd08ce605adc456b8f7efe0b4f072fd3b723fb559da905ba7c2, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:82:5c:cc:4f:17:a6:ff:09:45:f4:9b:17:a9:cb:
                    1f:0b:a8:e2:58:32:22:49:89:92:4b:5e:00:83:2b:
                    20:a8:ff:98:a5:e5:f1:30:27:87:17:ba:7c:68:29:
                    38:7d:80:76:fc:e4:0a:0c:79:2e:90:22:e0:ec:52:
                    64:bc:90:20:92:68:1b:3e:22:cc:c9:ee:fe:44:3f:
                    0f:15:9c:be:26:a7:eb:56:10:b1:b9:09:ad:3a:5e:
                    49:d4:eb:9a:74:9e:02:f9:dd:d6:bd:8a:37:e8:cd:
                    9c:a3:37:e3:b7:d6:94:78:19:76:0b:cc:68:fe:5c:
                    d8:5e:9a:7d:5d:85:3d:6a:32:62:68:97:24:7f:91:
                    f8:4d:6e:5e:05:c9:95:f3:bb:3f:d4:09:78:b8:25:
                    e8:d7:b3:e2:c6:05:fd:c9:a8:d1:e5:53:63:8d:02:
                    3e:e3:d4:4c:cf:0c:4c:e2:b3:0e:2d:ef:5e:1c:ba:
                    3d:95:da:42:68:00:50:e3:43:f0:59:74:22:f4:3f:
                    76:78:bc:39:8c:d0:ca:00:88:b5:ab:b6:11:e4:ca:
                    00:95:a4:ab:d3:14:02:ba:62:2d:94:68:4d:46:c8:
                    5e:1f:2e:f7:09:45:d0:41:a2:70:ae:ca:df:a1:83:
                    d5:e8:e5:89:b8:93:a0:6a:9b:49:b7:35:9a:0a:9f:
                    10:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:31:E3:AB:00:82:2E:04:DC:09:B2:2F:C0:63:3E:B4:A8:76:B6:E0
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:dafb:a040::/46

    Signature Algorithm: sha256WithRSAEncryption
         42:c2:d1:66:83:98:9b:ed:9a:7f:87:62:68:38:e1:1c:82:c4:
         21:58:15:9a:7a:e7:cc:1d:40:a7:2f:61:01:56:f2:6a:ac:f8:
         d0:5d:26:fb:f7:b0:10:c8:36:da:73:02:dd:9a:4e:09:c7:b2:
         e4:7a:48:c5:a6:dd:39:3c:42:1a:14:45:c7:89:8a:8f:b5:0b:
         f9:74:63:d7:6c:55:9b:46:f5:c4:32:03:15:1f:bf:10:07:75:
         19:e0:f9:ac:2a:08:9c:d7:57:7b:5a:67:b5:b1:bc:78:23:c9:
         27:32:96:42:86:43:29:b4:40:08:29:d2:48:3f:43:b2:8a:4c:
         8e:49:6a:39:d2:19:6a:cb:e1:88:05:47:19:d7:dc:c0:a6:ca:
         fd:38:cb:44:fe:a5:9a:0c:f1:a4:0e:21:12:c6:f3:5d:fc:d1:
         51:6a:91:b7:76:cd:be:bd:23:57:51:d7:fa:d1:7f:65:8a:1e:
         7c:6d:c8:84:01:4d:2a:f6:cc:63:39:db:67:79:8d:36:84:f1:
         59:22:f9:a0:19:16:2a:e0:c9:7b:4a:34:8c:c2:5d:80:84:a6:
         7f:a2:d6:b7:07:dd:32:60:7f:85:26:9c:a8:8a:e4:80:6f:cb:
         ee:8f:16:d1:7e:05:c0:90:59:b0:dd:e6:c7:2f:e1:f3:5d:6a:
         b9:5c:78:e4
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUaVh2DLQl3aLH7ZNd6IC2pGqOPMcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZTk4NzBhOGUxMTU4Y2NkMDhjZTYw
NWFkYzQ1NmI4ZjdlZmUwYjRmMDcyZmQzYjcyM2ZiNTU5ZGE5MDViYTdjMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAglzMTxem/wlF9JsXqcsfC6jiWDIi
SYmSS14AgysgqP+YpeXxMCeHF7p8aCk4fYB2/OQKDHkukCLg7FJkvJAgkmgbPiLM
ye7+RD8PFZy+JqfrVhCxuQmtOl5J1OuadJ4C+d3WvYo36M2cozfjt9aUeBl2C8xo
/lzYXpp9XYU9ajJiaJckf5H4TW5eBcmV87s/1Al4uCXo17PixgX9yajR5VNjjQI+
49RMzwxM4rMOLe9eHLo9ldpCaABQ40PwWXQi9D92eLw5jNDKAIi1q7YR5MoAlaSr
0xQCumItlGhNRsheHy73CUXQQaJwrsrfoYPV6OWJuJOgaptJtzWaCp8QwQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMYx46sAgi4E3AmyL8BjPrSodrbgMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RhMjJlOGRmLTQwY2QtNDAyYi1iMDRmLThiNTk1NGQwYjE3My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+6BAMA0GCSqGSIb3DQEBCwUAA4IBAQBCwtFmg5ib7Zp/h2Jo
OOEcgsQhWBWaeufMHUCnL2EBVvJqrPjQXSb797AQyDbacwLdmk4Jx7LkekjFpt05
PEIaFEXHiYqPtQv5dGPXbFWbRvXEMgMVH78QB3UZ4PmsKgic11d7Wme1sbx4I8kn
MpZChkMptEAIKdJIP0OyikyOSWo50hlqy+GIBUcZ19zApsr9OMtE/qWaDPGkDiES
xvNd/NFRapG3ds2+vSNXUdf60X9lih58bciEAU0q9sxjOdtneY02hPFZIvmgGRYq
4Ml7SjSMwl2AhKZ/ota3B90yYH+FJpyoiuSAb8vujxbRfgXAkFmw3ebHL+HzXWq5
XHjk
-----END CERTIFICATE-----