Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa
File:                     fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa (raw, json)
Hash identifier:          UpYpqVQMzWNaKbHtADciA62Ol7s4VzQ9+73v2nGu1eI=
Subject key identifier:   E7:2A:B3:D7:46:8F:49:72:A9:D0:22:81:16:A1:80:D0:75:C1:73:3D
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       65DB05EA879BD6400F5A25C1A0FFC95832FCBD60
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa
Signing time:             Tue 07 Jan 2025 00:00:00 +0000
ROA not before:           Tue 07 Jan 2025 00:00:00 +0000
ROA not after:            Tue 11 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da70:a000::/40 maxlen: 40
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:db:05:ea:87:9b:d6:40:0f:5a:25:c1:a0:ff:c9:58:32:fc:bd:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  7 00:00:00 2025 GMT
            Not After : Feb 11 23:59:59 2025 GMT
        Subject: serialNumber=e4a7d8c1f76ac7864ad746c9713a5e81452440eb361d2eb31ef033fe71ccf1be, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:54:9c:48:45:07:c0:10:5c:39:f8:0b:3d:e4:
                    0c:af:4c:ff:7b:cd:29:c4:6f:be:18:ec:48:36:d1:
                    af:ad:6d:33:9c:15:58:03:2f:e6:83:fd:9e:82:01:
                    d6:b3:8d:f3:ee:97:f9:fd:b8:f3:c1:20:4e:9e:32:
                    8b:f7:41:59:6c:43:77:68:10:24:07:9c:35:b6:92:
                    f2:f3:83:46:a3:ae:49:86:6e:a7:90:3d:f8:99:58:
                    04:38:92:9c:c3:d8:a1:41:ef:4d:56:b0:62:6a:f7:
                    5e:a5:ac:36:83:f8:e5:42:12:91:96:b8:e9:35:d7:
                    c1:6c:da:6f:f1:27:13:7a:9a:1f:c0:9f:33:19:d0:
                    de:65:c2:6d:24:42:40:d2:e5:b8:73:87:45:fc:e4:
                    93:39:c8:03:3f:d6:b3:7d:10:7d:44:b7:f0:b1:c0:
                    62:a1:c2:a2:0d:63:4f:f0:72:83:d6:51:8a:e9:b1:
                    29:b0:7e:65:44:2f:50:d7:49:99:78:ab:10:bc:f2:
                    88:ea:94:7a:4b:a0:76:db:77:59:d3:3b:9c:75:75:
                    82:24:04:bb:56:d5:2f:37:20:84:fd:d5:be:b6:32:
                    fc:96:82:d9:5d:0d:6d:94:ef:1e:51:2e:f9:47:8d:
                    71:ca:7c:b9:27:b1:80:bc:11:40:a7:06:da:e8:f5:
                    a1:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:2A:B3:D7:46:8F:49:72:A9:D0:22:81:16:A1:80:D0:75:C1:73:3D
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fbed307e-fbcc-427b-978f-d6f6d64a91c6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da70:a000::/40

    Signature Algorithm: sha256WithRSAEncryption
         c7:22:8d:2b:1a:8c:c3:7a:bc:8e:15:de:c3:e3:ef:c5:cb:10:
         27:77:d2:db:cb:cb:43:82:87:f9:49:d7:d5:cc:f6:0a:15:3d:
         bf:87:a7:ea:b6:38:d0:ab:d8:c3:5d:80:99:60:a8:f1:19:31:
         1b:a2:41:e2:7f:e8:95:22:92:c3:ef:22:ac:f1:ea:a9:5d:8c:
         1b:9d:e8:0e:27:1b:7b:dc:34:f9:d3:f8:1c:42:ea:97:22:3e:
         97:77:46:51:97:da:9c:7a:de:9c:6d:12:50:c3:cb:84:5c:b3:
         f0:36:90:01:db:6f:0d:6d:5f:08:f5:e3:5d:6e:b1:86:90:1a:
         be:fe:10:c6:df:9c:2e:16:56:6c:40:b1:8e:e6:ab:eb:e9:1b:
         5b:47:96:7d:2c:13:06:45:48:c1:dc:23:be:6e:8b:b0:bb:cb:
         91:ab:46:73:86:a8:60:26:79:55:9e:c2:ad:7b:68:86:23:86:
         3e:2b:9d:47:31:41:af:63:d6:ea:b3:f3:14:05:e1:32:a8:d7:
         82:d8:54:b3:cc:10:fe:91:23:ba:70:8b:0e:74:44:5f:2e:10:
         4b:a3:6e:7f:17:12:e0:6f:f4:9e:82:c9:92:ab:57:9a:3c:ee:
         bf:18:9d:37:bc:09:95:ab:23:a6:b3:7d:7b:c4:17:48:40:6a:
         74:b4:79:84
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUZdsF6oeb1kAPWiXBoP/JWDL8vWAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAZTRhN2Q4YzFmNzZhYzc4NjRhZDc0
NmM5NzEzYTVlODE0NTI0NDBlYjM2MWQyZWIzMWVmMDMzZmU3MWNjZjFiZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFScSEUHwBBcOfgLPeQMr0z/e80p
xG++GOxINtGvrW0znBVYAy/mg/2eggHWs43z7pf5/bjzwSBOnjKL90FZbEN3aBAk
B5w1tpLy84NGo65Jhm6nkD34mVgEOJKcw9ihQe9NVrBiavdepaw2g/jlQhKRlrjp
NdfBbNpv8ScTepofwJ8zGdDeZcJtJEJA0uW4c4dF/OSTOcgDP9azfRB9RLfwscBi
ocKiDWNP8HKD1lGK6bEpsH5lRC9Q10mZeKsQvPKI6pR6S6B223dZ0zucdXWCJAS7
VtUvNyCE/dW+tjL8loLZXQ1tlO8eUS75R41xyny5J7GAvBFApwba6PWhjQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOcqs9dGj0lyqdAigRahgNB1wXM9MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZiZWQzMDdlLWZiY2MtNDI3Yi05NzhmLWQ2ZjZkNjRhOTFjNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacKAwDQYJKoZIhvcNAQELBQADggEBAMcijSsajMN6vI4V3sPj
78XLECd30tvLy0OCh/lJ19XM9goVPb+Hp+q2ONCr2MNdgJlgqPEZMRuiQeJ/6JUi
ksPvIqzx6qldjBud6A4nG3vcNPnT+BxC6pciPpd3RlGX2px63pxtElDDy4Rcs/A2
kAHbbw1tXwj1411usYaQGr7+EMbfnC4WVmxAsY7mq+vpG1tHln0sEwZFSMHcI75u
i7C7y5GrRnOGqGAmeVWewq17aIYjhj4rnUcxQa9j1uqz8xQF4TKo14LYVLPMEP6R
I7pwiw50RF8uEEujbn8XEuBv9J6CyZKrV5o87r8YnTe8CZWrI6azfXvEF0hAanS0
eYQ=
-----END CERTIFICATE-----