Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS7018.roa
File:                     AS7018.roa (raw, json)
Hash identifier:          2BxS8SWYWVgOb9JgzvBYBcurd0LTzqqQXp9ek7jAp8U=
Subject key identifier:   20:50:3F:78:37:3B:62:72:D0:BA:16:D7:A6:4D:D2:29:F7:94:BA:58
Certificate issuer:       /CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
Certificate serial:       568170E5A626ECE8B6CDEE4C9945EA924F5B6B8A
Authority key identifier: AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS7018.roa
Signing time:             Sun 05 Jan 2025 00:00:08 +0000
ROA not before:           Sat 04 Jan 2025 23:55:08 +0000
ROA not after:            Sun 04 Jan 2026 00:00:08 +0000
asID:                     7018
IP address blocks:        104.234.2.0/24 maxlen: 24
                          104.234.9.0/24 maxlen: 24
                          104.234.28.0/24 maxlen: 24
                          104.234.73.0/24 maxlen: 24
                          104.234.83.0/24 maxlen: 24
                          104.234.122.0/24 maxlen: 24
                          104.234.208.0/23 maxlen: 23
                          104.234.208.0/24 maxlen: 24
                          104.234.232.0/24 maxlen: 24
                          104.234.250.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:81:70:e5:a6:26:ec:e8:b6:cd:ee:4c:99:45:ea:92:4f:5b:6b:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9
        Validity
            Not Before: Jan  4 23:55:08 2025 GMT
            Not After : Jan  4 00:00:08 2026 GMT
        Subject: CN=20503F78373B6272D0BA16D7A64DD229F794BA58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:21:b5:e9:88:6a:ee:86:85:69:22:fc:f8:a7:
                    c0:fb:0f:f0:aa:25:df:ae:94:a7:c6:81:7e:93:38:
                    ad:56:67:f1:8f:16:73:ba:23:81:0c:57:9e:11:08:
                    d7:61:8b:de:3a:59:23:ba:5a:4d:7e:82:c9:78:6d:
                    d1:98:b6:68:a9:f3:4d:47:d7:4d:7b:3c:bc:55:02:
                    52:3f:7a:4c:24:df:1b:4d:ca:c9:46:fa:61:3f:b3:
                    8e:aa:cc:b2:b7:e8:da:c4:8b:18:9a:eb:65:04:05:
                    28:11:d4:67:03:fe:b1:c3:bf:f3:7e:a6:ec:10:8f:
                    32:54:0d:64:b8:13:0f:b2:44:e3:e1:e4:8b:da:13:
                    37:5e:7d:97:4b:18:cf:01:ae:55:9c:11:2f:29:ba:
                    d3:6f:a2:70:7f:26:0b:80:28:78:cd:66:58:f4:d4:
                    5b:c4:c1:8d:95:2a:87:3e:3e:82:d0:4c:7c:17:23:
                    4d:7c:ef:85:dd:51:9c:27:0f:0c:7f:55:1f:31:c5:
                    c4:3b:17:9b:9f:ff:c2:a1:85:ef:c7:42:57:34:7e:
                    87:11:ac:91:cb:47:4b:6a:a3:7f:85:67:ad:3c:35:
                    32:63:0e:a9:bc:8b:ff:6d:77:90:d1:1a:6d:05:5c:
                    13:a5:02:21:5f:28:10:2e:c3:17:05:4d:c1:24:ca:
                    bc:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:50:3F:78:37:3B:62:72:D0:BA:16:D7:A6:4D:D2:29:F7:94:BA:58
            X509v3 Authority Key Identifier:
                keyid:AB:5C:AF:A9:57:06:33:73:38:93:D9:1E:E4:B0:5A:1F:0E:CC:D0:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AB5CAFA9570633733893D91EE4B05A1F0ECCD06B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/3f5e2e5b-c731-4db8-9b87-af9f8e58a1c6/72cc1fd28d4a04c8473c3ac0b19940270cbbf123f3c0b1f7f9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8587fa200185c5cb9bcb2bac/0/AS7018.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.234.2.0/24
