Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3a33e194-f0d8-42c3-a97c-4a2b18ea15ce.roa
File:                     3a33e194-f0d8-42c3-a97c-4a2b18ea15ce.roa (raw, json)
Hash identifier:          E+jYW72AnlZchXqHa/HZate5sDtDcbwbVcVfuWhTE+s=
Subject key identifier:   50:77:70:74:C6:97:10:E2:91:46:BB:76:22:5C:31:BD:C3:64:BF:39
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       2FC044C65E65CBA90558D8AA8C75589A5DCDF926
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3a33e194-f0d8-42c3-a97c-4a2b18ea15ce.roa
Signing time:             Fri 23 Jun 2023 00:00:00 +0000
ROA not before:           Fri 23 Jun 2023 00:00:00 +0000
ROA not after:            Fri 28 Jul 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:c0:44:c6:5e:65:cb:a9:05:58:d8:aa:8c:75:58:9a:5d:cd:f9:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jun 23 00:00:00 2023 GMT
            Not After : Jul 28 23:59:59 2023 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:14:7f:c7:6a:96:da:5f:4d:4e:8a:78:ec:7a:
                    8c:d8:88:bd:6c:c1:93:ce:25:65:f8:4c:0f:0b:e4:
                    c8:57:90:84:3d:4f:51:f7:dc:dc:8e:e6:ad:d4:bb:
                    ec:32:75:b6:b3:41:a8:d1:a3:20:cb:00:20:51:6e:
                    9f:11:90:ec:7f:3d:2a:8d:cf:83:d5:4d:78:c3:80:
                    ce:c1:2e:09:39:30:80:37:76:b6:96:50:32:32:9b:
                    b0:38:a0:36:3f:a6:6b:17:6b:41:6f:7a:58:dd:9a:
                    df:42:5f:f2:f4:85:1d:6f:8c:24:b0:9d:1f:f2:b4:
                    23:30:5c:de:91:20:5d:70:09:71:2d:35:0b:8d:be:
                    d9:4a:3b:96:ed:e7:a8:1d:4f:b3:1f:91:0e:74:bb:
                    2e:4f:ba:99:a1:e8:76:22:f4:d5:2c:3d:64:99:5f:
                    64:ab:74:ad:d1:80:31:8d:1d:2d:19:c8:56:98:e8:
                    72:35:c4:64:fe:aa:df:42:f6:51:41:08:6e:78:89:
                    93:68:d3:33:07:7d:8a:db:14:47:3e:0e:6d:79:c5:
                    78:20:61:78:97:19:d6:ae:73:6a:6d:87:b2:7d:e3:
                    ba:e1:a9:00:ff:2a:a3:80:4a:c3:90:44:a6:2d:de:
                    ad:18:38:74:17:9b:a2:de:d1:75:06:fa:5b:6c:00:
                    5c:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:77:70:74:C6:97:10:E2:91:46:BB:76:22:5C:31:BD:C3:64:BF:39
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3a33e194-f0d8-42c3-a97c-4a2b18ea15ce.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:fb:ac:0a:36:6d:8d:d5:11:97:fd:c2:09:ec:1b:a2:27:55:
         62:37:79:37:cb:b9:e1:25:89:b1:3c:f2:d9:a5:7f:05:4b:3b:
         ca:bc:00:66:5b:be:3f:a7:78:d4:f7:e5:c0:f4:22:79:e5:f4:
         67:2b:04:8d:ce:d2:0e:79:1b:e1:75:56:9d:9d:03:67:e6:e2:
         8c:4f:bf:7e:99:52:fd:e9:48:26:b8:bb:38:a6:5c:6e:1f:d0:
         01:0c:0c:93:73:d9:df:71:d8:fe:04:1f:33:4d:27:e5:a2:bf:
         00:87:29:38:81:6f:1e:bc:23:7e:12:ed:0f:d6:22:c4:c4:77:
         ed:39:f9:a9:b1:84:ed:4a:3a:3e:51:1d:e6:c6:15:4b:d3:39:
         ae:13:2d:3a:c0:ec:52:5d:be:a3:1b:a1:82:ea:b1:62:96:72:
         49:cd:1d:21:9d:49:20:94:26:e7:39:98:47:71:1f:5c:cf:15:
         5d:1b:3d:67:5b:5d:79:92:35:c3:11:8e:94:91:0a:35:ff:7e:
         cd:1d:3e:40:4b:1a:8d:51:79:91:4e:e5:e8:1a:19:ec:d5:82:
         1a:cc:8b:db:46:ca:3a:22:3d:b1:d4:46:c8:9c:ed:8d:a9:56:
         8c:4c:fb:4a:3f:a6:c9:ce:14:f1:db:62:5f:63:db:dc:52:d5:
         f2:a7:a6:97
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL8BExl5ly6kFWNiqjHVYml3N+SYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNjIzMDAwMDAwWhcNMjMwNzI4MjM1OTU5
WjB6MUkwRwYDVQQFE0A5NGM5OGRlOTcyNDFkNTU3MTY2NTkyMTE3NDNjNTNiZDli
ODcyOGZjNTQ3MTVkMDdjZmM4YThiMmE1ZWYyOThkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDwFH/HapbaX01OinjseozYiL1swZPOJWX4TA8L5MhXkIQ9
T1H33NyO5q3Uu+wydbazQajRoyDLACBRbp8RkOx/PSqNz4PVTXjDgM7BLgk5MIA3
draWUDIym7A4oDY/pmsXa0Fveljdmt9CX/L0hR1vjCSwnR/ytCMwXN6RIF1wCXEt
NQuNvtlKO5bt56gdT7MfkQ50uy5Pupmh6HYi9NUsPWSZX2SrdK3RgDGNHS0ZyFaY
6HI1xGT+qt9C9lFBCG54iZNo0zMHfYrbFEc+Dm15xXggYXiXGdauc2pth7J947rh
qQD/KqOASsOQRKYt3q0YOHQXm6Le0XUG+ltsAFx9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUUHdwdMaXEOKRRrt2IlwxvcNkvzkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNhMzNlMTk0LWYwZDgtNDJjMy1hOTdjLTRhMmIxOGVhMTVjZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEf7rAo2bY3VEZf9wgnsG6InVWI3
eTfLueElibE88tmlfwVLO8q8AGZbvj+neNT35cD0Innl9GcrBI3O0g55G+F1Vp2d
A2fm4oxPv36ZUv3pSCa4uzimXG4f0AEMDJNz2d9x2P4EHzNNJ+WivwCHKTiBbx68
I34S7Q/WIsTEd+05+amxhO1KOj5RHebGFUvTOa4TLTrA7FJdvqMboYLqsWKWcknN
HSGdSSCUJuc5mEdxH1zPFV0bPWdbXXmSNcMRjpSRCjX/fs0dPkBLGo1ReZFO5ega
GezVghrMi9tGyjoiPbHURsic7Y2pVoxM+0o/psnOFPHbYl9j29xS1fKnppc=
-----END CERTIFICATE-----