Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/a903e824-1b66-364f-8ea4-9393ef2de488.roa
File:                     a903e824-1b66-364f-8ea4-9393ef2de488.roa (raw, json)
Hash identifier:          OgQLXRKYQ5V942whHW7auNTisfTa88jx1jn6Demws3M=
Subject key identifier:   00:35:0C:F8:FC:0B:B8:98:D8:5D:63:BC:BB:08:F7:99:42:E6:5F:5D
Certificate issuer:       /CN=cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2
Certificate serial:       010D0C9F4328584862658E809820230056C12100
Authority key identifier: 0C:B0:BF:FC:CA:9D:3B:96:77:AB:14:6E:B1:80:5C:09:2F:9C:A7:41
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/a903e824-1b66-364f-8ea4-9393ef2de488.roa
Signing time:             Tue 31 Dec 2024 02:00:40 +0000
ROA not before:           Tue 31 Dec 2024 02:00:40 +0000
ROA not after:            Mon 31 Mar 2025 01:00:40 +0000
asID:                     198949
IP address blocks:        192.245.221.0/24 maxlen: 24
                          192.245.222.0/23 maxlen: 24
                          192.245.224.0/24 maxlen: 24
                          199.33.130.0/23 maxlen: 24
                          199.33.132.0/23 maxlen: 24
                          199.33.134.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:62:65:8e:80:98:20:23:00:56:c1:21:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2
        Validity
            Not Before: Dec 31 02:00:40 2024 GMT
            Not After : Mar 31 01:00:40 2025 GMT
        Subject: CN=80ad9ea5-b67d-4bcd-bf70-85896fa8cc52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:b5:22:02:92:49:2c:25:dd:5b:41:e6:b1:9e:
                    4a:f6:ce:d2:19:1a:9d:2b:1c:2e:d5:c3:eb:d8:1c:
                    e2:57:fc:55:a0:19:3f:77:a2:b2:8c:51:86:f0:99:
                    bc:cf:32:bc:d7:0a:ed:10:5e:e6:e3:c7:c9:ac:95:
                    0c:0e:8c:62:84:0a:ea:6b:95:a8:7e:1a:ab:a5:57:
                    d7:96:d4:1b:85:9d:fa:0c:55:26:e6:00:f9:50:ed:
                    3c:cf:c3:95:78:0d:12:31:4a:98:ee:66:e7:e7:7c:
                    82:31:74:c6:3a:3b:d5:59:59:02:03:67:59:e2:cf:
                    13:1e:18:be:92:63:a9:6f:6c:4d:48:5c:3e:af:f5:
                    fd:46:14:36:76:f5:b4:a5:34:1d:83:d1:8e:94:cd:
                    10:92:51:0b:bf:f7:1a:03:1c:1b:6e:36:32:9d:ee:
                    3c:85:6d:e7:37:e0:09:be:bf:c4:86:72:0f:c4:c7:
                    a2:2f:c7:da:6d:7d:db:c4:c9:a2:f2:4b:b7:72:3a:
                    95:ab:a2:c3:dd:26:86:dc:8d:20:40:70:16:41:ae:
                    66:33:76:17:77:32:2d:f6:53:38:e6:94:60:e2:0f:
                    d1:d4:1d:ac:9c:20:66:0f:6b:8d:33:cc:9a:2c:41:
                    ea:79:e6:ce:bf:2c:95:66:02:a8:81:b4:01:b4:89:
                    7a:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:35:0C:F8:FC:0B:B8:98:D8:5D:63:BC:BB:08:F7:99:42:E6:5F:5D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/a903e824-1b66-364f-8ea4-9393ef2de488.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2.crl

            X509v3 Authority Key Identifier:
                keyid:0C:B0:BF:FC:CA:9D:3B:96:77:AB:14:6E:B1:80:5C:09:2F:9C:A7:41

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/cd54e5bb-30cd-460a-a3ae-4ab83c2f62a2.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.245.221.0-192.245.224.255
                  199.33.130.0-199.33.134.255

