Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/27cc863b-7297-3831-b96c-ec3f9e9263f2.roa
File:                     27cc863b-7297-3831-b96c-ec3f9e9263f2.roa (raw, json)
Hash identifier:          myC/7lrpcE4MX5P/cVYRlfmMb+I5jvh075i8WFuDuPA=
Subject key identifier:   3B:CA:96:D4:BB:FE:AF:EE:7D:F9:DA:53:61:8D:A9:4C:CD:64:17:D7
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F432858455332F4968A581B680C9A5920
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/27cc863b-7297-3831-b96c-ec3f9e9263f2.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        72.12.0.0/18 maxlen: 18

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:32:f4:96:8a:58:1b:68:0c:9a:59:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=1f917a84-9dd2-46df-bdf0-71c1194168c7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:22:c1:ea:b4:d8:e8:b5:d7:6b:86:5a:09:f8:
                    05:89:e4:68:48:90:2a:2a:c4:e5:be:5a:ae:ac:4d:
                    f9:db:bd:f0:a6:44:39:41:ee:e0:04:83:a6:f1:a4:
                    f6:4d:8e:6e:ea:e2:20:3c:49:6f:9d:59:93:01:2e:
                    9b:47:9b:f5:23:02:8f:6e:1a:fe:88:9f:77:52:25:
                    0d:4f:6f:ed:05:0b:bf:90:6e:82:21:60:66:f1:e8:
                    1b:03:65:29:a9:80:d1:c6:d3:9b:b9:7f:ac:14:d0:
                    be:6a:dc:7c:d1:64:65:51:db:75:6d:8a:1f:ac:6e:
                    b1:78:dc:99:eb:7c:3a:52:77:a2:d2:b8:49:d6:a1:
                    d9:07:9f:bb:09:12:64:5b:a5:09:e5:90:16:46:0a:
                    86:52:92:1a:e4:5e:e5:7e:f9:07:7f:a8:74:72:0f:
                    c6:a5:a3:df:36:91:cb:4e:83:df:32:1e:05:fe:50:
                    c9:f2:30:ad:a9:0d:5f:5e:a6:c9:79:54:24:08:74:
                    66:d3:b1:2c:10:01:72:b9:8b:b6:1f:b9:25:e1:15:
                    3e:05:78:90:cf:a9:2d:99:c1:3f:fb:2f:18:d1:37:
                    8e:05:99:49:92:71:fa:b4:60:15:0c:34:7c:fe:e9:
                    1b:80:37:41:23:46:b2:d7:dc:42:54:cf:10:85:12:
                    de:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:CA:96:D4:BB:FE:AF:EE:7D:F9:DA:53:61:8D:A9:4C:CD:64:17:D7
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/27cc863b-7297-3831-b96c-ec3f9e9263f2.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.12.0.0/18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         46:33:c3:56:9c:71:d4:ab:85:9d:cd:2f:3b:7c:9f:19:a2:87:
         96:75:43:3c:08:2f:31:07:f4:de:25:9c:ee:d6:94:b6:b5:cd:
         c3:38:54:20:e5:ce:5c:e8:1f:01:92:92:f6:43:9c:9a:c1:05:
         66:18:b1:26:59:63:5f:cf:9f:3d:43:2a:40:a6:82:13:df:81:
         46:0f:c8:bc:a1:ef:86:d4:f5:fc:99:c3:3c:85:78:0f:59:5d:
         e9:18:90:92:f5:4f:a6:ce:43:09:09:b2:3b:12:5c:47:cf:d9:
         0d:93:cd:b8:90:38:5f:91:36:ad:d6:bc:35:e6:7c:ca:4a:37:
         fd:31:37:7b:af:2c:42:14:0f:a7:03:fb:b6:92:ff:fc:6a:19:
         d6:6f:90:6e:50:1a:8e:31:50:95:4b:5c:e0:26:ab:11:3b:72:
         dd:f9:eb:03:81:a3:a3:99:55:44:a8:84:8e:3e:6e:fc:66:11:
         6a:ae:76:33:1b:f1:c0:06:a9:23:1e:49:31:40:8b:f8:33:fc:
         fd:44:02:79:91:ed:6e:10:f5:a3:90:e0:a9:db:46:f4:ca:07:
         44:60:b3:79:6b:95:cf:ae:55:0d:be:39:76:f3:99:fd:dc:72:
         97:d5:63:95:a4:d2:8a:59:2c:c9:da:28:c7:f6:66:48:c1:6d:
         37:d8:f2:15
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMvSWilgbaAyaWSAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
MWY5MTdhODQtOWRkMi00NmRmLWJkZjAtNzFjMTE5NDE2OGM3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SLB6rTY6LXXa4ZaCfgFieRoSJAqKsTlvlqu
rE35273wpkQ5Qe7gBIOm8aT2TY5u6uIgPElvnVmTAS6bR5v1IwKPbhr+iJ93UiUN
T2/tBQu/kG6CIWBm8egbA2UpqYDRxtObuX+sFNC+atx80WRlUdt1bYofrG6xeNyZ
63w6Unei0rhJ1qHZB5+7CRJkW6UJ5ZAWRgqGUpIa5F7lfvkHf6h0cg/GpaPfNpHL
ToPfMh4F/lDJ8jCtqQ1fXqbJeVQkCHRm07EsEAFyuYu2H7kl4RU+BXiQz6ktmcE/
+y8Y0TeOBZlJknH6tGAVDDR8/ukbgDdBI0ay19xCVM8QhRLeHwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDvKltS7/q/uffnaU2GNqUzNZBfXMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMjdjYzg2M2ItNzI5Ny0z
ODMxLWI5NmMtZWMzZjllOTI2M2YyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGSAwAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEYzw1accdSrhZ3NLzt8nxmih5Z1QzwILzEH9N4lnO7WlLa1zcM4VCDl
zlzoHwGSkvZDnJrBBWYYsSZZY1/Pnz1DKkCmghPfgUYPyLyh74bU9fyZwzyFeA9Z
XekYkJL1T6bOQwkJsjsSXEfP2Q2TzbiQOF+RNq3WvDXmfMpKN/0xN3uvLEIUD6cD
+7aS//xqGdZvkG5QGo4xUJVLXOAmqxE7ct356wOBo6OZVUSohI4+bvxmEWqudjMb
8cAGqSMeSTFAi/gz/P1EAnmR7W4Q9aOQ4KnbRvTKB0Rgs3lrlc+uVQ2+OXbzmf3c
cpfVY5Wk0opZLMnaKMf2ZkjBbTfY8hU=
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:14 2024 by rpki-client on console-fra.rpki-client.org