Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/ddbf19ae-927e-39a9-8762-ea99e7524de4.roa
File:                     ddbf19ae-927e-39a9-8762-ea99e7524de4.roa (raw, json)
Hash identifier:          2FbiaBhZX+VQZhvjJifw6Fh5ivDH54VqE9Y9QCLcsCE=
Subject key identifier:   9B:70:1C:DA:44:03:12:B2:00:70:6B:BE:E8:36:88:9A:7E:FC:35:F3
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F432858455332DEB72E11B50CF8CB43E0
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/ddbf19ae-927e-39a9-8762-ea99e7524de4.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        64.91.192.0/19 maxlen: 19

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:32:de:b7:2e:11:b5:0c:f8:cb:43:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=d640cf23-ad2e-44b6-943e-9a787a4c8bca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:17:37:f3:fb:88:35:63:58:ca:a4:d7:4c:a9:
                    9d:50:75:9d:e4:f5:10:38:65:b4:14:a2:6b:a3:ac:
                    4f:00:33:71:3c:5f:25:f1:8e:fd:d5:44:bd:ed:29:
                    7f:cd:17:73:ce:39:e5:5a:4b:05:03:f3:59:5b:5a:
                    f8:fc:d0:53:60:0a:0b:4c:23:d3:06:4f:c4:ed:d5:
                    9a:05:f9:4d:88:97:e2:e2:8a:a0:ab:b0:a1:fb:5c:
                    1c:a9:23:0e:71:64:e8:b2:86:4b:d2:f5:66:5f:42:
                    3c:b5:6c:ee:7a:24:48:89:2c:a1:88:83:74:be:da:
                    80:89:d5:33:ec:df:90:1a:dd:06:6c:27:ee:2e:c5:
                    81:24:a9:2e:a0:49:a7:2c:c1:62:06:63:8d:55:8c:
                    10:e5:fd:2f:66:d2:08:fc:90:13:11:30:8e:8e:f1:
                    80:3c:4a:da:2a:de:83:2e:b6:ea:41:83:3b:74:c9:
                    ce:00:c0:9f:53:8b:15:9b:c7:bc:64:2f:bf:dc:0c:
                    73:ab:cf:9e:8b:eb:9b:0e:ee:76:eb:a8:ef:b2:cc:
                    22:7e:36:08:cf:28:91:d8:fa:81:1f:63:6f:04:61:
                    79:f4:6c:7f:82:d2:17:f8:ca:e0:cf:56:9b:13:ba:
                    69:b3:ec:c3:a1:8b:b5:2f:4a:65:86:21:80:b6:6c:
                    ec:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:70:1C:DA:44:03:12:B2:00:70:6B:BE:E8:36:88:9A:7E:FC:35:F3
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/ddbf19ae-927e-39a9-8762-ea99e7524de4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.91.192.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         73:e7:e7:fb:b5:44:a9:ea:65:72:2a:1f:a2:a0:97:4b:59:2c:
         b4:1f:ca:5b:66:fc:62:e5:94:c9:c3:d0:03:d6:bb:0c:8c:c0:
         97:43:5a:2f:b7:e4:17:9c:d6:9a:70:fd:33:bd:07:90:fd:6e:
         70:46:62:64:90:63:86:36:bc:9a:89:b9:fc:37:3d:a2:31:11:
         d5:8f:a7:a8:36:9b:8e:9e:94:2f:31:ee:19:e7:85:9b:c3:98:
         38:fe:7e:55:b5:18:69:cf:b2:be:0e:8c:05:23:74:80:36:27:
         34:05:bb:a3:25:5a:4e:4b:e3:db:7c:f4:06:66:ff:54:65:56:
         a3:e1:f7:dc:05:21:a4:2d:dd:1f:37:7a:77:38:75:77:35:68:
         3a:cb:bb:43:53:d5:0b:79:8b:98:84:bd:5a:bc:2e:e2:37:45:
         16:97:70:b1:56:02:38:06:a1:2e:b7:b1:61:27:08:da:8e:8c:
         78:ad:f8:77:59:6b:d4:4c:36:d0:c0:f4:c3:7a:aa:75:9a:91:
         f0:f3:09:31:07:b1:92:be:0f:25:dd:71:3c:12:d6:20:10:5a:
         17:4c:fa:99:00:60:27:25:ab:6e:a6:94:fa:cd:80:5a:20:ce:
         68:d9:12:d4:8b:2b:0e:d7:19:35:80:4f:bc:e8:1c:e2:59:e9:
         5d:58:ed:72
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMt63LhG1DPjLQ+AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
ZDY0MGNmMjMtYWQyZS00NGI2LTk0M2UtOWE3ODdhNGM4YmNhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBc38/uINWNYyqTXTKmdUHWd5PUQOGW0FKJr
o6xPADNxPF8l8Y791US97Sl/zRdzzjnlWksFA/NZW1r4/NBTYAoLTCPTBk/E7dWa
BflNiJfi4oqgq7Ch+1wcqSMOcWTosoZL0vVmX0I8tWzueiRIiSyhiIN0vtqAidUz
7N+QGt0GbCfuLsWBJKkuoEmnLMFiBmONVYwQ5f0vZtII/JATETCOjvGAPEraKt6D
LrbqQYM7dMnOAMCfU4sVm8e8ZC+/3Axzq8+ei+ubDu5266jvsswifjYIzyiR2PqB
H2NvBGF59Gx/gtIX+Mrgz1abE7pps+zDoYu1L0plhiGAtmzsdQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJtwHNpEAxKyAHBrvug2iJp+/DXzMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZGRiZjE5YWUtOTI3ZS0z
OWE5LTg3NjItZWE5OWU3NTI0ZGU0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFQFvAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHPn5/u1RKnqZXIqH6Kgl0tZLLQfyltm/GLllMnD0APWuwyMwJdDWi+3
5Bec1ppw/TO9B5D9bnBGYmSQY4Y2vJqJufw3PaIxEdWPp6g2m46elC8x7hnnhZvD
mDj+flW1GGnPsr4OjAUjdIA2JzQFu6MlWk5L49t89AZm/1RlVqPh99wFIaQt3R83
enc4dXc1aDrLu0NT1Qt5i5iEvVq8LuI3RRaXcLFWAjgGoS63sWEnCNqOjHit+HdZ
a9RMNtDA9MN6qnWakfDzCTEHsZK+DyXdcTwS1iAQWhdM+pkAYCclq26mlPrNgFog
zmjZEtSLKw7XGTWAT7zoHOJZ6V1Y7XI=
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:17 2024 by rpki-client on console-fra.rpki-client.org