Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3c31c66d-8518-3467-a15b-c641af088c1a.roa
File:                     3c31c66d-8518-3467-a15b-c641af088c1a.roa (raw, json)
Hash identifier:          1zGQPYlid9xkLMI3K5T44QvazZOnp+vNCTdOKV/ulNE=
Subject key identifier:   1D:65:52:B1:1B:FF:DD:D5:E5:67:6D:20:57:21:27:05:EC:D4:B6:9C
Certificate issuer:       /CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
Certificate serial:       010D0C9F4328584911A018E428DD1A34E3B1C400
Authority key identifier: C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3c31c66d-8518-3467-a15b-c641af088c1a.roa
Signing time:             Mon 03 Mar 2025 20:25:09 +0000
ROA not before:           Mon 03 Mar 2025 20:25:09 +0000
ROA not after:            Sun 01 Jun 2025 19:25:09 +0000
asID:                     401152
IP address blocks:        166.0.88.0/22 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:11:a0:18:e4:28:dd:1a:34:e3:b1:c4:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=66dea2a5-837d-46d8-8f8e-9447ece20c09
        Validity
            Not Before: Mar  3 20:25:09 2025 GMT
            Not After : Jun  1 19:25:09 2025 GMT
        Subject: CN=38463b42-dcc1-4dc8-98a1-1e9982676104
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:86:5b:ac:24:50:e6:b1:d0:24:a3:dc:0c:ae:3d:
                    61:fc:32:0d:8f:dc:be:29:86:e2:75:81:b7:1e:7a:
                    80:09:46:73:e6:cd:a3:39:45:72:97:a0:55:6c:df:
                    4f:80:38:90:e7:ac:3a:33:bc:9a:60:1d:c3:86:17:
                    d3:ff:a7:ab:ae:ec:01:e6:22:34:86:67:bc:7e:a5:
                    4c:19:65:05:62:94:77:a4:92:b9:2a:09:dd:b1:f8:
                    b5:ef:69:da:34:a4:fd:1d:1e:df:35:7c:9c:d2:7a:
                    3e:d4:6d:83:c6:7d:60:78:bc:23:21:63:ba:b1:9b:
                    46:fb:00:16:bf:64:0c:31:01:a8:09:f7:44:7f:b9:
                    3b:28:f0:d6:fa:ec:65:a6:e7:66:09:44:dc:df:50:
                    d0:a1:86:a9:55:c4:94:c2:c6:26:95:2e:6b:6a:ee:
                    78:78:58:04:81:51:b5:28:61:68:e2:38:08:5e:86:
                    0b:b5:6f:da:07:0c:1e:3d:07:8d:dd:98:b1:a9:d6:
                    e8:e5:52:8a:06:42:59:ed:f4:0f:82:d7:c4:9a:ca:
                    14:a9:00:3f:2c:39:72:64:8e:8d:42:97:5f:24:be:
                    b7:70:8e:ed:64:01:e0:e4:ff:64:af:d4:aa:df:04:
                    4c:b2:f7:c3:30:48:80:05:41:9e:54:6b:a5:c6:5d:
                    a2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:65:52:B1:1B:FF:DD:D5:E5:67:6D:20:57:21:27:05:EC:D4:B6:9C
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/3c31c66d-8518-3467-a15b-c641af088c1a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09/66dea2a5-837d-46d8-8f8e-9447ece20c09.crl

            X509v3 Authority Key Identifier:
