Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d70d8b7e-aada-4cdc-920d-dda617bdd989/6b750da2-f045-33a7-88de-a4fb0188554d.roa
File:                     6b750da2-f045-33a7-88de-a4fb0188554d.roa (raw, json)
Hash identifier:          fOSCY2l9aIYeXTwzYQiQUx9Rv27OnNSuPAM21Dufpcc=
Subject key identifier:   4F:95:A8:4D:5E:EF:7F:E9:E3:77:48:EE:8D:04:B2:C4:BF:DB:3B:DC
Certificate issuer:       /CN=d70d8b7e-aada-4cdc-920d-dda617bdd989
Certificate serial:       010D0C9F432858494B642F4A7D1C3D4121FCA540
Authority key identifier: 58:DB:AF:0D:4D:D8:DF:2D:A3:20:AF:A4:9C:C0:12:34:EA:BE:FC:F6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d70d8b7e-aada-4cdc-920d-dda617bdd989.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d70d8b7e-aada-4cdc-920d-dda617bdd989/6b750da2-f045-33a7-88de-a4fb0188554d.roa
Signing time:             Mon 24 Mar 2025 13:00:53 +0000
ROA not before:           Mon 24 Mar 2025 13:00:53 +0000
ROA not after:            Sun 22 Jun 2025 13:00:53 +0000
asID:                     21817
IP address blocks:        104.152.100.0/22 maxlen: 24
                          199.36.176.0/21 maxlen: 24
                          199.187.148.0/22 maxlen: 24
                          2607:6200::/32 maxlen: 64

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:4b:64:2f:4a:7d:1c:3d:41:21:fc:a5:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d70d8b7e-aada-4cdc-920d-dda617bdd989
        Validity
            Not Before: Mar 24 13:00:53 2025 GMT
            Not After : Jun 22 13:00:53 2025 GMT
        Subject: CN=7a5fd8fa-2c98-4f3d-b9c1-6334336e9242
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:70:13:67:51:f4:ea:43:7b:f7:d8:9d:83:6a:
                    d7:6d:6b:5d:7d:15:70:92:55:43:c4:c6:1a:a8:25:
                    ea:55:4d:a2:55:63:74:f0:70:78:25:6a:99:c9:e0:
                    1a:e4:1e:bf:b1:bd:af:84:63:2b:6a:26:e1:c5:34:
                    dc:c2:f9:d6:48:37:ea:0d:22:45:d6:86:ac:e5:eb:
                    78:d2:c2:bb:a4:e0:a5:d0:4a:f6:ef:a9:16:61:b6:
                    16:4b:e4:e1:43:72:36:b1:c3:9a:96:ab:c2:95:b2:
                    c5:c2:d9:d8:f6:57:40:7d:f3:ea:68:ab:64:56:02:
                    96:80:99:54:13:0e:c8:48:df:24:a1:74:15:5d:96:
                    84:a2:ca:e4:3f:ba:04:00:6d:0d:9f:6a:4e:61:63:
                    09:5d:5a:83:d3:ca:a4:8a:a4:58:ad:32:fd:9b:2b:
                    6a:63:09:c0:52:99:b2:35:ce:e5:71:4e:35:e9:cb:
                    e0:09:c5:38:2e:27:13:a9:37:d7:35:e1:c0:b5:3b:
                    49:82:d0:67:82:53:72:a5:21:dc:f2:8d:7d:86:68:
                    d2:df:1f:ad:f6:2b:ce:83:c1:cd:e9:d2:a0:58:dd:
                    1d:9d:61:93:d5:fc:83:9d:7c:cf:71:7a:e1:83:82:
                    a4:19:2b:09:61:90:b4:4a:69:0f:92:a1:21:f1:03:
                    2e:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:95:A8:4D:5E:EF:7F:E9:E3:77:48:EE:8D:04:B2:C4:BF:DB:3B:DC
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d70d8b7e-aada-4cdc-920d-dda617bdd989/6b750da2-f045-33a7-88de-a4fb0188554d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d70d8b7e-aada-4cdc-920d-dda617bdd989/d70d8b7e-aada-4cdc-920d-dda617bdd989.crl

            X509v3 Authority Key Identifier:
                keyid:58:DB:AF:0D:4D:D8:DF:2D:A3:20:AF:A4:9C:C0:12:34:EA:BE:FC:F6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/d70d8b7e-aada-4cdc-920d-dda617bdd989.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.152.100.0/22
                  199.36.176.0/21
                  199.187.148.0/22
                IPv6:
                  2607:6200::/32

