Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa
File:                     018dea0d-42eb-4d58-8914-636d25ca3b3c.roa (raw, json)
Hash identifier:          W/Wc+ZvOjRrDPdn6Qu6xINcalOrIe29uaH9rRF3Lizc=
Subject key identifier:   FE:22:AE:51:F8:3C:FA:11:B1:7B:0A:11:DA:E1:D8:EB:E0:64:1D:11
Certificate issuer:       /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial:       0C96865264E01884B7BC6B4F557A0653D727D763
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa
Signing time:             Tue 14 Jan 2025 00:00:00 +0000
ROA not before:           Tue 14 Jan 2025 00:00:00 +0000
ROA not after:            Tue 18 Feb 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        240f:8018:800::/38 maxlen: 38
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:96:86:52:64:e0:18:84:b7:bc:6b:4f:55:7a:06:53:d7:27:d7:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
        Validity
            Not Before: Jan 14 00:00:00 2025 GMT
            Not After : Feb 18 23:59:59 2025 GMT
        Subject: serialNumber=1c6129ce2a12b32eb86203f96c4805b567704be74f66bc69d6890a5c7c3ad961, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:5e:0d:4e:e8:b4:da:d5:9a:6c:21:c1:38:46:
                    e9:4a:61:7d:b5:16:cb:e4:c8:48:de:01:34:db:e1:
                    99:a1:05:b2:99:71:1b:e0:ba:53:25:de:ac:af:c0:
                    01:be:be:d8:74:65:6e:83:36:ee:b7:56:4d:8a:a9:
                    f7:c9:44:64:25:f7:a1:64:f7:7c:fe:fb:26:4b:b4:
                    90:4b:e9:a1:97:85:c2:e1:11:2c:fb:b9:55:80:5e:
                    28:e5:cf:04:fd:41:8d:3e:a3:34:0d:dc:d0:8a:63:
                    a6:e0:ea:da:ed:8a:d4:2c:fc:d3:53:3c:35:6d:a1:
                    db:e3:62:b0:62:da:f4:8f:50:37:fc:ec:bd:6f:77:
                    95:3d:bb:6a:75:14:18:83:df:30:95:69:e0:8f:f4:
                    30:d4:f3:0d:ee:4b:d1:e6:f2:00:b5:ad:b1:85:61:
                    80:a0:9f:9b:ba:f3:b5:a5:9e:9a:42:bd:c9:0b:b2:
                    cf:8b:81:0f:a0:4f:e7:7e:64:8d:e6:dd:4c:7c:62:
                    b3:49:be:9a:4c:81:e2:28:16:15:04:54:14:2a:73:
                    2f:d9:2a:08:ab:e8:49:18:44:33:f6:49:cd:9e:dd:
                    88:0c:62:93:16:f6:ac:4b:2f:a3:8e:be:de:22:43:
                    96:4e:3e:16:63:9b:92:86:76:c3:3c:41:19:37:0a:
                    8a:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:22:AE:51:F8:3C:FA:11:B1:7B:0A:11:DA:E1:D8:EB:E0:64:1D:11
            X509v3 Authority Key Identifier:
                keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/018dea0d-42eb-4d58-8914-636d25ca3b3c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  240f:8018:800::/38

    Signature Algorithm: sha256WithRSAEncryption
         16:7f:9c:c8:20:2b:75:2c:48:d4:2b:58:41:3d:54:1a:5b:57:
         2e:71:5a:40:93:c0:0d:c1:30:9f:f9:72:e9:cd:30:e1:51:d8:
         fc:95:95:5a:63:97:17:9b:39:65:52:2c:18:53:ef:80:e4:57:
         49:e0:ed:0f:d6:4b:4d:41:ef:cb:3a:40:aa:99:88:b6:ff:26:
         0b:2f:54:40:f6:c4:8c:d8:95:1f:02:15:e1:34:d1:8f:1d:79:
         61:be:c3:57:b1:75:79:d6:73:cf:45:ee:28:ce:ef:5f:36:ca:
         5c:36:85:4d:e4:bb:e2:1b:9e:91:9e:7b:a7:6b:bb:d0:bc:8a:
         78:f8:f3:68:14:8b:98:3a:c0:b4:03:30:14:9a:f7:0f:f7:66:
         ff:86:0b:09:1a:da:4b:0c:91:88:31:c2:e1:c9:c2:6d:8d:b7:
         59:8e:70:29:3c:f4:64:e6:8c:f1:4d:63:7f:d9:d7:e5:50:cb:
         a0:69:fe:c6:c0:a1:05:ff:65:19:65:72:24:c7:55:2a:d0:6d:
         fb:b4:fc:23:40:18:e1:cf:60:38:94:dd:ab:71:7b:07:5f:61:
         50:a4:d8:0b:72:d6:83:09:6e:59:76:f2:8b:d5:a4:c7:f2:80:
         0c:33:9f:97:b4:97:ed:70:33:93:85:b8:1e:e1:f6:70:99:66:
         5d:7d:ca:ae
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUDJaGUmTgGIS3vGtPVXoGU9cn12MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDExNDAwMDAwMFoX
DTI1MDIxODIzNTk1OVowejFJMEcGA1UEBRNAMWM2MTI5Y2UyYTEyYjMyZWI4NjIw
M2Y5NmM0ODA1YjU2NzcwNGJlNzRmNjZiYzY5ZDY4OTBhNWM3YzNhZDk2MTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl4NTui02tWabCHBOEbpSmF9tRbL
5MhI3gE02+GZoQWymXEb4LpTJd6sr8ABvr7YdGVugzbut1ZNiqn3yURkJfehZPd8
/vsmS7SQS+mhl4XC4REs+7lVgF4o5c8E/UGNPqM0DdzQimOm4Ora7YrULPzTUzw1
baHb42KwYtr0j1A3/Oy9b3eVPbtqdRQYg98wlWngj/Qw1PMN7kvR5vIAta2xhWGA
oJ+buvO1pZ6aQr3JC7LPi4EPoE/nfmSN5t1MfGKzSb6aTIHiKBYVBFQUKnMv2SoI
q+hJGEQz9knNnt2IDGKTFvasSy+jjr7eIkOWTj4WY5uShnbDPEEZNwqK9wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFP4irlH4PPoRsXsKEdrh2OvgZB0RMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzAxOGRlYTBkLTQyZWItNGQ1OC04OTE0LTYzNmQyNWNhM2IzYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJA+AGAgwDQYJKoZIhvcNAQELBQADggEBABZ/nMggK3UsSNQrWEE9
VBpbVy5xWkCTwA3BMJ/5cunNMOFR2PyVlVpjlxebOWVSLBhT74DkV0ng7Q/WS01B
78s6QKqZiLb/JgsvVED2xIzYlR8CFeE00Y8deWG+w1exdXnWc89F7ijO7182ylw2
hU3ku+IbnpGee6dru9C8inj482gUi5g6wLQDMBSa9w/3Zv+GCwka2ksMkYgxwuHJ
wm2Nt1mOcCk89GTmjPFNY3/Z1+VQy6Bp/sbAoQX/ZRllciTHVSrQbfu0/CNAGOHP
YDiU3atxewdfYVCk2Aty1oMJbll28ovVpMfygAwzn5e0l+1wM5OFuB7h9nCZZl19
yq4=
-----END CERTIFICATE-----