Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/2439fa42-9801-3637-8647-72f4b4615df7.roa
File:                     2439fa42-9801-3637-8647-72f4b4615df7.roa (raw, json)
Hash identifier:          eXz/qN6uwpMl3FWVV/mVVJQodD/vPrMj86MtYwmLQtw=
Subject key identifier:   8A:14:82:D0:22:5E:A7:08:E4:AA:AA:C5:CE:81:C1:49:86:19:0A:08
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D57E31E1CA173D467CCC1B720
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/2439fa42-9801-3637-8647-72f4b4615df7.roa
Signing time:             Thu 24 Mar 2022 04:00:00 +0000
ROA not before:           Thu 24 Mar 2022 04:00:00 +0000
ROA not after:            Thu 16 Mar 2028 04:00:00 +0000
asID:                     7029
IP address blocks:        208.83.24.0/21 maxlen: 21
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:57:e3:1e:1c:a1:73:d4:67:cc:c1:b7:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 24 04:00:00 2022 GMT
            Not After : Mar 16 04:00:00 2028 GMT
        Subject: CN=6949aa9f-19cb-4f4d-a884-3e51d2120b57
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:1d:80:d3:a1:71:7f:8e:03:25:d2:36:2c:15:
                    25:7b:2d:57:50:a5:04:57:8b:88:20:0a:4b:fc:f3:
                    6d:cf:00:b5:ae:8d:ef:d0:f6:93:65:46:de:d4:3f:
                    4b:dd:3b:e3:28:e5:87:1b:5e:8f:04:13:00:ca:7a:
                    10:c1:ad:2f:f8:2e:0a:5d:f3:4a:9d:cc:be:61:0a:
                    e3:9b:58:b9:c7:98:57:3c:73:aa:28:f1:3b:13:9a:
                    c2:b9:b5:51:5e:5a:c3:ed:25:f9:7c:10:54:e0:76:
                    ea:0b:3e:0b:99:ac:5c:3d:61:70:7f:81:fd:85:0e:
                    43:6e:00:d8:72:d8:98:58:2e:a8:fb:3c:5e:05:25:
                    b4:99:24:7c:17:98:7e:c3:ef:32:fe:6a:59:d1:4c:
                    68:b8:9b:4c:c5:93:9b:9c:21:b6:68:9f:4e:b5:15:
                    e2:da:97:18:52:ec:ed:9a:13:e2:a0:4b:0c:7a:88:
                    1c:ab:45:95:0d:e4:b0:bd:b8:f4:9d:60:98:0d:72:
                    e3:38:c8:44:23:56:e3:39:5e:95:7b:8a:11:11:48:
                    1e:69:5d:84:b7:f5:4b:63:84:0a:20:a3:89:7f:53:
                    f3:46:6c:6a:0f:08:d4:44:28:b2:23:6c:0e:b3:60:
                    db:e8:df:33:4e:27:e7:e1:18:19:c6:59:03:95:b7:
                    4b:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:14:82:D0:22:5E:A7:08:E4:AA:AA:C5:CE:81:C1:49:86:19:0A:08
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/2439fa42-9801-3637-8647-72f4b4615df7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  208.83.24.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         91:87:e9:a5:b8:27:c0:b7:ee:96:c2:7f:d4:68:59:2c:b4:f7:
         fa:4c:f5:59:eb:49:2f:79:3c:51:cb:9d:6a:0d:d9:a9:ea:6d:
         ad:78:c3:5d:a7:37:a1:04:1a:7d:26:25:eb:9a:a8:0f:14:08:
         aa:40:62:4f:ed:fa:fb:63:e6:ca:15:a8:31:b6:bb:f7:90:b2:
         aa:14:3a:5a:e6:d1:f8:49:71:f3:0a:4e:25:c9:c6:cd:43:81:
         43:dd:b3:9c:a9:f6:f8:97:30:b2:a8:33:f6:4f:5f:e2:35:27:
         f5:a8:03:b8:00:67:0f:d5:82:8e:19:58:93:1c:49:3e:4a:cb:
         a8:62:9c:e9:60:14:37:8f:0b:70:d2:3b:d2:ae:e4:e8:b7:31:
         7c:27:d6:29:b7:27:94:77:82:0e:3a:55:b2:c4:10:37:37:81:
         f4:c5:5b:fb:1b:92:f7:4c:a2:07:5d:42:85:d6:bb:fc:68:a4:
         73:21:34:ad:f5:5e:4f:df:5d:19:f2:8a:fd:7e:c3:4d:25:47:
         73:04:0c:ec:d4:2e:57:8b:c9:f0:e1:53:89:45:42:72:5b:82:
         e6:54:c5:01:2a:63:e5:af:5b:8b:36:93:90:a8:bf:ba:11:6e:
         32:be:d8:3d:7f:33:66:d1:13:4c:ac:be:3a:4e:8b:09:8c:ef:
         74:4b:2c:aa
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD1X4x4coXPUZ8zBtyAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMyNDA0MDAwMFoXDTI4MDMxNjA0MDAwMFowLzEtMCsGA1UEAxMk
Njk0OWFhOWYtMTljYi00ZjRkLWE4ODQtM2U1MWQyMTIwYjU3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuh2A06Fxf44DJdI2LBUley1XUKUEV4uIIApL
/PNtzwC1ro3v0PaTZUbe1D9L3TvjKOWHG16PBBMAynoQwa0v+C4KXfNKncy+YQrj
m1i5x5hXPHOqKPE7E5rCubVRXlrD7SX5fBBU4HbqCz4LmaxcPWFwf4H9hQ5DbgDY
ctiYWC6o+zxeBSW0mSR8F5h+w+8y/mpZ0UxouJtMxZObnCG2aJ9OtRXi2pcYUuzt
mhPioEsMeogcq0WVDeSwvbj0nWCYDXLjOMhEI1bjOV6Ve4oREUgeaV2Et/VLY4QK
IKOJf1PzRmxqDwjURCiyI2wOs2Db6N8zTifn4RgZxlkDlbdLYwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIoUgtAiXqcI5Kqqxc6BwUmGGQoIMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMjQzOWZhNDItOTgwMS0z
NjM3LTg2NDctNzJmNGI0NjE1ZGY3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD0FMYMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJGH6aW4J8C37pbCf9RoWSy09/pM9VnrSS95PFHLnWoN2anqba14w12n
N6EEGn0mJeuaqA8UCKpAYk/t+vtj5soVqDG2u/eQsqoUOlrm0fhJcfMKTiXJxs1D
gUPds5yp9viXMLKoM/ZPX+I1J/WoA7gAZw/Vgo4ZWJMcST5Ky6hinOlgFDePC3DS
O9Ku5Oi3MXwn1im3J5R3gg46VbLEEDc3gfTFW/sbkvdMogddQoXWu/xopHMhNK31
Xk/fXRnyiv1+w00lR3MEDOzULleLyfDhU4lFQnJbguZUxQEqY+WvW4s2k5Cov7oR
bjK+2D1/M2bRE0ysvjpOiwmM73RLLKo=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:24:53 2025 by rpki-client