Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa
File:                     f5395226-d3ec-4c71-b20c-8c04577c7df0.roa (raw, json)
Hash identifier:          sYIQYDFawOsRqUTSp3EG6oxf41d7OZlYQjVBPiauRrU=
Subject key identifier:   51:67:F1:BB:54:A2:34:2B:74:4E:AB:97:30:F6:E4:06:06:BB:4B:49
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       79CF618D40BC485246119832E39809740DFEDAE5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa
Signing time:             Fri 10 Jan 2025 00:00:00 +0000
ROA not before:           Fri 10 Jan 2025 00:00:00 +0000
ROA not after:            Fri 14 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daa0:9000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:cf:61:8d:40:bc:48:52:46:11:98:32:e3:98:09:74:0d:fe:da:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan 10 00:00:00 2025 GMT
            Not After : Feb 14 23:59:59 2025 GMT
        Subject: serialNumber=470ecc7ea49aa0198596c46f46dd2de3c1cb3d5f892f13601d5d524a11410bb7, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:32:21:0c:b4:c3:f2:79:12:aa:8c:3e:33:dd:
                    8d:4b:3e:67:05:b0:55:7f:18:10:46:44:2f:91:df:
                    cc:f2:17:0b:07:21:1b:14:4f:86:2d:2e:47:11:31:
                    73:d1:4a:7c:81:5d:f8:ab:7c:6d:1e:6c:60:25:a0:
                    f4:8c:f7:ca:52:fe:56:48:a0:0c:c4:d0:d4:4e:30:
                    5c:f9:df:4c:aa:64:d5:8c:53:26:f7:fc:00:59:ea:
                    37:eb:41:67:d0:3e:0e:aa:7f:32:bb:0c:df:32:10:
                    22:db:34:a2:3b:78:f7:e7:c3:31:67:28:57:d9:36:
                    14:5b:f3:34:ad:8b:61:a1:4a:e6:f1:7a:34:ad:e7:
                    f7:b5:c4:51:15:a4:8e:21:86:62:05:ad:50:92:71:
                    30:c8:0f:77:b7:ac:6d:58:cf:5b:02:7f:eb:67:16:
                    6f:a3:aa:64:25:aa:d0:e8:ea:70:b4:09:b0:97:ef:
                    28:dc:57:b2:9f:66:1e:4a:cf:cb:fd:1a:f8:7f:44:
                    4f:54:a7:66:00:0d:eb:91:67:0f:56:ca:4f:88:69:
                    99:31:c2:2b:0d:2a:65:87:dc:86:12:05:13:aa:e0:
                    80:af:e5:a6:6a:0c:8c:55:0b:f2:dd:25:49:b6:eb:
                    e2:6f:39:2e:63:e7:78:a2:96:81:99:59:91:35:87:
                    c9:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:67:F1:BB:54:A2:34:2B:74:4E:AB:97:30:F6:E4:06:06:BB:4B:49
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5395226-d3ec-4c71-b20c-8c04577c7df0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daa0:9000::/40

    Signature Algorithm: sha256WithRSAEncryption
         b2:cc:fb:f1:26:f7:70:83:43:85:92:a6:e4:54:88:47:09:15:
         28:8c:8f:a2:ae:6a:8e:a2:49:81:9d:ed:43:2b:cf:3b:a8:46:
         42:5b:73:7d:f4:1a:63:27:d9:c7:65:e0:ca:9e:88:7d:21:f4:
         e1:63:20:ea:b7:78:3a:0b:32:54:a8:d1:2c:23:7d:fd:5d:7c:
         01:9e:e8:16:bc:69:47:d8:e3:3e:91:94:a2:3d:79:3b:13:bd:
         98:99:c4:20:7e:a7:37:d8:4a:cc:7c:3b:4a:31:27:50:66:a3:
         6b:c8:10:8a:18:34:fe:04:49:81:ad:28:4d:95:e2:16:1e:66:
         1f:86:40:d3:cd:c0:97:ee:83:c7:18:9c:6c:8d:13:ef:02:ca:
         0d:0c:65:f0:c9:6f:26:38:18:c7:4a:96:0a:da:14:ee:cf:8b:
         fa:0a:b0:05:94:27:a9:0e:8a:6a:41:93:2f:cc:0c:25:7c:c9:
         a2:90:71:1a:f4:b4:21:26:c7:0f:7a:77:9d:93:b3:d1:e5:86:
         61:0d:bb:ca:f8:d9:02:80:b3:2d:83:c4:fc:67:99:75:2a:81:
         a2:6e:6b:b7:36:58:4a:3b:70:41:eb:d9:a8:4f:f0:af:23:38:
         d1:34:3e:1d:c5:38:bc:59:98:a6:cd:55:57:47:7d:50:28:1f:
         de:a5:d6:05
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUec9hjUC8SFJGEZgy45gJdA3+2uUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNANDcwZWNjN2VhNDlhYTAxOTg1OTZj
NDZmNDZkZDJkZTNjMWNiM2Q1Zjg5MmYxMzYwMWQ1ZDUyNGExMTQxMGJiNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTIhDLTD8nkSqow+M92NSz5nBbBV
fxgQRkQvkd/M8hcLByEbFE+GLS5HETFz0Up8gV34q3xtHmxgJaD0jPfKUv5WSKAM
xNDUTjBc+d9MqmTVjFMm9/wAWeo360Fn0D4Oqn8yuwzfMhAi2zSiO3j358MxZyhX
2TYUW/M0rYthoUrm8Xo0ref3tcRRFaSOIYZiBa1QknEwyA93t6xtWM9bAn/rZxZv
o6pkJarQ6OpwtAmwl+8o3Feyn2YeSs/L/Rr4f0RPVKdmAA3rkWcPVspPiGmZMcIr
DSplh9yGEgUTquCAr+WmagyMVQvy3SVJtuvibzkuY+d4opaBmVmRNYfJ0QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFFn8btUojQrdE6rlzD25AYGu0tJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y1Mzk1MjI2LWQzZWMtNGM3MS1iMjBjLThjMDQ1NzdjN2RmMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaoJAwDQYJKoZIhvcNAQELBQADggEBALLM+/Em93CDQ4WSpuRU
iEcJFSiMj6Kuao6iSYGd7UMrzzuoRkJbc330GmMn2cdl4MqeiH0h9OFjIOq3eDoL
MlSo0Swjff1dfAGe6Ba8aUfY4z6RlKI9eTsTvZiZxCB+pzfYSsx8O0oxJ1Bmo2vI
EIoYNP4ESYGtKE2V4hYeZh+GQNPNwJfug8cYnGyNE+8Cyg0MZfDJbyY4GMdKlgra
FO7Pi/oKsAWUJ6kOimpBky/MDCV8yaKQcRr0tCEmxw96d52Ts9HlhmENu8r42QKA
sy2DxPxnmXUqgaJua7c2WEo7cEHr2ahP8K8jONE0Ph3FOLxZmKbNVVdHfVAoH96l
1gU=
-----END CERTIFICATE-----