Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/341b04c5-99e2-33f4-9097-0fc015a48e4a.roa
File:                     341b04c5-99e2-33f4-9097-0fc015a48e4a.roa (raw, json)
Hash identifier:          CXbt7zBAbdDPj5naewsewUs2c0gYg/vQ6CKNAzZIuKk=
Subject key identifier:   EB:46:2D:BA:83:8E:61:45:80:E0:F1:E8:B5:0C:18:D0:C9:4C:E7:81
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D3F5FE531F4D79461B5613E80
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/341b04c5-99e2-33f4-9097-0fc015a48e4a.roa
Signing time:             Tue 15 Mar 2022 04:00:00 +0000
ROA not before:           Tue 15 Mar 2022 04:00:00 +0000
ROA not after:            Tue 07 Mar 2028 05:00:00 +0000
asID:                     7029
IP address blocks:        205.147.204.0/22 maxlen: 22
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:3f:5f:e5:31:f4:d7:94:61:b5:61:3e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 15 04:00:00 2022 GMT
            Not After : Mar  7 05:00:00 2028 GMT
        Subject: CN=de14ea28-e5ab-4499-b44e-edd7420f1dbd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:7c:62:e3:41:a0:f3:6b:15:4b:12:ce:9e:de:
                    fb:45:a4:ab:c9:c8:0b:26:e4:7a:06:f7:78:bc:d3:
                    6e:39:6f:09:8d:27:3d:55:b2:cb:e2:67:8b:a0:e0:
                    65:0f:3c:fe:36:eb:ea:32:74:17:9e:a6:d8:61:60:
                    e8:5c:61:4d:71:cd:a6:f0:6a:20:8b:65:13:6f:7a:
                    9c:e0:fd:94:58:9b:5f:5f:dc:ea:4a:7a:6a:b0:98:
                    43:62:b6:19:2a:4a:b5:bf:c5:2f:a3:6e:bc:99:44:
                    e3:3f:ff:af:f6:99:35:9e:aa:3f:6c:22:d9:39:7c:
                    95:f1:c5:ce:8a:7d:aa:48:a0:9d:d5:de:77:0d:b9:
                    ab:20:f6:02:99:69:c5:75:88:30:d7:10:e2:53:2a:
                    ea:10:f6:f4:41:4a:10:12:bd:55:48:48:1a:51:8e:
                    0b:c7:6c:ac:05:7e:1b:48:12:d2:b2:92:61:5b:ed:
                    d9:e7:52:11:0a:53:fe:12:c8:e1:ca:1b:fe:b6:97:
                    b4:29:9d:cb:41:50:d0:6d:29:c4:45:08:5a:ca:a4:
                    23:99:59:31:ca:44:b3:2e:14:e5:7f:1f:c8:9a:78:
                    7b:91:6d:5a:4c:b7:81:7d:e1:e7:84:45:77:67:d1:
                    92:75:f5:e6:44:c4:c5:ed:22:96:93:b7:9d:50:2a:
                    4b:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:46:2D:BA:83:8E:61:45:80:E0:F1:E8:B5:0C:18:D0:C9:4C:E7:81
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/341b04c5-99e2-33f4-9097-0fc015a48e4a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.147.204.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         2b:49:4a:cc:4c:0e:bb:13:12:36:b6:a5:bb:56:6f:f7:66:fa:
         1c:47:c9:3d:e2:d1:56:81:0d:de:51:ee:c5:5b:3d:5f:54:68:
         b9:4e:4e:02:41:25:a7:67:e6:53:eb:45:a7:4d:56:75:d0:d0:
         d9:7d:81:95:13:76:f4:34:65:24:0e:de:3c:ab:cb:8b:6f:89:
         a5:df:70:16:f0:95:ac:f3:cf:f7:74:59:5c:2e:e3:a6:cf:bc:
         6c:bb:31:96:63:97:4e:22:98:ea:45:00:e7:5e:ed:30:6c:6f:
         a7:dc:98:16:bd:47:c3:9d:b1:30:bd:c6:fb:60:61:a8:d6:f7:
         ca:bf:22:d3:59:08:21:ee:81:3e:e2:d2:f9:36:7d:bc:3d:90:
         1e:eb:59:95:81:47:1e:ca:af:b7:3a:bb:72:fb:ec:52:3a:49:
         03:d3:5a:20:f7:97:2e:a9:00:30:33:3e:96:60:4b:50:7e:ee:
         c0:84:5c:e6:e1:fa:a3:8f:29:ca:bb:af:44:97:8a:bb:02:72:
         5a:ea:72:7e:37:a8:89:27:30:b9:68:43:a1:3f:ec:69:0c:78:
         b7:47:6e:d6:2c:0b:40:4b:eb:9a:67:cd:7e:2e:b0:92:67:27:
         13:bc:f1:b6:b2:53:a9:93:a0:b0:38:0b:31:b5:a6:b9:7c:c0:
         77:31:ec:04
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0/X+Ux9NeUYbVhPoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMxNTA0MDAwMFoXDTI4MDMwNzA1MDAwMFowLzEtMCsGA1UEAxMk
ZGUxNGVhMjgtZTVhYi00NDk5LWI0NGUtZWRkNzQyMGYxZGJkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXxi40Gg82sVSxLOnt77RaSrycgLJuR6Bvd4
vNNuOW8JjSc9VbLL4meLoOBlDzz+NuvqMnQXnqbYYWDoXGFNcc2m8Gogi2UTb3qc
4P2UWJtfX9zqSnpqsJhDYrYZKkq1v8Uvo268mUTjP/+v9pk1nqo/bCLZOXyV8cXO
in2qSKCd1d53DbmrIPYCmWnFdYgw1xDiUyrqEPb0QUoQEr1VSEgaUY4Lx2ysBX4b
SBLSspJhW+3Z51IRClP+Esjhyhv+tpe0KZ3LQVDQbSnERQhayqQjmVkxykSzLhTl
fx/Imnh7kW1aTLeBfeHnhEV3Z9GSdfXmRMTF7SKWk7edUCpLmQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFOtGLbqDjmFFgODx6LUMGNDJTOeBMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMzQxYjA0YzUtOTllMi0z
M2Y0LTkwOTctMGZjMDE1YTQ4ZTRhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCzZPMMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACtJSsxMDrsTEja2pbtWb/dm+hxHyT3i0VaBDd5R7sVbPV9UaLlOTgJB
Jadn5lPrRadNVnXQ0Nl9gZUTdvQ0ZSQO3jyry4tviaXfcBbwlazzz/d0WVwu46bP
vGy7MZZjl04imOpFAOde7TBsb6fcmBa9R8OdsTC9xvtgYajW98q/ItNZCCHugT7i
0vk2fbw9kB7rWZWBRx7Kr7c6u3L77FI6SQPTWiD3ly6pADAzPpZgS1B+7sCEXObh
+qOPKcq7r0SXirsCclrqcn43qIknMLloQ6E/7GkMeLdHbtYsC0BL65pnzX4usJJn
JxO88bayU6mToLA4CzG1prl8wHcx7AQ=
-----END CERTIFICATE-----
Generated at Sat Apr 19 19:57:27 2025 by rpki-client