Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/54f5f71f-2eae-3a6b-87ce-a179934f4f47.roa
File:                     54f5f71f-2eae-3a6b-87ce-a179934f4f47.roa (raw, json)
Hash identifier:          maIUROEOcPxgqtxUa4eSS/bTBwgu9U2wPUhXL/rpfEk=
Subject key identifier:   DE:36:A6:39:49:7C:8A:53:6F:C6:4F:22:4F:67:07:9A:C0:9C:8A:6E
Certificate issuer:       /CN=cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2
Certificate serial:       010D0C9F432858494303EC5DC944DA594AA58380
Authority key identifier: 0C:B0:BF:FC:CA:9D:3B:96:77:AB:14:6E:B1:80:5C:09:2F:9C:A7:41
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/54f5f71f-2eae-3a6b-87ce-a179934f4f47.roa
Signing time:             Fri 21 Mar 2025 13:00:50 +0000
ROA not before:           Fri 21 Mar 2025 13:00:50 +0000
ROA not after:            Thu 19 Jun 2025 13:00:50 +0000
asID:                     10490
IP address blocks:        192.245.221.0/24 maxlen: 24
                          192.245.222.0/23 maxlen: 24
                          192.245.224.0/24 maxlen: 24
                          199.33.130.0/23 maxlen: 24
                          199.33.132.0/23 maxlen: 24
                          199.33.134.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:43:03:ec:5d:c9:44:da:59:4a:a5:83:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2
        Validity
            Not Before: Mar 21 13:00:50 2025 GMT
            Not After : Jun 19 13:00:50 2025 GMT
        Subject: CN=396ac5ba-830b-436c-a694-be3df38801f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:45:e4:fb:6f:d8:de:79:3a:c2:24:18:df:77:
                    0a:25:0f:b8:92:52:ce:01:dc:1b:4d:ce:f0:78:b9:
                    3a:54:24:e6:a5:da:10:3d:dd:f1:78:6c:80:f0:cd:
                    3b:90:92:ed:08:41:d8:e8:85:10:f2:10:b1:9c:6a:
                    92:93:ac:94:9f:03:39:05:7d:e8:7b:78:4b:53:a5:
                    77:84:90:53:2e:24:1b:80:eb:3f:5b:a2:68:6e:45:
                    2f:e6:19:2b:2d:1c:1c:81:98:1f:ff:cd:fd:34:84:
                    66:6c:f1:d9:2e:4c:1a:49:fc:5b:d7:9e:d5:56:1c:
                    60:d0:f7:11:aa:dc:ae:fa:61:3b:b1:ec:69:05:86:
                    8c:67:e7:fb:21:90:da:95:9b:d0:b0:4f:20:8e:df:
                    cf:30:4b:e0:9e:3d:4c:a8:cc:67:3c:36:65:55:d1:
                    4b:40:c3:54:cd:18:08:38:12:b6:e9:41:33:aa:5b:
                    ea:8d:83:1c:51:c9:8f:7a:d7:52:3c:fc:81:94:58:
                    ed:ff:43:8a:18:28:05:0b:55:55:a4:28:6b:f9:b3:
                    e9:4c:47:6b:6b:4e:96:49:54:37:37:06:06:6d:56:
                    36:f1:25:35:5c:9a:2e:37:b5:07:8c:4c:f3:1a:e4:
                    21:51:43:9c:11:8b:5a:25:db:45:4e:29:a1:20:08:
                    72:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:36:A6:39:49:7C:8A:53:6F:C6:4F:22:4F:67:07:9A:C0:9C:8A:6E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/54f5f71f-2eae-3a6b-87ce-a179934f4f47.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2.crl

            X509v3 Authority Key Identifier:
