Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4ec5e0a6-b6a3-3dd0-ab5c-915addb540a1.roa
File:                     4ec5e0a6-b6a3-3dd0-ab5c-915addb540a1.roa (raw, json)
Hash identifier:          zcDJg29IF4v/JLzIrF58aRae6j9cKYPBI9BZNJNiGh4=
Subject key identifier:   AB:F8:EA:F5:E2:CA:0B:B2:85:6D:23:28:24:E8:C7:C1:95:08:1E:4D
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285847F15543809A21604A4CA90F00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4ec5e0a6-b6a3-3dd0-ab5c-915addb540a1.roa
Signing time:             Wed 20 Nov 2024 14:00:52 +0000
ROA not before:           Wed 20 Nov 2024 14:00:52 +0000
ROA not after:            Tue 18 Feb 2025 14:00:52 +0000
asID:                     27338
IP address blocks:        72.243.183.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:f1:55:43:80:9a:21:60:4a:4c:a9:0f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Nov 20 14:00:52 2024 GMT
            Not After : Feb 18 14:00:52 2025 GMT
        Subject: CN=450f41f0-a7d6-4b48-8d85-64f2fa4d42a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:2d:65:03:9e:2b:14:6b:4e:83:aa:02:8d:99:
                    69:71:2b:79:16:48:42:aa:ab:fb:6e:62:36:48:88:
                    08:34:90:e8:bd:29:77:2a:96:c9:25:8f:dd:27:7b:
                    ef:b4:bb:28:0a:d6:76:dd:e8:5b:cd:b8:5b:66:da:
                    c9:f0:82:26:23:c0:75:f9:80:21:64:5f:f3:d6:21:
                    3e:92:5a:28:6c:f1:13:85:0f:78:ec:68:5b:38:92:
                    a6:51:51:3d:17:18:68:a7:eb:07:3e:6e:d8:2d:b2:
                    0a:73:a3:54:b3:42:8a:da:7b:55:7c:df:90:7d:7b:
                    6f:a3:72:e8:42:10:88:54:ec:f7:f1:58:ae:6a:f0:
                    70:b8:ae:c4:64:85:b7:19:9b:7d:eb:93:58:1f:c7:
                    4a:70:79:11:24:2f:c1:f0:0e:44:da:29:4f:bb:a2:
                    9f:fe:0d:4e:0b:0c:d3:71:bd:c8:3d:4e:33:be:c4:
                    76:a2:7f:97:bd:85:7b:33:aa:2b:3b:f2:dc:5d:f9:
                    70:45:d8:b2:19:cd:08:1d:df:36:90:bb:e8:83:f2:
                    27:02:8c:1a:a7:3c:7b:ce:8c:34:bf:f6:7f:f9:f9:
                    f5:08:d1:64:79:5b:19:84:a5:c5:2f:e2:5d:d8:e8:
                    6d:13:15:68:75:d9:f7:9d:fc:d7:5f:d6:71:e8:55:
                    b1:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:F8:EA:F5:E2:CA:0B:B2:85:6D:23:28:24:E8:C7:C1:95:08:1E:4D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4ec5e0a6-b6a3-3dd0-ab5c-915addb540a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.243.183.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         63:49:53:b0:9a:b4:cf:17:77:0d:1c:a2:4a:cc:de:37:7e:0d:
         3d:51:90:b5:ae:6e:1b:06:2c:98:0a:a2:c6:a4:3b:84:5f:a5:
         0a:f6:ab:ce:6f:54:ad:aa:e5:01:18:8a:39:7c:40:38:dc:8f:
         4a:07:53:24:4b:ca:ba:34:03:5c:be:74:49:e5:68:fb:8c:cd:
         f8:0e:d9:df:6f:92:15:51:6f:b2:09:0b:aa:e2:e7:46:bc:80:
         0b:d9:64:c5:fd:5c:ad:1a:34:e3:88:09:b8:f8:6b:28:3b:f8:
         6c:d5:16:a8:b0:db:89:f3:4c:32:29:e8:f2:1a:d4:6f:d9:8d:
         09:c8:f4:48:56:46:15:ae:7d:8c:96:e0:1e:47:33:f3:e0:6f:
         fc:ba:84:dc:d3:11:d2:fd:58:16:d2:5c:8d:5f:e7:26:fc:84:
         b7:e5:d9:dd:67:27:37:cb:4e:89:e5:ff:34:c1:44:7b:6f:11:
         cd:42:69:c9:ca:d5:fb:23:fe:5e:ff:ed:ba:85:2f:7e:0f:cd:
         45:7a:5b:38:24:10:f1:1c:2b:af:21:c0:d7:1c:c8:cd:47:82:
         0f:0c:b0:c3:74:88:07:a3:91:5e:7b:c9:43:0d:20:21:bc:5e:
         aa:ee:1c:88:3d:c4:c3:bb:e3:50:c4:83:0c:9b:1c:cc:8c:5b:
         34:ba:f8:44
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEfxVUOAmiFgSkypDwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MTEyMDE0MDA1MloXDTI1MDIxODE0MDA1MlowLzEtMCsGA1UEAxMk
NDUwZjQxZjAtYTdkNi00YjQ4LThkODUtNjRmMmZhNGQ0MmE3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3i1lA54rFGtOg6oCjZlpcSt5FkhCqqv7bmI2
SIgINJDovSl3KpbJJY/dJ3vvtLsoCtZ23ehbzbhbZtrJ8IImI8B1+YAhZF/z1iE+
kloobPEThQ947GhbOJKmUVE9Fxhop+sHPm7YLbIKc6NUs0KK2ntVfN+QfXtvo3Lo
QhCIVOz38ViuavBwuK7EZIW3GZt965NYH8dKcHkRJC/B8A5E2ilPu6Kf/g1OCwzT
cb3IPU4zvsR2on+XvYV7M6orO/LcXflwRdiyGc0IHd82kLvog/InAowapzx7zow0
v/Z/+fn1CNFkeVsZhKXFL+Jd2OhtExVoddn3nfzXX9Zx6FWxOQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKv46vXiyguyhW0jKCTox8GVCB5NMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNGVjNWUwYTYtYjZhMy0z
ZGQwLWFiNWMtOTE1YWRkYjU0MGExLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQASPO3MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGNJU7CatM8Xdw0cokrM3jd+DT1RkLWubhsGLJgKosakO4RfpQr2q85v
VK2q5QEYijl8QDjcj0oHUyRLyro0A1y+dEnlaPuMzfgO2d9vkhVRb7IJC6ri50a8
gAvZZMX9XK0aNOOICbj4ayg7+GzVFqiw24nzTDIp6PIa1G/ZjQnI9EhWRhWufYyW
4B5HM/Pgb/y6hNzTEdL9WBbSXI1f5yb8hLfl2d1nJzfLTonl/zTBRHtvEc1CacnK
1fsj/l7/7bqFL34PzUV6WzgkEPEcK68hwNccyM1Hgg8MsMN0iAejkV57yUMNICG8
XqruHIg9xMO741DEgwybHMyMWzS6+EQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:58 2025 by rpki-client