Using Vault ssh ca with a jump host

I have a jump host in a data center which all other hosts are accessed via this jump host.
Currently I use Vault SSH CA to get the signed cert, then ssh to the jump host,
then on the jump host I get the cert again to finally ssh to the destination.

Is there any standard to way to archive this in one step?

Check out this link about SSH agent forwarding. It helps to pass your original key chain to the next host and when you ssh into another, it will use the same keys from the first.