                keyid:0C:B0:BF:FC:CA:9D:3B:96:77:AB:14:6E:B1:80:5C:09:2F:9C:A7:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.245.221.0-192.245.224.255
                  199.33.130.0-199.33.134.255

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         3b:bb:98:52:40:e2:92:19:66:26:ac:0e:87:d1:29:c4:76:24:
         36:a2:79:b7:fa:0e:ca:d1:4d:c0:e5:44:e3:15:08:5b:cf:9d:
         0d:9c:eb:80:ba:96:ec:aa:81:84:0b:10:58:89:e4:ad:51:84:
         98:c4:e0:72:2f:40:ca:49:22:79:04:62:23:88:08:6c:98:5c:
         3d:c9:cb:eb:d2:ae:ff:e5:40:25:2e:15:29:3d:ae:92:25:5c:
         5e:71:6d:2c:e7:07:59:55:b1:97:83:90:da:cf:1a:f8:71:68:
         a7:6b:d2:1b:16:15:b6:43:30:1b:e6:d3:f8:3d:1f:98:1e:4f:
         34:dd:cd:0c:93:a4:67:f0:4c:ed:13:c1:8b:d4:c2:2e:17:a3:
         99:ca:71:88:a2:4e:54:7b:e3:15:d6:a9:9f:59:d7:2b:a3:15:
         d0:1d:6f:a3:dc:f9:04:1a:39:d2:a3:70:dd:71:43:65:96:d0:
         15:ff:2a:30:10:52:e5:e7:e4:5d:cb:cc:6a:b4:52:94:48:87:
         7e:18:fa:c1:bc:52:be:e3:83:44:a4:8c:28:07:81:29:0b:b1:
         da:ca:0b:58:b2:73:53:a8:ff:70:c3:bb:76:f9:f0:fd:a7:63:
         b1:58:bd:73:fa:9d:83:0f:dd:fc:ef:d6:df:85:e9:86:c5:3d:
         5c:1e:ef:48
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIUAQ0Mn0MoWElDA+xdyUTaWUqlg4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkY2Q1NGU1YmItMzBjZC00NjBhLWEzYWUtNGFiODNjMmY2
MmEyMB4XDTI1MDMyMTEzMDA1MFoXDTI1MDYxOTEzMDA1MFowLzEtMCsGA1UEAxMk
Mzk2YWM1YmEtODMwYi00MzZjLWE2OTQtYmUzZGYzODgwMWYzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0Xk+2/Y3nk6wiQY33cKJQ+4klLOAdwbTc7w
eLk6VCTmpdoQPd3xeGyA8M07kJLtCEHY6IUQ8hCxnGqSk6yUnwM5BX3oe3hLU6V3
hJBTLiQbgOs/W6JobkUv5hkrLRwcgZgf/839NIRmbPHZLkwaSfxb157VVhxg0PcR
qtyu+mE7sexpBYaMZ+f7IZDalZvQsE8gjt/PMEvgnj1MqMxnPDZlVdFLQMNUzRgI
OBK26UEzqlvqjYMcUcmPetdSPPyBlFjt/0OKGCgFC1VVpChr+bPpTEdra06WSVQ3
NwYGbVY28SU1XJouN7UHjEzzGuQhUUOcEYtaJdtFTimhIAhyQQIDAQABo4IDazCC
A2cwHQYDVR0OBBYEFN42pjlJfIpTb8ZPIk9nB5rAnIpuMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS9jZDU0
ZTViYi0zMGNkLTQ2MGEtYTNhZS00YWI4M2MyZjYyYTIvNTRmNWY3MWYtMmVhZS0z
YTZiLTg3Y2UtYTE3OTkzNGY0ZjQ3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvY2Q1NGU1YmItMzBjZC00NjBhLWEz
YWUtNGFiODNjMmY2MmEyL2NkNTRlNWJiLTMwY2QtNDYwYS1hM2FlLTRhYjgzYzJm
NjJhMi5jcmwwHwYDVR0jBBgwFoAUDLC//MqdO5Z3qxRusYBcCS+cp0EwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS9jZDU0ZTViYi0zMGNkLTQ2MGEtYTNhZS00YWI4
M2MyZjYyYTIuY2VyMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADA9d0D
BADA9eAwDAMEAcchggMEAMchhjBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDow
OAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtp
L2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQA7u5hSQOKSGWYmrA6H0SnEdiQ2
onm3+g7K0U3A5UTjFQhbz50NnOuAupbsqoGECxBYieStUYSYxOByL0DKSSJ5BGIj
iAhsmFw9ycvr0q7/5UAlLhUpPa6SJVxecW0s5wdZVbGXg5Dazxr4cWina9IbFhW2
QzAb5tP4PR+YHk803c0Mk6Rn8EztE8GL1MIuF6OZynGIok5Ue+MV1qmfWdcroxXQ
HW+j3PkEGjnSo3DdcUNlltAV/yowEFLl5+Rdy8xqtFKUSId+GPrBvFK+44NEpIwo
B4EpC7HaygtYsnNTqP9ww7t2+fD9p2OxWL1z+p2DD93879bfhemGxT1cHu9I
-----END CERTIFICATE-----