Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa
File:                     e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa (raw, json)
Hash identifier:          XqyLvt2KipM7PaSi34PCGa4j+On/r0tAWePiMmPa+eg=
Subject key identifier:   F5:2E:20:F5:06:26:8A:73:CD:F1:8B:30:1A:8A:A3:EB:49:1A:EC:13
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       2F585C7D913F259FA24AEA52FB519415243FEB92
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da61:80c0::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:58:5c:7d:91:3f:25:9f:a2:4a:ea:52:fb:51:94:15:24:3f:eb:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=51af6724bf16ec1dc480cdfc5b66aab239c68e33ded7f02b1f495ff9ed21ea23, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:05:d9:c3:f9:2a:20:df:95:5f:b3:02:1d:dc:
                    d8:75:46:58:69:18:38:d4:8f:88:b7:64:b5:0a:7f:
                    dc:14:47:3a:71:79:ac:77:97:b9:8a:6d:9c:05:4c:
                    b6:22:9d:b5:81:dc:6d:ae:5c:49:2f:de:a7:aa:2e:
                    8a:1f:2e:71:a0:f1:08:c8:85:3c:74:25:38:f9:13:
                    7c:86:fa:ea:31:fb:8c:f2:f3:15:7c:b7:bf:b7:3a:
                    23:45:e9:68:38:e6:5c:35:26:d1:ea:74:22:e1:fb:
                    5f:94:4e:b4:bf:79:eb:1f:d3:36:dd:a5:ad:4a:dd:
                    70:d6:0c:ab:d9:df:19:7f:2c:c5:20:12:73:74:01:
                    6f:b5:98:cf:ee:41:07:4f:c4:6b:a6:56:e9:52:2b:
                    ff:98:f7:e2:0d:f9:f3:c5:28:71:7f:ad:fe:d4:36:
                    13:55:72:a3:19:f4:8b:a7:fa:f9:56:c6:73:52:6b:
                    a0:1a:1a:43:fe:80:58:06:c4:e6:41:f4:88:b3:b0:
                    bf:89:8f:bd:17:09:13:55:db:39:5a:e7:04:ed:c5:
                    f4:9b:cb:a0:12:34:30:73:75:b6:e9:76:4b:c0:80:
                    55:a8:89:21:ed:58:1e:79:f0:cc:52:00:d9:44:33:
                    6d:02:f7:e7:d7:44:38:57:dd:43:51:29:8e:4c:d6:
                    0b:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:2E:20:F5:06:26:8A:73:CD:F1:8B:30:1A:8A:A3:EB:49:1A:EC:13
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e3ded5c4-f2d6-4dc4-b01c-590927072e2e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da61:80c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         be:17:c8:99:54:f7:01:5e:17:4b:07:6b:87:4d:7c:a7:36:1e:
         ef:8e:a0:02:5f:19:dd:46:66:76:c3:6f:e4:77:d1:3a:48:c0:
         c0:a1:13:b0:d5:ee:2f:28:15:7b:25:be:02:24:fb:d2:86:b4:
         07:6d:31:43:b6:af:dc:38:1c:c2:c0:45:78:a3:2f:de:67:b1:
         55:63:16:46:31:94:bb:a5:07:fc:b6:bf:1a:45:d4:11:db:55:
         7c:9e:de:ca:43:98:6e:44:1b:28:5f:ad:01:44:34:1e:49:de:
         28:73:f3:4e:c8:a4:f9:89:5e:0a:6b:03:c7:a9:f2:28:d8:ab:
         f9:0d:ce:5a:73:18:9f:a6:fd:7c:76:0f:08:49:c4:30:d3:34:
         9c:7d:b3:bb:14:83:cd:ae:cd:60:cb:27:63:f9:e5:fa:88:81:
         3f:2c:d9:1d:33:06:37:7d:d7:eb:59:4f:50:24:e4:00:7b:87:
         c6:cf:cb:bb:8d:1e:06:c5:f9:7f:27:bb:c5:1f:72:38:e6:a2:
         67:c0:0e:34:18:d1:1d:e8:93:76:8b:1a:c7:b4:7f:85:2c:7f:
         41:6b:70:b8:33:6b:e2:3a:7b:bb:1c:ed:50:f7:e4:ee:f9:20:
         3b:d2:c1:3a:79:c0:6c:f7:23:4b:96:7c:f7:b9:d5:77:c6:1d:
         f4:4e:70:40
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUL1hcfZE/JZ+iSupS+1GUFSQ/65IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANTFhZjY3MjRiZjE2ZWMxZGM0ODBj
ZGZjNWI2NmFhYjIzOWM2OGUzM2RlZDdmMDJiMWY0OTVmZjllZDIxZWEyMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugXZw/kqIN+VX7MCHdzYdUZYaRg4
1I+It2S1Cn/cFEc6cXmsd5e5im2cBUy2Ip21gdxtrlxJL96nqi6KHy5xoPEIyIU8
dCU4+RN8hvrqMfuM8vMVfLe/tzojReloOOZcNSbR6nQi4ftflE60v3nrH9M23aWt
St1w1gyr2d8ZfyzFIBJzdAFvtZjP7kEHT8RrplbpUiv/mPfiDfnzxShxf63+1DYT
VXKjGfSLp/r5VsZzUmugGhpD/oBYBsTmQfSIs7C/iY+9FwkTVds5WucE7cX0m8ug
EjQwc3W26XZLwIBVqIkh7VgeefDMUgDZRDNtAvfn10Q4V91DUSmOTNYLHwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPUuIPUGJopzzfGLMBqKo+tJGuwTMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UzZGVkNWM0LWYyZDYtNGRjNC1iMDFjLTU5MDkyNzA3MmUyZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbaYYDAMA0GCSqGSIb3DQEBCwUAA4IBAQC+F8iZVPcBXhdLB2uH
TXynNh7vjqACXxndRmZ2w2/kd9E6SMDAoROw1e4vKBV7Jb4CJPvShrQHbTFDtq/c
OBzCwEV4oy/eZ7FVYxZGMZS7pQf8tr8aRdQR21V8nt7KQ5huRBsoX60BRDQeSd4o
c/NOyKT5iV4KawPHqfIo2Kv5Dc5acxifpv18dg8IScQw0zScfbO7FIPNrs1gyydj
+eX6iIE/LNkdMwY3fdfrWU9QJOQAe4fGz8u7jR4Gxfl/J7vFH3I45qJnwA40GNEd
6JN2ixrHtH+FLH9Ba3C4M2viOnu7HO1Q9+Tu+SA70sE6ecBs9yNLlnz3udV3xh30
TnBA
-----END CERTIFICATE-----