Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/a1b8a896-6d88-3e0e-af16-2d4a56d3d426.roa
File:                     a1b8a896-6d88-3e0e-af16-2d4a56d3d426.roa (raw, json)
Hash identifier:          pFDSJfh1kYL1GHSEsKXU59LZd0i+rzcYX0TAbtm9tj4=
Subject key identifier:   3C:A2:F2:34:A0:0D:41:CF:E0:D3:FF:1A:B3:BA:87:D4:C4:AA:3D:BC
Certificate issuer:       /CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
Certificate serial:       010D0C9F432858489E6B7DEB2D5273AD1FEB9E00
Authority key identifier: 55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/a1b8a896-6d88-3e0e-af16-2d4a56d3d426.roa
Signing time:             Tue 21 Jan 2025 14:00:53 +0000
ROA not before:           Tue 21 Jan 2025 14:00:53 +0000
ROA not after:            Mon 21 Apr 2025 13:00:53 +0000
asID:                     22909
IP address blocks:        68.52.156.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:9e:6b:7d:eb:2d:52:73:ad:1f:eb:9e:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4e95a28e-27fe-479a-b086-2cc9809d54f6
        Validity
            Not Before: Jan 21 14:00:53 2025 GMT
            Not After : Apr 21 13:00:53 2025 GMT
        Subject: CN=da53160e-750c-42f0-bfcb-c3170a67e49e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c3:41:da:60:bb:fe:77:5c:2e:fe:72:b2:9f:
                    15:7e:7f:92:05:95:04:dc:65:20:e2:59:c6:06:96:
                    3f:9b:48:c8:39:af:5f:5e:33:5d:1b:8c:9d:4d:47:
                    f7:46:f8:83:1d:2c:d3:60:cf:be:1d:a3:c6:7e:e1:
                    de:54:40:fa:53:f1:f7:48:51:38:4f:2c:c6:2d:85:
                    49:91:3a:77:46:d9:25:94:4f:a3:56:00:b1:ee:73:
                    d4:4d:d8:a9:14:38:05:34:29:21:ac:b0:35:f0:9a:
                    60:bc:ee:05:b2:9b:0e:6b:e1:66:c0:e3:7c:ff:39:
                    d3:35:22:44:2b:f6:da:5e:7f:e4:c4:92:d5:96:c6:
                    13:ea:fe:78:83:71:43:34:a5:c2:42:e2:f5:7b:ea:
                    cf:14:e3:33:9e:cf:ee:56:94:84:66:46:ec:83:5a:
                    ab:29:58:75:29:99:77:b6:87:d3:74:30:ab:60:d4:
                    05:e0:51:ae:e8:e3:d0:df:3a:70:db:8f:34:3d:32:
                    0e:32:15:65:7c:ac:ea:84:ae:24:cb:dd:b6:4d:82:
                    a9:ef:6f:f1:ac:f9:38:2c:37:fc:fc:4d:85:3e:bb:
                    1e:c8:2d:96:03:16:c4:7c:78:ea:1a:52:a7:d8:0b:
                    88:72:23:83:4d:6a:45:e6:59:ba:1d:1c:2c:3a:42:
                    1b:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:A2:F2:34:A0:0D:41:CF:E0:D3:FF:1A:B3:BA:87:D4:C4:AA:3D:BC
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/a1b8a896-6d88-3e0e-af16-2d4a56d3d426.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6/4e95a28e-27fe-479a-b086-2cc9809d54f6.crl

            X509v3 Authority Key Identifier:
                keyid:55:43:28:31:2B:A2:11:E9:0C:63:2A:6B:C1:7E:0D:D6:92:76:3E:61

