Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/9aa5a3a7-cdb0-30a9-93bc-a7385bd61034.roa
File:                     9aa5a3a7-cdb0-30a9-93bc-a7385bd61034.roa (raw, json)
Hash identifier:          Ez6MrHY9mKl5aZctlfRH6qCLEWyK9p+ajutP3uYgEhc=
Subject key identifier:   40:92:6C:DE:A2:BC:F9:9A:43:3D:3C:62:CF:0F:26:2F:C7:C4:D7:6A
Certificate issuer:       /CN=68b287f4-51cf-421c-923b-f0e384de5eea
Certificate serial:       010D0C9F4328584954478259530DF503CB2FA940
Authority key identifier: 35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/9aa5a3a7-cdb0-30a9-93bc-a7385bd61034.roa
Signing time:             Thu 27 Mar 2025 17:25:48 +0000
ROA not before:           Thu 27 Mar 2025 17:25:48 +0000
ROA not after:            Wed 25 Jun 2025 17:25:48 +0000
asID:                     8069
IP address blocks:        20.153.136.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:54:47:82:59:53:0d:f5:03:cb:2f:a9:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68b287f4-51cf-421c-923b-f0e384de5eea
        Validity
            Not Before: Mar 27 17:25:48 2025 GMT
            Not After : Jun 25 17:25:48 2025 GMT
        Subject: CN=5a79d87b-e5a4-4866-bae2-ebad2a5d810e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:2a:4d:8a:31:af:8b:78:4b:7f:6b:34:e6:25:
                    20:d8:4e:81:b8:a4:76:4f:30:9d:dc:9c:fa:4a:e9:
                    bd:80:6b:27:04:3c:e0:c5:4c:11:fe:c3:ba:5d:f5:
                    52:78:a1:ed:a9:98:dc:cd:d8:ec:5c:77:bb:4a:85:
                    98:31:0d:9b:d0:98:5f:65:e4:9d:74:25:ec:0e:bc:
                    78:3f:d6:df:6e:21:eb:df:67:b3:96:9b:c3:55:59:
                    97:b0:a5:93:66:df:12:f8:d3:25:2a:28:9c:82:13:
                    cf:95:e3:14:71:3b:13:61:e7:29:17:bd:92:f6:7a:
                    e9:fe:d5:73:d5:47:0e:db:ca:6a:8b:7d:99:49:c5:
                    ab:b7:02:d5:0f:b2:7d:d8:e8:f6:96:89:d2:0c:60:
                    f6:47:98:e2:9a:68:85:7e:4a:0f:6a:41:ce:32:2a:
                    bd:e4:51:34:9d:0a:f6:e7:f2:51:8f:e8:e8:5e:ba:
                    0c:93:bd:e6:8d:8c:47:cb:0a:1a:6e:6d:fb:91:19:
                    17:08:56:d8:8e:d4:95:02:13:42:16:cc:7b:3e:58:
                    9e:0c:52:57:a1:23:07:9f:16:0f:6a:77:c3:46:a4:
                    5f:64:af:ef:2a:86:2a:a3:bc:90:cb:d1:57:36:8e:
                    13:0f:53:ef:01:f2:30:dc:51:07:26:a7:57:73:e6:
                    98:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:92:6C:DE:A2:BC:F9:9A:43:3D:3C:62:CF:0F:26:2F:C7:C4:D7:6A
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/9aa5a3a7-cdb0-30a9-93bc-a7385bd61034.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea/68b287f4-51cf-421c-923b-f0e384de5eea.crl

            X509v3 Authority Key Identifier:
