Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/517b063f-7f88-4d7a-a5ad-1e487692f063/e9d7b167-a319-3a74-9de5-2447984532a6.roa
File:                     e9d7b167-a319-3a74-9de5-2447984532a6.roa (raw, json)
Hash identifier:          +mL5l7E5Da7/dbeS7Ku+SfJcrJitwakaPSCugAIWiig=
Subject key identifier:   B6:00:9A:8B:11:3D:84:AE:92:86:F8:3E:F3:24:81:D0:70:E4:13:66
Certificate issuer:       /CN=517b063f-7f88-4d7a-a5ad-1e487692f063
Certificate serial:       010D0C9F43285848610057EDEFD5AC4811C22950
Authority key identifier: 05:B3:28:19:86:22:30:05:BE:7D:0B:F3:FC:83:22:27:9E:3B:8D:5C
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/517b063f-7f88-4d7a-a5ad-1e487692f063.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/517b063f-7f88-4d7a-a5ad-1e487692f063/e9d7b167-a319-3a74-9de5-2447984532a6.roa
Signing time:             Mon 30 Dec 2024 14:00:51 +0000
ROA not before:           Mon 30 Dec 2024 14:00:51 +0000
ROA not after:            Sun 30 Mar 2025 13:00:51 +0000
asID:                     400618
IP address blocks:        23.249.16.0/20 maxlen: 24
                          104.143.32.0/20 maxlen: 24
                          104.251.224.0/20 maxlen: 24
                          172.81.96.0/20 maxlen: 24
                          198.176.48.0/20 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:61:00:57:ed:ef:d5:ac:48:11:c2:29:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=517b063f-7f88-4d7a-a5ad-1e487692f063
        Validity
            Not Before: Dec 30 14:00:51 2024 GMT
            Not After : Mar 30 13:00:51 2025 GMT
        Subject: CN=4ee4680b-6418-41ce-b643-0fe4506be987
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:74:74:b2:a0:c0:58:58:63:cf:54:b0:0c:cf:
                    89:32:be:ae:22:84:d2:4a:a9:72:46:92:a9:48:4e:
                    1d:1e:da:8d:5b:60:1e:5c:85:37:b3:f3:23:0b:19:
                    54:87:b6:34:6c:51:d2:ff:bd:b5:d8:e2:f0:85:bc:
                    b5:3c:d0:ae:47:2b:a0:34:5f:3b:f0:41:f6:68:75:
                    c3:4c:62:d9:d2:53:ba:b2:4e:9d:04:74:04:71:e7:
                    f9:69:0d:34:8e:0d:4b:7f:fe:1f:de:e2:43:7f:44:
                    21:4d:ad:c1:96:5b:e5:31:cf:bb:63:b4:3f:28:78:
                    f3:04:f3:62:b7:9f:46:a4:f9:31:87:c8:81:fe:7b:
                    c3:fa:96:64:2c:2d:4f:da:fe:56:08:0f:30:f1:22:
                    a4:c9:fa:2b:24:cb:2d:86:ce:cb:94:0e:25:9e:cc:
                    a2:ef:89:3e:0d:00:20:1d:04:74:ee:2b:ad:20:b5:
                    6e:16:ec:d2:e7:63:81:a0:06:b7:14:ab:64:65:94:
                    23:ca:31:9a:1c:74:05:69:b7:a6:7b:7d:77:fc:34:
                    92:ad:ba:03:af:ce:59:8f:98:2d:86:03:5a:56:28:
                    33:02:70:5b:35:30:24:c0:15:93:6c:96:3b:16:79:
                    73:14:37:3b:c7:c6:32:4a:ea:d4:ae:f1:3e:fa:1b:
                    17:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:00:9A:8B:11:3D:84:AE:92:86:F8:3E:F3:24:81:D0:70:E4:13:66
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/517b063f-7f88-4d7a-a5ad-1e487692f063/e9d7b167-a319-3a74-9de5-2447984532a6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/517b063f-7f88-4d7a-a5ad-1e487692f063/517b063f-7f88-4d7a-a5ad-1e487692f063.crl

            X509v3 Authority Key Identifier:
