Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS5065.roa
File:                     AS5065.roa (raw, json)
Hash identifier:          tgG9Txoum8Ya8ZSmOtDKdqexV+9kY26IYlzaGVoHOnM=
Subject key identifier:   13:1E:84:C7:B7:64:E7:17:25:B2:E0:5D:66:08:F7:7A:46:16:2E:F2
Certificate issuer:       /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Certificate serial:       24CC5C0D47FC5A2A6A5D79B6E68048973743AC14
Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS5065.roa
Signing time:             Thu 05 Dec 2024 12:34:37 +0000
ROA not before:           Thu 05 Dec 2024 12:29:37 +0000
ROA not after:            Thu 04 Dec 2025 12:34:37 +0000
asID:                     5065
IP address blocks:        104.234.18.0/24 maxlen: 24
                          104.234.121.0/24 maxlen: 24
                          104.234.164.0/24 maxlen: 24
                          104.234.185.0/24 maxlen: 24
                          104.234.201.0/24 maxlen: 24
                          104.234.218.0/24 maxlen: 24
                          104.234.221.0/24 maxlen: 24
                          104.234.248.0/24 maxlen: 24
                          104.234.249.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:cc:5c:0d:47:fc:5a:2a:6a:5d:79:b6:e6:80:48:97:37:43:ac:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
        Validity
            Not Before: Dec  5 12:29:37 2024 GMT
            Not After : Dec  4 12:34:37 2025 GMT
        Subject: CN=131E84C7B764E71725B2E05D6608F77A46162EF2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0e:64:b7:d8:5a:19:00:b5:c1:87:95:96:98:
                    32:4b:d3:a4:31:f3:bc:b3:74:e1:f6:6c:56:cc:0e:
                    9f:31:a0:ad:4d:b5:a1:85:57:5d:9f:e6:a7:de:1a:
                    4a:0a:da:5a:1f:8f:42:66:25:5c:44:4a:26:38:d5:
                    f2:ea:96:7a:2c:ef:20:c6:10:36:76:00:8b:ae:ef:
                    74:49:0d:68:a3:ee:34:19:3a:3a:47:58:5c:27:2f:
                    c9:78:ca:1d:68:11:2f:89:8e:8e:cc:c9:cb:8b:47:
                    28:82:b2:4b:c3:f2:77:43:4b:df:0a:11:86:b4:42:
                    5a:1f:32:ad:84:0f:ca:2a:73:88:c3:da:3f:8a:50:
                    5b:87:29:d8:4e:4b:ca:97:ed:e9:91:d1:27:f7:99:
                    2a:85:01:a0:84:87:53:fc:03:ad:57:2f:cd:5a:3a:
                    24:c8:b1:a5:ea:5b:e1:ca:88:96:c1:f3:2e:db:9e:
                    72:55:a3:a1:9b:69:de:bf:5f:1d:10:ae:5e:1d:81:
                    40:90:bc:7b:38:1a:75:b3:22:67:fb:84:43:80:9b:
                    15:bd:97:51:42:ea:73:9e:2c:47:12:6f:56:9c:ed:
                    55:62:b8:77:a0:7f:e0:98:24:00:64:8d:7e:4a:b9:
                    f1:eb:73:b1:2f:fd:e6:5a:1c:67:7f:a1:10:5a:a1:
                    1b:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:1E:84:C7:B7:64:E7:17:25:B2:E0:5D:66:08:F7:7A:46:16:2E:F2
            X509v3 Authority Key Identifier:
                keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS5065.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.234.18.0/24
                  104.234.121.0/24
                  104.234.164.0/24
                  104.234.185.0/24
                  104.234.201.0/24
                  104.234.218.0/24
                  104.234.221.0/24
                  104.234.248.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7c:a0:16:ee:f7:e4:8b:60:32:c0:c0:40:c7:20:b7:2c:1b:1e:
         0d:45:c2:d1:31:d2:6d:0d:71:c4:0a:3d:fb:b4:65:b1:36:74:
         68:b0:a4:f0:06:54:3e:2e:2f:61:7a:e9:5d:fa:19:ba:56:06:
         f4:86:a2:c9:d8:1a:cd:4d:98:89:54:36:80:c5:c3:78:1f:b7:
         b0:5a:82:35:ef:02:36:1b:11:f6:0a:e1:99:01:ac:40:99:d0:
         4f:80:48:ce:06:d4:12:4a:b4:75:46:92:40:73:56:7c:1e:9c:
         1b:3f:eb:db:53:39:75:d7:42:39:42:f2:3b:3b:69:35:95:46:
         25:f0:cc:0a:be:57:90:de:64:8d:b2:66:42:18:ab:91:01:62:
         94:d7:46:d5:7c:3c:d0:fc:05:7a:72:91:ca:54:a3:1d:7c:98:
         c6:96:79:30:cb:3f:f3:ff:8a:6a:2a:1c:4b:ca:a7:1f:95:b4:
         0e:a2:bb:d9:ba:93:82:ec:e5:06:be:d4:cb:69:75:c6:7c:da:
         c9:e1:47:ab:b1:01:09:01:c0:12:1f:33:31:bb:be:91:2a:19:
         92:37:66:29:a3:45:0b:15:5c:8f:ab:bb:de:c0:fd:f0:c3:d5:
         26:06:5d:ad:04:45:65:0c:a8:e3:1d:35:a8:ec:a0:ae:4e:76:
         47:e4:47:ad
-----BEGIN CERTIFICATE-----
MIIFpzCCBI+gAwIBAgIUJMxcDUf8WipqXXm25oBIlzdDrBQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw
Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjQxMjA1MTIyOTM3WhcNMjUxMjA0MTIzNDM3
WjAzMTEwLwYDVQQDEygxMzFFODRDN0I3NjRFNzE3MjVCMkUwNUQ2NjA4Rjc3QTQ2
MTYyRUYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ5kt9haGQC1
wYeVlpgyS9OkMfO8s3Th9mxWzA6fMaCtTbWhhVddn+an3hpKCtpaH49CZiVcREom
ONXy6pZ6LO8gxhA2dgCLru90SQ1oo+40GTo6R1hcJy/JeModaBEviY6OzMnLi0co
grJLw/J3Q0vfChGGtEJaHzKthA/KKnOIw9o/ilBbhynYTkvKl+3pkdEn95kqhQGg
hIdT/AOtVy/NWjokyLGl6lvhyoiWwfMu255yVaOhm2nev18dEK5eHYFAkLx7OBp1
syJn+4RDgJsVvZdRQupznixHEm9WnO1VYrh3oH/gmCQAZI1+Srnx63OxL/3mWhxn
f6EQWqEb8QIDAQABo4ICpzCCAqMwHQYDVR0OBBYEFBMehMe3ZOcXJbLgXWYI93pG
Fi7yMB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv
QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj
MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j
ZXIwbgYIKwYBBQUHAQsEYjBgMF4GCCsGAQUFBzALhlJyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj
YjJiYWMvMC9BUzUwNjUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwSQYI
KwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABo6hIDBABo6nkDBABo6qQDBABo6rkD
BABo6skDBABo6toDBABo6t0DBAFo6vgwDQYJKoZIhvcNAQELBQADggEBAHygFu73
5ItgMsDAQMcgtywbHg1FwtEx0m0NccQKPfu0ZbE2dGiwpPAGVD4uL2F66V36GbpW
BvSGosnYGs1NmIlUNoDFw3gft7BagjXvAjYbEfYK4ZkBrECZ0E+ASM4G1BJKtHVG
kkBzVnwenBs/69tTOXXXQjlC8js7aTWVRiXwzAq+V5DeZI2yZkIYq5EBYpTXRtV8
PND8BXpykcpUox18mMaWeTDLP/P/imoqHEvKpx+VtA6iu9m6k4Ls5Qa+1MtpdcZ8
2snhR6uxAQkBwBIfMzG7vpEqGZI3ZimjRQsVXI+ru97A/fDD1SYGXa0ERWUMqOMd
NajsoK5OdkfkR60=
-----END CERTIFICATE-----