Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf86941d5c0186998663d80702/0/36342e342e3137302e302f32342d3234203d3e20323034383433.roa
File:                     36342e342e3137302e302f32342d3234203d3e20323034383433.roa (raw, json)
Hash identifier:          vM1idmgP6CHl8kmUsKxu0B9E1yfJM1ob+9CdRL58n8k=
Subject key identifier:   2A:2A:48:81:D1:61:72:08:A6:D6:80:59:61:C0:3C:C4:6A:EC:1C:9D
Certificate issuer:       /CN=58f72174a0a9e3d07a37cad87c2235a762efa6a9b620372845
Certificate serial:       73E473F935E6E1F78D14DF761159AFAA347A0DB4
Authority key identifier: E9:AB:82:D4:D9:BF:4C:16:EA:6E:7C:FA:F3:EE:14:CF:EC:5A:4A:8A
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/ae85d24a-77d4-4cf7-80aa-c071199c2889/58f72174a0a9e3d07a37cad87c2235a762efa6a9b620372845.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf86941d5c0186998663d80702/0/36342e342e3137302e302f32342d3234203d3e20323034383433.roa
Signing time:             Sat 01 Jul 2023 14:17:20 +0000
ROA not before:           Sat 01 Jul 2023 14:12:20 +0000
ROA not after:            Sat 29 Jun 2024 14:17:20 +0000
asID:                     204843
IP address blocks:        64.4.170.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:e4:73:f9:35:e6:e1:f7:8d:14:df:76:11:59:af:aa:34:7a:0d:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58f72174a0a9e3d07a37cad87c2235a762efa6a9b620372845
        Validity
            Not Before: Jul  1 14:12:20 2023 GMT
            Not After : Jun 29 14:17:20 2024 GMT
        Subject: CN=2A2A4881D1617208A6D6805961C03CC46AEC1C9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:20:ec:5a:a1:06:92:ff:55:03:50:e7:53:f9:
                    6d:61:18:1d:1c:d3:ba:59:b8:4f:99:a3:0d:fb:be:
                    63:70:40:43:fc:90:a0:63:2d:0f:da:31:97:32:80:
                    d1:66:55:11:d1:02:1a:84:32:d0:70:2f:21:b7:6b:
                    6e:15:f4:df:1d:0f:e3:24:36:e9:4c:8b:b2:7f:dd:
                    92:67:93:a1:f5:8a:41:af:86:63:03:8a:d4:2c:c8:
                    5d:b8:d7:60:4d:0c:cb:e4:b4:88:f2:95:0a:88:44:
                    f4:b7:eb:b8:c6:52:3b:32:84:52:66:b5:5b:d1:cd:
                    c6:b3:9a:f2:ea:5e:0c:78:1b:25:a6:28:bf:4d:54:
                    de:c6:02:47:be:41:c3:de:47:35:96:94:6f:39:0a:
                    83:52:5d:8d:a6:88:57:c4:2c:35:ef:86:d7:97:b4:
                    1a:01:97:ba:e5:f9:73:bf:fd:c6:82:20:41:eb:1b:
                    fe:6e:64:9d:fd:8c:40:03:68:ec:34:72:e7:ef:df:
                    8d:6a:ea:4f:5e:bc:a9:f7:69:89:aa:4b:b9:8a:0c:
                    80:ed:03:19:df:9a:53:6b:c8:ae:31:46:90:68:f6:
                    6e:62:b6:9c:9b:78:90:a4:b9:aa:50:4d:50:de:c7:
                    b9:10:91:ed:29:9e:28:b1:fd:d7:a7:8c:76:54:54:
                    ac:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:2A:48:81:D1:61:72:08:A6:D6:80:59:61:C0:3C:C4:6A:EC:1C:9D
            X509v3 Authority Key Identifier:
