Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7523d93d-894f-456a-a0b9-b622d3e1ca74.roa
File:                     7523d93d-894f-456a-a0b9-b622d3e1ca74.roa (raw, json)
Hash identifier:          lUyD1K7+6jeSaqsjypeyh9yWXpARZnmTjq6lwI91aKs=
Subject key identifier:   B2:5C:1F:64:C2:A5:09:38:1E:15:F8:3F:A3:84:E1:18:B1:A9:3D:75
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       740684E6BA341386214FC4E63F44F14A50156995
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7523d93d-894f-456a-a0b9-b622d3e1ca74.roa
Signing time:             Sat 23 Dec 2023 00:00:00 +0000
ROA not before:           Sat 23 Dec 2023 00:00:00 +0000
ROA not after:            Sat 27 Jan 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:06:84:e6:ba:34:13:86:21:4f:c4:e6:3f:44:f1:4a:50:15:69:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Dec 23 00:00:00 2023 GMT
            Not After : Jan 27 23:59:59 2024 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:48:c0:af:b2:ab:24:f8:25:02:d3:49:ab:e5:
                    7a:a2:18:dd:6c:ab:33:3c:7b:19:2d:f8:82:b6:d1:
                    cb:75:09:7f:51:54:6b:64:fc:e9:8b:f9:4b:a3:bf:
                    83:85:4f:ab:da:ee:7e:5e:a2:3d:1e:34:0c:af:2b:
                    46:20:f1:5d:01:1b:dd:b3:e6:9d:e3:7f:dc:2e:61:
                    71:6c:ca:3b:9a:10:3b:db:2a:27:a0:3c:ae:86:0a:
                    27:25:9e:5b:2e:97:2e:a7:06:5f:3e:9b:7e:f8:67:
                    bf:7b:6a:ea:04:75:ec:3a:ff:6d:1f:ac:8e:07:87:
                    df:6d:8a:26:04:8b:4e:1b:38:79:e4:8e:71:46:f2:
                    3e:33:8a:a5:32:80:b7:0f:8b:58:6a:2c:1e:b3:06:
                    05:d7:61:00:a5:4c:d7:77:bf:35:61:50:e8:e7:a0:
                    15:98:91:e0:b5:8d:68:c3:c0:14:eb:20:ae:ae:0a:
                    c2:1a:46:49:b1:31:00:6a:35:d1:95:ca:2a:26:b7:
                    a2:1f:82:a9:27:bf:af:8d:51:11:02:de:2b:ed:14:
                    0b:3f:99:b3:c7:05:c1:91:1a:50:76:2f:d6:83:6c:
                    8b:db:76:a0:8c:17:27:18:25:0e:71:42:39:f2:29:
                    55:7f:34:07:23:b7:ab:05:ef:c9:92:8c:7b:2e:96:
                    14:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:5C:1F:64:C2:A5:09:38:1E:15:F8:3F:A3:84:E1:18:B1:A9:3D:75
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7523d93d-894f-456a-a0b9-b622d3e1ca74.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:ec:fe:1d:e9:e2:1e:cc:ed:48:a4:63:6e:0b:fd:a4:8b:77:
         57:d4:77:93:5e:0d:6c:3a:aa:bf:ba:aa:b5:3e:d9:63:60:82:
         79:fd:ec:74:7d:fc:9b:9a:db:02:11:c0:db:64:41:71:7a:dc:
         f7:50:91:3b:3f:c3:7d:60:4c:1a:f6:ac:97:65:6b:9e:06:db:
         c5:91:6c:49:42:e9:0f:20:c7:3e:18:d9:a8:da:ad:98:7f:b9:
         9f:d1:34:d5:e8:9f:df:cf:2c:4f:9b:d6:9c:ac:da:ef:0c:17:
         25:f7:e9:35:10:80:6c:5b:51:6b:ad:4d:7d:4a:25:14:a7:e7:
         8a:6c:62:a1:f1:21:fb:03:64:a9:e8:20:ca:08:6a:6d:1f:3c:
         5d:99:3a:e0:10:3a:81:bc:36:0a:bb:34:3d:ad:73:9e:cd:12:
         8c:ca:6c:20:a2:73:90:4f:dc:bc:16:27:27:1a:a6:d8:f6:96:
         b2:4a:7a:c6:99:b3:5b:77:65:ec:a2:58:6c:50:5b:61:40:37:
         25:ff:49:bf:18:e0:26:7e:be:75:f1:43:2f:b8:cd:d5:46:44:
         46:1c:20:0f:17:8b:47:77:27:b8:b9:e7:5b:56:8c:f7:94:77:
         c8:3f:ed:a6:72:a3:0c:d5:12:03:4c:53:12:9e:0d:b3:9e:a5:
         67:ca:d2:24
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdAaE5ro0E4YhT8TmP0TxSlAVaZUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMxMjIzMDAwMDAwWhcNMjQwMTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNTgyNDhjMzZkMDQ4OGZhY2RjNjhmYjcwODM4ZjI5MWY1
Y2M4OGViYzliMzQyMWYwNDc2MWFmZDYyMDViYjM0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCuSMCvsqsk+CUC00mr5XqiGN1sqzM8exkt+IK20ct1CX9R
VGtk/OmL+Uujv4OFT6va7n5eoj0eNAyvK0Yg8V0BG92z5p3jf9wuYXFsyjuaEDvb
KiegPK6GCiclnlsuly6nBl8+m374Z797auoEdew6/20frI4Hh99tiiYEi04bOHnk
jnFG8j4ziqUygLcPi1hqLB6zBgXXYQClTNd3vzVhUOjnoBWYkeC1jWjDwBTrIK6u
CsIaRkmxMQBqNdGVyiomt6Ifgqknv6+NUREC3ivtFAs/mbPHBcGRGlB2L9aDbIvb
dqCMFycYJQ5xQjnyKVV/NAcjt6sF78mSjHsulhS9AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUslwfZMKlCTgeFfg/o4ThGLGpPXUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzc1MjNkOTNkLTg5NGYtNDU2YS1hMGI5LWI2MjJkM2UxY2E3NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAADs/h3p4h7M7UikY24L/aSLd1fU
d5NeDWw6qr+6qrU+2WNggnn97HR9/Jua2wIRwNtkQXF63PdQkTs/w31gTBr2rJdl
a54G28WRbElC6Q8gxz4Y2ajarZh/uZ/RNNXon9/PLE+b1pys2u8MFyX36TUQgGxb
UWutTX1KJRSn54psYqHxIfsDZKnoIMoIam0fPF2ZOuAQOoG8Ngq7ND2tc57NEozK
bCCic5BP3LwWJycaptj2lrJKesaZs1t3ZeyiWGxQW2FANyX/Sb8Y4CZ+vnXxQy+4
zdVGREYcIA8Xi0d3J7i551tWjPeUd8g/7aZyowzVEgNMUxKeDbOepWfK0iQ=
-----END CERTIFICATE-----