Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a20bbd71-d043-4b1f-9f30-4ba5589e38a8.roa
File:                     a20bbd71-d043-4b1f-9f30-4ba5589e38a8.roa (raw, json)
Hash identifier:          oAW/O2klIpPm8D5xQ26kLv9NklRcW56gSQ89QUeyWf0=
Subject key identifier:   5A:10:96:1E:F2:51:2F:B5:A9:66:F8:3E:BE:E8:C4:80:33:32:B2:A5
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       3ECC37ACCE218C5224023E702868E2FE5286B308
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a20bbd71-d043-4b1f-9f30-4ba5589e38a8.roa
Signing time:             Sat 24 Feb 2024 00:00:00 +0000
ROA not before:           Sat 24 Feb 2024 00:00:00 +0000
ROA not after:            Sat 30 Mar 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:cc:37:ac:ce:21:8c:52:24:02:3e:70:28:68:e2:fe:52:86:b3:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Feb 24 00:00:00 2024 GMT
            Not After : Mar 30 23:59:59 2024 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:69:65:33:20:2f:4a:c9:1c:49:ed:a0:29:92:
                    8e:48:da:96:bb:0e:a8:cf:fa:9d:a9:a7:ca:55:62:
                    0b:d6:d5:28:73:cf:5a:96:8a:e1:89:fd:01:a7:52:
                    86:08:d5:1e:73:52:67:f8:43:cf:54:b7:5e:cf:cc:
                    93:e8:9e:2e:15:8c:1d:db:f0:89:11:30:7e:e7:4f:
                    1f:0c:da:90:0f:cf:c8:ca:a1:15:f4:94:8a:80:f0:
                    a0:e5:e2:d9:2d:23:ab:21:d7:c9:f1:9f:8e:f3:08:
                    86:da:56:b0:ee:26:89:79:5a:1c:10:0a:da:f9:7d:
                    b1:8e:5e:c0:e6:b5:37:f8:7d:90:12:41:f2:ad:69:
                    b0:ad:46:e8:7b:87:87:cb:71:fc:3d:c6:47:fa:5e:
                    3b:3b:91:94:a2:98:43:b9:7f:b4:4a:5e:70:81:17:
                    54:f2:55:b5:79:e8:3f:b6:93:b8:03:e5:f3:19:bf:
                    fd:8b:04:63:f3:72:6b:51:80:58:04:fe:d2:d0:be:
                    52:91:55:78:2e:7e:4e:a1:63:ac:53:bc:14:7b:c5:
                    af:1a:c4:9b:0a:c3:f8:52:68:31:47:97:58:22:c5:
                    d2:27:78:28:d0:2d:b0:ed:d3:12:15:5a:11:05:7f:
                    00:09:80:d4:46:11:85:06:68:30:9c:c1:12:5a:07:
                    36:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:10:96:1E:F2:51:2F:B5:A9:66:F8:3E:BE:E8:C4:80:33:32:B2:A5
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a20bbd71-d043-4b1f-9f30-4ba5589e38a8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:da:63:9b:6a:65:82:2c:78:28:96:d0:9e:b1:c6:46:95:50:
         37:59:23:4c:3d:56:76:ab:d0:ab:13:a7:62:b9:55:9d:2e:40:
         b1:f0:91:9f:c0:26:59:bb:64:99:71:17:8b:93:be:6f:e7:2a:
         78:8d:b6:f7:d2:fb:78:76:db:85:66:44:b6:ec:1a:a9:fc:37:
         90:c3:9e:64:17:61:54:cb:70:6e:b4:eb:b6:cf:eb:0c:af:30:
         06:60:5d:2c:c0:2d:a5:f7:03:f7:64:60:af:dc:16:99:61:81:
         3b:e0:c7:e3:ba:b3:64:e9:12:5c:ba:b9:06:33:98:b6:dc:ac:
         b0:a7:a9:b2:a1:55:21:33:5b:32:68:7e:e1:69:24:de:9f:29:
         b4:72:74:46:99:8f:ba:fa:84:5b:00:ff:e3:b8:fb:18:48:31:
         c4:f0:4f:35:8b:bb:af:c8:c0:a9:1e:da:5a:f6:f9:d1:1a:29:
         f2:96:c2:83:10:a1:e0:7c:43:83:dc:a2:9d:8c:2f:85:cc:1a:
         3f:8e:60:28:eb:69:7c:76:97:6d:3c:5c:55:b9:56:d8:cc:3c:
         75:15:85:30:37:11:9b:5d:a9:a5:09:d3:d7:43:04:d3:2b:73:
         70:34:14:00:36:7f:7f:4c:13:2e:2f:19:fc:3c:13:7f:9d:69:
         de:ed:48:d0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPsw3rM4hjFIkAj5wKGji/lKGswgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwMjI0MDAwMDAwWhcNMjQwMzMwMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNjliM2U2MjI0NTIzOWRhYTI4YjA2MjM4Mjk2MWZhN2Rh
N2YxMDJkZWM0ZDJmNjVhZmVmYjUxOTU2MzZmYWE5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyaWUzIC9KyRxJ7aApko5I2pa7DqjP+p2pp8pVYgvW1Shz
z1qWiuGJ/QGnUoYI1R5zUmf4Q89Ut17PzJPoni4VjB3b8IkRMH7nTx8M2pAPz8jK
oRX0lIqA8KDl4tktI6sh18nxn47zCIbaVrDuJol5WhwQCtr5fbGOXsDmtTf4fZAS
QfKtabCtRuh7h4fLcfw9xkf6Xjs7kZSimEO5f7RKXnCBF1TyVbV56D+2k7gD5fMZ
v/2LBGPzcmtRgFgE/tLQvlKRVXgufk6hY6xTvBR7xa8axJsKw/hSaDFHl1gixdIn
eCjQLbDt0xIVWhEFfwAJgNRGEYUGaDCcwRJaBzY5AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUWhCWHvJRL7WpZvg+vujEgDMysqUwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2EyMGJiZDcxLWQwNDMtNGIxZi05ZjMwLTRiYTU1ODllMzhhOC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAJDaY5tqZYIseCiW0J6xxkaVUDdZ
I0w9Vnar0KsTp2K5VZ0uQLHwkZ/AJlm7ZJlxF4uTvm/nKniNtvfS+3h224VmRLbs
Gqn8N5DDnmQXYVTLcG6067bP6wyvMAZgXSzALaX3A/dkYK/cFplhgTvgx+O6s2Tp
Ely6uQYzmLbcrLCnqbKhVSEzWzJofuFpJN6fKbRydEaZj7r6hFsA/+O4+xhIMcTw
TzWLu6/IwKke2lr2+dEaKfKWwoMQoeB8Q4Pcop2ML4XMGj+OYCjraXx2l208XFW5
VtjMPHUVhTA3EZtdqaUJ09dDBNMrc3A0FAA2f39MEy4vGfw8E3+dad7tSNA=
-----END CERTIFICATE-----