Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/dcdaaca3-d285-3cd8-a47c-dbbfe4a41dc0.roa
File:                     dcdaaca3-d285-3cd8-a47c-dbbfe4a41dc0.roa (raw, json)
Hash identifier:          +uEh42FpYneBaoQuvOoB5DnpMMQ7KE4bifDwOkzV3EQ=
Subject key identifier:   95:3F:C9:40:38:94:A2:04:13:02:36:37:B0:34:F1:CF:77:94:CD:AE
Certificate issuer:       /CN=74b24643-d6d5-4d2a-b885-83160dec7103
Certificate serial:       010D0C9F4328584950F958C676EC3281E30E7780
Authority key identifier: 32:48:2C:26:74:5B:59:00:E4:D0:78:12:7E:F4:AA:AE:8A:4E:57:19
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/dcdaaca3-d285-3cd8-a47c-dbbfe4a41dc0.roa
Signing time:             Wed 26 Mar 2025 13:00:53 +0000
ROA not before:           Wed 26 Mar 2025 13:00:53 +0000
ROA not after:            Tue 24 Jun 2025 13:00:53 +0000
asID:                     1288
IP address blocks:        66.185.117.0/24 maxlen: 24
                          74.80.91.0/24 maxlen: 24
                          2620:171:4::/48 maxlen: 48
                          2620:171:e5::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:50:f9:58:c6:76:ec:32:81:e3:0e:77:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b24643-d6d5-4d2a-b885-83160dec7103
        Validity
            Not Before: Mar 26 13:00:53 2025 GMT
            Not After : Jun 24 13:00:53 2025 GMT
        Subject: CN=26b7caf8-f35f-4968-8342-f2e026bc8079
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:33:b5:44:73:3f:cb:0a:2c:7c:ca:e6:1d:8e:
                    4e:f8:3b:24:36:e7:4f:cf:32:c9:cc:45:30:36:ab:
                    d5:f4:76:22:88:8e:e3:5d:78:ff:62:42:be:6f:cf:
                    eb:71:6a:57:25:2f:16:f6:6f:c1:6f:b0:28:3e:c0:
                    94:53:c4:1e:2b:85:fe:56:0f:49:d6:84:73:be:c5:
                    36:ff:5a:34:6c:51:57:c2:ec:68:12:92:0a:b2:9f:
                    9d:cf:cb:95:34:5f:21:39:2b:f0:cf:8f:88:48:39:
                    21:aa:4c:c0:84:3e:46:b4:38:4f:32:07:c3:d7:24:
                    fc:17:5e:6b:38:f5:b9:a8:55:28:ed:6d:9d:47:c9:
                    8b:d1:e5:2a:52:f7:e6:5d:5c:fb:c8:85:b1:78:1f:
                    fc:37:c1:a3:53:82:87:53:83:f1:dd:30:d5:47:38:
                    f3:97:51:ab:b8:d0:d3:78:7f:f6:eb:bf:e3:ab:c6:
                    36:af:69:62:f8:f6:cd:ae:f7:57:05:a4:3a:8c:55:
                    19:e5:76:94:ce:20:68:37:a8:a7:a8:3b:89:f8:8a:
                    e2:60:5c:a4:0f:36:c4:2b:3c:98:6d:fa:5a:42:7e:
                    92:6b:fd:92:cc:93:37:98:3a:70:fe:f2:b1:36:28:
                    8a:f0:0f:60:24:e4:72:11:3d:42:81:2c:cc:29:d7:
                    de:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:3F:C9:40:38:94:A2:04:13:02:36:37:B0:34:F1:CF:77:94:CD:AE
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/dcdaaca3-d285-3cd8-a47c-dbbfe4a41dc0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/74b24643-d6d5-4d2a-b885-83160dec7103.crl

            X509v3 Authority Key Identifier:
                keyid:32:48:2C:26:74:5B:59:00:E4:D0:78:12:7E:F4:AA:AE:8A:4E:57:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.185.117.0/24
