Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/45071442-bad6-3c19-9762-e4e9f3880d7e.roa
File:                     45071442-bad6-3c19-9762-e4e9f3880d7e.roa (raw, json)
Hash identifier:          96V5Ipo0qb4WZflwUiXHREIBdDu1uMaxxb5rL7vcFAo=
Subject key identifier:   9E:FD:53:39:8B:5C:3A:CF:1C:B0:C7:03:3E:80:93:FA:99:35:87:39
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584711E073EABB775AD2F6899100
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/45071442-bad6-3c19-9762-e4e9f3880d7e.roa
Signing time:             Sun 01 Sep 2024 13:00:41 +0000
ROA not before:           Sun 01 Sep 2024 13:00:41 +0000
ROA not after:            Sat 30 Nov 2024 14:00:41 +0000
asID:                     7029
IP address blocks:        68.232.112.0/20 maxlen: 20
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:11:e0:73:ea:bb:77:5a:d2:f6:89:91:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Sep  1 13:00:41 2024 GMT
            Not After : Nov 30 14:00:41 2024 GMT
        Subject: CN=69f99063-f110-4240-a9f4-ae09968babb7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:b4:05:cf:be:54:9f:3a:08:f3:96:c1:3d:62:
                    db:41:25:32:bb:1d:9c:66:45:d9:36:3f:2c:82:f6:
                    4d:2d:b0:a2:83:3e:07:cb:d0:4e:44:c0:c8:21:d1:
                    1d:c2:64:51:1e:73:93:ec:2d:63:ab:9c:f0:27:b9:
                    e0:7c:81:87:75:de:f9:2c:53:17:1a:59:f7:bb:27:
                    21:81:bb:9a:c2:e4:e2:a3:4e:62:f9:0a:56:67:bc:
                    62:9d:68:ed:ab:b6:12:1f:76:ac:dd:ff:bd:dd:72:
                    46:79:ad:e8:fd:6c:d4:31:95:9d:d8:9c:d7:53:8b:
                    8e:32:da:94:ad:4e:84:f7:7c:25:df:35:9f:86:e1:
                    70:2f:71:32:e1:08:f9:f1:48:02:5b:df:f4:9a:0f:
                    94:fa:55:b7:a9:cd:7f:23:f7:9d:a3:74:a5:8d:7a:
                    2a:e0:a6:70:57:73:01:4d:bb:31:3d:70:cf:39:46:
                    62:93:ac:a8:9b:cf:4f:e9:05:81:7a:f5:50:2b:78:
                    3a:d9:63:7b:ef:d6:0d:90:cf:39:14:03:83:61:c1:
                    d1:9d:57:eb:a9:e8:1a:26:6d:1f:da:4c:ed:11:18:
                    e3:6c:b8:bf:9b:0c:c9:d5:e0:d0:08:99:0e:fa:2b:
                    3c:c1:8a:2b:83:de:20:be:6d:77:f3:43:03:b5:73:
                    66:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:FD:53:39:8B:5C:3A:CF:1C:B0:C7:03:3E:80:93:FA:99:35:87:39
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/45071442-bad6-3c19-9762-e4e9f3880d7e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  68.232.112.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         81:6b:5a:15:44:29:ee:d8:3c:fb:ab:94:11:f2:0e:de:0c:0f:
         38:bd:fa:d4:15:97:1e:be:9b:2f:8d:23:e2:1e:70:6b:49:c8:
         a0:f6:36:f6:20:f9:39:54:3b:6d:a6:51:50:ab:9a:0b:50:2f:
         13:95:d9:ed:29:67:0d:73:d9:5c:4b:0e:6b:ac:3c:5f:05:17:
         4e:48:88:1b:58:05:f1:c7:e3:7c:3c:ef:94:71:85:fc:5b:71:
         91:f5:36:40:3e:96:ba:cb:b5:8b:e9:7d:e9:e6:73:3c:c1:b9:
         82:50:57:34:40:d8:84:be:0b:66:b8:6d:31:04:ba:e3:33:1f:
         f1:4e:1c:98:ae:01:4e:9a:13:fc:96:4c:07:d0:7b:03:30:8a:
         3c:62:d9:7f:6f:87:7a:b3:90:6e:df:6c:05:d5:33:6e:b8:8a:
         d8:ed:b9:03:06:b9:cb:03:f9:1a:c5:91:9f:bb:07:a0:3c:2e:
         92:3d:aa:8a:4d:6f:3d:b6:d2:d6:78:9d:a9:e0:30:4d:5b:43:
         8f:8d:7b:b7:ee:a7:98:93:1e:fb:01:db:4f:27:cf:84:d8:8d:
         3f:c8:cc:d4:4c:67:cc:9a:19:09:f1:fe:f4:fc:ea:48:4e:de:
         e5:31:1e:c8:8b:96:aa:00:6e:43:29:05:cb:47:8f:a1:2f:2d:
         3e:06:ff:c5
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEcR4HPqu3da0vaJkQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDkwMTEzMDA0MVoXDTI0MTEzMDE0MDA0MVowLzEtMCsGA1UEAxMk
NjlmOTkwNjMtZjExMC00MjQwLWE5ZjQtYWUwOTk2OGJhYmI3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7QFz75UnzoI85bBPWLbQSUyux2cZkXZNj8s
gvZNLbCigz4Hy9BORMDIIdEdwmRRHnOT7C1jq5zwJ7ngfIGHdd75LFMXGln3uych
gbuawuTio05i+QpWZ7xinWjtq7YSH3as3f+93XJGea3o/WzUMZWd2JzXU4uOMtqU
rU6E93wl3zWfhuFwL3Ey4Qj58UgCW9/0mg+U+lW3qc1/I/edo3SljXoq4KZwV3MB
TbsxPXDPOUZik6yom89P6QWBevVQK3g62WN779YNkM85FAODYcHRnVfrqegaJm0f
2kztERjjbLi/mwzJ1eDQCJkO+is8wYorg94gvm1380MDtXNmeQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJ79UzmLXDrPHLDHAz6Ak/qZNYc5MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNDUwNzE0NDItYmFkNi0z
YzE5LTk3NjItZTRlOWYzODgwZDdlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEROhwMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIFrWhVEKe7YPPurlBHyDt4MDzi9+tQVlx6+my+NI+IecGtJyKD2NvYg
+TlUO22mUVCrmgtQLxOV2e0pZw1z2VxLDmusPF8FF05IiBtYBfHH43w875Rxhfxb
cZH1NkA+lrrLtYvpfenmczzBuYJQVzRA2IS+C2a4bTEEuuMzH/FOHJiuAU6aE/yW
TAfQewMwijxi2X9vh3qzkG7fbAXVM264itjtuQMGucsD+RrFkZ+7B6A8LpI9qopN
bz220tZ4nangME1bQ4+Ne7fup5iTHvsB208nz4TYjT/IzNRMZ8yaGQnx/vT86khO
3uUxHsiLlqoAbkMpBctHj6EvLT4G/8U=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:12:31 2025 by rpki-client