Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa
File:                     f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa (raw, json)
Hash identifier:          EkCrfBIdKW0w4W/gth0i/nzY7pkKtvqhtmVLGUBvhVg=
Subject key identifier:   DF:69:1F:05:74:95:F4:A0:90:83:5A:82:51:ED:F1:44:CD:C4:F9:68
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       1B69375DBBBD8BA102550ECD813FE2C73230908A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf4:4080::/48 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:69:37:5d:bb:bd:8b:a1:02:55:0e:cd:81:3f:e2:c7:32:30:90:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=6f57796fd3c4d0f0abfbe343a2df38e4f1d12080d9387a7776685d8ee22f2713, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f5:6a:f7:c3:f7:59:e5:05:ab:d9:07:29:54:
                    f1:2a:1d:3a:5b:60:ec:fd:58:e4:6d:7c:89:54:49:
                    1d:30:f4:f9:d4:eb:67:56:9a:94:1e:6a:28:b4:3b:
                    17:84:16:e4:03:f1:4b:b3:4f:38:7f:e9:e5:90:43:
                    7d:d0:5a:d7:d4:c6:85:72:9e:5f:c6:68:d4:f0:d3:
                    e2:71:b4:c1:a4:33:a0:2b:6b:6c:79:ae:a8:f8:d5:
                    26:b7:3b:66:46:51:26:e5:85:1c:3f:69:4f:70:a9:
                    51:02:c2:7e:16:11:91:4c:65:06:43:40:85:30:b6:
                    b7:a7:6d:02:5c:01:7c:56:e9:75:c2:45:ea:f2:df:
                    6a:af:56:10:c5:e2:fd:e0:27:e8:0f:6c:ab:92:31:
                    ad:0e:8e:d7:3f:4a:8d:31:77:83:d0:47:14:72:f5:
                    89:50:23:67:55:d4:a9:2d:e4:1c:61:99:f8:8c:65:
                    c8:0a:ac:cd:73:3b:b8:2d:ec:cb:c1:69:a5:1d:5f:
                    a6:bb:75:0a:a4:27:d4:a8:af:dd:04:dc:5a:1b:bd:
                    cf:65:c2:df:37:8e:c6:7c:ac:9f:60:95:39:68:44:
                    d7:dc:63:bc:ba:12:a6:38:03:84:0e:77:91:8b:f9:
                    f5:51:4f:28:63:74:dc:23:1c:cd:9f:9f:7c:fd:fe:
                    ee:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:69:1F:05:74:95:F4:A0:90:83:5A:82:51:ED:F1:44:CD:C4:F9:68
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f0f73131-6db0-422b-b49d-d9d7f269ad5a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf4:4080::/48

    Signature Algorithm: sha256WithRSAEncryption
         94:cf:95:ff:8c:ff:4a:e0:d8:88:44:12:b3:9a:65:64:ef:d1:
         98:04:6c:40:4b:1e:57:a1:42:5b:5a:ed:dd:ee:e6:81:c4:4c:
         44:db:eb:ab:42:d2:7c:21:ec:e1:37:bd:44:f3:0e:58:98:ff:
         2c:ac:fa:4f:06:07:1e:5e:7f:6a:56:35:31:2c:50:9c:34:70:
         26:cc:07:e0:af:1c:30:86:04:32:80:1e:21:58:36:69:80:b4:
         96:d7:80:ab:b3:3c:91:78:dd:e3:25:8b:6e:54:0b:ac:92:53:
         e7:08:38:10:d0:34:52:40:51:02:f5:1b:3e:dc:c7:74:4a:1a:
         87:a3:84:6c:59:57:4a:27:93:17:6d:34:8f:82:5c:f5:0d:5a:
         1b:92:78:fc:c2:8d:d5:bb:f6:9c:6d:af:70:06:d3:ab:cd:11:
         28:81:26:3f:f9:f1:57:30:33:87:b2:00:75:78:3c:d1:df:05:
         94:4c:25:0d:9d:5e:e6:21:71:d3:d3:34:79:d5:9e:e6:b9:ad:
         0e:b4:2f:b7:ef:57:dd:9f:e6:81:46:0a:9f:81:91:ed:5b:1b:
         98:c8:18:61:08:c4:73:8e:b8:61:c0:da:71:59:4a:1a:39:20:
         54:fc:45:4b:bd:b3:5d:11:6b:f1:63:89:cd:74:da:64:e9:ab:
         c9:63:56:4b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUG2k3Xbu9i6ECVQ7NgT/ixzIwkIowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANmY1Nzc5NmZkM2M0ZDBmMGFiZmJl
MzQzYTJkZjM4ZTRmMWQxMjA4MGQ5Mzg3YTc3NzY2ODVkOGVlMjJmMjcxMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvVq98P3WeUFq9kHKVTxKh06W2Ds
/VjkbXyJVEkdMPT51OtnVpqUHmootDsXhBbkA/FLs084f+nlkEN90FrX1MaFcp5f
xmjU8NPicbTBpDOgK2tsea6o+NUmtztmRlEm5YUcP2lPcKlRAsJ+FhGRTGUGQ0CF
MLa3p20CXAF8Vul1wkXq8t9qr1YQxeL94CfoD2yrkjGtDo7XP0qNMXeD0EcUcvWJ
UCNnVdSpLeQcYZn4jGXICqzNczu4LezLwWmlHV+mu3UKpCfUqK/dBNxaG73PZcLf
N47GfKyfYJU5aETX3GO8uhKmOAOEDneRi/n1UU8oY3TcIxzNn598/f7uDwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFN9pHwV0lfSgkINaglHt8UTNxPloMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YwZjczMTMxLTZkYjAtNDIyYi1iNDlkLWQ5ZDdmMjY5YWQ1YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9ECAMA0GCSqGSIb3DQEBCwUAA4IBAQCUz5X/jP9K4NiIRBKz
mmVk79GYBGxASx5XoUJbWu3d7uaBxExE2+urQtJ8IezhN71E8w5YmP8srPpPBgce
Xn9qVjUxLFCcNHAmzAfgrxwwhgQygB4hWDZpgLSW14CrszyReN3jJYtuVAusklPn
CDgQ0DRSQFEC9Rs+3Md0ShqHo4RsWVdKJ5MXbTSPglz1DVobknj8wo3Vu/acba9w
BtOrzREogSY/+fFXMDOHsgB1eDzR3wWUTCUNnV7mIXHT0zR51Z7mua0OtC+371fd
n+aBRgqfgZHtWxuYyBhhCMRzjrhhwNpxWUoaOSBU/EVLvbNdEWvxY4nNdNpk6avJ
Y1ZL
-----END CERTIFICATE-----