Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/64da013d-8ba3-4af5-80ad-7674bd0cc403/ba9af7c9-4188-3aec-83ca-0e60298a99d4.roa
File:                     ba9af7c9-4188-3aec-83ca-0e60298a99d4.roa (raw, json)
Hash identifier:          8B1fwtiWgRSF4jUa8jPxxz1dmQ0X4YI9jMgXDSllNgw=
Subject key identifier:   AD:E6:1C:95:D9:3B:11:F3:0D:F9:1B:4E:ED:DE:BB:11:87:B0:29:89
Certificate issuer:       /CN=64da013d-8ba3-4af5-80ad-7674bd0cc403
Certificate serial:       010D0C9F432858488AE0A1DB75EB9389F5613680
Authority key identifier: 2D:D1:01:C1:DB:B3:F5:6C:57:8C:83:E5:D4:15:B8:40:06:A9:9F:34
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/64da013d-8ba3-4af5-80ad-7674bd0cc403.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/64da013d-8ba3-4af5-80ad-7674bd0cc403/ba9af7c9-4188-3aec-83ca-0e60298a99d4.roa
Signing time:             Tue 14 Jan 2025 14:00:51 +0000
ROA not before:           Tue 14 Jan 2025 14:00:51 +0000
ROA not after:            Mon 14 Apr 2025 13:00:51 +0000
asID:                     399916
IP address blocks:        66.118.0.0/22 maxlen: 22
                          66.118.0.0/24 maxlen: 24
                          66.118.1.0/24 maxlen: 24
                          66.118.2.0/24 maxlen: 24
                          66.118.3.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:8a:e0:a1:db:75:eb:93:89:f5:61:36:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64da013d-8ba3-4af5-80ad-7674bd0cc403
        Validity
            Not Before: Jan 14 14:00:51 2025 GMT
            Not After : Apr 14 13:00:51 2025 GMT
        Subject: CN=a3b0eb21-04fe-43ca-8063-00ff82aa17d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:92:ad:f2:b1:66:84:2c:72:5a:7a:33:62:36:
                    05:4f:64:55:d0:6a:9c:0c:b5:09:d3:f3:7f:d5:3a:
                    50:66:63:f2:60:a0:9b:9c:79:c7:77:96:ce:e7:cd:
                    da:d8:e9:f1:73:60:09:ba:24:7c:a4:85:c0:ac:6d:
                    99:ce:1b:c1:ed:61:55:ab:b2:b3:f7:92:f1:cd:5b:
                    97:58:e8:69:65:5b:c8:54:07:26:49:fd:8c:92:ab:
                    6b:ac:14:ab:70:ac:e4:7c:85:58:90:95:ba:cb:25:
                    7e:47:c2:b1:17:03:08:40:1c:90:9d:6d:28:49:27:
                    35:10:1e:0d:ac:5d:35:b6:93:76:42:aa:23:f5:9b:
                    79:da:83:6f:83:ec:cd:0d:e3:ca:0b:d5:77:ec:00:
                    48:a7:9d:e9:cb:86:49:98:c4:0a:c5:37:97:71:d3:
                    50:56:a2:56:d5:ea:e5:f1:d6:20:63:4a:28:89:c0:
                    f6:04:8f:92:37:09:10:d5:5e:af:92:0d:41:8f:05:
                    11:6c:cb:9b:12:41:c1:ee:7c:17:29:5b:9a:10:a2:
                    82:6d:60:25:83:cd:88:24:fd:34:e8:f0:3e:4a:f2:
                    3f:aa:94:ed:38:d2:79:f6:b1:4e:3c:6e:32:91:16:
                    48:41:ef:54:3f:75:92:dc:60:ea:8b:31:46:f0:a2:
                    61:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:E6:1C:95:D9:3B:11:F3:0D:F9:1B:4E:ED:DE:BB:11:87:B0:29:89
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/64da013d-8ba3-4af5-80ad-7674bd0cc403/ba9af7c9-4188-3aec-83ca-0e60298a99d4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/64da013d-8ba3-4af5-80ad-7674bd0cc403/64da013d-8ba3-4af5-80ad-7674bd0cc403.crl