                  74.80.91.0/24
                IPv6:
                  2620:171:4::/48
                  2620:171:e5::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         43:29:19:ad:32:fd:e6:d1:b5:51:9d:4f:ed:5e:2a:d2:ae:76:
         b1:75:50:f7:65:a8:d8:91:c7:3c:d9:74:47:5b:07:3e:eb:37:
         bf:47:20:8b:a2:2e:e1:fb:a0:d9:a0:88:51:3e:0a:59:22:ee:
         54:b0:fc:34:43:f3:90:d6:a7:16:22:9b:a2:dc:e4:66:cb:7f:
         b5:67:0a:d8:ad:b5:01:02:6f:c3:7e:80:52:1e:f3:bf:0e:b6:
         00:4f:55:30:47:83:2a:3c:c1:53:57:5c:b4:0b:21:56:e5:26:
         a6:10:ee:3d:94:59:72:ed:c6:c6:ff:45:f2:f2:74:d3:77:9d:
         5e:f0:69:b8:59:5e:0b:f9:a4:a0:a0:a0:11:8e:49:b7:ee:66:
         d6:6f:de:4d:e5:df:e4:04:23:1b:b1:80:33:ac:38:c5:9f:66:
         07:e7:ec:8e:fe:06:be:fc:37:eb:78:7d:ce:bc:ab:f7:6f:81:
         64:68:43:74:d3:5a:06:c4:9a:76:9f:82:62:da:61:29:17:8d:
         aa:35:f3:a3:7f:8a:28:97:5b:9b:eb:11:bb:22:b4:eb:80:ce:
         85:de:65:cd:77:33:d2:0a:14:ee:ff:7c:45:2d:05:cf:19:c5:
         3f:c0:09:18:de:de:23:ce:c6:72:b8:47:2d:5f:37:76:a9:4e:
         24:71:6e:8e
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgIUAQ0Mn0MoWElQ+VjGduwygeMOd4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzRiMjQ2NDMtZDZkNS00ZDJhLWI4ODUtODMxNjBkZWM3
MTAzMB4XDTI1MDMyNjEzMDA1M1oXDTI1MDYyNDEzMDA1M1owLzEtMCsGA1UEAxMk
MjZiN2NhZjgtZjM1Zi00OTY4LTgzNDItZjJlMDI2YmM4MDc5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizO1RHM/ywosfMrmHY5O+DskNudPzzLJzEUw
NqvV9HYiiI7jXXj/YkK+b8/rcWpXJS8W9m/Bb7AoPsCUU8QeK4X+Vg9J1oRzvsU2
/1o0bFFXwuxoEpIKsp+dz8uVNF8hOSvwz4+ISDkhqkzAhD5GtDhPMgfD1yT8F15r
OPW5qFUo7W2dR8mL0eUqUvfmXVz7yIWxeB/8N8GjU4KHU4Px3TDVRzjzl1GruNDT
eH/267/jq8Y2r2li+PbNrvdXBaQ6jFUZ5XaUziBoN6inqDuJ+IriYFykDzbEKzyY
bfpaQn6Sa/2SzJM3mDpw/vKxNiiK8A9gJORyET1CgSzMKdfebwIDAQABo4IDdTCC
A3EwHQYDVR0OBBYEFJU/yUA4lKIEEwI2N7A08c93lM2uMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83NGIy
NDY0My1kNmQ1LTRkMmEtYjg4NS04MzE2MGRlYzcxMDMvZGNkYWFjYTMtZDI4NS0z
Y2Q4LWE0N2MtZGJiZmU0YTQxZGMwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNzRiMjQ2NDMtZDZkNS00ZDJhLWI4
ODUtODMxNjBkZWM3MTAzLzc0YjI0NjQzLWQ2ZDUtNGQyYS1iODg1LTgzMTYwZGVj
NzEwMy5jcmwwHwYDVR0jBBgwFoAUMkgsJnRbWQDk0HgSfvSqropOVxkwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi83NGIyNDY0My1kNmQ1LTRkMmEtYjg4NS04MzE2
MGRlYzcxMDMuY2VyMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAQrl1AwQA
SlBbMBgEAgACMBIDBwAmIAFxAAQDBwAmIAFxAOUwVAYDVR0gAQH/BEowSDBGBggr
BgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNv
dXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEAQykZrTL95tG1
UZ1P7V4q0q52sXVQ92Wo2JHHPNl0R1sHPus3v0cgi6Iu4fug2aCIUT4KWSLuVLD8
NEPzkNanFiKbotzkZst/tWcK2K21AQJvw36AUh7zvw62AE9VMEeDKjzBU1dctAsh
VuUmphDuPZRZcu3Gxv9F8vJ003edXvBpuFleC/mkoKCgEY5Jt+5m1m/eTeXf5AQj
G7GAM6w4xZ9mB+fsjv4Gvvw363h9zryr92+BZGhDdNNaBsSadp+CYtphKReNqjXz
o3+KKJdbm+sRuyK064DOhd5lzXcz0goU7v98RS0FzxnFP8AJGN7eI87GcrhHLV83
dqlOJHFujg==
-----END CERTIFICATE-----