                keyid:E9:AB:82:D4:D9:BF:4C:16:EA:6E:7C:FA:F3:EE:14:CF:EC:5A:4A:8A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf86941d5c0186998663d80702/0/E9AB82D4D9BF4C16EA6E7CFAF3EE14CFEC5A4A8A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/ae85d24a-77d4-4cf7-80aa-c071199c2889/58f72174a0a9e3d07a37cad87c2235a762efa6a9b620372845.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf86941d5c0186998663d80702/0/36342e342e3137302e302f32342d3234203d3e20323034383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.4.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:76:20:50:e9:aa:29:ce:64:6e:9c:6e:ea:3d:43:7a:46:98:
         c2:76:7f:b2:44:e5:02:75:d2:da:7c:8d:61:fa:e6:e3:0d:65:
         b7:9e:a6:d1:71:54:0b:59:fc:13:4e:d7:03:6b:66:09:6a:17:
         5a:9b:97:39:f3:a5:25:02:35:fc:b8:37:30:4f:cd:59:e0:94:
         f1:e7:6f:73:b7:18:33:fd:f4:4c:ad:fa:43:a3:e1:eb:7f:e0:
         fd:aa:ee:94:01:22:48:b7:9c:90:5d:78:59:4a:4e:d8:83:73:
         ba:8b:a4:75:17:c8:94:bb:ea:12:12:8d:d2:2d:6e:7b:34:21:
         af:46:35:f2:64:b3:b9:db:e2:9c:83:e7:a3:0d:ea:ba:16:18:
         1d:0e:11:a0:b7:07:ac:c7:a3:04:22:f1:87:39:cc:c4:02:a3:
         09:f0:78:27:bf:2c:78:6b:b9:c6:cc:e5:fa:f4:38:61:84:0f:
         e7:18:d6:8e:6d:42:5d:17:17:07:76:71:10:28:06:72:ab:11:
         c2:64:a3:69:f7:74:9d:6c:7c:4c:25:61:d5:79:5d:51:1f:23:
         d4:e4:e4:41:14:cd:24:c9:6e:2a:96:9f:9b:93:fb:61:87:70:
         00:29:78:d7:05:a8:d3:cc:6c:96:67:70:46:51:68:61:0e:6f:
         93:21:13:71
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgIUc+Rz+TXm4feNFN92EVmvqjR6DbQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNThmNzIxNzRhMGE5ZTNkMDdhMzdjYWQ4N2MyMjM1YTc2
MmVmYTZhOWI2MjAzNzI4NDUwHhcNMjMwNzAxMTQxMjIwWhcNMjQwNjI5MTQxNzIw
WjAzMTEwLwYDVQQDEygyQTJBNDg4MUQxNjE3MjA4QTZENjgwNTk2MUMwM0NDNDZB
RUMxQzlEMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwiDsWqEGkv9V
A1DnU/ltYRgdHNO6WbhPmaMN+75jcEBD/JCgYy0P2jGXMoDRZlUR0QIahDLQcC8h
t2tuFfTfHQ/jJDbpTIuyf92SZ5Oh9YpBr4ZjA4rULMhduNdgTQzL5LSI8pUKiET0
t+u4xlI7MoRSZrVb0c3Gs5ry6l4MeBslpii/TVTexgJHvkHD3kc1lpRvOQqDUl2N
pohXxCw174bXl7QaAZe65flzv/3GgiBB6xv+bmSd/YxAA2jsNHLn79+NaupPXryp
92mJqku5igyA7QMZ35pTa8iuMUaQaPZuYracm3iQpLmqUE1Q3se5EJHtKZ4osf3X
p4x2VFSswwIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFCoqSIHRYXIIptaAWWHAPMRq
7BydMB8GA1UdIwQYMBaAFOmrgtTZv0wW6m58+vPuFM/sWkqKMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRmODY5NDFkNWMwMTg2OTk4NjYzZDgwNzAyLzAv
RTlBQjgyRDREOUJGNEMxNkVBNkU3Q0ZBRjNFRTE0Q0ZFQzVBNEE4QS5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvYTczNDIwY2ItYjNjYy00YjAzLWJkYTctMWJlMjA0
OTMzYWU1L2FlODVkMjRhLTc3ZDQtNGNmNy04MGFhLWMwNzExOTljMjg4OS81OGY3
MjE3NGEwYTllM2QwN2EzN2NhZDg3YzIyMzVhNzYyZWZhNmE5YjYyMDM3Mjg0NS5j
ZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg2OTQxZDVjMDE4Njk5
ODY2M2Q4MDcwMi8wLzM2MzQyZTM0MmUzMTM3MzAyZTMwMmYzMjM0MmQzMjM0MjAz
ZDNlMjAzMjMwMzQzODM0MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABABKowDQYJKoZIhvcNAQELBQAD
ggEBADh2IFDpqinOZG6cbuo9Q3pGmMJ2f7JE5QJ10tp8jWH65uMNZbeeptFxVAtZ
/BNO1wNrZglqF1qblznzpSUCNfy4NzBPzVnglPHnb3O3GDP99Eyt+kOj4et/4P2q
7pQBIki3nJBdeFlKTtiDc7qLpHUXyJS76hISjdItbns0Ia9GNfJks7nb4pyD56MN
6roWGB0OEaC3B6zHowQi8Yc5zMQCownweCe/LHhrucbM5fr0OGGED+cY1o5tQl0X
Fwd2cRAoBnKrEcJko2n3dJ1sfEwlYdV5XVEfI9Tk5EEUzSTJbiqWn5uT+2GHcAAp
eNcFqNPMbJZncEZRaGEOb5MhE3E=
-----END CERTIFICATE-----