Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/b0b090cc-80c4-49ce-95f3-f2f6ca5fb3bf.roa
File:                     b0b090cc-80c4-49ce-95f3-f2f6ca5fb3bf.roa (raw, json)
Hash identifier:          cA3AfJJorlvbqhBnfzvVFKZkAKKcAIFlIGvgHp1ZFEQ=
Subject key identifier:   43:4E:28:D3:5F:B9:17:AE:67:BB:DB:BC:E6:E5:B2:94:B6:EF:F6:4E
Certificate issuer:       /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial:       44B2183C752698640A666D5BD64B1895CA1DBC8F
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/b0b090cc-80c4-49ce-95f3-f2f6ca5fb3bf.roa
Signing time:             Mon 12 Jun 2023 00:00:00 +0000
ROA not before:           Mon 12 Jun 2023 00:00:00 +0000
ROA not after:            Thu 15 Jun 2023 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:b2:18:3c:75:26:98:64:0a:66:6d:5b:d6:4b:18:95:ca:1d:bc:8f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
        Validity
            Not Before: Jun 12 00:00:00 2023 GMT
            Not After : Jun 15 23:59:59 2023 GMT
        Subject: serialNumber=e6b3908322a197dd610c8bd369205906acdd7fbaa51301abecb595210a3f7f1a, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:ed:79:75:72:dc:cf:d2:1a:51:ed:8f:d2:7a:
                    35:62:c5:bd:cd:e7:3a:48:ef:93:f0:9b:c6:e8:cc:
                    52:12:27:18:93:94:23:d7:e5:a7:f3:55:96:b8:11:
                    4c:dc:b2:b4:ce:9d:2b:08:80:fc:55:3e:01:0b:00:
                    4c:96:5f:a2:1f:99:37:bf:6a:99:a2:c2:ac:c4:cc:
                    12:b6:d2:16:39:53:82:9a:e4:24:2a:0f:83:d5:92:
                    a7:e1:67:6b:1f:76:e0:f6:d1:f9:26:56:9a:df:a4:
                    7f:6a:b9:23:12:26:8f:e6:7a:1b:60:b6:9a:3e:aa:
                    b4:73:4b:eb:b6:da:66:d3:4e:8f:51:20:6c:fd:fc:
                    5b:51:36:ab:b6:00:82:38:9d:a3:a7:ba:54:be:26:
                    5a:36:78:d7:5d:d6:5e:68:b8:4c:cb:8e:35:65:89:
                    1a:ae:94:44:ef:a9:f1:c4:80:8c:af:a7:b7:cc:74:
                    43:7e:2b:3b:70:91:4c:a4:de:44:3a:a0:02:6d:6f:
                    29:3a:a8:cd:e3:09:bc:a6:60:09:bf:5e:1f:da:a5:
                    96:75:ee:fb:24:88:63:ef:34:1a:c7:1b:cb:1a:c6:
                    ee:d2:40:c7:3d:13:9a:5d:a1:1f:fc:02:5a:2d:a2:
                    9c:bb:5e:84:35:f2:a7:a7:46:79:6d:e2:c8:2e:05:
                    dc:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:4E:28:D3:5F:B9:17:AE:67:BB:DB:BC:E6:E5:B2:94:B6:EF:F6:4E
            X509v3 Authority Key Identifier:
                keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/b0b090cc-80c4-49ce-95f3-f2f6ca5fb3bf.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:c8:e4:c0:8b:81:dd:ae:f3:a6:6f:2a:3e:de:c2:a6:21:89:
         e7:d4:67:b2:0d:8f:82:d4:fc:05:88:c9:90:0d:44:2b:ac:16:
