Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7f9bf0b-3dbd-4ee6-84db-4390d3196fd3.roa
File:                     f7f9bf0b-3dbd-4ee6-84db-4390d3196fd3.roa (raw, json)
Hash identifier:          DeSlYzTEmeDnGFJJVZfFv2BZu6bTbe1OAYV4fGZGl9Q=
Subject key identifier:   75:31:A2:1E:38:F6:BA:C2:B6:3D:98:01:FF:A2:A0:04:94:44:AC:57
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       64C9BF452F0834A09209CC201C388CDC7ADA8706
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7f9bf0b-3dbd-4ee6-84db-4390d3196fd3.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:daf7:9040::/46 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:c9:bf:45:2f:08:34:a0:92:09:cc:20:1c:38:8c:dc:7a:da:87:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=616f2ec5c1a251539bf1ae3b64ba22c40d87944a168332f3b47277fb99df1d72, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b9:04:19:ae:e0:0a:6f:ec:f5:fc:a1:fc:e7:
                    78:b6:99:10:f1:77:41:16:8b:26:38:16:e0:52:fa:
                    f0:b3:63:9d:ce:d2:53:bf:1c:8a:74:21:b9:0a:2f:
                    81:ad:c8:b0:57:ea:a0:72:1e:d8:b7:9f:35:60:1a:
                    29:c8:04:ba:df:78:7f:9d:0f:c0:2f:32:34:24:55:
                    fe:1c:db:e8:cb:bd:66:d8:f5:7b:d7:71:3f:1a:1f:
                    80:4f:f0:3f:01:96:f6:f6:c8:76:8b:1e:8c:77:76:
                    01:6d:44:a1:ad:90:09:6c:e2:db:77:00:13:8c:c6:
                    f3:9c:bd:63:52:a1:81:28:a1:e2:4d:db:8e:ae:79:
                    17:1b:54:7a:94:79:76:a4:bd:a2:86:15:4b:08:59:
                    54:15:34:69:04:b0:73:4b:f8:62:79:06:4c:d7:17:
                    99:ab:bf:d4:8d:37:e3:68:10:21:c8:53:b6:42:67:
                    03:2d:b6:a6:6c:82:97:4c:68:d3:62:9b:3e:43:d4:
                    4d:34:2c:db:c2:5a:35:03:c5:7a:05:aa:11:1d:ee:
                    87:e2:31:a8:00:b1:b2:57:49:e5:4b:a7:52:b2:d6:
                    06:20:d5:d6:ab:8d:b4:51:c1:8c:63:e1:07:73:aa:
                    90:a9:37:30:57:70:1b:87:54:79:e7:29:3a:fb:2b:
                    44:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:31:A2:1E:38:F6:BA:C2:B6:3D:98:01:FF:A2:A0:04:94:44:AC:57
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f7f9bf0b-3dbd-4ee6-84db-4390d3196fd3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:daf7:9040::/46

    Signature Algorithm: sha256WithRSAEncryption
         24:0e:ff:0d:8a:27:6c:87:e6:bc:3b:fe:1e:2c:0f:47:bc:5f:
         f3:fa:f2:c1:a8:9c:0f:37:92:af:6a:6c:f5:87:98:40:a5:61:
         77:b4:79:db:24:09:73:61:68:59:d4:da:3e:93:f1:03:ba:65:
         c1:96:1f:2d:a0:fd:20:92:37:cc:c3:02:ce:aa:e5:b9:68:93:
         d0:78:55:31:f4:fe:87:71:10:b4:64:a8:a9:a5:b6:14:93:8b:
         2c:96:50:31:bd:76:c1:73:d3:dc:69:aa:ad:d3:15:47:3f:c6:
         2f:d1:df:cc:17:1f:71:3c:5d:9d:93:a9:39:b5:d8:5b:97:71:
         ec:61:f2:d4:e8:bf:7f:7e:46:e1:b3:b3:2e:5e:ec:9b:66:c5:
         83:e0:84:7b:3a:a1:eb:e2:9b:bf:96:04:1c:a8:2d:d6:18:be:
         cb:5d:9d:13:10:6b:62:96:58:75:d4:2a:ab:20:43:a8:5b:90:
         88:cd:f7:36:dd:ef:35:12:a0:42:47:7b:af:f2:86:e4:24:cd:
         37:f7:65:79:dc:87:33:ce:12:5d:f7:c2:ab:8f:eb:a0:34:ac:
         46:cf:fb:d2:fc:ad:d7:33:7c:82:1c:38:0c:b2:30:02:b0:7b:
         95:33:b6:bd:82:b4:01:90:2a:b5:dd:13:4c:8c:f4:e1:b0:64:
         99:b9:02:eb
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUZMm/RS8INKCSCcwgHDiM3HrahwYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANjE2ZjJlYzVjMWEyNTE1MzliZjFh
ZTNiNjRiYTIyYzQwZDg3OTQ0YTE2ODMzMmYzYjQ3Mjc3ZmI5OWRmMWQ3MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobkEGa7gCm/s9fyh/Od4tpkQ8XdB
FosmOBbgUvrws2OdztJTvxyKdCG5Ci+BrciwV+qgch7Yt581YBopyAS633h/nQ/A
LzI0JFX+HNvoy71m2PV713E/Gh+AT/A/AZb29sh2ix6Md3YBbUShrZAJbOLbdwAT
jMbznL1jUqGBKKHiTduOrnkXG1R6lHl2pL2ihhVLCFlUFTRpBLBzS/hieQZM1xeZ
q7/UjTfjaBAhyFO2QmcDLbambIKXTGjTYps+Q9RNNCzbwlo1A8V6BaoRHe6H4jGo
ALGyV0nlS6dSstYGINXWq420UcGMY+EHc6qQqTcwV3Abh1R55yk6+ytELQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFHUxoh449rrCtj2YAf+ioASURKxXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y3ZjliZjBiLTNkYmQtNGVlNi04NGRiLTQzOTBkMzE5NmZkMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba95BAMA0GCSqGSIb3DQEBCwUAA4IBAQAkDv8Niidsh+a8O/4e
LA9HvF/z+vLBqJwPN5Kvamz1h5hApWF3tHnbJAlzYWhZ1No+k/EDumXBlh8toP0g
kjfMwwLOquW5aJPQeFUx9P6HcRC0ZKippbYUk4ssllAxvXbBc9Pcaaqt0xVHP8Yv
0d/MFx9xPF2dk6k5tdhbl3HsYfLU6L9/fkbhs7MuXuybZsWD4IR7OqHr4pu/lgQc
qC3WGL7LXZ0TEGtillh11CqrIEOoW5CIzfc23e81EqBCR3uv8obkJM0392V53Icz
zhJd98Krj+ugNKxGz/vS/K3XM3yCHDgMsjACsHuVM7a9grQBkCq13RNMjPThsGSZ
uQLr
-----END CERTIFICATE-----