Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/c304d182-c487-3a1b-8662-518b3c299709.roa
File:                     c304d182-c487-3a1b-8662-518b3c299709.roa (raw, json)
Hash identifier:          HzRX5uKyuJptqEr6v3H4Rjc3UxrUVS6QDY6zFvzVHew=
Subject key identifier:   BD:CB:E4:E6:93:27:55:13:23:69:1A:DD:E8:A3:A0:41:AC:2D:CA:CA
Certificate issuer:       /CN=0d3a5699-3eb8-4ecb-80a5-e8761a19b971
Certificate serial:       010D0C9F43285849393E7115794391491FF5D780
Authority key identifier: 57:1A:A5:27:EC:17:91:77:8C:71:79:03:73:62:71:C5:53:17:64:66
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/c304d182-c487-3a1b-8662-518b3c299709.roa
Signing time:             Tue 18 Mar 2025 01:00:38 +0000
ROA not before:           Tue 18 Mar 2025 01:00:38 +0000
ROA not after:            Mon 16 Jun 2025 01:00:38 +0000
asID:                     18594
IP address blocks:        208.70.176.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:39:3e:71:15:79:43:91:49:1f:f5:d7:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0d3a5699-3eb8-4ecb-80a5-e8761a19b971
        Validity
            Not Before: Mar 18 01:00:38 2025 GMT
            Not After : Jun 16 01:00:38 2025 GMT
        Subject: CN=19eab516-636d-4a3a-8170-125ad9de0eb4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:51:7b:13:10:a8:82:13:f1:9c:e4:35:38:82:
                    3b:3e:f9:2b:4f:f1:a3:85:00:25:4d:42:cf:d4:33:
                    e2:3c:80:cf:76:ee:69:53:6a:29:f8:0c:52:10:00:
                    ed:90:e6:cc:52:91:97:07:df:cc:3c:1f:39:76:a2:
                    5f:39:d7:c3:7a:f0:0f:a4:d2:7a:bd:c0:3b:48:d4:
                    30:17:cb:54:be:19:4f:d1:f8:b5:f5:21:cd:59:7e:
                    f0:ec:2a:e2:23:c2:02:ff:b2:a0:c3:6a:9c:b3:59:
                    57:6a:2b:91:6a:d2:80:5b:e5:ae:48:9f:07:ac:cd:
                    5f:c7:9a:b9:4a:f8:17:74:58:7c:a7:b9:d6:c9:f5:
                    9b:91:bb:15:a4:b7:a6:28:6f:00:7d:e0:8b:d5:c1:
                    c5:3c:28:58:b4:62:69:fc:66:68:bf:b8:57:9e:a9:
                    09:57:20:cd:b1:0a:b1:fa:18:ef:a3:f5:c0:f9:7a:
                    30:72:39:cb:99:14:23:f6:c4:ad:a4:9f:dc:14:99:
                    0d:d3:ba:72:3c:7c:ea:04:ba:bb:da:bc:56:39:46:
                    54:53:98:7e:e9:5f:f8:0d:2a:5f:3f:38:8e:8c:58:
                    70:98:8f:9a:8d:36:b4:4d:a4:1c:65:94:44:b5:06:
                    16:f6:c9:1b:90:7b:39:1a:49:f0:bc:00:7c:f1:8a:
                    1a:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:CB:E4:E6:93:27:55:13:23:69:1A:DD:E8:A3:A0:41:AC:2D:CA:CA
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/c304d182-c487-3a1b-8662-518b3c299709.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.crl

            X509v3 Authority Key Identifier:
                keyid:57:1A:A5:27:EC:17:91:77:8C:71:79:03:73:62:71:C5:53:17:64:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/0d3a5699-3eb8-4ecb-80a5-e8761a19b971.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  208.70.176.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6f:08:96:f4:57:58:c4:f3:49:f3:e1:42:2b:ac:7c:41:82:b7:
         40:de:fa:ea:ec:53:00:2b:97:45:ed:2d:c1:7c:3a:bd:b6:e5:
         df:ea:da:f0:0d:06:00:b7:e7:95:6e:ed:e3:6c:55:12:92:d1:
         98:5f:59:e6:37:01:77:25:c5:b2:b9:50:d4:c7:a3:b8:7d:bb:
         14:c1:be:68:f5:6c:c8:85:b7:b7:6e:a5:97:d5:0b:8a:ac:04:
         12:18:fd:83:bb:75:ed:01:63:e5:e5:84:4d:e7:a9:b3:7c:4f:
         fd:f3:b6:e3:67:f6:9a:dc:3d:d8:44:08:d1:5a:44:39:e7:3f:
         1e:d8:b9:10:0f:60:bd:83:26:b4:a1:af:a1:83:53:c4:61:29:
         99:e3:96:39:b0:aa:37:d2:23:a5:a1:9e:29:14:cc:e3:d3:ed:
         22:0f:6a:4b:b6:3d:dd:86:c2:c5:78:2c:b8:e0:a4:4e:ee:6e:
         f9:66:3e:0a:89:ad:b9:ab:ca:4b:4b:6e:ad:67:e2:00:a4:df:
         46:22:e7:37:ed:a5:69:81:83:23:6d:a5:ef:b0:a6:e6:ac:1c:
         90:f1:f8:88:84:ce:3b:bb:d0:28:8a:ba:f8:4f:3e:0d:03:48:
         9c:ca:51:69:d5:66:62:b3:0a:cd:ae:c9:e1:2e:80:7f:83:be:
         16:aa:21:67
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEk5PnEVeUORSR/114AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMGQzYTU2OTktM2ViOC00ZWNiLTgwYTUtZTg3NjFhMTli
OTcxMB4XDTI1MDMxODAxMDAzOFoXDTI1MDYxNjAxMDAzOFowLzEtMCsGA1UEAxMk
MTllYWI1MTYtNjM2ZC00YTNhLTgxNzAtMTI1YWQ5ZGUwZWI0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg1F7ExCoghPxnOQ1OII7PvkrT/GjhQAlTULP
1DPiPIDPdu5pU2op+AxSEADtkObMUpGXB9/MPB85dqJfOdfDevAPpNJ6vcA7SNQw
F8tUvhlP0fi19SHNWX7w7CriI8IC/7Kgw2qcs1lXaiuRatKAW+WuSJ8HrM1fx5q5
SvgXdFh8p7nWyfWbkbsVpLemKG8AfeCL1cHFPChYtGJp/GZov7hXnqkJVyDNsQqx
+hjvo/XA+XowcjnLmRQj9sStpJ/cFJkN07pyPHzqBLq72rxWOUZUU5h+6V/4DSpf
PziOjFhwmI+ajTa0TaQcZZREtQYW9skbkHs5GknwvAB88YoaXQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFL3L5OaTJ1UTI2ka3eijoEGsLcrKMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy8wZDNh
NTY5OS0zZWI4LTRlY2ItODBhNS1lODc2MWExOWI5NzEvYzMwNGQxODItYzQ4Ny0z
YTFiLTg2NjItNTE4YjNjMjk5NzA5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvMGQzYTU2OTktM2ViOC00ZWNiLTgw
YTUtZTg3NjFhMTliOTcxLzBkM2E1Njk5LTNlYjgtNGVjYi04MGE1LWU4NzYxYTE5
Yjk3MS5jcmwwHwYDVR0jBBgwFoAUVxqlJ+wXkXeMcXkDc2JxxVMXZGYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy8wZDNhNTY5OS0zZWI4LTRlY2ItODBhNS1lODc2
MWExOWI5NzEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0EawMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAG8IlvRXWMTzSfPhQiusfEGCt0De+ursUwArl0XtLcF8Or225d/q2vAN
BgC355Vu7eNsVRKS0ZhfWeY3AXclxbK5UNTHo7h9uxTBvmj1bMiFt7dupZfVC4qs
BBIY/YO7de0BY+XlhE3nqbN8T/3ztuNn9prcPdhECNFaRDnnPx7YuRAPYL2DJrSh
r6GDU8RhKZnjljmwqjfSI6WhnikUzOPT7SIPaku2Pd2GwsV4LLjgpE7ubvlmPgqJ
rbmryktLbq1n4gCk30Yi5zftpWmBgyNtpe+wpuasHJDx+IiEzju70CiKuvhPPg0D
SJzKUWnVZmKzCs2uyeEugH+DvhaqIWc=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:29:10 2025 by rpki-client