Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f1fecfcf-3b6b-4730-83ec-ff325699957b.roa
File:                     f1fecfcf-3b6b-4730-83ec-ff325699957b.roa (raw, json)
Hash identifier:          Y7tEqwAgCxdOGdR0v+EEg5BlI/jyD4xErdiIOwbel00=
Subject key identifier:   9D:46:C0:54:EA:E7:4F:DA:B7:86:6C:74:31:28:A4:AD:67:15:43:6A
Certificate issuer:       /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial:       13BF29E9F1CB98D533B62435178DA44208480151
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f1fecfcf-3b6b-4730-83ec-ff325699957b.roa
Signing time:             Sun 30 Jul 2023 00:00:00 +0000
ROA not before:           Sun 30 Jul 2023 00:00:00 +0000
ROA not after:            Sun 03 Sep 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:bf:29:e9:f1:cb:98:d5:33:b6:24:35:17:8d:a4:42:08:48:01:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
        Validity
            Not Before: Jul 30 00:00:00 2023 GMT
            Not After : Sep  3 23:59:59 2023 GMT
        Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:86:d5:3b:a4:26:b7:2a:fd:cd:dc:71:38:cf:
                    00:2b:97:e4:60:e5:95:27:56:dc:cf:8f:52:5b:bd:
                    0d:ba:26:7c:13:f1:45:b9:08:55:18:cd:fe:10:4a:
                    e0:72:8e:1d:2b:85:46:c8:a7:ba:87:36:f0:a6:7f:
                    56:9b:61:7a:be:9c:7a:7c:07:7f:2f:83:74:4b:f7:
                    f8:28:fd:ac:2b:47:9d:82:cc:ec:44:86:27:7b:79:
                    f5:ad:14:eb:29:d5:cb:96:76:1b:50:80:36:67:f4:
                    08:c7:2d:5b:5b:43:67:7c:48:38:56:83:c0:c2:5a:
                    ab:f1:9b:4e:28:9d:db:fa:4c:43:67:ea:d8:45:bf:
                    3e:39:52:ee:66:7b:ce:03:1d:b7:d1:6d:18:10:32:
                    2a:13:45:7b:fe:22:d6:76:93:c3:9d:c7:50:ba:76:
                    c3:b4:b5:b9:ed:9a:53:1c:b2:a5:c9:5f:2e:e0:57:
                    4c:41:d0:3a:e6:60:f2:52:3a:79:d9:54:c6:1e:9c:
                    f4:df:2e:9e:cc:35:fa:b3:ff:5e:91:95:42:48:06:
                    0b:6b:0b:ef:6d:fb:98:5d:45:fa:36:81:d0:e3:7d:
                    e7:cd:1f:64:ca:4b:5d:9a:0a:7d:be:ce:17:1c:70:
                    a6:3e:87:13:88:a8:7b:7b:14:79:73:97:4c:54:7e:
                    91:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:46:C0:54:EA:E7:4F:DA:B7:86:6C:74:31:28:A4:AD:67:15:43:6A
            X509v3 Authority Key Identifier:
                keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f1fecfcf-3b6b-4730-83ec-ff325699957b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         84:2e:05:5b:76:7f:14:b2:18:39:dc:dd:ec:51:65:ba:c8:24:
         69:83:f1:21:eb:57:1b:16:f4:de:d3:4f:6e:6c:f6:58:ef:1b:
         17:99:24:0c:a7:d6:da:8e:17:6b:4c:da:8c:fd:89:63:88:30:
         90:cc:06:70:92:65:a3:ea:13:5d:83:d2:d9:d1:91:93:b2:c1:
         43:5a:03:42:9c:90:f1:82:d5:1d:c8:b3:84:a5:1b:b1:99:29:
         84:45:74:fe:90:f3:b1:5b:ab:9d:51:ac:5f:d8:87:68:bb:26:
         43:e1:0e:20:54:49:b5:a0:d4:07:7d:f8:e4:27:87:f4:3e:52:
         67:53:00:f1:86:4f:02:d9:a5:a0:f0:ef:f6:cd:65:43:28:3b:
         9e:2e:ff:38:c6:51:c5:d2:51:e7:b5:ab:8e:3e:6e:09:46:89:
         0f:eb:14:0e:d6:f2:03:df:e1:d9:f0:8c:74:7d:8a:e0:88:5c:
         9f:9e:50:1e:ad:ca:5d:c7:03:fe:aa:1b:c6:c2:a4:c2:a6:bb:
         43:99:da:7a:3a:7d:0d:5a:f5:65:fa:53:47:b1:8b:5b:38:e2:
         25:ef:04:9d:72:1e:c1:b5:5a:d5:d1:46:7b:26:a9:13:a3:eb:
         7a:1d:80:b6:3b:66:7d:1b:56:4f:8c:6f:0e:f6:1d:be:73:11:
         7b:f5:c4:b4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUE78p6fHLmNUztiQ1F42kQghIAVEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjMwNzMwMDAwMDAwWhcNMjMwOTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiNzM3OGIzY2NmNzEzMzMwNDQ4MzVjMzJkZmVkNzY5ZGZk
OTUwNTlkNTAxZWFhZjlkOWQzMzBhODgyMjYzMDljMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQhtU7pCa3Kv3N3HE4zwArl+Rg5ZUnVtzPj1JbvQ26JnwT
8UW5CFUYzf4QSuByjh0rhUbIp7qHNvCmf1abYXq+nHp8B38vg3RL9/go/awrR52C
zOxEhid7efWtFOsp1cuWdhtQgDZn9AjHLVtbQ2d8SDhWg8DCWqvxm04ondv6TENn
6thFvz45Uu5me84DHbfRbRgQMioTRXv+ItZ2k8Odx1C6dsO0tbntmlMcsqXJXy7g
V0xB0DrmYPJSOnnZVMYenPTfLp7MNfqz/16RlUJIBgtrC+9t+5hdRfo2gdDjfefN
H2TKS12aCn2+zhcccKY+hxOIqHt7FHlzl0xUfpH1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUnUbAVOrnT9q3hmx0MSikrWcVQ2owHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2YxZmVjZmNmLTNiNmItNDczMC04M2VjLWZmMzI1Njk5OTU3Yi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIQuBVt2fxSyGDnc3exRZbrIJGmD
8SHrVxsW9N7TT25s9ljvGxeZJAyn1tqOF2tM2oz9iWOIMJDMBnCSZaPqE12D0tnR
kZOywUNaA0KckPGC1R3Is4SlG7GZKYRFdP6Q87Fbq51RrF/Yh2i7JkPhDiBUSbWg
1Ad9+OQnh/Q+UmdTAPGGTwLZpaDw7/bNZUMoO54u/zjGUcXSUee1q44+bglGiQ/r
FA7W8gPf4dnwjHR9iuCIXJ+eUB6tyl3HA/6qG8bCpMKmu0OZ2no6fQ1a9WX6U0ex
i1s44iXvBJ1yHsG1WtXRRnsmqROj63odgLY7Zn0bVk+Mbw72Hb5zEXv1xLQ=
-----END CERTIFICATE-----