Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/db066982-9d0c-4a6c-8817-740dc1a72cb4.roa
File:                     db066982-9d0c-4a6c-8817-740dc1a72cb4.roa (raw, json)
Hash identifier:          4GG+0P8blLWOtaIuDmvwnsADL7YkEV1nUt/DgoPibzo=
Subject key identifier:   72:4A:06:EE:A3:7B:DC:59:1D:79:15:33:1C:D2:A6:67:D0:57:43:D0
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       050437259516DA09B708DB43593C3FADFCD87E0F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/db066982-9d0c-4a6c-8817-740dc1a72cb4.roa
Signing time:             Sat 03 Aug 2024 00:00:00 +0000
ROA not before:           Sat 03 Aug 2024 00:00:00 +0000
ROA not after:            Sat 07 Sep 2024 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:04:37:25:95:16:da:09:b7:08:db:43:59:3c:3f:ad:fc:d8:7e:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Aug  3 00:00:00 2024 GMT
            Not After : Sep  7 23:59:59 2024 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:52:bb:e1:e9:48:f6:38:28:72:59:14:09:73:
                    65:9a:b5:e7:2b:0e:a1:1b:eb:4d:4d:db:79:b2:ac:
                    87:22:a0:57:68:c7:34:fe:1a:11:93:42:ba:0b:72:
                    8e:ba:fd:9b:f7:cc:33:eb:17:d1:41:7f:56:41:b9:
                    5a:3b:b5:9b:a9:29:9a:d9:84:a1:44:6f:73:6a:da:
                    bb:44:3d:3e:27:51:4f:b9:43:e3:73:4f:f2:a9:81:
                    94:97:ed:99:6e:21:d9:70:14:94:c2:0e:6e:6f:fd:
                    df:49:af:45:7a:df:05:f3:8c:24:2e:07:39:dc:33:
                    43:99:2a:de:30:b6:a0:a0:51:5c:8e:29:89:c1:14:
                    c2:e4:4f:7f:09:c7:73:d8:45:6b:c7:b6:59:18:7d:
                    e6:aa:f5:e0:ce:5c:69:7d:6c:6f:89:f1:f4:0c:33:
                    92:ea:d1:2e:ca:50:60:0f:3e:57:18:8f:71:7b:df:
                    b5:58:be:45:53:d2:de:3d:b1:30:12:1c:04:48:66:
                    45:f5:78:2f:ca:79:73:3c:ca:69:9a:9b:48:7a:2e:
                    8a:7e:8e:f8:5f:38:8d:c1:20:dd:71:47:34:81:49:
                    84:3c:39:e2:84:6a:31:7c:71:fa:95:56:c3:74:e9:
                    a1:d3:36:1c:0b:27:72:cf:ac:d2:c6:9a:56:ff:07:
                    54:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:4A:06:EE:A3:7B:DC:59:1D:79:15:33:1C:D2:A6:67:D0:57:43:D0
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/db066982-9d0c-4a6c-8817-740dc1a72cb4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2f:83:70:59:d7:53:20:f0:86:fb:29:62:65:eb:2c:ea:9f:e1:
         0b:3a:6d:aa:0b:26:0e:57:43:b3:78:a6:fc:90:ea:73:c3:04:
         32:0e:71:74:71:5d:86:0b:23:01:88:cb:29:a7:4e:53:4e:13:
         3d:6e:7b:51:2d:ba:84:16:fe:0d:06:f7:c2:fb:7d:31:d2:00:
         a4:f3:6c:7a:f5:79:59:55:d9:98:76:8d:e0:f6:45:48:35:a7:
         18:91:5d:7d:dd:b6:88:3e:a9:78:ce:eb:e2:f6:2b:4e:56:47:
         30:1d:4f:2b:98:dc:e6:88:9e:73:12:9e:f4:61:b3:90:e9:84:
         5c:4b:49:6f:ea:7f:58:47:b6:ec:02:53:20:de:a4:f0:91:ac:
         05:38:c8:31:46:ee:26:e3:cd:7c:98:22:26:a5:c7:40:94:08:
         68:9c:0c:af:ee:f0:5f:5f:45:28:2d:f8:d2:4c:47:4d:91:e6:
         ed:a9:f5:3b:ef:d6:ae:5c:97:41:ef:75:d3:c3:5c:7b:cb:f2:
         01:59:8e:3e:dc:3e:48:77:b5:45:78:80:b8:1d:53:37:a1:6b:
         e2:c2:c3:5b:b9:06:d6:d2:41:c9:dc:9e:f5:a1:7d:59:7a:23:
         32:72:7d:7f:00:f0:8a:c6:e9:5b:c4:c7:d2:cb:38:ba:b2:77:
         42:b4:da:91
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUBQQ3JZUW2gm3CNtDWTw/rfzYfg8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjQwODAzMDAwMDAwWhcNMjQwOTA3MjM1OTU5
WjB6MUkwRwYDVQQFE0BhOWZjZTQ2ZmU0YTQyYTUyMTU1MTZjYWViM2FmMDJjZTA1
MjkzMGRhNzkyMjU0YmI1Y2M3Mzg0ODljMGU3MjQ0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCzUrvh6Uj2OChyWRQJc2WatecrDqEb601N23myrIcioFdo
xzT+GhGTQroLco66/Zv3zDPrF9FBf1ZBuVo7tZupKZrZhKFEb3Nq2rtEPT4nUU+5
Q+NzT/KpgZSX7ZluIdlwFJTCDm5v/d9Jr0V63wXzjCQuBzncM0OZKt4wtqCgUVyO
KYnBFMLkT38Jx3PYRWvHtlkYfeaq9eDOXGl9bG+J8fQMM5Lq0S7KUGAPPlcYj3F7
37VYvkVT0t49sTASHARIZkX1eC/KeXM8ymmam0h6Lop+jvhfOI3BIN1xRzSBSYQ8
OeKEajF8cfqVVsN06aHTNhwLJ3LPrNLGmlb/B1QtAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUckoG7qN73FkdeRUzHNKmZ9BXQ9AwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RiMDY2OTgyLTlkMGMtNGE2Yy04ODE3LTc0MGRjMWE3MmNiNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAC+DcFnXUyDwhvspYmXrLOqf4Qs6
baoLJg5XQ7N4pvyQ6nPDBDIOcXRxXYYLIwGIyymnTlNOEz1ue1EtuoQW/g0G98L7
fTHSAKTzbHr1eVlV2Zh2jeD2RUg1pxiRXX3dtog+qXjO6+L2K05WRzAdTyuY3OaI
nnMSnvRhs5DphFxLSW/qf1hHtuwCUyDepPCRrAU4yDFG7ibjzXyYIialx0CUCGic
DK/u8F9fRSgt+NJMR02R5u2p9Tvv1q5cl0HvddPDXHvL8gFZjj7cPkh3tUV4gLgd
Uzeha+LCw1u5BtbSQcncnvWhfVl6IzJyfX8A8IrG6VvEx9LLOLqyd0K02pE=
-----END CERTIFICATE-----