Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/41369508-4196-3fbb-baaa-b66d17d1773c.roa
File:                     41369508-4196-3fbb-baaa-b66d17d1773c.roa (raw, json)
Hash identifier:          4XZYu6AwZwTtZpLpTKhZtbXpr4h21KLG8ry/vjcvptI=
Subject key identifier:   E0:D1:50:5E:2E:33:C8:34:37:D0:F9:49:95:5D:4D:11:90:EA:A9:35
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533322CDEFF85C03D6BEFB80
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/41369508-4196-3fbb-baaa-b66d17d1773c.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        209.92.57.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:22:cd:ef:f8:5c:03:d6:be:fb:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=774b78d7-c5d4-4aa3-a98f-7fd99043fde4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:4c:dc:b9:d5:62:cb:a1:fc:a5:8d:f7:ea:72:
                    c6:1e:1c:a0:22:04:b6:d3:4f:6a:6d:b1:dd:90:cb:
                    f1:07:ff:1e:93:4b:42:45:54:c0:05:22:95:84:b5:
                    0d:0e:15:54:bc:05:44:07:69:db:d2:eb:ce:0f:26:
                    69:eb:b8:16:46:4f:87:b0:98:ec:3e:4e:ab:b0:4c:
                    8b:e5:ca:3c:0f:c3:ba:64:7c:04:08:d1:93:4d:7a:
                    f4:6c:5b:f2:33:51:4f:f3:5e:5d:eb:85:47:c2:39:
                    6d:96:1f:eb:29:e5:f9:2a:d3:41:5d:97:ad:b7:9a:
                    3c:3c:9e:4f:cb:f1:ff:7b:e4:8e:11:4c:34:58:56:
                    f2:ce:d6:96:bb:83:7f:0b:4f:02:e8:40:dc:ed:86:
                    ff:1e:bc:63:3e:88:27:88:f6:7c:94:ad:d6:8f:32:
                    5e:5e:31:e4:b6:43:e6:17:86:09:53:79:1f:5e:cf:
                    0f:d6:46:ea:f1:15:f2:66:cf:cb:96:3b:e2:3b:9c:
                    46:ee:65:63:c3:9e:df:ce:a8:28:65:5a:5d:31:d0:
                    d0:d6:46:3d:02:f2:fe:b3:b3:c6:67:a4:cb:6d:5d:
                    f3:f6:6a:a3:1e:05:3d:f8:85:1c:c0:ca:04:33:bd:
                    c8:88:c6:f3:4e:16:57:0d:fc:0a:f2:45:86:99:c5:
                    e8:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:D1:50:5E:2E:33:C8:34:37:D0:F9:49:95:5D:4D:11:90:EA:A9:35
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/41369508-4196-3fbb-baaa-b66d17d1773c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.92.57.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         95:aa:44:35:91:b6:ff:94:20:50:dd:4a:9d:cf:de:58:f1:23:
         3f:b0:fa:e8:45:2d:b2:6b:e3:8f:eb:eb:00:79:cb:c8:8e:54:
         ea:1e:5f:47:76:79:49:a6:d8:73:23:61:3b:25:13:ad:3d:65:
         74:35:ab:e5:dd:cc:37:45:76:7b:f2:08:e9:0e:8a:0d:2e:f0:
         2f:9a:c1:55:f8:9e:35:d5:bb:41:9f:5a:37:7a:0b:70:32:88:
         08:f1:5c:f6:a0:7c:4c:21:97:f0:82:ad:4b:02:45:f2:37:2f:
         f9:ca:4c:fb:90:0f:44:12:ef:1e:9a:36:a1:8c:cb:bb:c3:6d:
         ad:24:f5:46:86:11:aa:a1:cf:16:2b:0d:00:91:06:7b:2b:f3:
         ea:8c:7c:1d:7d:87:53:87:f5:af:2f:a7:5c:f5:50:e0:72:e0:
         f7:77:83:24:18:c0:40:89:0e:30:92:c4:7c:03:ef:c4:ae:be:
         1c:56:43:8b:8c:2c:b3:aa:9a:dc:04:2d:09:03:98:b8:9a:6b:
         70:ea:97:40:d9:c4:60:8b:9f:e3:21:f1:60:4b:9f:c0:31:f1:
         1b:6b:64:ac:e1:9d:63:59:4d:52:33:ed:27:0b:f1:8f:99:38:
         e4:d2:6b:ea:37:7c:83:59:b8:11:f5:e8:06:87:e4:f0:ad:f0:
         37:a6:e0:5d
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMyLN7/hcA9a++4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
Nzc0Yjc4ZDctYzVkNC00YWEzLWE5OGYtN2ZkOTkwNDNmZGU0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukzcudViy6H8pY336nLGHhygIgS2009qbbHd
kMvxB/8ek0tCRVTABSKVhLUNDhVUvAVEB2nb0uvODyZp67gWRk+HsJjsPk6rsEyL
5co8D8O6ZHwECNGTTXr0bFvyM1FP815d64VHwjltlh/rKeX5KtNBXZett5o8PJ5P
y/H/e+SOEUw0WFbyztaWu4N/C08C6EDc7Yb/HrxjPogniPZ8lK3WjzJeXjHktkPm
F4YJU3kfXs8P1kbq8RXyZs/LljviO5xG7mVjw57fzqgoZVpdMdDQ1kY9AvL+s7PG
Z6TLbV3z9mqjHgU9+IUcwMoEM73IiMbzThZXDfwK8kWGmcXohwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFODRUF4uM8g0N9D5SZVdTRGQ6qk1MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNDEzNjk1MDgtNDE5Ni0z
ZmJiLWJhYWEtYjY2ZDE3ZDE3NzNjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA0Vw5MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJWqRDWRtv+UIFDdSp3P3ljxIz+w+uhFLbJr44/r6wB5y8iOVOoeX0d2
eUmm2HMjYTslE609ZXQ1q+XdzDdFdnvyCOkOig0u8C+awVX4njXVu0GfWjd6C3Ay
iAjxXPagfEwhl/CCrUsCRfI3L/nKTPuQD0QS7x6aNqGMy7vDba0k9UaGEaqhzxYr
DQCRBnsr8+qMfB19h1OH9a8vp1z1UOBy4Pd3gyQYwECJDjCSxHwD78SuvhxWQ4uM
LLOqmtwELQkDmLiaa3Dql0DZxGCLn+Mh8WBLn8Ax8RtrZKzhnWNZTVIz7ScL8Y+Z
OOTSa+o3fINZuBH16AaH5PCt8Dem4F0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:30:25 2025 by rpki-client