Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4190ce01-b662-4bf8-8d1a-f870d5bd83c3.roa
File:                     4190ce01-b662-4bf8-8d1a-f870d5bd83c3.roa (raw, json)
Hash identifier:          YpihQ7oUCJ3E6smdXk18sCSmrkdejQeATTt6OIPIvfw=
Subject key identifier:   5F:B6:F4:EB:83:67:DB:20:0D:49:7C:DA:D3:AE:3E:85:73:46:AA:BE
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6298746182C4CC5F8497B07D7D50FBDDC76A65E0
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4190ce01-b662-4bf8-8d1a-f870d5bd83c3.roa
Signing time:             Sun 02 Feb 2025 00:00:00 +0000
ROA not before:           Sun 02 Feb 2025 00:00:00 +0000
ROA not after:            Sun 09 Mar 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:98:74:61:82:c4:cc:5f:84:97:b0:7d:7d:50:fb:dd:c7:6a:65:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Feb  2 00:00:00 2025 GMT
            Not After : Mar  9 23:59:59 2025 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:9b:75:40:65:38:80:c4:05:fb:27:73:ce:93:
                    84:00:55:dd:da:db:c6:9a:d7:57:c7:b3:fd:4e:86:
                    9a:37:e9:97:09:36:56:53:6c:79:95:06:2e:9a:a7:
                    e2:43:6c:e1:33:de:ac:26:b7:c9:ba:de:7b:6b:ad:
                    49:1d:22:c2:91:15:f3:82:0c:31:5d:61:0e:a8:5c:
                    83:57:88:8d:d3:d8:04:a6:95:d3:66:18:49:f7:62:
                    bd:a1:75:25:31:7d:a8:94:01:44:ec:b4:94:ff:db:
                    32:c8:bf:db:60:6d:41:f4:cc:36:91:73:d5:34:0b:
                    79:2a:a2:e7:d8:0a:d6:76:cf:3f:2b:5b:95:ee:6e:
                    c8:fd:04:91:50:f3:89:73:df:92:66:d5:81:aa:4e:
                    d8:5d:1d:b3:76:22:be:70:7d:b3:fc:f2:e5:6f:c2:
                    51:02:05:b3:33:84:37:4c:f4:b6:19:63:b2:82:91:
                    5a:0f:65:01:36:49:a9:7a:44:f3:ec:84:f0:93:ff:
                    06:c0:46:b5:f7:4c:8f:fd:c1:d6:6a:5f:37:a7:da:
                    6e:a9:45:4b:cb:05:b2:15:63:18:9f:dd:14:ce:c9:
                    af:f0:3e:9f:aa:45:b1:b8:52:81:3c:8b:c9:41:77:
                    85:14:aa:37:36:9c:3e:20:43:b2:9b:f2:a0:ef:3b:
                    74:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:B6:F4:EB:83:67:DB:20:0D:49:7C:DA:D3:AE:3E:85:73:46:AA:BE
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4190ce01-b662-4bf8-8d1a-f870d5bd83c3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:1a:79:3d:16:eb:a5:c2:1d:c4:b0:9f:50:63:aa:de:3d:9e:
         9d:d7:1e:7b:eb:66:00:c3:73:fe:8c:5c:e6:a7:39:84:51:a9:
         cd:a3:e2:e2:3a:1a:08:57:25:d1:14:5c:84:42:fc:c7:2f:e6:
         bd:af:27:99:d8:05:9b:2d:06:50:64:44:e0:9a:e1:52:c3:03:
         94:9e:76:37:20:18:fb:8e:4b:af:69:6d:fa:c3:77:c4:00:2a:
         fd:1b:81:58:8c:db:e5:d8:ac:29:96:63:6c:2e:d4:6a:68:ee:
         5a:fc:18:da:50:2b:8e:95:88:bb:59:58:b7:96:81:fd:c3:c8:
         a2:2e:eb:ae:73:4e:01:20:09:8b:21:37:1a:7f:4f:b1:3f:25:
         a4:d2:8a:93:d6:a1:80:4c:e1:7d:e8:c6:8f:bd:8f:c5:e8:42:
         b0:d2:6f:a2:5d:e1:34:9c:c2:9a:52:91:52:67:7f:5e:e0:a0:
         8b:1f:4f:0c:0f:04:cd:7d:72:cf:74:8e:7b:97:2f:24:89:d3:
         f0:86:a4:a4:52:e3:a4:d6:5d:ab:15:f2:82:f6:7f:14:d3:56:
         70:e0:6a:2d:6e:eb:9e:8f:6c:53:14:02:b9:72:d1:52:1e:c1:
         80:47:00:21:3b:9c:46:03:39:33:2e:ac:bd:67:a4:8f:a4:e0:
         56:e5:f3:56
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYph0YYLEzF+El7B9fVD73cdqZeAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjAyMDAwMDAwWhcNMjUwMzA5MjM1OTU5
WjB6MUkwRwYDVQQFE0BiZmE0ZWEwNmVmZmEyNjFhNGIzZGJiNDFkM2UxZTNhNjQ5
MjQ4MGMzMzU4OWJkOGViNzRhMmI3NDJkYjM0MzlhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCXm3VAZTiAxAX7J3POk4QAVd3a28aa11fHs/1Ohpo36ZcJ
NlZTbHmVBi6ap+JDbOEz3qwmt8m63ntrrUkdIsKRFfOCDDFdYQ6oXINXiI3T2ASm
ldNmGEn3Yr2hdSUxfaiUAUTstJT/2zLIv9tgbUH0zDaRc9U0C3kqoufYCtZ2zz8r
W5Xubsj9BJFQ84lz35Jm1YGqTthdHbN2Ir5wfbP88uVvwlECBbMzhDdM9LYZY7KC
kVoPZQE2Sal6RPPshPCT/wbARrX3TI/9wdZqXzen2m6pRUvLBbIVYxif3RTOya/w
Pp+qRbG4UoE8i8lBd4UUqjc2nD4gQ7Kb8qDvO3Q9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUX7b064Nn2yANSXza064+hXNGqr4wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQxOTBjZTAxLWI2NjItNGJmOC04ZDFhLWY4NzBkNWJkODNjMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKcaeT0W66XCHcSwn1Bjqt49np3X
HnvrZgDDc/6MXOanOYRRqc2j4uI6GghXJdEUXIRC/Mcv5r2vJ5nYBZstBlBkROCa
4VLDA5SedjcgGPuOS69pbfrDd8QAKv0bgViM2+XYrCmWY2wu1Gpo7lr8GNpQK46V
iLtZWLeWgf3DyKIu665zTgEgCYshNxp/T7E/JaTSipPWoYBM4X3oxo+9j8XoQrDS
b6Jd4TScwppSkVJnf17goIsfTwwPBM19cs90jnuXLySJ0/CGpKRS46TWXasV8oL2
fxTTVnDgai1u656PbFMUArly0VIewYBHACE7nEYDOTMurL1npI+k4Fbl81Y=
-----END CERTIFICATE-----