Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/067528bb-0c4d-3eed-9b3e-482204e5c694.roa
File: 067528bb-0c4d-3eed-9b3e-482204e5c694.roa (raw, json)
Hash identifier: j0noLCXKKeOQXwSYPwY5c6psoNcoOMUAahG4/2IoVKQ=
Subject key identifier: E5:CC:C6:B4:BE:DF:6E:56:A1:95:3B:AF:FB:16:92:E1:4A:10:38:AA
Certificate issuer: /CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
Certificate serial: 010D0C9F432858421E6D9E3FFC62D0F9E6A62348
Authority key identifier: 00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/067528bb-0c4d-3eed-9b3e-482204e5c694.roa
Signing time: Mon 05 Jun 2023 13:00:18 +0000
ROA not before: Mon 05 Jun 2023 13:00:18 +0000
ROA not after: Sun 03 Sep 2023 13:00:18 +0000
asID: 7862
IP address blocks: 146.23.56.0/23 maxlen: 23
146.23.178.0/24 maxlen: 24
146.23.201.0/24 maxlen: 24
146.23.200.0/23 maxlen: 23
146.23.200.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:42:1e:6d:9e:3f:fc:62:d0:f9:e6:a6:23:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
Validity
Not Before: Jun 5 13:00:18 2023 GMT
Not After : Sep 3 13:00:18 2023 GMT
Subject: CN=f1479104-1b2f-45bc-81d9-bda8b697136b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:19:12:f9:3c:f3:9e:78:e9:32:78:c1:90:81:
e6:48:62:0f:69:46:27:b6:aa:9d:aa:86:40:5e:1c:
85:85:55:8f:91:2a:0a:53:6a:80:23:6f:84:0e:1f:
99:6d:68:6b:88:80:8b:b1:f2:6c:9c:24:ea:96:c6:
c8:fc:44:99:28:ee:a6:9e:38:ac:9f:61:a2:b9:c3:
85:30:16:bf:dc:ae:76:72:b6:d1:d6:cb:2a:55:7b:
72:98:c3:60:73:a8:ec:ce:78:6f:88:db:f7:fd:62:
29:2f:c9:e6:f7:5e:9e:03:05:3d:5c:87:a7:02:02:
f9:bd:ad:bb:50:49:11:38:68:d1:24:97:27:09:cb:
0d:87:e2:04:f2:55:cf:86:ed:71:d0:a8:81:bd:b3:
fc:03:1d:99:f1:67:ff:b2:a9:d0:b1:40:ba:83:b8:
f9:74:c2:4f:29:2f:e9:b4:12:fa:db:73:40:c7:ac:
b3:0f:5e:84:40:73:df:ba:36:02:41:2e:23:ae:60:
af:69:9e:d8:1b:34:54:39:e9:ef:9d:f1:49:c5:49:
4a:5b:e5:0c:c9:0d:1c:da:2f:c0:61:78:7b:e0:fd:
07:03:0d:3d:05:40:38:86:4d:d1:30:be:2e:ab:c6:
d1:c4:de:83:3e:f7:3a:96:85:9f:53:f0:bd:f1:f9:
69:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CC:C6:B4:BE:DF:6E:56:A1:95:3B:AF:FB:16:92:E1:4A:10:38:AA
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/067528bb-0c4d-3eed-9b3e-482204e5c694.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/71ea89b4-ed85-463f-83d9-8453300bf2bd.crl
X509v3 Authority Key Identifier:
keyid:00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer
sbgp-ipAddrBlock: critical
IPv4:
146.23.56.0/23
146.23.178.0/24
146.23.200.0/23
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
bb:7d:2a:e4:80:7a:a5:22:a1:dd:83:5c:9c:4a:0d:78:06:df:
e1:9f:d9:b3:a8:74:04:9e:e6:06:61:52:f9:6c:b3:1f:36:80:
90:96:9a:8f:2b:4d:25:8f:3d:93:d8:25:e1:f7:3a:7f:ce:c3:
8d:32:3d:c4:97:3e:f6:ec:59:f0:dd:0e:17:3b:bd:a4:9b:c5:
44:9e:93:57:ac:f6:0d:aa:57:0c:16:b9:e4:e6:63:f1:3e:75:
0b:d1:c8:5e:e1:e0:09:aa:24:9d:19:c4:92:16:89:5b:e6:b4:
2c:f7:6c:09:48:7b:f6:f9:94:05:51:ea:92:a4:c3:19:a8:0f:
e6:17:15:f1:d8:bf:5c:84:aa:2f:78:72:4e:78:7a:fa:a7:0c:
7f:4d:e0:1d:b8:8e:77:bb:82:e7:26:d7:a5:87:c4:5c:f0:73:
29:f0:b1:3a:d7:87:6a:43:61:c9:e8:c7:97:92:ad:6f:11:3f:
8f:be:3c:6c:0f:7f:d0:a8:c3:e0:0c:e7:0a:34:f5:6f:06:6c:
52:e9:2d:43:8f:f3:75:38:e4:77:1a:69:bf:ed:49:ba:a1:d7:
96:0d:83:06:e7:f5:11:35:d5:47:0d:48:e6:03:ca:cb:50:03:
74:dd:29:6b:cd:48:de:4a:f4:9e:68:e5:9b:e9:df:a6:47:ff:
d0:6d:6b:d7
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgIUAQ0Mn0MoWEIebZ4//GLQ+eamI0gwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzFlYTg5YjQtZWQ4NS00NjNmLTgzZDktODQ1MzMwMGJm
MmJkMB4XDTIzMDYwNTEzMDAxOFoXDTIzMDkwMzEzMDAxOFowLzEtMCsGA1UEAxMk
ZjE0NzkxMDQtMWIyZi00NWJjLTgxZDktYmRhOGI2OTcxMzZiMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBkS+TzznnjpMnjBkIHmSGIPaUYntqqdqoZA
XhyFhVWPkSoKU2qAI2+EDh+ZbWhriICLsfJsnCTqlsbI/ESZKO6mnjisn2GiucOF
MBa/3K52crbR1ssqVXtymMNgc6jsznhviNv3/WIpL8nm916eAwU9XIenAgL5va27
UEkROGjRJJcnCcsNh+IE8lXPhu1x0KiBvbP8Ax2Z8Wf/sqnQsUC6g7j5dMJPKS/p
tBL623NAx6yzD16EQHPfujYCQS4jrmCvaZ7YGzRUOenvnfFJxUlKW+UMyQ0c2i/A
YXh74P0HAw09BUA4hk3RML4uq8bRxN6DPvc6loWfU/C98flpXwIDAQABo4IDYTCC
A10wHQYDVR0OBBYEFOXMxrS+325WoZU7r/sWkuFKEDiqMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83MWVh
ODliNC1lZDg1LTQ2M2YtODNkOS04NDUzMzAwYmYyYmQvMDY3NTI4YmItMGM0ZC0z
ZWVkLTliM2UtNDgyMjA0ZTVjNjk0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvNzFlYTg5YjQtZWQ4NS00NjNmLTgz
ZDktODQ1MzMwMGJmMmJkLzcxZWE4OWI0LWVkODUtNDYzZi04M2Q5LTg0NTMzMDBi
ZjJiZC5jcmwwHwYDVR0jBBgwFoAUAPoosGNeNAxamY5KWp40aTpaVmIwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC83MWVhODliNC1lZDg1LTQ2M2YtODNkOS04NDUz
MzAwYmYyYmQuY2VyMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBkhc4AwQA
kheyAwQBkhfIMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcC
ARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWww
DQYJKoZIhvcNAQELBQADggEBALt9KuSAeqUiod2DXJxKDXgG3+Gf2bOodASe5gZh
Uvlssx82gJCWmo8rTSWPPZPYJeH3On/Ow40yPcSXPvbsWfDdDhc7vaSbxUSek1es
9g2qVwwWueTmY/E+dQvRyF7h4AmqJJ0ZxJIWiVvmtCz3bAlIe/b5lAVR6pKkwxmo
D+YXFfHYv1yEqi94ck54evqnDH9N4B24jne7gucm16WHxFzwcynwsTrXh2pDYcno
x5eSrW8RP4++PGwPf9Cow+AM5wo09W8GbFLpLUOP83U45Hcaab/tSbqh15YNgwbn
9RE11UcNSOYDystQA3TdKWvNSN5K9J5o5Zvp36ZH/9Bta9c=
-----END CERTIFICATE-----
Generated at Mon Aug 7 15:15:39 2023 by rpki-client on console-ams.rpki-client.org