Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c0369035-3e31-4007-94eb-f75974863cb9.roa
File:                     c0369035-3e31-4007-94eb-f75974863cb9.roa (raw, json)
Hash identifier:          9qgbaaAlXPZcMRY7T98z6r0luVB2dgGR8qiprOUG0AQ=
Subject key identifier:   8A:DB:36:2A:02:19:47:24:D2:8F:D2:74:23:5B:2F:5C:BA:23:DA:E6
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       6C36820532C447D2E63F57BD45BDCF94E56C69EB
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c0369035-3e31-4007-94eb-f75974863cb9.roa
Signing time:             Thu 10 Aug 2023 00:00:00 +0000
ROA not before:           Thu 10 Aug 2023 00:00:00 +0000
ROA not after:            Thu 14 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:36:82:05:32:c4:47:d2:e6:3f:57:bd:45:bd:cf:94:e5:6c:69:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug 10 00:00:00 2023 GMT
            Not After : Sep 14 23:59:59 2023 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:78:d6:0b:7e:6b:bc:11:f7:4d:3a:40:3a:28:
                    42:86:dc:1b:99:a8:8e:ad:eb:d3:6a:01:3b:0e:43:
                    92:4f:07:84:25:da:80:75:f4:5f:5b:63:f1:35:0b:
                    a7:f0:10:bc:12:f4:a0:15:0a:b0:1b:da:c9:56:e2:
                    31:d6:78:93:27:d8:bb:15:fc:1e:bf:90:60:89:79:
                    fc:d1:17:8a:cb:2f:04:73:60:13:50:2c:26:a4:97:
                    58:94:af:5e:a9:ef:bc:af:c9:e7:c6:99:c9:10:1f:
                    b6:6f:4c:85:7d:82:d8:4c:96:8d:c8:04:e4:c9:8b:
                    27:5d:c9:ea:76:0f:24:72:8f:71:68:b4:db:32:40:
                    1b:fb:98:9b:61:2d:f2:88:39:d9:30:96:f9:19:7a:
                    c7:39:c0:56:ea:3b:c2:f7:e4:cf:4a:f8:54:5d:84:
                    f2:d1:83:43:61:62:d0:18:99:ce:b3:c0:9f:46:59:
                    f4:24:6c:0d:d8:a4:d5:85:de:31:97:18:48:4c:0d:
                    e3:0e:38:99:24:42:4c:32:9a:82:ce:e2:dc:ad:12:
                    56:f8:3d:92:72:b1:b9:dc:a1:26:05:6f:bd:25:51:
                    b6:f1:43:ba:5e:41:ed:d7:b9:25:cd:20:b0:18:c8:
                    d5:96:39:8e:5a:e8:85:4f:dd:7c:14:0e:e6:79:e8:
                    ef:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:DB:36:2A:02:19:47:24:D2:8F:D2:74:23:5B:2F:5C:BA:23:DA:E6
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/c0369035-3e31-4007-94eb-f75974863cb9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:c8:4c:86:4e:04:7c:eb:03:3c:1b:ce:78:aa:d5:6b:b0:b3:
         38:bb:33:04:15:8e:18:e1:ba:0f:bc:f2:a2:b5:01:6a:2c:da:
         98:6a:5c:80:7f:36:d1:13:3b:3b:2b:90:e9:ac:b0:d0:8b:c5:
         58:ca:79:da:02:f4:18:27:ae:d5:1a:c1:40:97:5c:19:9e:54:
         3d:02:59:e9:ca:59:d7:18:1b:ee:9d:24:8b:c5:27:81:e7:d8:
         27:f7:eb:08:32:c0:43:3f:cc:af:ff:05:29:13:6d:7a:c2:a2:
         b5:6a:f5:81:ff:62:c3:11:4e:2e:29:ae:e5:21:a5:86:e0:b1:
         ea:20:0c:4d:47:50:ba:34:75:3a:3c:19:27:3c:52:b8:a0:d1:
         0c:81:c8:20:12:a8:e9:c2:84:33:5e:9d:8a:d2:96:d5:f2:46:
         54:86:fa:6a:65:01:a5:f9:77:5a:bc:82:2f:4c:4e:97:93:ad:
         07:c3:9b:1c:e8:c7:9c:1c:ca:d0:b8:5e:bd:36:fb:08:ad:09:
         6a:5a:99:f7:08:42:1b:80:33:11:1c:cc:fc:9b:90:43:7a:b0:
         cf:15:36:40:f2:2e:83:70:f3:71:1a:2d:60:e6:00:b4:81:37:
         35:9f:a9:9c:a8:37:99:77:f1:22:89:89:ab:e0:cd:2a:93:1f:
         e5:c1:ee:2f
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbDaCBTLER9LmP1e9Rb3PlOVsaeswDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwODEwMDAwMDAwWhcNMjMwOTE0MjM1OTU5
WjB6MUkwRwYDVQQFE0AzNzRmNzQ3MWFlNzk0NGUxZjM3YjNkOGU5OTgzYTdiYzg0
NDBjNTgyM2UzYjZiMDkxMDFkNzBjNDcxY2I1OTlkMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDneNYLfmu8EfdNOkA6KEKG3BuZqI6t69NqATsOQ5JPB4Ql
2oB19F9bY/E1C6fwELwS9KAVCrAb2slW4jHWeJMn2LsV/B6/kGCJefzRF4rLLwRz
YBNQLCakl1iUr16p77yvyefGmckQH7ZvTIV9gthMlo3IBOTJiyddyep2DyRyj3Fo
tNsyQBv7mJthLfKIOdkwlvkZesc5wFbqO8L35M9K+FRdhPLRg0NhYtAYmc6zwJ9G
WfQkbA3YpNWF3jGXGEhMDeMOOJkkQkwymoLO4tytElb4PZJysbncoSYFb70lUbbx
Q7peQe3XuSXNILAYyNWWOY5a6IVP3XwUDuZ56O81AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUits2KgIZRyTSj9J0I1svXLoj2uYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2MwMzY5MDM1LTNlMzEtNDAwNy05NGViLWY3NTk3NDg2M2NiOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAE7ITIZOBHzrAzwbzniq1Wuwszi7
MwQVjhjhug+88qK1AWos2phqXIB/NtETOzsrkOmssNCLxVjKedoC9BgnrtUawUCX
XBmeVD0CWenKWdcYG+6dJIvFJ4Hn2Cf36wgywEM/zK//BSkTbXrCorVq9YH/YsMR
Ti4pruUhpYbgseogDE1HULo0dTo8GSc8Urig0QyByCASqOnChDNenYrSltXyRlSG
+mplAaX5d1q8gi9MTpeTrQfDmxzox5wcytC4Xr02+witCWpamfcIQhuAMxEczPyb
kEN6sM8VNkDyLoNw83EaLWDmALSBNzWfqZyoN5l38SKJiavgzSqTH+XB7i8=
-----END CERTIFICATE-----