Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa
File:                     9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa (raw, json)
Hash identifier:          tK7Vg3AiHGP9idHTY5I/OavgKWH0KsGNssjAr36ZrfI=
Subject key identifier:   37:77:4F:F4:B0:5A:A3:1D:2C:4E:26:23:95:4F:B3:A7:84:00:1C:D3
Certificate issuer:       /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial:       14797D5BEAFF9B190DDA7B5DF7E730C8C51835B1
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa
Signing time:             Mon 13 Jan 2025 00:00:00 +0000
ROA not before:           Mon 13 Jan 2025 00:00:00 +0000
ROA not after:            Mon 17 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        175.41.128.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:79:7d:5b:ea:ff:9b:19:0d:da:7b:5d:f7:e7:30:c8:c5:18:35:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
        Validity
            Not Before: Jan 13 00:00:00 2025 GMT
            Not After : Feb 17 23:59:59 2025 GMT
        Subject: serialNumber=605d6938ade6d06ed5106e0d106995564c3f2a2db0c72e66f84bcc1e660b0b0c, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:b3:6e:cc:2e:be:5a:25:ad:82:dd:eb:9e:d0:
                    ab:a1:9d:c0:d0:b9:f3:76:e8:bd:7c:39:6e:24:8d:
                    29:59:46:88:2a:34:86:65:89:2a:d6:22:7d:33:1b:
                    9b:fb:0b:f6:17:27:ae:89:07:ca:3e:84:9a:cf:b0:
                    f0:0b:15:90:73:4c:0c:fb:ea:cc:1a:fc:4c:9c:6f:
                    24:fa:ce:4f:c5:5e:9b:77:09:4a:73:1d:ea:68:dc:
                    ab:41:e4:83:3b:c5:4f:1e:41:5f:02:54:d4:c7:d7:
                    b7:a3:c5:e0:af:e8:35:f5:3a:31:e7:ed:2a:1e:6a:
                    88:73:33:b7:54:6a:02:28:f9:69:ca:5a:5c:07:fe:
                    62:d9:0e:d7:aa:ff:ba:ae:b1:2e:b3:64:98:62:3e:
                    7b:f2:93:24:ec:70:0e:78:04:24:4c:0e:bc:66:29:
                    92:06:c8:e3:5a:39:68:2e:6d:5b:2a:9e:3f:31:d2:
                    51:92:67:5f:39:1a:94:7d:21:01:57:85:6c:fe:07:
                    0e:16:92:bb:88:56:22:6d:4e:d0:47:4a:de:c6:90:
                    29:52:8c:cc:bd:12:e1:b6:c2:4e:93:62:19:6f:ea:
                    d6:d6:f2:76:1c:d3:83:40:20:1c:98:b9:bc:01:3a:
                    96:db:b6:cc:f6:b2:f8:9f:f1:50:36:34:2b:a4:03:
                    b2:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:77:4F:F4:B0:5A:A3:1D:2C:4E:26:23:95:4F:B3:A7:84:00:1C:D3
            X509v3 Authority Key Identifier:
                keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/9e37f855-48bf-420a-a86c-5eeb4fc1f790.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.41.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         3d:6f:3b:77:1d:03:8d:52:2c:4e:4b:a9:01:c4:90:b9:cd:76:
         e8:e3:b7:2f:9a:65:60:74:13:c8:2b:29:14:af:cf:d3:01:e9:
         c7:a5:2c:d1:be:b6:63:9a:29:68:6a:ea:d6:f0:5f:3e:88:f9:
         06:53:c3:6b:61:c6:89:ad:71:38:6c:f7:c7:b7:0c:e4:7d:43:
         c4:e7:3f:f4:3b:fd:a8:ae:08:59:01:ce:fe:01:d7:b2:f3:24:
         6c:b7:82:53:27:bd:ba:5b:0f:16:70:0a:f3:c2:a9:ef:92:7f:
         73:d5:8e:f7:66:7e:92:03:bd:f3:5f:54:a0:3a:a3:64:cf:6e:
         18:24:de:cd:f4:99:24:c9:9d:a7:41:99:5e:9a:45:68:fe:d5:
         18:ad:a5:bb:39:58:fa:f7:b1:8a:39:5d:4a:80:7b:cc:87:62:
         71:01:71:b7:fc:9c:62:7a:b9:85:39:59:ec:f0:5d:32:0e:16:
         26:6e:99:0f:62:eb:66:c0:2f:8e:6d:c0:fa:22:93:3a:9c:7a:
         32:1f:58:0e:a9:dc:59:f8:e3:29:f7:dc:cb:f4:71:4a:e8:e9:
         59:40:de:48:41:a9:c9:27:a4:b2:d0:1f:fa:cd:ca:08:15:3c:
         57:9c:03:f0:ea:61:0a:2c:aa:60:85:6f:3b:eb:7a:94:cf:62:
         ac:08:09:3c
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUFHl9W+r/mxkN2ntd9+cwyMUYNbEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNANjA1ZDY5MzhhZGU2ZDA2ZWQ1MTA2
ZTBkMTA2OTk1NTY0YzNmMmEyZGIwYzcyZTY2Zjg0YmNjMWU2NjBiMGIwYzEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuLNuzC6+WiWtgt3rntCroZ3A0Lnz
dui9fDluJI0pWUaIKjSGZYkq1iJ9Mxub+wv2FyeuiQfKPoSaz7DwCxWQc0wM++rM
GvxMnG8k+s5PxV6bdwlKcx3qaNyrQeSDO8VPHkFfAlTUx9e3o8Xgr+g19Tox5+0q
HmqIczO3VGoCKPlpylpcB/5i2Q7Xqv+6rrEus2SYYj578pMk7HAOeAQkTA68ZimS
BsjjWjloLm1bKp4/MdJRkmdfORqUfSEBV4Vs/gcOFpK7iFYibU7QR0rexpApUozM
vRLhtsJOk2IZb+rW1vJ2HNODQCAcmLm8ATqW27bM9rL4n/FQNjQrpAOyxwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDd3T/SwWqMdLE4mI5VPs6eEABzTMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzllMzdmODU1LTQ4YmYtNDIwYS1hODZjLTVlZWI0ZmMxZjc5MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGrymAMA0GCSqGSIb3DQEBCwUAA4IBAQA9bzt3HQONUixOS6kBxJC5
zXbo47cvmmVgdBPIKykUr8/TAenHpSzRvrZjmiloaurW8F8+iPkGU8NrYcaJrXE4
bPfHtwzkfUPE5z/0O/2orghZAc7+Adey8yRst4JTJ726Ww8WcArzwqnvkn9z1Y73
Zn6SA73zX1SgOqNkz24YJN7N9JkkyZ2nQZlemkVo/tUYraW7OVj697GKOV1KgHvM
h2JxAXG3/JxiermFOVns8F0yDhYmbpkPYutmwC+ObcD6IpM6nHoyH1gOqdxZ+OMp
99zL9HFK6OlZQN5IQanJJ6Sy0B/6zcoIFTxXnAPw6mEKLKpghW8763qUz2KsCAk8
-----END CERTIFICATE-----