Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/21bab788-709a-32d3-a6d2-4e4cb28ca6e9.roa
File:                     21bab788-709a-32d3-a6d2-4e4cb28ca6e9.roa (raw, json)
Hash identifier:          VtxlVndVm9qxpr46fLhYbTfZblg+OHJ9dl9TNY77TvQ=
Subject key identifier:   9F:9A:F9:BD:93:2C:57:01:81:25:24:8A:AC:73:49:7A:5F:2B:3A:25
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533329C34075B68BE1506200
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/21bab788-709a-32d3-a6d2-4e4cb28ca6e9.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        216.107.64.0/18 maxlen: 18
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:29:c3:40:75:b6:8b:e1:50:62:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=5f7820b9-a823-44ee-b096-f9911a1f29fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c4:03:ed:34:7c:87:95:56:12:29:17:9b:e1:
                    37:12:99:7f:1b:f3:20:c0:fc:c9:6d:b3:e8:f5:f1:
                    f8:d6:6f:cd:e0:76:d8:94:f5:08:1a:09:de:22:9d:
                    bc:84:58:c8:73:84:b9:79:75:52:d2:34:74:7b:cf:
                    69:2e:ed:b1:77:01:a8:be:fd:d8:c0:b3:dc:62:5e:
                    a1:50:b7:08:7a:a2:c6:9c:9a:e9:f7:d0:86:15:80:
                    fb:14:78:16:af:17:fc:0e:f1:98:d1:db:2f:ef:5b:
                    56:67:25:c3:30:e8:63:9c:70:e0:09:ac:42:23:87:
                    4e:78:78:60:bc:08:94:01:01:de:e9:e7:7a:34:2e:
                    5f:04:91:17:eb:25:95:c8:07:d9:2f:8b:4f:2e:f1:
                    3f:f5:34:fa:d7:22:5f:46:c0:06:e6:dd:43:40:27:
                    d2:50:60:1f:eb:a1:ae:4e:13:74:2a:8c:08:af:2d:
                    f3:ed:7f:14:0f:6f:4e:3a:23:1f:ca:0d:5b:ef:47:
                    22:73:d2:c6:1a:02:d7:77:44:12:36:74:33:6d:6b:
                    9a:44:00:58:68:68:07:1e:76:5c:6d:bb:5f:34:c6:
                    f8:97:22:9f:b6:97:24:5f:f9:3e:26:29:e5:9e:83:
                    83:d2:31:15:60:a5:3b:40:50:99:67:2d:c7:4e:08:
                    62:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:9A:F9:BD:93:2C:57:01:81:25:24:8A:AC:73:49:7A:5F:2B:3A:25
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/21bab788-709a-32d3-a6d2-4e4cb28ca6e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.107.64.0/18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         50:d0:60:b2:bd:52:87:cc:de:b5:6d:d7:e1:62:27:28:c6:17:
         b4:62:fd:9d:1f:14:d2:6b:fe:76:75:4e:c8:ae:af:b4:36:fe:
         dc:e0:75:4a:d2:11:f7:ae:ab:8a:69:2d:e1:e3:eb:73:76:5e:
         2d:61:45:7d:c3:40:e7:a9:1f:90:0b:ee:80:30:50:d3:1e:b6:
         ef:29:38:9d:22:f1:9a:33:dd:50:51:cf:e7:c4:d3:53:fa:08:
         ab:2e:45:fd:0e:d8:68:af:d3:f8:17:30:b2:fc:f1:0c:d9:37:
         90:2d:2d:1e:60:85:17:42:85:0a:2e:fe:17:24:ca:f9:8f:ed:
         7e:92:2f:eb:c7:51:b5:40:83:99:b5:19:38:75:cc:72:f8:95:
         fc:32:af:cb:c3:f2:88:d1:03:6e:91:2c:12:ab:d7:b0:36:b0:
         a3:30:96:2a:00:74:bb:c5:41:fb:3b:6c:ba:6c:6d:19:ee:3e:
         06:79:c0:38:d6:26:90:59:f5:f5:46:6d:49:70:15:c3:74:58:
         f5:98:cb:0b:e2:be:9e:00:c8:7b:f3:b4:3d:e0:ce:3f:b3:e7:
         0d:ae:0e:79:d4:80:3b:90:4a:d8:4e:cb:13:4c:a3:9c:8a:65:
         cb:90:b8:24:a2:ec:e2:f7:07:ec:3b:3b:e5:33:97:03:2b:84:
         a5:af:8f:dc
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMynDQHW2i+FQYgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
NWY3ODIwYjktYTgyMy00NGVlLWIwOTYtZjk5MTFhMWYyOWZlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MQD7TR8h5VWEikXm+E3Epl/G/MgwPzJbbPo
9fH41m/N4HbYlPUIGgneIp28hFjIc4S5eXVS0jR0e89pLu2xdwGovv3YwLPcYl6h
ULcIeqLGnJrp99CGFYD7FHgWrxf8DvGY0dsv71tWZyXDMOhjnHDgCaxCI4dOeHhg
vAiUAQHe6ed6NC5fBJEX6yWVyAfZL4tPLvE/9TT61yJfRsAG5t1DQCfSUGAf66Gu
ThN0KowIry3z7X8UD29OOiMfyg1b70cic9LGGgLXd0QSNnQzbWuaRABYaGgHHnZc
bbtfNMb4lyKftpckX/k+JinlnoOD0jEVYKU7QFCZZy3HTghiGwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJ+a+b2TLFcBgSUkiqxzSXpfKzolMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMjFiYWI3ODgtNzA5YS0z
MmQzLWE2ZDItNGU0Y2IyOGNhNmU5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG2GtAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFDQYLK9UofM3rVt1+FiJyjGF7Ri/Z0fFNJr/nZ1Tsiur7Q2/tzgdUrS
Efeuq4ppLeHj63N2Xi1hRX3DQOepH5AL7oAwUNMetu8pOJ0i8Zoz3VBRz+fE01P6
CKsuRf0O2Giv0/gXMLL88QzZN5AtLR5ghRdChQou/hckyvmP7X6SL+vHUbVAg5m1
GTh1zHL4lfwyr8vD8ojRA26RLBKr17A2sKMwlioAdLvFQfs7bLpsbRnuPgZ5wDjW
JpBZ9fVGbUlwFcN0WPWYywvivp4AyHvztD3gzj+z5w2uDnnUgDuQSthOyxNMo5yK
ZcuQuCSi7OL3B+w7O+UzlwMrhKWvj9w=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:29:53 2025 by rpki-client