Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/fdfb5184-61d0-3a3d-93b7-6a34a00328a7.roa
File:                     fdfb5184-61d0-3a3d-93b7-6a34a00328a7.roa (raw, json)
Hash identifier:          nE+Y2NxUvS6YHXhDm8OImK8lNAQ52HwsJTSL8EZlJsA=
Subject key identifier:   99:38:0A:F7:DF:BE:95:04:47:B7:CA:07:3C:A7:1F:15:42:88:5C:F2
Certificate issuer:       /CN=bad5af20-8385-44d4-815f-bb83497d4a0e
Certificate serial:       010D0C9F4328584CEA5CE312FD8441268B7FBC80
Authority key identifier: 11:AA:70:F3:04:50:A3:AC:82:39:73:14:B6:AD:D6:35:D1:DD:39:94
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/fdfb5184-61d0-3a3d-93b7-6a34a00328a7.roa
Signing time:             Thu 19 Feb 2026 14:00:40 +0000
ROA not before:           Thu 19 Feb 2026 14:00:40 +0000
ROA not after:            Wed 20 May 2026 13:00:40 +0000
asID:                     21777
IP address blocks:        199.189.28.0/23 maxlen: 24
                          207.174.110.0/23 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:4c:ea:5c:e3:12:fd:84:41:26:8b:7f:bc:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=bad5af20-8385-44d4-815f-bb83497d4a0e
        Validity
            Not Before: Feb 19 14:00:40 2026 GMT
            Not After : May 20 13:00:40 2026 GMT
        Subject: CN=f5cbf224-8b54-40e5-bad2-41f7f91314a0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:c0:d8:3f:a9:6a:09:83:31:f7:bb:d1:50:0b:
                    8e:e2:4d:52:11:2e:4e:de:ee:e9:14:cc:4d:d9:e6:
                    c3:18:0d:27:aa:18:b5:b5:34:84:55:9f:bd:26:9a:
                    29:89:57:68:46:28:2f:ef:e3:37:e2:45:f9:e3:ac:
                    9a:d7:ad:7d:53:40:5f:dc:7e:d2:5e:33:c8:17:38:
                    74:bb:8b:4a:53:62:9a:e6:78:6d:0c:3e:b1:a1:b3:
                    db:46:73:7a:d2:15:a2:e4:9d:3d:75:fe:44:bb:d9:
                    b3:20:c8:55:bb:2d:13:c8:a2:be:00:94:05:79:48:
                    40:17:62:9e:b3:e6:f3:c9:0a:57:8a:56:6a:b5:10:
                    1e:75:dd:99:fa:99:82:0b:52:15:8d:b8:88:ab:2e:
                    7b:c9:5c:91:0f:41:5e:12:88:9c:a5:33:93:31:cf:
                    d4:e2:18:ea:3d:12:75:f4:88:17:14:fe:20:03:c7:
                    98:4f:22:e1:77:e3:b2:91:79:65:9d:44:b0:f2:7e:
                    3d:20:de:e5:62:69:12:12:64:24:c1:ec:5e:e6:ac:
                    c9:81:06:89:aa:7e:a1:da:39:cf:80:5c:cd:34:d2:
                    8c:c8:32:f8:01:22:0b:bb:2b:d6:12:23:ff:84:a6:
                    09:7b:3d:69:87:89:76:a4:4f:ca:1b:6b:8d:c1:0c:
                    67:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:38:0A:F7:DF:BE:95:04:47:B7:CA:07:3C:A7:1F:15:42:88:5C:F2
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/fdfb5184-61d0-3a3d-93b7-6a34a00328a7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e/bad5af20-8385-44d4-815f-bb83497d4a0e.crl

            X509v3 Authority Key Identifier:
                keyid:11:AA:70:F3:04:50:A3:AC:82:39:73:14:B6:AD:D6:35:D1:DD:39:94

