Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/46ae3a1a-1cd4-3bd5-9a49-6e3070565a15.roa
File:                     46ae3a1a-1cd4-3bd5-9a49-6e3070565a15.roa (raw, json)
Hash identifier:          Ql+300YQ1QALGQbbEQwFJuODqT37zl2ETye3HX7MXpE=
Subject key identifier:   A1:2C:29:E7:04:80:F7:7C:C0:A9:55:B6:36:26:8C:51:56:66:A0:2F
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285847F15530430C24612F6A9E0D80
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/46ae3a1a-1cd4-3bd5-9a49-6e3070565a15.roa
Signing time:             Wed 20 Nov 2024 14:00:52 +0000
ROA not before:           Wed 20 Nov 2024 14:00:52 +0000
ROA not after:            Tue 18 Feb 2025 14:00:52 +0000
asID:                     7029
IP address blocks:        72.242.0.0/15 maxlen: 15
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:f1:55:30:43:0c:24:61:2f:6a:9e:0d:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Nov 20 14:00:52 2024 GMT
            Not After : Feb 18 14:00:52 2025 GMT
        Subject: CN=637d490e-4f51-44b0-82b4-b2c86a81a722
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:e7:b6:b1:44:e7:f9:d8:63:87:dd:75:24:59:
                    0b:70:8b:f0:08:7f:63:ff:39:d2:09:4f:47:19:75:
                    d1:95:2d:df:62:c8:0b:d3:b7:bb:c5:dc:50:47:2a:
                    1a:41:91:e3:40:64:f6:fa:5e:29:66:60:1d:90:7f:
                    1a:6e:a7:78:03:4f:bc:86:d4:cc:91:6e:35:ce:d3:
                    56:17:23:98:28:e4:71:8d:d6:44:26:07:9e:25:27:
                    4c:fa:62:3a:11:97:42:fc:55:a8:a5:6b:60:52:8a:
                    10:fa:40:d8:7b:44:65:6d:66:7a:b1:95:60:cc:f3:
                    a6:f5:38:ab:15:b8:43:dd:1a:20:31:30:f0:4e:4c:
                    b5:d2:bc:45:05:95:73:64:dd:90:28:4e:a1:6f:69:
                    28:37:c1:21:4c:75:84:bc:e4:73:4f:47:6c:78:e9:
                    b6:5e:4b:44:7b:92:84:dd:16:ba:52:55:ea:50:8f:
                    05:5f:2e:b1:d2:67:e9:30:40:75:24:d9:da:a7:95:
                    c8:02:8b:d6:d1:00:d9:77:cc:fe:2a:d2:8e:96:05:
                    93:b3:07:71:ac:bc:15:4e:20:9b:0f:93:a6:fe:3a:
                    a7:fc:9c:82:96:92:28:2d:87:aa:83:6e:83:d4:2e:
                    42:a6:e0:e9:a4:dd:8c:8d:29:75:19:8e:13:3a:33:
                    18:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:2C:29:E7:04:80:F7:7C:C0:A9:55:B6:36:26:8C:51:56:66:A0:2F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/46ae3a1a-1cd4-3bd5-9a49-6e3070565a15.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.242.0.0/15

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6e:16:c6:dd:7e:3d:05:45:33:22:ed:e6:e4:c2:40:21:d1:75:
         53:2c:41:ae:3c:67:10:3f:ba:bc:ad:79:3d:05:26:de:2c:a7:
         bc:ec:e6:ca:73:32:dc:05:85:c8:8b:69:c4:0a:0b:3f:6d:30:
         17:1b:f4:61:a6:fd:90:e4:f4:93:a1:22:87:8b:06:18:78:42:
         f0:68:34:e4:d8:16:4f:07:fe:a0:6e:d1:00:48:c7:3b:b3:db:
         26:12:76:4a:8d:76:28:04:f1:e7:59:1a:54:32:17:4b:9f:ea:
         cd:e6:e1:2c:11:a7:5b:70:07:ba:c7:90:77:62:04:30:34:1d:
         4f:6c:79:ef:1c:f0:ea:cf:7b:71:c8:a7:91:73:db:53:04:80:
         3a:2c:1f:dd:05:2f:19:3f:6a:73:e4:4e:c7:ab:18:25:5f:8b:
         cf:48:18:f0:94:83:c5:fe:c4:01:b5:82:0e:c2:c6:3b:30:cc:
         56:fc:8e:2a:9b:c0:f9:b2:05:87:32:46:e0:1e:51:a6:fe:b7:
         88:5b:f7:37:76:6b:c8:c4:6b:b9:43:72:47:80:4b:e1:da:37:
         8a:91:ea:a2:e8:84:b8:4f:58:51:aa:d2:16:cc:1e:7c:08:e6:
         6d:5d:a0:9a:f8:46:33:de:16:a6:44:7c:6d:5a:57:a2:c0:2a:
         20:42:68:88
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgIUAQ0Mn0MoWEfxVTBDDCRhL2qeDYAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MTEyMDE0MDA1MloXDTI1MDIxODE0MDA1MlowLzEtMCsGA1UEAxMk
NjM3ZDQ5MGUtNGY1MS00NGIwLTgyYjQtYjJjODZhODFhNzIyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Oe2sUTn+dhjh911JFkLcIvwCH9j/znSCU9H
GXXRlS3fYsgL07e7xdxQRyoaQZHjQGT2+l4pZmAdkH8abqd4A0+8htTMkW41ztNW
FyOYKORxjdZEJgeeJSdM+mI6EZdC/FWopWtgUooQ+kDYe0RlbWZ6sZVgzPOm9Tir
FbhD3RogMTDwTky10rxFBZVzZN2QKE6hb2koN8EhTHWEvORzT0dseOm2XktEe5KE
3Ra6UlXqUI8FXy6x0mfpMEB1JNnap5XIAovW0QDZd8z+KtKOlgWTswdxrLwVTiCb
D5Om/jqn/JyClpIoLYeqg26D1C5CpuDppN2MjSl1GY4TOjMY0wIDAQABo4IDVDCC
A1AwHQYDVR0OBBYEFKEsKecEgPd8wKlVtjYmjFFWZqAvMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNDZhZTNhMWEtMWNkNC0z
YmQ1LTlhNDktNmUzMDcwNTY1YTE1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBSPIwVAYD
VR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3
dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsF
AAOCAQEAbhbG3X49BUUzIu3m5MJAIdF1UyxBrjxnED+6vK15PQUm3iynvOzmynMy
3AWFyItpxAoLP20wFxv0Yab9kOT0k6Eih4sGGHhC8Gg05NgWTwf+oG7RAEjHO7Pb
JhJ2So12KATx51kaVDIXS5/qzebhLBGnW3AHuseQd2IEMDQdT2x57xzw6s97ccin
kXPbUwSAOiwf3QUvGT9qc+ROx6sYJV+Lz0gY8JSDxf7EAbWCDsLGOzDMVvyOKpvA
+bIFhzJG4B5Rpv63iFv3N3ZryMRruUNyR4BL4do3ipHqouiEuE9YUarSFswefAjm
bV2gmvhGM94WpkR8bVpXosAqIEJoiA==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:28 2025 by rpki-client