         20:a3:51:c1:06:c2:9a:90:82:40:88:b2:0f:61:46:29:c8:21:
         d2:2c:42:8b:20:e1:67:04:04:b6:a5:54:51:6c:7d:8b:8d:d9:
         d7:26:72:fe:79:fe:c3:ef:0c:01:fe:d0:64:cd:46:0f:b0:ec:
         27:98:75:81:24:e8:ca:9c:ae:39:ee:b6:6a:e3:30:44:6e:4f:
         31:6e:31:7b:56:b4:5a:e4:c4:50:64:86:a2:6b:51:29:52:4f:
         2d:2e:c0:73:16:ab:4e:63:8c:cd:c7:6c:ba:26:6c:1f:c9:2c:
         d8:15:92:a6:d3:9d:51:0c:0c:4d:ae:ba:29:8b:90:05:03:a0:
         c3:22:76:fc:be:a8:17:f9:ca:61:37:43:8b:69:b7:15:6e:25:
         31:3b:07:fb:41:58:06:b2:34:39:3a:0c:e8:de:4c:24:74:3c:
         0f:cc:03:13:51:6c:ee:d4:1b:a9:1a:45:0d:8c:f4:ff:83:01:
         6f:ec:2e:44:8b:9f:b6:1a:88:2a:15:ff:04:71:6f:a4:32:52:
         07:10:fb:88:cd:ab:66:dd:eb:4a:02:8b:a9:59:54:96:07:32:
         4f:c6:1e:16
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgIURLIYPHUmmGQKZm1b1ksYlcodvI8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjMwNjEyMDAwMDAwWhcNMjMwNjE1MjM1OTU5
WjB6MUkwRwYDVQQFE0BlNmIzOTA4MzIyYTE5N2RkNjEwYzhiZDM2OTIwNTkwNmFj
ZGQ3ZmJhYTUxMzAxYWJlY2I1OTUyMTBhM2Y3ZjFhMS0wKwYDVQQDEyQ2YWU0ZTU2
Ny02MzQ4LTRjNGYtOThhOC0wNDIyYzRjNTJmZjMwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCr7Xl1ctzP0hpR7Y/SejVixb3N5zpI75Pwm8bozFISJxiT
lCPX5afzVZa4EUzcsrTOnSsIgPxVPgELAEyWX6IfmTe/apmiwqzEzBK20hY5U4Ka
5CQqD4PVkqfhZ2sfduD20fkmVprfpH9quSMSJo/mehtgtpo+qrRzS+u22mbTTo9R
IGz9/FtRNqu2AII4naOnulS+Jlo2eNdd1l5ouEzLjjVliRqulETvqfHEgIyvp7fM
dEN+KztwkUyk3kQ6oAJtbyk6qM3jCbymYAm/Xh/apZZ17vskiGPvNBrHG8saxu7S
QMc9E5pdoR/8Alotopy7XoQ18qenRnlt4sguBdzdAgMBAAGjggK+MIICujAdBgNV
HQ4EFgQUQ04o01+5F65nu9u85uWylLbv9k4wHwYDVR0jBBgwFoAUkUTtx6QO6ZC3
+jZv9uF9ea3Eg5cwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy83M2YyMWMyYi04
ODIzLTRjMjQtYjI1Yi00M2M4MGNiNmQxYmIvMjc4YWFiODc4ZjI4MzFiYjE4MjNi
NTg3OTRiMDkyZDg2ZmIxZDdhMGY3NGUyODE2MTEuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvYjY4YTMyZWUtNDU1ZC00ODNhLTk0M2QtMWE1
YmU3NDhiZmVhL2IwYjA5MGNjLTgwYzQtNDljZS05NWYzLWYyZjZjYTVmYjNiZi5y
b2EwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVz
LWVhc3QtMi5hbWF6b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2Et
OTQzZC0xYTViZTc0OGJmZWEvNGJiOGFlNWMtMTI0Yy00MmYzLTg3ZmItNGYzNGU3
NGUzZGEyLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAxyR4MA0GCSqGSIb3DQEBCwUAA4IBAQBfyOTAi4Hd
rvOmbyo+3sKmIYnn1GeyDY+C1PwFiMmQDUQrrBYgo1HBBsKakIJAiLIPYUYpyCHS
LEKLIOFnBAS2pVRRbH2LjdnXJnL+ef7D7wwB/tBkzUYPsOwnmHWBJOjKnK457rZq
4zBEbk8xbjF7VrRa5MRQZIaia1EpUk8tLsBzFqtOY4zNx2y6JmwfySzYFZKm051R
DAxNrropi5AFA6DDInb8vqgX+cphN0OLabcVbiUxOwf7QVgGsjQ5Ogzo3kwkdDwP
zAMTUWzu1BupGkUNjPT/gwFv7C5Ei5+2GogqFf8EcW+kMlIHEPuIzatm3etKAoup
WVSWBzJPxh4W
-----END CERTIFICATE-----