                keyid:35:7E:4F:98:41:25:A3:72:03:F5:E2:BA:41:43:AE:4A:FA:E0:BC:1D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/68b287f4-51cf-421c-923b-f0e384de5eea.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  20.153.136.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7c:36:82:6b:19:55:8f:27:e4:f9:1f:8f:ff:e7:f5:c2:70:c3:
         f8:e8:0a:59:18:29:b2:c2:90:b9:ea:4e:ca:55:94:40:1f:ba:
         e9:7d:25:71:7a:be:0e:ed:9c:49:c3:41:95:88:b6:8c:13:d5:
         26:f5:59:20:4e:a0:2a:b7:fc:a6:77:a2:ff:ff:a3:33:0f:7a:
         d9:67:40:38:05:8e:a8:e9:e2:9e:75:f3:d7:60:23:5c:66:b7:
         ae:d5:84:55:04:cc:ec:2d:c2:03:28:be:59:ad:aa:d9:9b:94:
         46:b0:4d:07:83:e9:dc:1c:01:4f:ee:be:50:f8:0e:bb:83:ae:
         da:d3:1f:41:81:d2:bf:d8:71:d4:2c:27:9e:4f:dd:66:6b:27:
         16:73:f2:a1:f4:4c:aa:a9:f2:a7:28:c5:8a:c5:1a:c6:0b:31:
         5d:c0:ee:c4:a4:00:64:64:be:95:a9:57:96:a4:57:40:9d:14:
         b1:0f:43:be:3c:43:07:4f:d4:8a:d8:dd:e9:09:93:cd:f8:77:
         b3:4f:19:e6:23:84:e4:58:0b:0a:9c:57:9d:d4:71:62:bd:76:
         7d:96:06:64:58:4a:fe:3b:db:04:e5:0e:f5:f0:75:22:b8:0b:
         af:ec:33:05:2c:2e:c2:a9:cb:16:86:af:2d:83:65:80:66:a0:
         e5:94:c8:b4
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWElUR4JZUw31A8svqUAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjhiMjg3ZjQtNTFjZi00MjFjLTkyM2ItZjBlMzg0ZGU1
ZWVhMB4XDTI1MDMyNzE3MjU0OFoXDTI1MDYyNTE3MjU0OFowLzEtMCsGA1UEAxMk
NWE3OWQ4N2ItZTVhNC00ODY2LWJhZTItZWJhZDJhNWQ4MTBlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCpNijGvi3hLf2s05iUg2E6BuKR2TzCd3Jz6
Sum9gGsnBDzgxUwR/sO6XfVSeKHtqZjczdjsXHe7SoWYMQ2b0JhfZeSddCXsDrx4
P9bfbiHr32ezlpvDVVmXsKWTZt8S+NMlKiicghPPleMUcTsTYecpF72S9nrp/tVz
1UcO28pqi32ZScWrtwLVD7J92Oj2lonSDGD2R5jimmiFfkoPakHOMiq95FE0nQr2
5/JRj+joXroMk73mjYxHywoabm37kRkXCFbYjtSVAhNCFsx7PlieDFJXoSMHnxYP
anfDRqRfZK/vKoYqo7yQy9FXNo4TD1PvAfIw3FEHJqdXc+aY7QIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFECSbN6ivPmaQz08Ys8PJi/HxNdqMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82OGIy
ODdmNC01MWNmLTQyMWMtOTIzYi1mMGUzODRkZTVlZWEvOWFhNWEzYTctY2RiMC0z
MGE5LTkzYmMtYTczODViZDYxMDM0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjhiMjg3ZjQtNTFjZi00MjFjLTky
M2ItZjBlMzg0ZGU1ZWVhLzY4YjI4N2Y0LTUxY2YtNDIxYy05MjNiLWYwZTM4NGRl
NWVlYS5jcmwwHwYDVR0jBBgwFoAUNX5PmEElo3ID9eK6QUOuSvrgvB0wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS82OGIyODdmNC01MWNmLTQyMWMtOTIzYi1mMGUz
ODRkZTVlZWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFJmIMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHw2gmsZVY8n5Pkfj//n9cJww/joClkYKbLCkLnqTspVlEAfuul9JXF6
vg7tnEnDQZWItowT1Sb1WSBOoCq3/KZ3ov//ozMPetlnQDgFjqjp4p5189dgI1xm
t67VhFUEzOwtwgMovlmtqtmblEawTQeD6dwcAU/uvlD4DruDrtrTH0GB0r/YcdQs
J55P3WZrJxZz8qH0TKqp8qcoxYrFGsYLMV3A7sSkAGRkvpWpV5akV0CdFLEPQ748
QwdP1IrY3ekJk834d7NPGeYjhORYCwqcV53UcWK9dn2WBmRYSv472wTlDvXwdSK4
C6/sMwUsLsKpyxaGry2DZYBmoOWUyLQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:42:38 2025 by rpki-client