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/bad5af20-8385-44d4-815f-bb83497d4a0e.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.189.28.0/23
                  207.174.110.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4a:75:dc:d7:a1:f5:dd:86:a0:5c:7a:15:f3:43:a9:e8:30:97:
         e8:e9:88:41:94:5f:b2:70:c4:4a:77:af:dd:58:08:f2:31:24:
         5e:51:3d:2a:32:9d:f7:a2:9b:b2:3e:a6:9b:52:06:28:49:63:
         c6:5f:05:3d:a5:39:d8:81:77:21:73:fc:b9:a0:ad:13:5e:5f:
         1c:59:d6:7b:ba:32:55:77:18:59:02:32:9c:cb:51:4b:40:4e:
         9b:f7:2c:3f:40:22:60:67:42:16:e7:da:30:93:1e:02:c6:25:
         6e:41:9e:1d:40:1a:e9:f5:df:5e:4a:89:94:8a:16:75:16:c1:
         d9:c2:8a:9b:af:bd:8a:a6:04:d1:46:18:b8:44:a4:4e:e6:08:
         d8:c5:d5:76:7e:46:14:f3:d0:0f:3a:e6:fe:6f:1d:21:7b:ab:
         23:99:88:a4:5c:09:7f:53:b9:91:e1:38:1f:b8:50:12:25:50:
         f4:4b:4c:ca:2e:fb:70:77:db:9b:74:f2:cc:0e:c0:dc:c9:e3:
         9b:ca:c6:3f:6b:f2:99:8a:f8:52:7a:ff:8b:59:1e:7c:01:93:
         be:fe:b9:8e:88:f9:6c:30:50:da:b8:d3:95:be:72:68:dd:1d:
         8b:e8:8b:76:eb:5c:16:08:4a:fb:a1:18:3d:e8:48:b7:bc:97:
         a9:03:ed:01
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIUAQ0Mn0MoWEzqXOMS/YRBJot/vIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYmFkNWFmMjAtODM4NS00NGQ0LTgxNWYtYmI4MzQ5N2Q0
YTBlMB4XDTI2MDIxOTE0MDA0MFoXDTI2MDUyMDEzMDA0MFowLzEtMCsGA1UEAxMk
ZjVjYmYyMjQtOGI1NC00MGU1LWJhZDItNDFmN2Y5MTMxNGEwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8DYP6lqCYMx97vRUAuO4k1SES5O3u7pFMxN
2ebDGA0nqhi1tTSEVZ+9JpopiVdoRigv7+M34kX546ya1619U0Bf3H7SXjPIFzh0
u4tKU2Ka5nhtDD6xobPbRnN60hWi5J09df5Eu9mzIMhVuy0TyKK+AJQFeUhAF2Ke
s+bzyQpXilZqtRAedd2Z+pmCC1IVjbiIqy57yVyRD0FeEoicpTOTMc/U4hjqPRJ1
9IgXFP4gA8eYTyLhd+OykXllnUSw8n49IN7lYmkSEmQkwexe5qzJgQaJqn6h2jnP
gFzNNNKMyDL4ASILuyvWEiP/hKYJez1ph4l2pE/KG2uNwQxnRQIDAQABo4IDWzCC
A1cwHQYDVR0OBBYEFJk4CvffvpUER7fKBzynHxVCiFzyMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy9iYWQ1
YWYyMC04Mzg1LTQ0ZDQtODE1Zi1iYjgzNDk3ZDRhMGUvZmRmYjUxODQtNjFkMC0z
YTNkLTkzYjctNmEzNGEwMDMyOGE3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8wMzU3MjcyYy1h
NzlhLTQ1YmYtOTU4Ni05MmRkNDllZjMyMjMvYmFkNWFmMjAtODM4NS00NGQ0LTgx
NWYtYmI4MzQ5N2Q0YTBlL2JhZDVhZjIwLTgzODUtNDRkNC04MTVmLWJiODM0OTdk
NGEwZS5jcmwwHwYDVR0jBBgwFoAUEapw8wRQo6yCOXMUtq3WNdHdOZQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzAzNTcyNzJjLWE3OWEtNDVi
Zi05NTg2LTkyZGQ0OWVmMzIyMy9iYWQ1YWYyMC04Mzg1LTQ0ZDQtODE1Zi1iYjgz
NDk3ZDRhMGUuY2VyMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBx70cAwQB
z65uMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0
cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZI
hvcNAQELBQADggEBAEp13Neh9d2GoFx6FfNDqegwl+jpiEGUX7JwxEp3r91YCPIx
JF5RPSoynfeim7I+pptSBihJY8ZfBT2lOdiBdyFz/LmgrRNeXxxZ1nu6MlV3GFkC
MpzLUUtATpv3LD9AImBnQhbn2jCTHgLGJW5Bnh1AGun1315KiZSKFnUWwdnCipuv
vYqmBNFGGLhEpE7mCNjF1XZ+RhTz0A865v5vHSF7qyOZiKRcCX9TuZHhOB+4UBIl
UPRLTMou+3B325t08swOwNzJ45vKxj9r8pmK+FJ6/4tZHnwBk77+uY6I+WwwUNq4
05W+cmjdHYvoi3brXBYISvuhGD3oSLe8l6kD7QE=
-----END CERTIFICATE-----