Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/d6f37502-32ad-4c2d-8706-ab0a1162dd56.roa
File:                     d6f37502-32ad-4c2d-8706-ab0a1162dd56.roa (raw, json)
Hash identifier:          JRYLzdLlhSd2gux18PzuHcDisc5E5Z1ulDoBSU3vg5Y=
Subject key identifier:   41:1E:15:E5:05:AA:C8:A1:33:E0:86:34:84:87:F3:3D:D6:9F:AD:24
Certificate issuer:       /CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
Certificate serial:       5E21FD6A92F6F750FE04710C9E664F80C2357A05
Authority key identifier: 91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/d6f37502-32ad-4c2d-8706-ab0a1162dd56.roa
Signing time:             Mon 15 Aug 2022 00:00:00 +0000
ROA not before:           Mon 15 Aug 2022 00:00:00 +0000
ROA not after:            Thu 18 Aug 2022 23:59:59 +0000
asID:                     400098
IP address blocks:        199.36.120.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:21:fd:6a:92:f6:f7:50:fe:04:71:0c:9e:66:4f:80:c2:35:7a:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611
        Validity
            Not Before: Aug 15 00:00:00 2022 GMT
            Not After : Aug 18 23:59:59 2022 GMT
        Subject: serialNumber=1c06bda71bac12b3dd04fcc9fad03bc6cc03986696ae7da3410a1b646ef987e2, CN=6ae4e567-6348-4c4f-98a8-0422c4c52ff3, OU=Amazon RPKI, O=Amazon.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:4b:93:0b:65:64:8d:86:04:ef:7d:3e:66:e2:
                    4d:90:d5:d0:2c:5c:64:a2:91:8c:ea:9d:0c:8f:a3:
                    72:ae:ff:02:86:16:53:fb:f4:33:e2:3f:c0:0b:e3:
                    85:75:3f:c8:3f:7d:2f:9e:af:2c:a2:c3:9e:34:0b:
                    13:01:f4:db:2b:09:da:9e:22:90:f2:a0:15:a0:7e:
                    1e:15:0b:51:78:dc:31:f8:0b:6d:56:f8:05:9a:cb:
                    e5:87:be:17:10:d1:b5:60:44:6d:f0:f8:7d:bf:fa:
                    61:db:ae:4a:41:35:05:97:19:e1:e8:81:13:f7:49:
                    63:53:9f:7e:b3:2e:fb:e9:58:b6:da:92:6a:ac:93:
                    10:87:ad:a8:69:c0:21:31:5f:b2:c0:04:e0:33:c4:
                    1e:84:56:0b:94:9a:19:8b:08:80:17:0e:b6:93:cb:
                    d6:df:08:0c:ae:32:c4:20:e2:4c:f0:5e:bf:08:31:
                    a0:5f:d8:c3:9a:96:b2:17:70:1b:f7:10:77:08:89:
                    a6:df:a2:55:f9:0b:ba:b1:73:41:fa:ca:33:1a:db:
                    63:ad:9b:8f:82:87:bb:95:15:81:8a:1c:47:63:85:
                    a7:ad:f5:34:37:b6:48:62:d6:c2:dd:13:ce:09:45:
                    9d:af:05:4e:7a:5d:ad:95:17:52:58:5d:e4:97:6d:
                    73:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:1E:15:E5:05:AA:C8:A1:33:E0:86:34:84:87:F3:3D:D6:9F:AD:24
            X509v3 Authority Key Identifier:
                keyid:91:44:ED:C7:A4:0E:E9:90:B7:FA:36:6F:F6:E1:7D:79:AD:C4:83:97

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/73f21c2b-8823-4c24-b25b-43c80cb6d1bb/278aab878f2831bb1823b58794b092d86fb1d7a0f74e281611.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/d6f37502-32ad-4c2d-8706-ab0a1162dd56.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/b68a32ee-455d-483a-943d-1a5be748bfea/4bb8ae5c-124c-42f3-87fb-4f34e74e3da2.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:86:ca:be:0f:8b:b7:91:34:fa:7e:52:ec:94:cf:e9:38:42:
         9a:54:c1:fd:bd:ff:39:5f:00:f4:99:4c:b2:75:56:a1:9f:8a:
         b0:8d:52:f3:d1:bf:7e:f9:c1:e3:c6:2e:44:be:66:f0:87:7e:
         a6:3a:d7:5c:43:e3:ea:a6:02:78:05:18:7b:8b:6b:f4:8b:b9:
         3c:8f:5c:e9:3d:39:10:5e:ad:37:53:d9:c3:99:ee:2a:9c:b3:
         bb:62:45:70:41:32:45:4c:08:d2:5c:fe:3f:d0:88:07:e4:60:
         67:f4:d4:42:87:7f:5f:67:22:f0:fc:75:df:63:db:97:a3:fd:
         0d:2f:e0:62:a6:ab:5d:e2:a1:16:3d:03:45:39:36:e3:5f:38:
         cf:ed:f9:09:6c:db:95:7c:1e:ab:b7:02:62:e1:c4:71:5e:7c:
         3d:d6:05:64:10:9a:f3:49:49:dd:0d:11:9d:6a:4a:b2:82:12:
         87:fe:dc:06:74:dd:aa:c2:43:c1:f2:ba:3f:3c:a4:23:c1:11:
         92:7c:7e:d7:56:22:0c:9d:20:4f:62:3f:ab:22:05:69:f5:76:
         4f:4a:2b:33:f8:3c:11:64:4b:68:7e:73:3d:fa:42:c0:cc:43:
         cc:57:14:ad:d1:20:4b:ef:26:9f:5a:99:b7:82:96:76:fe:86:
         b4:ff:c5:f0
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUXiH9apL291D+BHEMnmZPgMI1egUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI4MzFiYjE4MjNiNTg3OTRiMDkyZDg2
ZmIxZDdhMGY3NGUyODE2MTEwHhcNMjIwODE1MDAwMDAwWhcNMjIwODE4MjM1OTU5
WjCBpTFJMEcGA1UEBRNAMWMwNmJkYTcxYmFjMTJiM2RkMDRmY2M5ZmFkMDNiYzZj
YzAzOTg2Njk2YWU3ZGEzNDEwYTFiNjQ2ZWY5ODdlMjEtMCsGA1UEAxMkNmFlNGU1
NjctNjM0OC00YzRmLTk4YTgtMDQyMmM0YzUyZmYzMRQwEgYDVQQLEwtBbWF6b24g
UlBLSTETMBEGA1UEChMKQW1hem9uLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKlLkwtlZI2GBO99PmbiTZDV0CxcZKKRjOqdDI+jcq7/AoYWU/v0
M+I/wAvjhXU/yD99L56vLKLDnjQLEwH02ysJ2p4ikPKgFaB+HhULUXjcMfgLbVb4
BZrL5Ye+FxDRtWBEbfD4fb/6YduuSkE1BZcZ4eiBE/dJY1OffrMu++lYttqSaqyT
EIetqGnAITFfssAE4DPEHoRWC5SaGYsIgBcOtpPL1t8IDK4yxCDiTPBevwgxoF/Y
w5qWshdwG/cQdwiJpt+iVfkLurFzQfrKMxrbY62bj4KHu5UVgYocR2OFp631NDe2
SGLWwt0TzglFna8FTnpdrZUXUlhd5Jdtc0ECAwEAAaOCAr4wggK6MB0GA1UdDgQW
BBRBHhXlBarIoTPghjSEh/M91p+tJDAfBgNVHSMEGDAWgBSRRO3HpA7pkLf6Nm/2
4X15rcSDlzAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggr
BgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4t
cnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMDM1
NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzczZjIxYzJiLTg4MjMt
NGMyNC1iMjViLTQzYzgwY2I2ZDFiYi8yNzhhYWI4NzhmMjgzMWJiMTgyM2I1ODc5
NGIwOTJkODZmYjFkN2EwZjc0ZTI4MTYxMS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGO
MIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6
b25hd3MuY29tL3ZvbHVtZS9iNjhhMzJlZS00NTVkLTQ4M2EtOTQzZC0xYTViZTc0
OGJmZWEvZDZmMzc1MDItMzJhZC00YzJkLTg3MDYtYWIwYTExNjJkZDU2LnJvYTCB
lQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2I2OGEzMmVlLTQ1NWQtNDgzYS05NDNk
LTFhNWJlNzQ4YmZlYS80YmI4YWU1Yy0xMjRjLTQyZjMtODdmYi00ZjM0ZTc0ZTNk
YTIuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEuGyr4Pi7eRNPp+
UuyUz+k4QppUwf29/zlfAPSZTLJ1VqGfirCNUvPRv375wePGLkS+ZvCHfqY611xD
4+qmAngFGHuLa/SLuTyPXOk9ORBerTdT2cOZ7iqcs7tiRXBBMkVMCNJc/j/QiAfk
YGf01EKHf19nIvD8dd9j25ej/Q0v4GKmq13ioRY9A0U5NuNfOM/t+Qls25V8Hqu3
AmLhxHFefD3WBWQQmvNJSd0NEZ1qSrKCEof+3AZ03arCQ8Hyuj88pCPBEZJ8ftdW
IgydIE9iP6siBWn1dk9KKzP4PBFkS2h+cz36QsDMQ8xXFK3RIEvvJp9ambeClnb+
hrT/xfA=
-----END CERTIFICATE-----