Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/687537f8-dc05-4828-b8fc-23c0b24a2166.roa
File:                     687537f8-dc05-4828-b8fc-23c0b24a2166.roa (raw, json)
Hash identifier:          0Ha1d9tvSymmQBMB8XRhElF/4rA2W8pC1COz5x0Smh4=
Subject key identifier:   55:04:B2:DE:D6:48:C2:26:DC:3C:F1:36:0F:81:3A:34:8D:E4:9E:79
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       496CB290B039A3E32D7E8555563013639678FD9E
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/687537f8-dc05-4828-b8fc-23c0b24a2166.roa
Signing time:             Wed 05 Feb 2025 00:00:00 +0000
ROA not before:           Wed 05 Feb 2025 00:00:00 +0000
ROA not after:            Wed 12 Mar 2025 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:6c:b2:90:b0:39:a3:e3:2d:7e:85:55:56:30:13:63:96:78:fd:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Feb  5 00:00:00 2025 GMT
            Not After : Mar 12 23:59:59 2025 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:bb:7b:a3:c2:1a:2a:f8:8f:25:4e:76:77:5c:
                    44:a6:b0:d6:ac:77:82:5d:0f:67:9f:12:d8:7b:b0:
                    11:38:20:26:d6:62:c3:4f:67:9b:52:47:bf:18:2c:
                    b8:13:6c:ff:55:5c:82:d1:47:02:3a:11:b0:50:d0:
                    0c:11:89:46:9d:f5:93:f6:75:64:c5:4c:e8:12:40:
                    b9:41:63:92:b7:53:15:c7:a1:9e:76:db:b1:62:7f:
                    47:f8:3c:88:5d:69:13:56:a1:b8:36:04:56:78:0f:
                    2b:49:a8:f4:25:bc:42:1f:40:90:fe:0f:d0:2d:a7:
                    26:09:90:5d:73:7c:f6:34:8e:4d:b8:ef:10:34:71:
                    2a:69:4c:98:fa:66:e4:9b:72:99:fb:5e:ea:53:6c:
                    4f:00:f5:7a:84:5f:bc:d7:e2:5b:80:13:66:e3:82:
                    d7:ca:f9:ad:c2:9c:7d:d3:f1:8d:26:91:89:c6:9e:
                    a5:9e:c3:93:d1:24:e4:ee:09:a5:d4:96:18:15:a4:
                    e4:f5:b1:96:15:91:df:5d:64:f9:0c:71:9f:f9:97:
                    c0:9e:02:a2:4e:d0:ec:fd:39:c0:55:15:03:c1:d1:
                    db:06:41:e3:fd:6c:21:d9:d6:7e:46:81:ca:a5:12:
                    92:24:ef:fb:65:5e:39:d8:d6:f2:bf:12:8f:68:2c:
                    6f:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:04:B2:DE:D6:48:C2:26:DC:3C:F1:36:0F:81:3A:34:8D:E4:9E:79
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/687537f8-dc05-4828-b8fc-23c0b24a2166.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:df:7d:12:95:29:b1:43:e1:53:68:ac:ce:93:15:39:ad:e4:
         f6:03:31:c8:4e:22:19:8a:60:95:6f:15:38:54:51:8d:a4:cb:
         4a:1f:63:25:1f:83:93:68:a8:46:56:0f:ce:97:66:fb:46:ce:
         36:b9:91:25:1b:ec:e9:72:6e:ab:0e:06:dc:c1:80:67:64:a1:
         5e:48:39:df:14:e3:42:2e:89:b1:be:52:20:f8:77:7a:2b:5c:
         45:20:2a:59:84:8d:6e:9c:38:31:46:e4:99:4e:ed:6a:f7:eb:
         b9:45:24:a2:30:bc:a8:ab:e7:51:75:61:0a:7e:91:17:26:85:
         db:7a:98:f9:36:7e:04:72:1a:d8:ea:80:a1:6c:46:c6:3d:33:
         13:26:05:9c:2b:83:8c:87:ef:b4:6b:13:5d:f7:7f:b9:e6:e3:
         c3:2f:a8:be:3b:7f:41:58:bc:44:5c:ea:b7:27:c0:c3:af:b9:
         27:9a:b5:6b:bf:01:79:69:24:13:be:1f:a4:76:cc:69:d8:08:
         d8:31:7b:fd:12:f3:ac:ba:1e:00:b9:d4:e8:b7:00:6b:61:65:
         9c:46:b6:fb:70:4d:1e:7f:7b:c5:2e:79:f9:8b:40:3e:16:d8:
         76:84:db:84:f8:be:dd:76:76:b5:ee:03:a3:16:8f:4d:b2:e7:
         af:dd:57:15
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUSWyykLA5o+MtfoVVVjATY5Z4/Z4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMjA1MDAwMDAwWhcNMjUwMzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhMzliMGJiN2YyZDc3MDYyNmYyMDA3Yjc3OTNlNGJhOWQw
YjIzZjNmMTRmMWJlNjg1ZTU5NjQ5NTFiNzJiNGM1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDYu3ujwhoq+I8lTnZ3XESmsNasd4JdD2efEth7sBE4ICbW
YsNPZ5tSR78YLLgTbP9VXILRRwI6EbBQ0AwRiUad9ZP2dWTFTOgSQLlBY5K3UxXH
oZ5227Fif0f4PIhdaRNWobg2BFZ4DytJqPQlvEIfQJD+D9AtpyYJkF1zfPY0jk24
7xA0cSppTJj6ZuSbcpn7XupTbE8A9XqEX7zX4luAE2bjgtfK+a3CnH3T8Y0mkYnG
nqWew5PRJOTuCaXUlhgVpOT1sZYVkd9dZPkMcZ/5l8CeAqJO0Oz9OcBVFQPB0dsG
QeP9bCHZ1n5GgcqlEpIk7/tlXjnY1vK/Eo9oLG/5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVQSy3tZIwibcPPE2D4E6NI3knnkwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzY4NzUzN2Y4LWRjMDUtNDgyOC1iOGZjLTIzYzBiMjRhMjE2Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBACbffRKVKbFD4VNorM6TFTmt5PYD
MchOIhmKYJVvFThUUY2ky0ofYyUfg5NoqEZWD86XZvtGzja5kSUb7OlybqsOBtzB
gGdkoV5IOd8U40IuibG+UiD4d3orXEUgKlmEjW6cODFG5JlO7Wr367lFJKIwvKir
51F1YQp+kRcmhdt6mPk2fgRyGtjqgKFsRsY9MxMmBZwrg4yH77RrE133f7nm48Mv
qL47f0FYvERc6rcnwMOvuSeatWu/AXlpJBO+H6R2zGnYCNgxe/0S86y6HgC51Oi3
AGthZZxGtvtwTR5/e8UuefmLQD4W2HaE24T4vt12drXuA6MWj02y56/dVxU=
-----END CERTIFICATE-----