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         11:e7:fe:39:40:bf:92:64:af:d8:a2:5c:d6:9f:fa:71:1c:79:
         46:9b:00:63:c3:c4:bf:e0:71:6c:c0:c7:a5:22:dd:cb:5a:6c:
         ce:0a:34:08:0a:ef:75:97:90:d7:56:49:9a:17:64:61:fe:6e:
         35:6d:c5:e2:18:b9:b1:14:8c:ec:9d:6f:c8:2c:bf:75:fb:cc:
         1f:84:cd:c0:3a:d6:ba:db:ba:a3:a9:5f:a1:04:ed:08:e3:56:
         35:f7:fa:67:ac:ab:04:84:76:5e:01:c2:4b:63:cb:7d:8a:c4:
         a1:f7:29:8e:29:e6:bd:90:54:34:19:29:17:bc:60:c5:99:35:
         f4:10:95:b9:56:68:f9:71:d7:26:7e:34:22:24:2d:5f:37:9d:
         77:46:7a:ee:c8:1b:38:b1:9a:5d:6b:e7:74:1c:c7:fa:d8:53:
         98:0b:79:63:4e:17:fa:0d:da:ee:bf:f8:bb:c9:7d:8d:9e:f7:
         ea:cf:b9:2f:f3:70:eb:5b:0d:5d:5f:0b:23:ac:78:0f:c3:48:
         be:4a:84:92:12:53:e6:22:a1:36:da:8d:ac:58:d2:c6:10:c8:
         5e:35:f6:46:5f:22:74:f4:46:1d:a0:a6:3c:1f:6b:b3:da:da:
         bc:e2:a9:bd:ff:53:75:95:c2:a3:7c:94:06:e6:20:39:c1:67:
         a4:9c:18:a7
-----BEGIN CERTIFICATE-----
MIIGWTCCBUGgAwIBAgIUAQ0Mn0MoWEhiZY6AmCAjAFbBIQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkY2Q1NGU1YmItMzBjZC00NjBhLWEzYWUtNGFiODNjMmY2
MmEyMB4XDTI0MTIzMTAyMDA0MFoXDTI1MDMzMTAxMDA0MFowLzEtMCsGA1UEAxMk
ODBhZDllYTUtYjY3ZC00YmNkLWJmNzAtODU4OTZmYThjYzUyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7UiApJJLCXdW0HmsZ5K9s7SGRqdKxwu1cPr
2BziV/xVoBk/d6KyjFGG8Jm8zzK81wrtEF7m48fJrJUMDoxihArqa5WofhqrpVfX
ltQbhZ36DFUm5gD5UO08z8OVeA0SMUqY7mbn53yCMXTGOjvVWVkCA2dZ4s8THhi+
kmOpb2xNSFw+r/X9RhQ2dvW0pTQdg9GOlM0QklELv/caAxwbbjYyne48hW3nN+AJ
vr/EhnIPxMeiL8fabX3bxMmi8ku3cjqVq6LD3SaG3I0gQHAWQa5mM3YXdzIt9lM4
5pRg4g/R1B2snCBmD2uNM8yaLEHqeebOvyyVZgKogbQBtIl6PQIDAQABo4IDazCC
A2cwHQYDVR0OBBYEFAA1DPj8C7iY2F1jvLsI95lC5l9dMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS9jZDU0
ZTViYi0zMGNkLTQ2MGEtYTNhZS00YWI4M2MyZjYyYTIvYTkwM2U4MjQtMWI2Ni0z
NjRmLThlYTQtOTM5M2VmMmRlNDg4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvY2Q1NGU1YmItMzBjZC00NjBhLWEz
YWUtNGFiODNjMmY2MmEyL2NkNTRlNWJiLTMwY2QtNDYwYS1hM2FlLTRhYjgzYzJm
NjJhMi5jcmwwHwYDVR0jBBgwFoAUDLC//MqdO5Z3qxRusYBcCS+cp0EwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS9jZDU0ZTViYi0zMGNkLTQ2MGEtYTNhZS00YWI4
M2MyZjYyYTIuY2VyMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADA9d0D
BADA9eAwDAMEAcchggMEAMchhjBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDow
OAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtp
L2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQAR5/45QL+SZK/YolzWn/pxHHlG
mwBjw8S/4HFswMelIt3LWmzOCjQICu91l5DXVkmaF2Rh/m41bcXiGLmxFIzsnW/I
LL91+8wfhM3AOta627qjqV+hBO0I41Y19/pnrKsEhHZeAcJLY8t9isSh9ymOKea9
kFQ0GSkXvGDFmTX0EJW5Vmj5cdcmfjQiJC1fN513RnruyBs4sZpda+d0HMf62FOY
C3ljThf6Ddruv/i7yX2Nnvfqz7kv83DrWw1dXwsjrHgPw0i+SoSSElPmIqE22o2s
WNLGEMheNfZGXyJ09EYdoKY8H2uz2tq84qm9/1N1lcKjfJQG5iA5wWeknBin
-----END CERTIFICATE-----