                  104.234.9.0/24
                  104.234.28.0/24
                  104.234.73.0/24
                  104.234.83.0/24
                  104.234.122.0/24
                  104.234.208.0/23
                  104.234.232.0/24
                  104.234.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:14:88:3c:3c:b3:c2:90:66:5a:99:45:76:9c:48:8d:3a:b6:
         b4:47:05:5a:42:74:ca:3a:1b:21:d3:8a:fe:df:4a:49:b7:fa:
         86:a9:4e:8b:34:32:59:cf:87:44:84:f1:7b:ae:cc:54:c7:d1:
         67:36:89:d2:40:a2:3f:fd:0f:8a:d1:e4:23:83:02:88:00:ed:
         26:fd:97:46:83:26:75:8b:a3:bb:c4:3a:3a:ed:65:3e:99:38:
         d7:00:a3:c7:23:b1:d6:7d:42:94:1f:25:0d:b9:ab:d2:30:b4:
         e2:8b:52:c9:ab:ec:3b:c9:94:d0:e9:b7:88:3d:8b:58:91:e5:
         c1:15:5b:03:5e:38:fc:cf:fb:c5:38:e3:46:85:45:fc:fe:25:
         04:39:d1:bc:5c:38:1c:16:cb:04:76:1c:5c:62:2d:db:01:8e:
         87:bd:08:64:46:0f:03:6e:00:75:37:79:e9:13:cb:08:d8:ba:
         77:02:39:ae:90:a9:30:30:ad:bf:90:7a:64:45:04:1c:24:fc:
         0e:74:10:7e:14:92:9b:23:5c:95:4f:fd:7e:a6:e2:c1:fc:67:
         dd:31:23:75:d7:0a:27:83:18:06:07:1b:ca:42:d5:bb:fe:d2:
         a7:d5:dd:d8:f0:3b:73:97:ee:e4:00:4e:7f:37:01:83:2e:8a:
         06:ff:73:13
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIUVoFw5aYm7Oi2ze5MmUXqkk9ba4owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNzJjYzFmZDI4ZDRhMDRjODQ3M2MzYWMwYjE5OTQwMjcw
Y2JiZjEyM2YzYzBiMWY3ZjkwHhcNMjUwMTA0MjM1NTA4WhcNMjYwMTA0MDAwMDA4
WjAzMTEwLwYDVQQDEygyMDUwM0Y3ODM3M0I2MjcyRDBCQTE2RDdBNjRERDIyOUY3
OTRCQTU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyG16Yhq7oaF
aSL8+KfA+w/wqiXfrpSnxoF+kzitVmfxjxZzuiOBDFeeEQjXYYveOlkjulpNfoLJ
eG3RmLZoqfNNR9dNezy8VQJSP3pMJN8bTcrJRvphP7OOqsyyt+jaxIsYmutlBAUo
EdRnA/6xw7/zfqbsEI8yVA1kuBMPskTj4eSL2hM3Xn2XSxjPAa5VnBEvKbrTb6Jw
fyYLgCh4zWZY9NRbxMGNlSqHPj6C0Ex8FyNNfO+F3VGcJw8Mf1UfMcXEOxebn//C
oYXvx0JXNH6HEayRy0dLaqN/hWetPDUyYw6pvIv/bXeQ0RptBVwTpQIhXygQLsMX
BU3BJMq8iQIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFCBQP3g3O2Jy0LoW16ZN0in3
lLpYMB8GA1UdIwQYMBaAFKtcr6lXBjNzOJPZHuSwWh8OzNBrMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODU4N2ZhMjAwMTg1YzVjYjliY2IyYmFjLzAv
QUI1Q0FGQTk1NzA2MzM3MzM4OTNEOTFFRTRCMDVBMUYwRUNDRDA2Qi5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNzZmZTExZDQtZDM1Mi00OTk0LThmNmMtZDZjOTFi
MGI4NDE1LzNmNWUyZTViLWM3MzEtNGRiOC05Yjg3LWFmOWY4ZTU4YTFjNi83MmNj
MWZkMjhkNGEwNGM4NDczYzNhYzBiMTk5NDAyNzBjYmJmMTIzZjNjMGIxZjdmOS5j
ZXIwbgYIKwYBBQUHAQsEYjBgMF4GCCsGAQUFBzALhlJyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NTg3ZmEyMDAxODVjNWNiOWJj
YjJiYWMvMC9BUzcwMTgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwTwYI
KwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBABo6gIDBABo6gkDBABo6hwDBABo6kkD
BABo6lMDBABo6noDBAFo6tADBABo6ugDBABo6vowDQYJKoZIhvcNAQELBQADggEB
AJsUiDw8s8KQZlqZRXacSI06trRHBVpCdMo6GyHTiv7fSkm3+oapTos0MlnPh0SE
8XuuzFTH0Wc2idJAoj/9D4rR5CODAogA7Sb9l0aDJnWLo7vEOjrtZT6ZONcAo8cj
sdZ9QpQfJQ25q9IwtOKLUsmr7DvJlNDpt4g9i1iR5cEVWwNeOPzP+8U440aFRfz+
JQQ50bxcOBwWywR2HFxiLdsBjoe9CGRGDwNuAHU3eekTywjYuncCOa6QqTAwrb+Q
emRFBBwk/A50EH4UkpsjXJVP/X6m4sH8Z90xI3XXCieDGAYHG8pC1bv+0qfV3djw
O3OX7uQATn83AYMuigb/cxM=
-----END CERTIFICATE-----