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/4e95a28e-27fe-479a-b086-2cc9809d54f6.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.52.156.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         d0:30:cc:08:87:d9:87:a0:c7:6f:8b:73:4c:b9:98:79:23:d9:
         37:f6:96:14:3f:65:28:fa:fc:4e:b7:43:8e:d7:57:be:cc:13:
         de:3f:73:fe:f0:f7:1f:c7:b5:9f:77:0c:14:71:46:9f:10:23:
         53:9b:4e:19:1b:c2:56:11:35:83:84:7b:f5:46:4f:72:50:59:
         20:2b:c9:0d:7b:36:c5:69:4a:5a:91:71:74:6e:cc:3c:a7:04:
         6f:72:54:89:aa:b7:7d:b8:20:ac:a8:5e:50:ab:9b:32:9e:27:
         51:9b:a1:a3:43:fe:49:8e:df:5a:cc:74:d5:c8:47:00:0f:08:
         1e:3d:86:37:7c:ef:3f:13:89:61:8b:9d:12:49:34:28:14:83:
         41:8b:21:42:88:1b:3c:b4:32:5c:e0:78:64:f5:c0:a3:a5:8e:
         2e:d2:18:50:a6:19:19:77:00:2b:ae:88:44:70:eb:58:f2:f9:
         2d:bc:b6:fe:8a:27:69:15:64:de:13:e0:98:a6:0a:19:ff:89:
         95:b0:e8:4c:e8:2e:aa:6f:ff:f5:24:bf:42:8d:14:00:89:93:
         c0:8a:df:76:e8:c9:6a:53:a7:94:19:05:04:e2:1d:3f:ef:17:
         e7:f1:0e:e5:65:2f:6c:a9:4a:84:02:e8:01:b2:b6:6a:48:c3:
         58:5a:06:22
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEiea33rLVJzrR/rngAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNGU5NWEyOGUtMjdmZS00NzlhLWIwODYtMmNjOTgwOWQ1
NGY2MB4XDTI1MDEyMTE0MDA1M1oXDTI1MDQyMTEzMDA1M1owLzEtMCsGA1UEAxMk
ZGE1MzE2MGUtNzUwYy00MmYwLWJmY2ItYzMxNzBhNjdlNDllMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MNB2mC7/ndcLv5ysp8Vfn+SBZUE3GUg4lnG
BpY/m0jIOa9fXjNdG4ydTUf3RviDHSzTYM++HaPGfuHeVED6U/H3SFE4TyzGLYVJ
kTp3RtkllE+jVgCx7nPUTdipFDgFNCkhrLA18JpgvO4FspsOa+FmwON8/znTNSJE
K/baXn/kxJLVlsYT6v54g3FDNKXCQuL1e+rPFOMzns/uVpSEZkbsg1qrKVh1KZl3
tofTdDCrYNQF4FGu6OPQ3zpw2480PTIOMhVlfKzqhK4ky922TYKp72/xrPk4LDf8
/E2FPrseyC2WAxbEfHjqGlKn2AuIciODTWpF5lm6HRwsOkIbgwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDyi8jSgDUHP4NP/GrO6h9TEqj28MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1
YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5ODA5ZDU0ZjYvYTFiOGE4OTYtNmQ4OC0z
ZTBlLWFmMTYtMmQ0YTU2ZDNkNDI2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNGU5NWEyOGUtMjdmZS00NzlhLWIw
ODYtMmNjOTgwOWQ1NGY2LzRlOTVhMjhlLTI3ZmUtNDc5YS1iMDg2LTJjYzk4MDlk
NTRmNi5jcmwwHwYDVR0jBBgwFoAUVUMoMSuiEekMYyprwX4N1pJ2PmEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi80ZTk1YTI4ZS0yN2ZlLTQ3OWEtYjA4Ni0yY2M5
ODA5ZDU0ZjYuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQARDScMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBANAwzAiH2Yegx2+Lc0y5mHkj2Tf2lhQ/ZSj6/E63Q47XV77ME94/c/7w
9x/HtZ93DBRxRp8QI1ObThkbwlYRNYOEe/VGT3JQWSAryQ17NsVpSlqRcXRuzDyn
BG9yVImqt324IKyoXlCrmzKeJ1GboaND/kmO31rMdNXIRwAPCB49hjd87z8TiWGL
nRJJNCgUg0GLIUKIGzy0MlzgeGT1wKOlji7SGFCmGRl3ACuuiERw61jy+S28tv6K
J2kVZN4T4JimChn/iZWw6EzoLqpv//Ukv0KNFACJk8CK33boyWpTp5QZBQTiHT/v
F+fxDuVlL2ypSoQC6AGytmpIw1haBiI=
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:13:53 2025 by rpki-client