Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/a5467e08-cbe6-4ed1-8a1e-f1fecd06479f.roa
File:                     a5467e08-cbe6-4ed1-8a1e-f1fecd06479f.roa (raw, json)
Hash identifier:          LAxxs9Uu/5bb0HhLZSJH2tWB3PffI2bgo+xj09vnn24=
Subject key identifier:   C0:7E:30:06:5D:D7:36:AB:F6:B2:FA:A9:19:DF:83:8D:FC:C1:0F:2B
Certificate issuer:       /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial:       53D615127F156F822A19D421F0CE8A27AC255CB5
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/a5467e08-cbe6-4ed1-8a1e-f1fecd06479f.roa
Signing time:             Wed 03 Aug 2022 00:00:00 +0000
ROA not before:           Wed 03 Aug 2022 00:00:00 +0000
ROA not after:            Sat 06 Aug 2022 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:d6:15:12:7f:15:6f:82:2a:19:d4:21:f0:ce:8a:27:ac:25:5c:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
        Validity
            Not Before: Aug  3 00:00:00 2022 GMT
            Not After : Aug  6 23:59:59 2022 GMT
        Subject: serialNumber=38f09c345c12d21b1ee9d3a260857cc3f7d03aded4377996bd68f51b19c5de62, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:c0:63:41:69:b8:d6:63:4b:99:c9:e8:c2:2d:
                    9a:30:5b:ca:fd:fe:c2:9e:58:02:2d:8f:21:6b:92:
                    5c:91:93:0a:b4:e8:0c:e6:9c:61:14:c8:08:73:1d:
                    4a:85:d9:9f:d3:39:9d:69:86:a7:39:bb:bd:e8:32:
                    b5:3a:90:23:3e:48:e0:58:09:49:93:ca:c9:1e:d6:
                    d7:bb:de:8e:77:5d:fb:3a:25:18:20:ef:af:ec:fb:
                    d2:ff:bb:0d:fd:f5:5d:56:4a:44:5b:08:fd:0a:88:
                    b7:dc:98:10:00:d4:12:9f:14:06:8d:a2:28:9a:8f:
                    4d:4c:f4:3b:5d:2e:a3:3a:e6:78:ba:46:16:1d:e8:
                    1d:9d:73:a8:96:3c:63:eb:ba:4a:8b:28:1c:93:51:
                    ad:6c:17:5a:bd:73:fa:97:03:ea:b3:95:72:43:c0:
                    2c:3c:4f:7c:bb:03:42:ed:78:11:05:70:cc:3b:f9:
                    49:ad:c6:58:5c:11:36:3d:c7:90:2a:1a:df:a6:f0:
                    fa:46:d3:6d:bf:4e:f6:f8:3a:91:ad:93:39:84:3c:
                    47:ea:23:0c:69:e2:7d:cc:05:24:c6:16:6a:2d:d2:
                    ef:f7:dc:45:1d:2a:e7:9e:a8:ee:1c:99:14:8a:30:
                    df:e4:32:f2:d8:05:95:7d:a8:50:c5:d7:e4:76:ca:
                    ed:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:7E:30:06:5D:D7:36:AB:F6:B2:FA:A9:19:DF:83:8D:FC:C1:0F:2B
            X509v3 Authority Key Identifier:
                keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/a5467e08-cbe6-4ed1-8a1e-f1fecd06479f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a0:c5:5a:ce:83:46:1e:4f:dd:53:a6:d0:7b:17:6c:8f:ad:77:
         d2:f9:22:93:e0:db:f1:e2:82:e9:06:04:16:81:d1:ed:d8:d9:
         46:f9:1e:ea:26:ed:85:88:d1:b5:cd:a6:b2:74:1a:07:8c:4a:
         91:71:d5:2b:d2:e4:93:c2:38:51:a1:3c:a2:f1:49:21:75:61:
         f0:ab:47:db:d0:f2:83:65:e5:84:59:6b:f7:a4:39:9b:85:41:
         52:ff:6e:3d:8c:32:4a:61:cf:27:3f:d4:e3:92:ec:35:13:0f:
         4a:e5:79:cf:a6:c1:f0:18:ef:42:79:3b:20:6f:db:c4:fd:9a:
         86:73:13:1c:0f:4f:63:b1:72:6b:ad:7e:54:2f:e7:0e:78:66:
         5b:4c:56:c1:c2:ae:83:26:9f:5b:16:23:c2:f2:6d:7c:50:44:
         64:9f:b0:59:8c:e0:a5:10:98:72:3f:d1:55:a4:f5:d0:2a:9b:
         20:bb:83:8e:d4:0f:e6:ae:39:c0:9d:cd:8b:70:5b:f8:14:51:
         13:e7:b7:10:1e:75:c3:3f:a2:f2:9a:ec:7e:50:af:f5:7f:90:
         ba:a3:b3:b7:93:66:d2:34:3a:ac:06:53:09:35:53:bb:cc:5b:
         98:dd:4e:c8:02:c5:68:0d:cc:96:c5:8e:5c:53:26:e6:37:db:
         80:eb:9b:50
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUU9YVEn8Vb4IqGdQh8M6KJ6wlXLUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIwODAzMDAwMDAwWhcNMjIwODA2MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMzhmMDljMzQ1YzEyZDIxYjFlZTlkM2EyNjA4NTdjYzNm
N2QwM2FkZWQ0Mzc3OTk2YmQ2OGY1MWIxOWM1ZGU2MjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALTAY0FpuNZjS5nJ6MItmjBbyv3+wp5YAi2PIWuSXJGTCrToDOac
YRTICHMdSoXZn9M5nWmGpzm7vegytTqQIz5I4FgJSZPKyR7W17vejndd+zolGCDv
r+z70v+7Df31XVZKRFsI/QqIt9yYEADUEp8UBo2iKJqPTUz0O10uozrmeLpGFh3o
HZ1zqJY8Y+u6SosoHJNRrWwXWr1z+pcD6rOVckPALDxPfLsDQu14EQVwzDv5Sa3G
WFwRNj3HkCoa36bw+kbTbb9O9vg6ka2TOYQ8R+ojDGnifcwFJMYWai3S7/fcRR0q
556o7hyZFIow3+Qy8tgFlX2oUMXX5HbK7XsCAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBTAfjAGXdc2q/ay+qkZ34ON/MEPKzAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvYTU0NjdlMDgtY2JlNi00ZWQxLThhMWUtZjFmZWNkMDY0NzlmLnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAKDFWs6DRh5P3VOm
0HsXbI+td9L5IpPg2/HigukGBBaB0e3Y2Ub5Huom7YWI0bXNprJ0GgeMSpFx1SvS
5JPCOFGhPKLxSSF1YfCrR9vQ8oNl5YRZa/ekOZuFQVL/bj2MMkphzyc/1OOS7DUT
D0rlec+mwfAY70J5OyBv28T9moZzExwPT2OxcmutflQv5w54ZltMVsHCroMmn1sW
I8LybXxQRGSfsFmM4KUQmHI/0VWk9dAqmyC7g47UD+auOcCdzYtwW/gUURPntxAe
dcM/ovKa7H5Qr/V/kLqjs7eTZtI0OqwGUwk1U7vMW5jdTsgCxWgNzJbFjlxTJuY3
24Drm1A=
-----END CERTIFICATE-----