Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df0ea8e5-2d55-4214-9e06-5e6ff385083b.roa
File:                     df0ea8e5-2d55-4214-9e06-5e6ff385083b.roa (raw, json)
Hash identifier:          vI2FfhFgbJgRGGp3wYT9/D37FfllPXw2RMiqrlU6vew=
Subject key identifier:   16:9D:BB:31:8F:61:79:F1:12:7D:01:07:58:90:21:8C:3B:83:4A:D5
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       6AFFAF1753F46959CC74AE3FBDB7EF24E3DB831F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df0ea8e5-2d55-4214-9e06-5e6ff385083b.roa
Signing time:             Sat 11 Jan 2025 00:00:00 +0000
ROA not before:           Sat 11 Jan 2025 00:00:00 +0000
ROA not after:            Sat 15 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daa0:800::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:ff:af:17:53:f4:69:59:cc:74:ae:3f:bd:b7:ef:24:e3:db:83:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 11 00:00:00 2025 GMT
            Not After : Feb 15 23:59:59 2025 GMT
        Subject: serialNumber=45190bab3456c5ff1104d6f9caa3b80412afa80ac61f2a6f32c089a054d42295, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:42:c7:f2:69:f8:da:a5:6c:08:5b:34:a2:f5:
                    7d:f3:0d:d8:34:c4:71:fd:4c:3a:2e:c5:d7:80:da:
                    2a:07:39:a0:ff:8f:5d:ae:fe:4d:05:49:87:84:af:
                    86:f8:9b:b2:b4:37:cc:0e:c6:46:0b:b4:38:dc:4e:
                    38:14:83:b8:b3:c6:e6:35:1d:6c:70:dc:61:cb:a7:
                    2b:e6:96:d5:e4:b7:88:9b:b3:40:54:f6:bb:e9:d6:
                    4c:76:54:02:20:a5:87:80:00:7c:fe:ee:59:ab:26:
                    19:24:50:f2:c7:8a:8f:c9:05:4e:ed:5b:e0:c7:13:
                    12:27:60:7a:6f:65:60:96:7f:54:0b:14:df:05:95:
                    fb:d5:3b:2f:ae:06:fe:be:7f:92:35:20:44:88:bf:
                    52:3d:b3:1e:4b:a9:e6:23:7e:95:60:e2:67:52:8c:
                    47:0c:66:f6:bf:cf:47:c3:49:f5:e0:2a:6f:c7:db:
                    d7:4c:06:2a:6e:f0:44:8c:69:7b:d3:95:ae:98:35:
                    08:95:bd:af:82:18:ff:8c:01:d1:3b:f2:3b:42:f2:
                    70:8b:5a:70:c1:2a:5c:eb:4b:d9:42:cf:e8:9f:3f:
                    e4:20:a0:20:81:85:59:ef:9c:10:7b:7f:19:43:2c:
                    bb:ae:06:51:6b:23:7a:e3:08:11:5c:21:b2:1f:3e:
                    b4:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:9D:BB:31:8F:61:79:F1:12:7D:01:07:58:90:21:8C:3B:83:4A:D5
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/df0ea8e5-2d55-4214-9e06-5e6ff385083b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daa0:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         c2:fb:d7:68:e7:20:84:09:70:75:a5:2a:ac:41:5c:0e:0b:d4:
         d8:5a:5f:bf:a0:1c:c9:e6:71:6b:91:3d:6b:f0:2b:99:d9:eb:
         bd:40:e3:12:ec:0c:ce:20:3c:f6:07:1a:7e:cd:db:13:72:e7:
         c3:4c:be:b1:ff:43:1b:9b:10:a5:e6:19:3b:47:c7:d2:23:60:
         ca:17:5d:ef:13:ee:ec:2e:4c:d0:e3:9a:7a:e4:23:25:5e:8e:
         3a:06:b4:07:f2:b8:21:8d:15:bf:64:bd:b3:8c:bc:aa:64:47:
         61:6c:f9:7c:e1:a4:36:96:4a:ca:af:5c:30:29:a9:c0:b6:29:
         32:88:aa:b5:45:03:7d:62:dc:29:03:f6:cd:69:82:43:e7:3f:
         b2:e7:10:76:ee:5b:01:47:83:64:3b:cf:76:cd:11:aa:99:98:
         79:f2:a7:0c:78:f8:1e:b0:83:8f:30:33:f9:a8:c2:8c:99:34:
         25:29:02:41:7c:df:19:bf:cc:43:50:75:ef:57:b2:7a:c5:57:
         be:01:2f:97:74:d7:8d:da:a7:1d:ea:db:9b:ae:47:2b:d5:e2:
         c2:a4:c8:e1:ac:6b:a6:c2:76:e3:90:b1:df:61:ee:58:e6:38:
         1a:78:f3:bc:a1:99:f5:88:03:a8:3c:03:19:42:1f:a9:28:30:
         b7:23:69:f6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUav+vF1P0aVnMdK4/vbfvJOPbgx8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMTAwMDAwMFoX
DTI1MDIxNTIzNTk1OVowejFJMEcGA1UEBRNANDUxOTBiYWIzNDU2YzVmZjExMDRk
NmY5Y2FhM2I4MDQxMmFmYTgwYWM2MWYyYTZmMzJjMDg5YTA1NGQ0MjI5NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkLH8mn42qVsCFs0ovV98w3YNMRx
/Uw6LsXXgNoqBzmg/49drv5NBUmHhK+G+JuytDfMDsZGC7Q43E44FIO4s8bmNR1s
cNxhy6cr5pbV5LeIm7NAVPa76dZMdlQCIKWHgAB8/u5ZqyYZJFDyx4qPyQVO7Vvg
xxMSJ2B6b2Vgln9UCxTfBZX71Tsvrgb+vn+SNSBEiL9SPbMeS6nmI36VYOJnUoxH
DGb2v89Hw0n14Cpvx9vXTAYqbvBEjGl705WumDUIlb2vghj/jAHRO/I7QvJwi1pw
wSpc60vZQs/onz/kIKAggYVZ75wQe38ZQyy7rgZRayN64wgRXCGyHz60MwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBaduzGPYXnxEn0BB1iQIYw7g0rVMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RmMGVhOGU1LTJkNTUtNDIxNC05ZTA2LTVlNmZmMzg1MDgzYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaoAgwDQYJKoZIhvcNAQELBQADggEBAML712jnIIQJcHWlKqxB
XA4L1NhaX7+gHMnmcWuRPWvwK5nZ671A4xLsDM4gPPYHGn7N2xNy58NMvrH/Qxub
EKXmGTtHx9IjYMoXXe8T7uwuTNDjmnrkIyVejjoGtAfyuCGNFb9kvbOMvKpkR2Fs
+XzhpDaWSsqvXDApqcC2KTKIqrVFA31i3CkD9s1pgkPnP7LnEHbuWwFHg2Q7z3bN
EaqZmHnypwx4+B6wg48wM/mowoyZNCUpAkF83xm/zENQde9XsnrFV74BL5d0143a
px3q25uuRyvV4sKkyOGsa6bCduOQsd9h7ljmOBp487yhmfWIA6g8AxlCH6koMLcj
afY=
-----END CERTIFICATE-----