Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4a02d920-8769-3422-9ac9-f04a1d1ba717.roa
File:                     4a02d920-8769-3422-9ac9-f04a1d1ba717.roa (raw, json)
Hash identifier:          WVqtpKgX7xddRgjjBjgkjo2b+wIuux4Pc0Nkbh5I+zI=
Subject key identifier:   D2:1D:08:8A:F4:0C:D0:5E:63:93:65:CD:D8:76:F9:68:B3:29:2F:33
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285847F1552D01E0E4BBB268285F00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4a02d920-8769-3422-9ac9-f04a1d1ba717.roa
Signing time:             Wed 20 Nov 2024 14:00:52 +0000
ROA not before:           Wed 20 Nov 2024 14:00:52 +0000
ROA not after:            Tue 18 Feb 2025 14:00:52 +0000
asID:                     7029
IP address blocks:        66.184.0.0/17 maxlen: 17
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:f1:55:2d:01:e0:e4:bb:b2:68:28:5f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Nov 20 14:00:52 2024 GMT
            Not After : Feb 18 14:00:52 2025 GMT
        Subject: CN=4fa47e7e-b3ca-4d54-90d5-4ea42fe087c4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:c9:22:00:5f:1c:32:1f:61:45:58:ca:78:49:
                    24:18:8a:34:70:97:2d:62:79:44:8f:ba:85:a0:2d:
                    c8:2f:37:a6:15:bb:7b:f5:eb:ad:27:3a:89:f7:5f:
                    bd:ca:cf:d0:d6:08:9f:09:77:8e:70:db:e1:fc:01:
                    5e:10:c0:49:d2:ef:e7:5e:ff:d9:a5:c2:9e:f2:24:
                    ef:f4:c1:ca:eb:f4:76:ae:b1:b4:c8:7d:48:68:d3:
                    09:42:6f:b1:af:e1:6d:16:b4:0c:cf:1c:19:d7:76:
                    74:47:7d:cf:5c:e4:4c:56:e6:26:a1:5a:77:81:51:
                    08:2f:d0:4e:d9:f9:3f:2c:41:67:51:35:cf:5e:6f:
                    1f:09:f5:a5:1e:38:5a:6e:45:e2:43:43:f6:9e:c4:
                    4d:26:e0:2d:41:ce:6b:5f:64:d9:b9:51:f5:f1:a0:
                    86:00:5a:53:ad:a2:50:2e:4c:b1:2a:af:99:d6:b6:
                    21:01:ec:61:f8:15:61:42:4e:53:5c:16:bb:36:f2:
                    78:d9:d2:74:56:e1:d9:57:8a:f5:af:74:f9:44:7a:
                    ce:ad:46:8f:62:a8:5d:b6:9e:b3:53:5b:34:75:f2:
                    f3:83:51:c5:2d:b9:82:94:2a:0d:eb:b8:35:73:5c:
                    21:a1:e0:a7:9b:e0:e4:f7:ae:03:2a:f3:05:16:a2:
                    cb:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:1D:08:8A:F4:0C:D0:5E:63:93:65:CD:D8:76:F9:68:B3:29:2F:33
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4a02d920-8769-3422-9ac9-f04a1d1ba717.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.184.0.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         66:68:45:87:0c:f0:d5:34:2b:04:cd:5b:7f:92:be:1f:6b:f4:
         6b:32:d2:72:30:e4:d1:e6:40:18:60:81:b2:7f:fd:04:94:76:
         30:33:5a:06:5f:bb:a6:92:a0:f7:a6:78:03:80:24:ae:fa:09:
         4e:b1:18:7a:3c:8b:5c:85:aa:24:92:43:f8:5d:17:ef:de:e1:
         b5:6d:d6:90:93:2c:34:02:b1:38:8d:ec:0b:de:b3:27:53:70:
         cb:01:aa:18:a5:4b:72:58:e9:d3:ea:3c:76:44:44:ed:53:2b:
         27:ca:f2:54:f6:1b:ec:b9:9a:b1:75:f7:58:1e:09:c9:d2:b5:
         34:a8:43:8d:21:ac:96:49:63:ff:53:2b:8b:7c:83:ad:78:41:
         2a:2c:a0:d3:4a:b6:bd:bb:ed:65:5a:14:c6:d2:2b:54:e4:f9:
         a3:5a:b9:03:9e:f2:44:f1:00:e6:52:8a:97:8f:7e:57:b9:d4:
         7c:29:15:62:8c:f2:30:54:fa:ae:46:e4:b9:ab:04:dc:48:0b:
         d8:aa:a3:eb:25:66:28:0c:3e:ff:80:7a:21:49:a4:28:a7:22:
         d1:b7:83:b2:ba:d2:c9:1d:6e:91:22:d2:0c:df:8a:d2:7b:86:
         14:72:8c:fa:2a:ca:04:3e:a3:61:6c:bd:70:10:74:08:73:b6:
         86:78:43:6f
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEfxVS0B4OS7smgoXwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MTEyMDE0MDA1MloXDTI1MDIxODE0MDA1MlowLzEtMCsGA1UEAxMk
NGZhNDdlN2UtYjNjYS00ZDU0LTkwZDUtNGVhNDJmZTA4N2M0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6MkiAF8cMh9hRVjKeEkkGIo0cJctYnlEj7qF
oC3ILzemFbt79eutJzqJ91+9ys/Q1gifCXeOcNvh/AFeEMBJ0u/nXv/ZpcKe8iTv
9MHK6/R2rrG0yH1IaNMJQm+xr+FtFrQMzxwZ13Z0R33PXORMVuYmoVp3gVEIL9BO
2fk/LEFnUTXPXm8fCfWlHjhabkXiQ0P2nsRNJuAtQc5rX2TZuVH18aCGAFpTraJQ
LkyxKq+Z1rYhAexh+BVhQk5TXBa7NvJ42dJ0VuHZV4r1r3T5RHrOrUaPYqhdtp6z
U1s0dfLzg1HFLbmClCoN67g1c1whoeCnm+Dk964DKvMFFqLLbQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNIdCIr0DNBeY5Nlzdh2+WizKS8zMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNGEwMmQ5MjAtODc2OS0z
NDIyLTlhYzktZjA0YTFkMWJhNzE3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHQrgAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGZoRYcM8NU0KwTNW3+Svh9r9Gsy0nIw5NHmQBhggbJ//QSUdjAzWgZf
u6aSoPemeAOAJK76CU6xGHo8i1yFqiSSQ/hdF+/e4bVt1pCTLDQCsTiN7AvesydT
cMsBqhilS3JY6dPqPHZERO1TKyfK8lT2G+y5mrF191geCcnStTSoQ40hrJZJY/9T
K4t8g614QSosoNNKtr277WVaFMbSK1Tk+aNauQOe8kTxAOZSipePfle51HwpFWKM
8jBU+q5G5LmrBNxIC9iqo+slZigMPv+AeiFJpCinItG3g7K60skdbpEi0gzfitJ7
hhRyjPoqygQ+o2FsvXAQdAhztoZ4Q28=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:27 2025 by rpki-client