            X509v3 Authority Key Identifier:
                keyid:2D:D1:01:C1:DB:B3:F5:6C:57:8C:83:E5:D4:15:B8:40:06:A9:9F:34

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/64da013d-8ba3-4af5-80ad-7674bd0cc403.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.118.0.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         57:21:b5:d5:10:a9:20:71:01:2a:9d:6a:14:eb:b0:f6:c3:e0:
         5b:9e:fd:7f:c7:1b:41:2c:4b:d6:46:89:5c:36:2e:e6:c8:89:
         c6:83:55:5b:6b:5d:74:b6:5b:fd:0d:a7:89:9e:f9:85:b9:79:
         28:84:95:62:09:7f:75:a3:2b:d0:3b:71:f0:bb:27:7f:89:8e:
         13:1c:cb:4a:68:22:9a:f8:1d:29:80:f8:bc:ac:d9:23:34:ef:
         95:3a:16:b4:ae:4b:af:1f:1a:5f:b4:36:ff:4c:96:11:0a:1e:
         c3:2e:3c:14:ab:b9:1a:e3:f7:49:75:d2:40:68:cc:96:1c:d0:
         b9:ea:be:59:a1:d5:35:49:ca:b7:da:58:e0:75:8a:a4:84:e6:
         c0:7f:2d:de:84:28:b3:65:b5:75:e1:ef:be:c1:b7:eb:0b:6a:
         5a:cc:7e:51:cf:3c:d1:0b:8f:ee:aa:2a:3c:ae:07:04:c4:9e:
         bc:08:44:03:4f:63:33:24:a8:d4:70:c7:c8:85:4f:6b:6f:36:
         59:c8:5b:b3:8f:53:60:22:80:db:3c:42:77:5e:6a:7c:7d:cf:
         6c:4a:00:0d:89:aa:0c:ef:00:fa:8a:2b:63:5e:71:26:53:44:
         a7:9e:3e:8f:a9:2c:e1:e3:b6:37:7e:92:49:48:9e:75:63:98:
         4e:32:a8:32
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEiK4KHbdeuTifVhNoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjRkYTAxM2QtOGJhMy00YWY1LTgwYWQtNzY3NGJkMGNj
NDAzMB4XDTI1MDExNDE0MDA1MVoXDTI1MDQxNDEzMDA1MVowLzEtMCsGA1UEAxMk
YTNiMGViMjEtMDRmZS00M2NhLTgwNjMtMDBmZjgyYWExN2QwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpKt8rFmhCxyWnozYjYFT2RV0GqcDLUJ0/N/
1TpQZmPyYKCbnHnHd5bO583a2Onxc2AJuiR8pIXArG2ZzhvB7WFVq7Kz95LxzVuX
WOhpZVvIVAcmSf2MkqtrrBSrcKzkfIVYkJW6yyV+R8KxFwMIQByQnW0oSSc1EB4N
rF01tpN2Qqoj9Zt52oNvg+zNDePKC9V37ABIp53py4ZJmMQKxTeXcdNQVqJW1erl
8dYgY0ooicD2BI+SNwkQ1V6vkg1BjwURbMubEkHB7nwXKVuaEKKCbWAlg82IJP00
6PA+SvI/qpTtONJ59rFOPG4ykRZIQe9UP3WS3GDqizFG8KJhNQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFK3mHJXZOxHzDfkbTu3euxGHsCmJMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82NGRh
MDEzZC04YmEzLTRhZjUtODBhZC03Njc0YmQwY2M0MDMvYmE5YWY3YzktNDE4OC0z
YWVjLTgzY2EtMGU2MDI5OGE5OWQ0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNjRkYTAxM2QtOGJhMy00YWY1LTgw
YWQtNzY3NGJkMGNjNDAzLzY0ZGEwMTNkLThiYTMtNGFmNS04MGFkLTc2NzRiZDBj
YzQwMy5jcmwwHwYDVR0jBBgwFoAULdEBwduz9WxXjIPl1BW4QAapnzQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy82NGRhMDEzZC04YmEzLTRhZjUtODBhZC03Njc0
YmQwY2M0MDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCQnYAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFchtdUQqSBxASqdahTrsPbD4Fue/X/HG0EsS9ZGiVw2LubIicaDVVtr
XXS2W/0Np4me+YW5eSiElWIJf3WjK9A7cfC7J3+JjhMcy0poIpr4HSmA+Lys2SM0
75U6FrSuS68fGl+0Nv9MlhEKHsMuPBSruRrj90l10kBozJYc0Lnqvlmh1TVJyrfa
WOB1iqSE5sB/Ld6EKLNltXXh777Bt+sLalrMflHPPNELj+6qKjyuBwTEnrwIRANP
YzMkqNRwx8iFT2tvNlnIW7OPU2AigNs8Qndeanx9z2xKAA2JqgzvAPqKK2NecSZT
RKeePo+pLOHjtjd+kklInnVjmE4yqDI=
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:11:34 2025 by rpki-client