                keyid:05:B3:28:19:86:22:30:05:BE:7D:0B:F3:FC:83:22:27:9E:3B:8D:5C

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/517b063f-7f88-4d7a-a5ad-1e487692f063.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.249.16.0/20
                  104.143.32.0/20
                  104.251.224.0/20
                  172.81.96.0/20
                  198.176.48.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         38:dd:51:4c:db:10:be:6d:5d:92:cb:da:c2:08:55:d8:80:09:
         e2:08:84:a5:28:9c:1a:3d:56:5c:7a:0c:52:50:f0:20:b1:f3:
         67:55:86:11:70:78:cc:0f:e0:eb:47:10:0a:28:48:0d:b1:14:
         b4:d2:f3:c9:20:af:4b:ff:46:b3:d2:47:1a:8a:69:ac:74:9c:
         55:f9:3b:d7:2c:3a:7d:19:86:58:74:6c:7c:00:23:60:89:a7:
         79:1a:8f:01:e7:30:e3:b3:43:47:c2:8d:fc:5f:de:9f:45:cc:
         92:27:5f:eb:09:14:c0:90:a5:ad:10:73:1a:f5:69:b6:f4:08:
         40:a2:a0:38:8c:63:83:1c:a4:1a:54:77:fc:0c:6a:b7:ae:8e:
         15:81:30:2c:4c:84:2b:e1:93:f9:b0:6c:6f:b4:73:f6:a9:ce:
         79:5f:f3:a9:c6:a9:4b:07:c1:ed:9a:e5:9f:8b:fa:86:8a:c5:
         86:39:9e:90:d0:65:10:e0:2c:f3:60:52:f4:8e:1b:d9:32:5e:
         70:f9:ba:3e:74:df:bb:1d:9d:1f:ac:4f:77:ab:18:54:3d:9c:
         fe:69:23:1f:68:0b:66:f1:87:0e:1c:41:33:64:3d:4e:e0:97:
         10:51:9e:4f:86:99:f6:8e:01:4f:56:d3:32:33:af:fb:46:ea:
         6d:b7:59:b1
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgIUAQ0Mn0MoWEhhAFft79WsSBHCKVAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNTE3YjA2M2YtN2Y4OC00ZDdhLWE1YWQtMWU0ODc2OTJm
MDYzMB4XDTI0MTIzMDE0MDA1MVoXDTI1MDMzMDEzMDA1MVowLzEtMCsGA1UEAxMk
NGVlNDY4MGItNjQxOC00MWNlLWI2NDMtMGZlNDUwNmJlOTg3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/HR0sqDAWFhjz1SwDM+JMr6uIoTSSqlyRpKp
SE4dHtqNW2AeXIU3s/MjCxlUh7Y0bFHS/7212OLwhby1PNCuRyugNF878EH2aHXD
TGLZ0lO6sk6dBHQEcef5aQ00jg1Lf/4f3uJDf0QhTa3BllvlMc+7Y7Q/KHjzBPNi
t59GpPkxh8iB/nvD+pZkLC1P2v5WCA8w8SKkyforJMsths7LlA4lnsyi74k+DQAg
HQR07iutILVuFuzS52OBoAa3FKtkZZQjyjGaHHQFabeme313/DSSrboDr85Zj5gt
hgNaVigzAnBbNTAkwBWTbJY7FnlzFDc7x8YySurUrvE++hsXawIDAQABo4IDbTCC
A2kwHQYDVR0OBBYEFLYAmosRPYSukob4PvMkgdBw5BNmMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi81MTdi
MDYzZi03Zjg4LTRkN2EtYTVhZC0xZTQ4NzY5MmYwNjMvZTlkN2IxNjctYTMxOS0z
YTc0LTlkZTUtMjQ0Nzk4NDUzMmE2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81YjdmYjEyMi1k
ZmRmLTRjMGMtYjkwZC0zYmM3YTVmZWI4MmIvNTE3YjA2M2YtN2Y4OC00ZDdhLWE1
YWQtMWU0ODc2OTJmMDYzLzUxN2IwNjNmLTdmODgtNGQ3YS1hNWFkLTFlNDg3Njky
ZjA2My5jcmwwHwYDVR0jBBgwFoAUBbMoGYYiMAW+fQvz/IMiJ547jVwwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMw
Yy1iOTBkLTNiYzdhNWZlYjgyYi81MTdiMDYzZi03Zjg4LTRkN2EtYTVhZC0xZTQ4
NzY5MmYwNjMuY2VyMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEF/kQAwQE
aI8gAwQEaPvgAwQErFFgAwQExrAwMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIw
OjA4BggrBgEFBQcCARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jw
a2kvY3BzLmh0bWwwDQYJKoZIhvcNAQELBQADggEBADjdUUzbEL5tXZLL2sIIVdiA
CeIIhKUonBo9Vlx6DFJQ8CCx82dVhhFweMwP4OtHEAooSA2xFLTS88kgr0v/RrPS
RxqKaax0nFX5O9csOn0Zhlh0bHwAI2CJp3kajwHnMOOzQ0fCjfxf3p9FzJInX+sJ
FMCQpa0Qcxr1abb0CECioDiMY4McpBpUd/wMareujhWBMCxMhCvhk/mwbG+0c/ap
znlf86nGqUsHwe2a5Z+L+oaKxYY5npDQZRDgLPNgUvSOG9kyXnD5uj5037sdnR+s
T3erGFQ9nP5pIx9oC2bxhw4cQTNkPU7glxBRnk+GmfaOAU9W0zIzr/tG6m23WbE=
-----END CERTIFICATE-----