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         74:d6:18:e2:bb:3b:ca:54:f7:51:b7:92:af:80:12:fe:ee:2a:
         22:99:a6:57:15:a8:e6:fc:c8:33:6b:d4:26:8c:75:62:3b:58:
         61:43:5b:4e:bd:5d:1f:a8:4e:48:91:73:79:42:2f:ad:36:95:
         26:a5:27:cb:ab:94:50:f2:12:95:21:7a:17:48:21:96:fb:93:
         17:4d:2f:f7:ed:b2:2f:be:8d:de:3d:97:b2:d1:74:65:23:51:
         6d:84:7e:2e:41:8f:4c:1e:b5:2b:cf:f7:fc:63:99:5a:06:43:
         9a:58:87:3b:8d:dd:73:b9:64:a8:79:88:99:7b:e5:c3:9f:03:
         35:a1:2d:94:28:0e:9d:f1:8c:a4:1b:2b:54:9f:de:6a:b7:0f:
         61:c3:e5:e5:65:50:f9:37:d6:3c:c5:f7:e9:d7:d1:e2:2a:74:
         29:16:26:dd:51:07:03:78:a7:c8:f9:1e:ed:19:02:d6:52:f4:
         3a:f5:a5:58:4e:a1:c1:63:7e:ed:7a:88:da:3f:3d:bd:c7:03:
         05:58:aa:28:a8:75:12:b3:53:a4:73:8b:1d:c7:d9:4b:5f:c6:
         a9:88:8a:2e:fb:b6:de:0d:2f:87:57:f4:a3:6e:ee:50:d7:34:
         6e:87:62:4d:21:89:42:59:85:f8:dc:44:da:16:76:6c:dc:f3:
         8c:c9:1a:e2
-----BEGIN CERTIFICATE-----
MIIGXjCCBUagAwIBAgIUAQ0Mn0MoWElLZC9KfRw9QSH8pUAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZDcwZDhiN2UtYWFkYS00Y2RjLTkyMGQtZGRhNjE3YmRk
OTg5MB4XDTI1MDMyNDEzMDA1M1oXDTI1MDYyMjEzMDA1M1owLzEtMCsGA1UEAxMk
N2E1ZmQ4ZmEtMmM5OC00ZjNkLWI5YzEtNjMzNDMzNmU5MjQyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3ATZ1H06kN799idg2rXbWtdfRVwklVDxMYa
qCXqVU2iVWN08HB4JWqZyeAa5B6/sb2vhGMraibhxTTcwvnWSDfqDSJF1oas5et4
0sK7pOCl0Er276kWYbYWS+ThQ3I2scOalqvClbLFwtnY9ldAffPqaKtkVgKWgJlU
Ew7ISN8koXQVXZaEosrkP7oEAG0Nn2pOYWMJXVqD08qkiqRYrTL9mytqYwnAUpmy
Nc7lcU416cvgCcU4LicTqTfXNeHAtTtJgtBnglNypSHc8o19hmjS3x+t9ivOg8HN
6dKgWN0dnWGT1fyDnXzPcXrhg4KkGSsJYZC0SmkPkqEh8QMufQIDAQABo4IDcDCC
A2wwHQYDVR0OBBYEFE+VqE1e73/p43dI7o0EssS/2zvcMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS9kNzBk
OGI3ZS1hYWRhLTRjZGMtOTIwZC1kZGE2MTdiZGQ5ODkvNmI3NTBkYTItZjA0NS0z
M2E3LTg4ZGUtYTRmYjAxODg1NTRkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvZDcwZDhiN2UtYWFkYS00Y2RjLTky
MGQtZGRhNjE3YmRkOTg5L2Q3MGQ4YjdlLWFhZGEtNGNkYy05MjBkLWRkYTYxN2Jk
ZDk4OS5jcmwwHwYDVR0jBBgwFoAUWNuvDU3Y3y2jIK+knMASNOq+/PYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS9kNzBkOGI3ZS1hYWRhLTRjZGMtOTIwZC1kZGE2
MTdiZGQ5ODkuY2VyMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCaJhkAwQD
xySwAwQCx7uUMA0EAgACMAcDBQAmB2IAMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUH
DgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2Vz
L3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBAHTWGOK7O8pU91G3kq+A
Ev7uKiKZplcVqOb8yDNr1CaMdWI7WGFDW069XR+oTkiRc3lCL602lSalJ8urlFDy
EpUhehdIIZb7kxdNL/ftsi++jd49l7LRdGUjUW2Efi5Bj0wetSvP9/xjmVoGQ5pY
hzuN3XO5ZKh5iJl75cOfAzWhLZQoDp3xjKQbK1Sf3mq3D2HD5eVlUPk31jzF9+nX
0eIqdCkWJt1RBwN4p8j5Hu0ZAtZS9Dr1pVhOocFjfu16iNo/Pb3HAwVYqiiodRKz
U6Rzix3H2UtfxqmIii77tt4NL4dX9KNu7lDXNG6HYk0hiUJZhfjcRNoWdmzc84zJ
GuI=
-----END CERTIFICATE-----