Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/33e2b85d-15ae-30d3-a6d8-0e4da02cff33.roa
File:                     33e2b85d-15ae-30d3-a6d8-0e4da02cff33.roa (raw, json)
Hash identifier:          3JZ2t64aRZB7iFzx7GWEMuCr7TbZJSpVdsNbOfqu7kA=
Subject key identifier:   15:32:98:4F:27:1E:49:30:06:F7:B5:1F:AB:ED:84:F7:F5:9C:E9:DF
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D57E6927681A8DFD817C50DE0
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/33e2b85d-15ae-30d3-a6d8-0e4da02cff33.roa
Signing time:             Thu 24 Mar 2022 04:00:00 +0000
ROA not before:           Thu 24 Mar 2022 04:00:00 +0000
ROA not after:            Thu 16 Mar 2028 04:00:00 +0000
asID:                     26407
IP address blocks:        216.248.178.0/23 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:57:e6:92:76:81:a8:df:d8:17:c5:0d:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 24 04:00:00 2022 GMT
            Not After : Mar 16 04:00:00 2028 GMT
        Subject: CN=3ed52c61-8632-47f7-818c-dfb25fb4c0e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:06:9e:f4:19:f3:92:94:59:03:41:f3:1d:a8:
                    b3:2f:ed:09:04:b0:dd:fb:31:ed:12:02:a4:79:2e:
                    a7:6e:fd:54:db:53:76:e1:86:2b:01:b5:92:1b:42:
                    be:7a:8f:60:42:d4:f6:3d:9b:7a:30:90:8a:c7:87:
                    8e:4d:72:fa:12:71:0a:c0:18:b7:c0:b8:b9:ea:00:
                    19:4d:17:cc:75:40:1c:f9:e2:d3:82:ed:5a:d2:4a:
                    8e:66:45:64:1e:e5:79:ea:0e:f9:39:66:cb:5a:3f:
                    23:b7:10:18:8a:4f:19:e2:b8:e5:4b:a4:a5:76:55:
                    16:d9:1e:13:76:ee:33:90:b2:e9:38:95:3b:45:59:
                    15:7d:4e:3e:a0:71:0e:05:0e:53:9c:59:22:6c:d3:
                    37:8e:b1:98:cc:bc:0b:54:c9:e8:d8:75:66:f5:85:
                    a9:44:9c:f3:65:3a:32:06:2e:a7:a1:60:67:e1:fb:
                    87:72:bc:b0:65:c2:81:b0:63:88:f5:f0:f9:08:d8:
                    69:f7:1e:2b:ac:6f:93:5a:8d:6d:c7:53:eb:0e:25:
                    2e:4d:e2:79:f4:60:15:bf:02:d8:ba:10:76:de:b2:
                    8e:d8:21:91:13:9f:8b:3c:97:06:a5:79:62:8a:41:
                    36:72:18:9e:f4:cf:f5:88:1a:c7:9b:36:e0:dd:56:
                    06:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:32:98:4F:27:1E:49:30:06:F7:B5:1F:AB:ED:84:F7:F5:9C:E9:DF
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/33e2b85d-15ae-30d3-a6d8-0e4da02cff33.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.248.178.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6d:d0:94:14:4d:35:dd:ae:04:ea:a9:dd:a6:08:20:37:3e:20:
         93:54:93:b2:4e:59:d1:06:9e:61:83:83:b5:22:21:5b:f1:07:
         0c:5b:70:8d:be:85:b5:3c:e5:eb:a4:97:06:9c:53:ca:f4:9c:
         30:91:17:af:0b:61:2c:ca:f3:e6:b8:56:e4:95:fa:f5:2d:20:
         93:ca:d0:05:2a:4a:1e:60:7d:d6:eb:17:e8:82:e4:41:5a:53:
         1b:b7:81:2b:db:b5:b6:81:2e:6a:7f:3b:cb:ce:f7:2b:1f:b2:
         20:12:f0:9f:b9:bc:5d:6a:db:88:d6:a6:74:41:22:b3:3f:85:
         4d:8e:35:9c:7f:a2:0f:e1:ff:f4:73:c6:51:85:e0:89:68:78:
         8a:31:53:8c:16:c3:3c:e6:99:9b:c2:d7:ea:7f:73:8c:b4:93:
         ca:43:86:4e:53:56:21:18:f2:e5:2c:a1:6f:e0:b8:42:4d:2a:
         47:1a:04:7e:1c:29:37:76:f1:6c:f6:af:03:93:a6:9d:8a:1c:
         08:12:77:14:7e:79:ce:28:1d:17:f5:65:8a:02:10:90:6d:d3:
         0c:48:f3:cf:0f:07:ee:2b:15:74:05:86:b7:3e:b9:a0:f5:21:
         62:0d:80:41:31:d2:b6:d8:01:6e:3a:14:7b:b8:96:f0:41:0e:
         cb:77:ea:41
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD1X5pJ2gajf2BfFDeAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMyNDA0MDAwMFoXDTI4MDMxNjA0MDAwMFowLzEtMCsGA1UEAxMk
M2VkNTJjNjEtODYzMi00N2Y3LTgxOGMtZGZiMjVmYjRjMGU4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogae9BnzkpRZA0HzHaizL+0JBLDd+zHtEgKk
eS6nbv1U21N24YYrAbWSG0K+eo9gQtT2PZt6MJCKx4eOTXL6EnEKwBi3wLi56gAZ
TRfMdUAc+eLTgu1a0kqOZkVkHuV56g75OWbLWj8jtxAYik8Z4rjlS6SldlUW2R4T
du4zkLLpOJU7RVkVfU4+oHEOBQ5TnFkibNM3jrGYzLwLVMno2HVm9YWpRJzzZToy
Bi6noWBn4fuHcrywZcKBsGOI9fD5CNhp9x4rrG+TWo1tx1PrDiUuTeJ59GAVvwLY
uhB23rKO2CGRE5+LPJcGpXliikE2chie9M/1iBrHmzbg3VYGkwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBUymE8nHkkwBve1H6vthPf1nOnfMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMzNlMmI4NWQtMTVhZS0z
MGQzLWE2ZDgtMGU0ZGEwMmNmZjMzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2PiyMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAG3QlBRNNd2uBOqp3aYIIDc+IJNUk7JOWdEGnmGDg7UiIVvxBwxbcI2+
hbU85euklwacU8r0nDCRF68LYSzK8+a4VuSV+vUtIJPK0AUqSh5gfdbrF+iC5EFa
Uxu3gSvbtbaBLmp/O8vO9ysfsiAS8J+5vF1q24jWpnRBIrM/hU2ONZx/og/h//Rz
xlGF4IloeIoxU4wWwzzmmZvC1+p/c4y0k8pDhk5TViEY8uUsoW/guEJNKkcaBH4c
KTd28Wz2rwOTpp2KHAgSdxR+ec4oHRf1ZYoCEJBt0wxI888PB+4rFXQFhrc+uaD1
IWINgEEx0rbYAW46FHu4lvBBDst36kE=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:08:35 2025 by rpki-client