Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/6df6a0ad-bb57-4746-bb98-1208ad3a21df.roa
File:                     6df6a0ad-bb57-4746-bb98-1208ad3a21df.roa (raw, json)
Hash identifier:          vTz+ZelZHu9WnehFzqFhPEYV0g5WCzskrwkLQQIFp9U=
Subject key identifier:   32:BD:68:14:CD:28:9C:96:E2:7B:58:FA:46:51:11:11:9C:22:D6:8D
Certificate issuer:       /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial:       5490977F4A15DFA6CB40C801FADDADE5045CB2CE
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/6df6a0ad-bb57-4746-bb98-1208ad3a21df.roa
Signing time:             Mon 25 Jul 2022 00:00:00 +0000
ROA not before:           Mon 25 Jul 2022 00:00:00 +0000
ROA not after:            Thu 28 Jul 2022 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:90:97:7f:4a:15:df:a6:cb:40:c8:01:fa:dd:ad:e5:04:5c:b2:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
        Validity
            Not Before: Jul 25 00:00:00 2022 GMT
            Not After : Jul 28 23:59:59 2022 GMT
        Subject: serialNumber=c813b772a58a6d3ca50f3b8f4bbd599ebd0a3e21f5630bd8b2230b2b40b9c131, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:4f:78:bc:83:2b:e5:51:ab:f5:18:29:7e:21:
                    38:da:1a:ea:a0:af:34:d1:14:3c:b3:00:02:93:0d:
                    d3:75:19:9b:3d:70:a6:4e:f2:2c:5a:b0:87:f5:7a:
                    01:a7:1c:c8:d1:e6:53:07:b0:6a:86:48:e7:a4:be:
                    c9:c6:8e:e3:90:0d:e4:6d:78:dd:e9:ad:00:b3:63:
                    1c:8a:60:c2:62:32:d3:81:9a:ec:db:03:02:e9:05:
                    24:35:2e:64:c2:ac:4d:69:c9:b4:b7:dc:59:89:6e:
                    ad:27:75:98:42:6c:98:e1:ba:bd:e1:89:c1:46:1a:
                    5a:91:16:45:3b:09:14:44:95:22:87:7c:ca:c2:ad:
                    c7:a7:ac:ed:09:1d:2a:70:a6:ae:61:70:70:57:63:
                    ad:6b:b4:2f:b6:2c:e1:96:49:1e:ea:a6:45:d2:92:
                    38:71:96:ed:6e:83:4e:6b:ba:0e:3f:48:2f:f5:43:
                    3c:4e:77:9d:dc:c5:9e:e3:8e:4d:e2:b7:44:82:a3:
                    26:99:f6:1b:a1:e0:6f:6a:07:cc:36:7a:31:56:b9:
                    8f:ff:b6:b0:5c:f9:46:ef:e5:1c:49:4e:dd:65:8b:
                    fe:36:e0:52:09:bb:25:ed:5f:53:07:12:da:97:44:
                    97:60:68:34:fb:e0:7f:ab:c0:3f:ed:32:2c:0c:ae:
                    c2:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:BD:68:14:CD:28:9C:96:E2:7B:58:FA:46:51:11:11:9C:22:D6:8D
            X509v3 Authority Key Identifier:
                keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/6df6a0ad-bb57-4746-bb98-1208ad3a21df.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:4a:42:02:fd:b1:91:a3:8f:9f:9f:55:52:b2:e7:95:b0:d6:
         5b:e2:fa:2e:75:76:82:a8:a8:a6:50:cf:ab:18:5c:b8:d6:38:
         00:47:c0:da:f6:c5:80:ef:1d:7f:36:45:db:9c:2f:64:7e:00:
         b2:c7:8d:36:b2:4c:ee:37:fb:df:db:5e:e8:07:0c:df:87:c2:
         84:7b:d3:a4:1d:70:45:d5:3f:8c:e9:df:bd:a6:69:d6:bc:f2:
         fa:84:3c:38:8b:4b:9e:11:2c:e7:34:bb:70:48:5c:18:74:2e:
         b5:d0:68:ae:72:48:d8:e5:42:63:55:34:1c:d9:08:fa:24:42:
         d6:25:f8:b8:03:cb:e1:79:4f:b0:b8:35:8f:ff:19:c1:a3:80:
         17:fa:c9:fe:17:ba:86:9a:49:ad:b9:c0:f5:1d:1a:85:8d:13:
         f0:f3:9c:5b:f1:84:ec:53:5a:36:c4:18:ff:a6:fc:3e:6d:ef:
         72:ca:7e:a6:84:ac:5f:e1:26:f9:2e:9e:81:df:eb:7f:21:de:
         0d:3c:10:73:3e:ed:c3:90:19:ad:e6:19:3f:0e:dd:9d:f3:a8:
         68:a3:3d:93:48:33:b6:57:b3:9a:4e:43:b0:f7:f0:3f:23:2c:
         c2:b8:40:83:db:3e:27:47:bc:c6:6e:a4:0d:ea:61:da:1a:04:
         72:ec:79:c2
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUVJCXf0oV36bLQMgB+t2t5QRcss4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIwNzI1MDAwMDAwWhcNMjIwNzI4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAYzgxM2I3NzJhNThhNmQzY2E1MGYzYjhmNGJiZDU5OWVi
ZDBhM2UyMWY1NjMwYmQ4YjIyMzBiMmI0MGI5YzEzMTEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKVPeLyDK+VRq/UYKX4hONoa6qCvNNEUPLMAApMN03UZmz1wpk7y
LFqwh/V6AaccyNHmUwewaoZI56S+ycaO45AN5G143emtALNjHIpgwmIy04Ga7NsD
AukFJDUuZMKsTWnJtLfcWYlurSd1mEJsmOG6veGJwUYaWpEWRTsJFESVIod8ysKt
x6es7QkdKnCmrmFwcFdjrWu0L7Ys4ZZJHuqmRdKSOHGW7W6DTmu6Dj9IL/VDPE53
ndzFnuOOTeK3RIKjJpn2G6Hgb2oHzDZ6MVa5j/+2sFz5Ru/lHElO3WWL/jbgUgm7
Je1fUwcS2pdEl2BoNPvgf6vAP+0yLAyuwsECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBQyvWgUzSicluJ7WPpGURERnCLWjTAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvNmRmNmEwYWQtYmI1Ny00NzQ2LWJiOTgtMTIwOGFkM2EyMWRmLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADNKQgL9sZGjj5+f
VVKy55Ww1lvi+i51doKoqKZQz6sYXLjWOABHwNr2xYDvHX82RducL2R+ALLHjTay
TO43+9/bXugHDN+HwoR706QdcEXVP4zp372mada88vqEPDiLS54RLOc0u3BIXBh0
LrXQaK5ySNjlQmNVNBzZCPokQtYl+LgDy+F5T7C4NY//GcGjgBf6yf4XuoaaSa25
wPUdGoWNE/DznFvxhOxTWjbEGP+m/D5t73LKfqaErF/hJvkunoHf638h3g08EHM+
7cOQGa3mGT8O3Z3zqGijPZNIM7ZXs5pOQ7D38D8jLMK4QIPbPidHvMZupA3qYdoa
BHLsecI=
-----END CERTIFICATE-----