Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/3259b0d0-bd64-3850-be1c-27e0d36bf55d.roa
File:                     3259b0d0-bd64-3850-be1c-27e0d36bf55d.roa (raw, json)
Hash identifier:          jdALsxceZJowBgD8wdN/kiW1doER32XdqaatfwI2frg=
Subject key identifier:   A6:2E:C4:13:A0:57:EC:7B:07:18:2E:23:1E:44:2D:86:AE:2E:D0:02
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553332AACE68CE2B3ABD71F00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/3259b0d0-bd64-3850-be1c-27e0d36bf55d.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        216.171.128.0/19 maxlen: 19
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:2a:ac:e6:8c:e2:b3:ab:d7:1f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=1fbe421b-17d7-47bc-81b3-f0014464f045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:1a:c1:bf:78:56:e2:86:84:9f:a7:c5:72:13:
                    58:6f:55:5b:d8:ac:19:79:84:ed:ff:9a:64:26:a9:
                    4b:c0:ef:43:ac:93:e0:4d:20:2c:e5:64:3b:90:d2:
                    2e:f3:3a:f7:1e:ae:2c:4f:f8:10:09:49:64:c0:7f:
                    de:4d:96:f9:26:2b:c3:98:2e:e7:1b:de:9e:cc:32:
                    47:8e:c1:48:1e:93:25:36:ec:78:62:60:22:0a:38:
                    62:c2:8b:29:13:a2:b4:a2:1a:59:75:03:0e:e8:ed:
                    09:b8:6f:e4:1e:12:30:49:4e:17:c7:1c:cc:43:73:
                    aa:c9:4f:5a:e8:f8:ff:e9:3c:53:24:1e:76:47:20:
                    f4:b9:fd:53:b6:31:b9:ce:7a:16:b2:ae:95:96:f1:
                    38:cc:41:b8:e3:67:b2:d3:5f:9e:14:82:16:cb:34:
                    4d:ef:90:12:a0:09:19:6b:c4:4c:76:0c:cc:ba:f5:
                    56:c8:08:36:fe:9e:18:83:91:7d:e8:7d:98:d5:6f:
                    50:45:8f:06:3e:9b:9f:95:c9:a0:94:b0:df:47:15:
                    ca:30:7d:b2:72:48:b0:91:e5:bd:dc:a5:fb:21:33:
                    4a:b1:78:cd:3b:db:40:c6:94:44:46:06:51:50:54:
                    f7:17:eb:18:4d:33:e9:4f:cb:5e:37:f0:79:7e:c9:
                    1a:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A6:2E:C4:13:A0:57:EC:7B:07:18:2E:23:1E:44:2D:86:AE:2E:D0:02
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/3259b0d0-bd64-3850-be1c-27e0d36bf55d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.171.128.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         2c:3e:c4:05:29:cf:b9:ac:fa:f6:fd:3a:64:e9:6e:2e:a1:3c:
         67:9e:7a:02:03:17:53:a1:a5:55:96:d7:b7:c8:87:82:4f:99:
         79:94:24:3c:67:4e:4a:f1:6e:15:f3:d9:60:86:50:d2:1b:fc:
         eb:fa:57:ab:b4:04:9d:a7:2b:26:a2:06:fd:f0:95:78:13:75:
         74:c2:41:9f:2a:f1:0c:ca:0a:3d:f1:b8:42:24:79:a6:06:57:
         24:b9:71:a0:6e:f9:45:5a:df:d5:1e:ef:19:84:34:58:3d:9d:
         3a:48:ac:ee:4e:28:df:1b:6a:9d:19:42:93:8d:8e:f1:14:ac:
         4f:6c:b7:d2:b3:42:5e:19:57:35:69:1d:be:8b:de:db:c8:25:
         3a:de:95:c5:eb:9f:01:c8:0b:4a:81:6b:1b:74:1f:78:cd:ff:
         da:fc:d4:3c:a5:f9:19:2a:86:b8:36:ab:1a:de:57:a3:c2:38:
         02:96:0d:84:43:b7:59:15:0d:b0:40:fd:51:b8:3c:a0:c9:73:
         9e:39:f6:06:76:f9:76:81:5b:99:b4:6d:44:b3:9e:63:64:2d:
         6b:f4:45:5a:37:7c:c9:1e:a9:b4:3e:58:eb:40:db:63:0a:6c:
         42:b7:87:dd:e4:6f:e1:35:e2:6b:8e:16:78:e2:f1:1f:63:fe:
         ae:53:d7:de
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMyqs5ozis6vXHwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
MWZiZTQyMWItMTdkNy00N2JjLTgxYjMtZjAwMTQ0NjRmMDQ1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxrBv3hW4oaEn6fFchNYb1Vb2KwZeYTt/5pk
JqlLwO9DrJPgTSAs5WQ7kNIu8zr3Hq4sT/gQCUlkwH/eTZb5JivDmC7nG96ezDJH
jsFIHpMlNux4YmAiCjhiwospE6K0ohpZdQMO6O0JuG/kHhIwSU4XxxzMQ3OqyU9a
6Pj/6TxTJB52RyD0uf1TtjG5znoWsq6VlvE4zEG442ey01+eFIIWyzRN75ASoAkZ
a8RMdgzMuvVWyAg2/p4Yg5F96H2Y1W9QRY8GPpuflcmglLDfRxXKMH2yckiwkeW9
3KX7ITNKsXjNO9tAxpRERgZRUFT3F+sYTTPpT8teN/B5fskaLwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKYuxBOgV+x7BxguIx5ELYauLtACMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMzI1OWIwZDAtYmQ2NC0z
ODUwLWJlMWMtMjdlMGQzNmJmNTVkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF2KuAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACw+xAUpz7ms+vb9OmTpbi6hPGeeegIDF1OhpVWW17fIh4JPmXmUJDxn
TkrxbhXz2WCGUNIb/Ov6V6u0BJ2nKyaiBv3wlXgTdXTCQZ8q8QzKCj3xuEIkeaYG
VyS5caBu+UVa39Ue7xmENFg9nTpIrO5OKN8bap0ZQpONjvEUrE9st9KzQl4ZVzVp
Hb6L3tvIJTrelcXrnwHIC0qBaxt0H3jN/9r81Dyl+Rkqhrg2qxreV6PCOAKWDYRD
t1kVDbBA/VG4PKDJc5459gZ2+XaBW5m0bUSznmNkLWv0RVo3fMkeqbQ+WOtA22MK
bEK3h93kb+E14muOFnji8R9j/q5T194=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:52:37 2025 by rpki-client