                keyid:C3:86:AD:8B:F4:19:4B:35:94:24:9B:90:BA:9D:80:11:C2:08:71:C9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/66dea2a5-837d-46d8-8f8e-9447ece20c09.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.0.88.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         a2:ba:37:53:48:60:7a:e2:cf:06:23:88:45:a8:6f:f2:07:0f:
         d1:26:ac:cc:ca:1c:1a:87:5d:e0:1a:80:aa:a0:b7:cb:05:05:
         14:a7:4d:f6:ee:91:04:5a:21:05:4d:72:9a:78:5d:05:52:be:
         03:12:d0:56:28:bd:6d:a5:14:a7:d5:87:ac:b0:f1:34:91:c5:
         cd:ee:9e:3d:07:4c:21:d1:52:1e:09:d0:71:a5:87:90:4f:a4:
         02:0d:02:2d:eb:ac:ca:7c:f4:34:ae:ec:f4:18:46:ad:6b:e4:
         af:98:77:33:36:af:26:5c:89:79:59:a9:e6:09:6d:3a:e0:74:
         8f:2b:04:0f:7b:75:b8:fe:e8:aa:cd:9b:75:65:b1:70:06:0d:
         90:40:83:02:81:f9:fc:69:92:30:0d:4c:53:19:0b:2c:c5:8f:
         c0:6a:4f:78:d1:85:3a:46:b4:89:00:cf:ab:88:6c:2e:8c:cc:
         64:7d:41:f4:cc:c4:eb:cd:bf:50:cd:f0:0d:1c:de:9d:b5:58:
         a6:8d:55:94:4d:96:4b:08:e7:38:4f:8f:9f:5d:8d:3b:1b:45:
         be:1c:b0:bb:eb:79:59:e7:50:7e:ce:00:2a:6b:56:0e:ba:d8:
         5c:86:e2:7f:12:12:6b:9d:94:76:26:e5:c1:57:0f:7f:7f:4d:
         0f:4b:59:ff
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEkRoBjkKN0aNOOxxAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjZkZWEyYTUtODM3ZC00NmQ4LThmOGUtOTQ0N2VjZTIw
YzA5MB4XDTI1MDMwMzIwMjUwOVoXDTI1MDYwMTE5MjUwOVowLzEtMCsGA1UEAxMk
Mzg0NjNiNDItZGNjMS00ZGM4LTk4YTEtMWU5OTgyNjc2MTA0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhlusJFDmsdAko9wMrj1h/DINj9y+KYbidYG3
HnqACUZz5s2jOUVyl6BVbN9PgDiQ56w6M7yaYB3DhhfT/6erruwB5iI0hme8fqVM
GWUFYpR3pJK5Kgndsfi172naNKT9HR7fNXyc0no+1G2Dxn1geLwjIWO6sZtG+wAW
v2QMMQGoCfdEf7k7KPDW+uxlpudmCUTc31DQoYapVcSUwsYmlS5rau54eFgEgVG1
KGFo4jgIXoYLtW/aBwwePQeN3Zixqdbo5VKKBkJZ7fQPgtfEmsoUqQA/LDlyZI6N
QpdfJL63cI7tZAHg5P9kr9Sq3wRMsvfDMEiABUGeVGulxl2i2wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFB1lUrEb/93V5WdtIFchJwXs1LacMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRl
YTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3ZWNlMjBjMDkvM2MzMWM2NmQtODUxOC0z
NDY3LWExNWItYzY0MWFmMDg4YzFhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNjZkZWEyYTUtODM3ZC00NmQ4LThm
OGUtOTQ0N2VjZTIwYzA5LzY2ZGVhMmE1LTgzN2QtNDZkOC04ZjhlLTk0NDdlY2Uy
MGMwOS5jcmwwHwYDVR0jBBgwFoAUw4ati/QZSzWUJJuQup2AEcIIcckwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi82NmRlYTJhNS04MzdkLTQ2ZDgtOGY4ZS05NDQ3
ZWNlMjBjMDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCpgBYMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAKK6N1NIYHrizwYjiEWob/IHD9EmrMzKHBqHXeAagKqgt8sFBRSnTfbu
kQRaIQVNcpp4XQVSvgMS0FYovW2lFKfVh6yw8TSRxc3unj0HTCHRUh4J0HGlh5BP
pAINAi3rrMp89DSu7PQYRq1r5K+YdzM2ryZciXlZqeYJbTrgdI8rBA97dbj+6KrN
m3VlsXAGDZBAgwKB+fxpkjANTFMZCyzFj8BqT3jRhTpGtIkAz6uIbC6MzGR9QfTM
xOvNv1DN8A0c3p21WKaNVZRNlksI5zhPj59djTsbRb4csLvreVnnUH7OACprVg66
2FyG4n8SEmudlHYm5cFXD39/TQ9LWf8=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:50:12 2025 by rpki-client