Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/32954317-ab1c-321b-ae66-31a354371faa.roa
File:                     32954317-ab1c-321b-ae66-31a354371faa.roa (raw, json)
Hash identifier:          /swSgtJM82O6NmdTDO8oA7FerCfR7NVNannffBTJb3w=
Subject key identifier:   87:1A:32:07:4E:42:7E:62:E8:83:95:78:96:E7:53:D5:A6:F2:EE:6C
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553332624CA8F1F7C76126840
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/32954317-ab1c-321b-ae66-31a354371faa.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        209.159.32.0/19 maxlen: 19
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:26:24:ca:8f:1f:7c:76:12:68:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=612f9db2-c437-4b39-9191-834451a92a28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:94:1a:52:f9:51:a7:b1:94:7d:77:b1:bf:4e:
                    7c:23:f6:94:5a:f0:f3:d4:03:41:32:14:88:04:ca:
                    5c:20:ac:47:a1:df:33:56:18:c3:ff:eb:d6:a5:ba:
                    78:89:98:a3:e8:15:82:af:96:23:4f:7f:e6:8d:0a:
                    43:e8:71:d5:6b:eb:06:48:24:92:91:73:32:2a:7b:
                    78:4e:eb:35:13:21:94:f6:60:7a:13:83:85:ab:c2:
                    bc:1b:e6:86:18:ce:4f:b0:40:f1:0f:7b:d8:fb:18:
                    46:7f:7d:69:c5:61:7b:c0:d7:89:52:49:82:6d:d7:
                    7c:fb:08:dd:63:25:03:f6:6e:77:fa:e8:85:f7:c7:
                    54:7f:94:54:ad:be:16:d7:15:c5:a8:d4:42:0c:01:
                    50:42:f1:39:47:a5:0d:e1:35:6d:63:05:6b:9d:01:
                    e1:d8:17:5a:db:06:b3:81:7f:88:1e:9e:8b:38:1e:
                    b9:b8:13:a8:2c:4a:34:f4:19:2c:8c:05:7f:67:6d:
                    05:12:2c:dc:17:5e:fd:2d:1b:7b:db:cc:43:52:5c:
                    2b:b5:d8:33:3b:3d:0c:0e:1b:4b:97:ff:6d:b9:fb:
                    15:4a:87:24:67:4f:5b:33:e2:2a:51:43:c5:a7:2a:
                    71:1a:e7:b7:9f:bf:cc:85:31:fe:73:77:15:fd:f8:
                    87:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:1A:32:07:4E:42:7E:62:E8:83:95:78:96:E7:53:D5:A6:F2:EE:6C
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/32954317-ab1c-321b-ae66-31a354371faa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.159.32.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5e:ad:c3:c9:18:39:de:18:f5:74:14:db:a9:ac:f6:18:92:41:
         d7:2e:0f:7f:6b:04:cd:9c:ad:38:a7:d2:30:97:61:00:99:5b:
         50:c0:c3:ad:1b:01:b9:8d:ec:41:37:8e:bb:22:56:7c:08:51:
         40:56:55:f4:db:28:38:83:d6:de:6e:7c:8a:df:ca:ac:a2:1b:
         1b:35:9d:f3:f7:a8:86:06:7b:f1:d7:6f:94:84:5b:ba:e4:8e:
         47:06:f1:f8:d1:c4:11:df:b5:e0:f9:57:f3:03:c3:7a:dc:55:
         a3:e0:83:99:7a:e1:7e:bd:79:bc:08:71:6f:e5:29:cc:65:94:
         c9:b1:20:bf:7c:38:04:d7:a9:d2:22:6e:71:95:e6:26:6a:b3:
         14:1b:0e:92:02:a4:2e:2d:0f:6d:94:e7:86:49:2c:86:e5:de:
         1f:64:b3:98:4f:c0:15:e4:c6:26:5d:31:eb:2b:e6:be:7c:86:
         0e:4a:8b:9a:f8:fe:c3:93:72:c5:7d:07:4f:0d:e6:37:58:ba:
         d6:97:ce:a7:bc:45:21:c7:06:4a:f1:ed:89:60:f4:79:cb:76:
         b1:ce:e3:52:01:d5:03:13:92:72:a4:a5:ae:ba:3b:c9:19:78:
         6d:af:37:28:72:6e:bc:db:a4:de:14:45:e8:8b:7a:5f:f7:b5:
         84:25:1b:b8
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMyYkyo8ffHYSaEAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
NjEyZjlkYjItYzQzNy00YjM5LTkxOTEtODM0NDUxYTkyYTI4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJQaUvlRp7GUfXexv058I/aUWvDz1ANBMhSI
BMpcIKxHod8zVhjD/+vWpbp4iZij6BWCr5YjT3/mjQpD6HHVa+sGSCSSkXMyKnt4
Tus1EyGU9mB6E4OFq8K8G+aGGM5PsEDxD3vY+xhGf31pxWF7wNeJUkmCbdd8+wjd
YyUD9m53+uiF98dUf5RUrb4W1xXFqNRCDAFQQvE5R6UN4TVtYwVrnQHh2Bda2waz
gX+IHp6LOB65uBOoLEo09BksjAV/Z20FEizcF179LRt728xDUlwrtdgzOz0MDhtL
l/9tufsVSockZ09bM+IqUUPFpypxGue3n7/MhTH+c3cV/fiHXwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIcaMgdOQn5i6IOVeJbnU9Wm8u5sMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMzI5NTQzMTctYWIxYy0z
MjFiLWFlNjYtMzFhMzU0MzcxZmFhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF0Z8gMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAF6tw8kYOd4Y9XQU26ms9hiSQdcuD39rBM2crTin0jCXYQCZW1DAw60b
AbmN7EE3jrsiVnwIUUBWVfTbKDiD1t5ufIrfyqyiGxs1nfP3qIYGe/HXb5SEW7rk
jkcG8fjRxBHfteD5V/MDw3rcVaPgg5l64X69ebwIcW/lKcxllMmxIL98OATXqdIi
bnGV5iZqsxQbDpICpC4tD22U54ZJLIbl3h9ks5hPwBXkxiZdMesr5r58hg5Ki5r4
/sOTcsV9B08N5jdYutaXzqe8RSHHBkrx7Ylg9HnLdrHO41IB1QMTknKkpa66O8kZ
eG2vNyhybrzbpN4UReiLel/3tYQlG7g=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:18:29 2025 by rpki-client