Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ff938a6-bc1d-4ee4-bb4c-f096c6aec773.roa
File:                     2ff938a6-bc1d-4ee4-bb4c-f096c6aec773.roa (raw, json)
Hash identifier:          2uopP531OCkGk7V3I3jTgdmPe8LsysXEIX/vYNqrIEA=
Subject key identifier:   D8:AB:3E:51:F0:D1:FB:78:22:E2:CF:2E:59:E5:D8:1A:BC:86:EF:E7
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       57B55FD59549742FBF4601C24A37B5950EB18C4A
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ff938a6-bc1d-4ee4-bb4c-f096c6aec773.roa
Signing time:             Thu 08 Aug 2024 00:00:00 +0000
ROA not before:           Thu 08 Aug 2024 00:00:00 +0000
ROA not after:            Thu 12 Sep 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:b5:5f:d5:95:49:74:2f:bf:46:01:c2:4a:37:b5:95:0e:b1:8c:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug  8 00:00:00 2024 GMT
            Not After : Sep 12 23:59:59 2024 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:a1:8b:f9:90:eb:81:a6:21:78:b0:1c:15:28:
                    c9:f2:f8:39:63:e1:38:88:53:20:9a:d2:6a:4e:dd:
                    35:56:3c:64:fb:d0:11:94:2d:79:e0:62:1e:fa:56:
                    bc:31:56:bb:5f:6f:85:c9:33:2d:2b:63:e8:5e:87:
                    57:57:0d:d2:dd:69:90:74:01:e1:3f:0f:62:64:cd:
                    0a:28:9c:35:f9:94:bc:93:70:ac:bd:bc:5a:fc:5f:
                    21:01:2e:26:31:78:8d:3b:8f:ef:a4:a5:f0:bc:43:
                    9f:76:b2:12:7a:d6:dd:e9:55:ba:4b:80:08:38:89:
                    bc:90:ba:eb:75:f6:f6:59:31:40:2b:e5:33:fc:c9:
                    6c:d8:63:37:0d:99:79:45:5e:0a:66:0c:39:58:b6:
                    86:14:0f:a4:ef:f0:58:51:0a:f3:a4:6b:76:c2:2c:
                    ee:0a:13:4f:06:7b:6b:ef:ed:a0:cc:fc:e1:84:b0:
                    57:ab:24:71:8e:6a:a6:54:81:42:45:c6:e6:15:f7:
                    fe:a6:cb:27:17:02:2a:e3:15:c7:19:84:d9:f0:bd:
                    0a:06:29:94:05:93:5e:51:5e:f4:eb:12:8d:17:fd:
                    9e:5f:0e:b5:60:77:b5:9c:8e:36:01:c9:26:a9:7f:
                    bc:15:e1:93:fa:14:05:49:5c:13:2c:79:d7:4c:86:
                    d1:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:AB:3E:51:F0:D1:FB:78:22:E2:CF:2E:59:E5:D8:1A:BC:86:EF:E7
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2ff938a6-bc1d-4ee4-bb4c-f096c6aec773.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:a0:eb:3a:e5:ee:35:97:55:88:7e:b2:0d:8f:13:c4:8a:e8:
         f8:5f:fb:f7:10:e5:e2:38:d9:7b:54:57:45:35:47:12:59:3d:
         f4:62:63:08:7d:4f:05:80:b2:2e:7f:30:03:77:94:14:99:3e:
         b4:53:c8:47:a2:c5:ab:ca:5b:0f:85:8e:35:84:26:d9:d2:0e:
         29:53:31:c6:0c:ec:cd:09:b4:6a:69:3c:1c:97:f7:fb:58:13:
         75:b1:aa:d8:5e:f2:4c:72:87:47:18:82:de:aa:79:28:2b:89:
         36:30:1a:f3:cc:6d:98:fd:a9:a3:5e:18:4e:08:95:5b:e0:b4:
         6a:fa:fc:d3:d4:f4:5f:40:77:19:69:3d:93:0b:3c:89:8e:2b:
         a8:95:56:42:d9:48:3c:bc:b3:e7:70:cd:6a:42:7a:85:1e:bf:
         a5:78:79:2a:42:fb:8c:ff:e0:53:41:ef:04:33:a2:50:aa:94:
         35:d5:23:63:31:84:c4:13:1b:e7:95:78:3c:37:56:c9:26:dc:
         7c:94:dd:48:d3:26:62:fc:0b:23:9a:0a:fa:9c:f1:1b:3c:d2:
         ab:37:78:09:b9:24:8d:ec:bb:18:58:5d:40:bf:cd:c0:f6:b9:
         10:d6:f3:2b:0d:e3:2d:32:3a:a5:6b:ed:b3:71:2b:8d:ff:1a:
         85:a8:e4:3e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUV7Vf1ZVJdC+/RgHCSje1lQ6xjEowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwODA4MDAwMDAwWhcNMjQwOTEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BlMjM2MTYyZGNmNjQ0YmY5NjU1NDU3MDVkYWIxNTk2MmU5
YTAxYWU2ZDFjMDkxNmRjMzc3MDE0YzE4M2Q0NTNhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgoYv5kOuBpiF4sBwVKMny+Dlj4TiIUyCa0mpO3TVWPGT7
0BGULXngYh76VrwxVrtfb4XJMy0rY+heh1dXDdLdaZB0AeE/D2JkzQoonDX5lLyT
cKy9vFr8XyEBLiYxeI07j++kpfC8Q592shJ61t3pVbpLgAg4ibyQuut19vZZMUAr
5TP8yWzYYzcNmXlFXgpmDDlYtoYUD6Tv8FhRCvOka3bCLO4KE08Ge2vv7aDM/OGE
sFerJHGOaqZUgUJFxuYV9/6myycXAirjFccZhNnwvQoGKZQFk15RXvTrEo0X/Z5f
DrVgd7WcjjYBySapf7wV4ZP6FAVJXBMseddMhtE3AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU2Ks+UfDR+3gi4s8uWeXYGryG7+cwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJmZjkzOGE2LWJjMWQtNGVlNC1iYjRjLWYwOTZjNmFlYzc3My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAB+g6zrl7jWXVYh+sg2PE8SK6Phf
+/cQ5eI42XtUV0U1RxJZPfRiYwh9TwWAsi5/MAN3lBSZPrRTyEeixavKWw+FjjWE
JtnSDilTMcYM7M0JtGppPByX9/tYE3Wxqthe8kxyh0cYgt6qeSgriTYwGvPMbZj9
qaNeGE4IlVvgtGr6/NPU9F9AdxlpPZMLPImOK6iVVkLZSDy8s+dwzWpCeoUev6V4
eSpC+4z/4FNB7wQzolCqlDXVI2MxhMQTG+eVeDw3Vskm3HyU3UjTJmL8CyOaCvqc
8Rs80qs3eAm5JI3suxhYXUC/zcD2uRDW8ysN4y0yOqVr7bNxK43/GoWo5D4=
-----END CERTIFICATE-----