Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa
File:                     feddcef0-1c49-4db6-b667-d3a813db2a74.roa (raw, json)
Hash identifier:          fL6MOxDT05e5cmMWVatNTh95cTzVAIl2ex/jzR946U0=
Subject key identifier:   96:F8:1C:3B:59:96:9D:0B:BC:53:9D:04:B6:28:A0:A6:B4:93:EC:03
Certificate issuer:       /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial:       15C500DBCEB2FD043610B57E0C05E8EA8CBD1DE9
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa
Signing time:             Wed 08 Jan 2025 00:00:00 +0000
ROA not before:           Wed 08 Jan 2025 00:00:00 +0000
ROA not after:            Wed 12 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        2406:da68:1000::/40 maxlen: 48
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:c5:00:db:ce:b2:fd:04:36:10:b5:7e:0c:05:e8:ea:8c:bd:1d:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
        Validity
            Not Before: Jan  8 00:00:00 2025 GMT
            Not After : Feb 12 23:59:59 2025 GMT
        Subject: serialNumber=ea4c83217ee0d83090ef65b858c11eff7c91678b86c5eb81a749472f35a62f7f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:57:50:d0:5e:5b:e0:aa:f5:eb:20:ce:70:77:
                    04:65:b5:65:34:1e:46:14:f0:96:87:08:9c:57:7f:
                    78:fd:fe:11:8c:15:fb:3c:89:44:b5:81:6d:41:96:
                    35:25:cd:3d:b6:4b:1e:f3:c7:4d:b7:73:f4:05:61:
                    c7:68:f7:d9:b3:db:47:c1:a7:91:89:76:26:2e:ef:
                    8c:fa:fc:0c:cc:aa:7b:55:ae:27:26:3f:fd:a9:5b:
                    52:ea:f0:27:d8:98:1f:bb:92:d7:1d:53:c3:00:29:
                    a8:d7:15:db:90:53:b0:42:12:c9:4c:72:76:85:f7:
                    73:32:09:5f:d2:18:ea:80:50:70:66:f1:a7:55:b5:
                    2f:2f:67:dc:27:95:5c:45:4e:f3:18:c5:94:40:01:
                    15:85:a3:8f:a6:65:48:22:31:7f:3a:49:87:66:81:
                    5e:8b:a6:4c:71:32:d4:94:cb:dc:d9:7c:77:f6:7e:
                    07:b9:93:9d:a8:1d:84:1a:0a:29:be:a8:bc:25:db:
                    60:08:bd:cb:07:b0:c7:26:72:99:db:d7:e2:13:87:
                    bf:93:3b:e4:1c:9e:13:00:27:33:bb:b4:65:ba:a0:
                    b8:74:ce:83:70:09:bd:7c:cf:7f:2f:b6:f0:b2:4f:
                    e8:bb:71:ac:bb:ab:c1:2a:99:a5:f0:14:c9:bb:a3:
                    d7:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:F8:1C:3B:59:96:9D:0B:BC:53:9D:04:B6:28:A0:A6:B4:93:EC:03
            X509v3 Authority Key Identifier:
                keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/feddcef0-1c49-4db6-b667-d3a813db2a74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2406:da68:1000::/40

    Signature Algorithm: sha256WithRSAEncryption
         01:40:7a:22:78:b7:81:bf:03:6e:17:d5:01:57:95:0e:35:77:
         43:66:44:6e:78:47:b1:b0:41:6d:88:be:d3:9e:a5:32:36:c6:
         8d:71:96:c9:a7:eb:47:c6:3f:35:7c:72:fd:57:1b:96:69:02:
         6c:2c:5c:d9:79:9c:5d:3f:8b:72:eb:d7:a0:f9:64:62:ae:ca:
         a7:86:10:2f:e9:81:91:ce:a7:d9:c7:62:04:a5:cf:0b:bd:1d:
         32:f1:66:e2:a4:24:35:68:6d:47:77:e9:bb:53:76:39:2b:bd:
         5e:a8:cf:d4:4e:9f:a6:0c:85:e8:43:c1:45:cd:4c:38:6c:d0:
         0e:ff:c4:1c:12:f3:f1:64:63:92:bd:26:3e:0f:71:ee:9a:46:
         d3:f7:48:3f:7c:a5:c0:d1:8a:b7:62:8e:3e:c7:b9:ba:12:ea:
         1d:a5:45:a1:45:be:1e:7b:8d:23:6f:30:53:c7:1f:34:1c:3b:
         41:61:37:42:ed:e1:65:6c:47:8d:1c:cd:36:a9:e5:80:41:9b:
         44:06:c9:a4:43:0b:0d:2f:00:78:0b:3e:21:2c:c4:f9:5b:49:
         3f:2e:35:de:a7:98:f8:f7:94:cd:4b:d6:e5:6c:e8:f3:90:c3:
         90:46:8c:ca:39:3c:e7:16:e3:db:76:b7:be:10:73:51:29:4d:
         1f:7f:93:69
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFcUA286y/QQ2ELV+DAXo6oy9HekwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAZWE0YzgzMjE3ZWUwZDgzMDkwZWY2
NWI4NThjMTFlZmY3YzkxNjc4Yjg2YzVlYjgxYTc0OTQ3MmYzNWE2MmY3ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnldQ0F5b4Kr16yDOcHcEZbVlNB5G
FPCWhwicV394/f4RjBX7PIlEtYFtQZY1Jc09tkse88dNt3P0BWHHaPfZs9tHwaeR
iXYmLu+M+vwMzKp7Va4nJj/9qVtS6vAn2Jgfu5LXHVPDACmo1xXbkFOwQhLJTHJ2
hfdzMglf0hjqgFBwZvGnVbUvL2fcJ5VcRU7zGMWUQAEVhaOPpmVIIjF/OkmHZoFe
i6ZMcTLUlMvc2Xx39n4HuZOdqB2EGgopvqi8JdtgCL3LB7DHJnKZ29fiE4e/kzvk
HJ4TACczu7RluqC4dM6DcAm9fM9/L7bwsk/ou3Gsu6vBKpml8BTJu6PXQwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJb4HDtZlp0LvFOdBLYooKa0k+wDMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZlZGRjZWYwLTFjNDktNGRiNi1iNjY3LWQzYTgxM2RiMmE3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaBAwDQYJKoZIhvcNAQELBQADggEBAAFAeiJ4t4G/A24X1QFX
lQ41d0NmRG54R7GwQW2IvtOepTI2xo1xlsmn60fGPzV8cv1XG5ZpAmwsXNl5nF0/
i3Lr16D5ZGKuyqeGEC/pgZHOp9nHYgSlzwu9HTLxZuKkJDVobUd36btTdjkrvV6o
z9ROn6YMhehDwUXNTDhs0A7/xBwS8/FkY5K9Jj4Pce6aRtP3SD98pcDRirdijj7H
uboS6h2lRaFFvh57jSNvMFPHHzQcO0FhN0Lt4WVsR40czTap5YBBm0QGyaRDCw0v
AHgLPiEsxPlbST8uNd6nmPj3lM1L1uVs6POQw5BGjMo5POcW49t2t74Qc1EpTR9/
k2k=
-----END CERTIFICATE-----