Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5221bc4a-46f2-30af-a2ea-08755ab8973a.roa
File:                     5221bc4a-46f2-30af-a2ea-08755ab8973a.roa (raw, json)
Hash identifier:          KyKIdSsa2YjbKGL3+QdmqfTiEsHm3jIy6LnId6Yjfxo=
Subject key identifier:   30:40:C5:F7:F1:F2:93:65:B2:A5:C5:85:DE:DE:C5:27:91:5C:B7:69
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285847F15514388E1CB868BD126A00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5221bc4a-46f2-30af-a2ea-08755ab8973a.roa
Signing time:             Wed 20 Nov 2024 14:00:52 +0000
ROA not before:           Wed 20 Nov 2024 14:00:52 +0000
ROA not after:            Tue 18 Feb 2025 14:00:52 +0000
asID:                     27338
IP address blocks:        72.242.143.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:f1:55:14:38:8e:1c:b8:68:bd:12:6a:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Nov 20 14:00:52 2024 GMT
            Not After : Feb 18 14:00:52 2025 GMT
        Subject: CN=8f446e03-9332-491f-8384-300d224b459b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:46:72:3e:e1:a3:47:e8:e5:62:dd:2c:20:ce:
                    bb:8b:04:64:52:45:c3:cb:2e:79:47:e3:1b:34:cd:
                    19:a9:af:77:e7:fb:5b:15:52:80:88:24:c9:60:27:
                    83:81:c6:70:7c:79:bd:f6:92:7b:9b:9b:28:bf:23:
                    00:24:bb:73:fb:2f:04:2c:29:be:f8:f8:c2:3a:8b:
                    58:a3:71:47:85:48:f5:a6:b8:75:b7:34:86:09:ac:
                    04:7a:20:d1:e0:a2:a0:2b:e1:ba:7c:9c:b7:91:b7:
                    03:1f:5a:b0:c3:77:3b:1a:91:af:ef:aa:71:a6:4a:
                    64:0b:24:a0:b4:06:2a:eb:1b:73:4c:40:e3:58:1e:
                    f1:7c:d7:78:74:15:ec:a8:65:1e:b8:61:68:e6:d9:
                    f5:36:17:51:45:a5:5b:b1:9c:2b:83:c4:b1:bc:e0:
                    92:d8:d6:4a:4d:5a:c7:89:d8:e1:f5:05:f9:4a:14:
                    05:80:ad:0d:39:24:ca:4d:af:5f:34:2e:e1:93:9b:
                    ac:6a:99:93:1e:2c:a1:7b:cb:20:7a:52:8c:ca:44:
                    b1:af:ea:e0:0d:cc:e4:e0:97:05:f2:2b:36:11:f9:
                    4f:57:51:b6:b2:44:d2:33:8f:e6:56:17:c7:68:cc:
                    18:b7:2b:f2:f9:da:8b:be:20:88:58:76:44:07:72:
                    7b:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:40:C5:F7:F1:F2:93:65:B2:A5:C5:85:DE:DE:C5:27:91:5C:B7:69
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5221bc4a-46f2-30af-a2ea-08755ab8973a.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.242.143.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6e:f4:ed:1b:73:d3:be:e6:c7:8f:08:73:c9:73:8c:04:a6:dd:
         2d:1b:89:f7:07:0c:7e:d3:54:e1:05:49:90:34:29:e0:3a:f1:
         3d:bf:bd:70:33:f2:7c:9c:21:71:62:74:f5:7f:e1:1e:f0:12:
         53:5d:e3:a9:47:78:be:48:7d:0a:d7:93:34:55:3a:41:32:97:
         73:ce:a7:9f:88:f0:6c:83:84:96:20:d1:f7:86:80:b9:66:fe:
         76:46:f9:ab:a3:99:65:51:93:1d:3e:e8:72:bc:7a:96:fb:1c:
         1e:b7:31:c5:06:57:b9:14:93:0f:56:f1:de:2b:ef:9d:a0:f9:
         22:1e:32:4d:4e:e3:ef:ae:06:1a:20:cb:b8:cf:35:e4:18:77:
         7d:12:5b:c5:51:5c:62:1e:c4:81:23:62:ef:d5:0d:22:57:cc:
         f1:f7:bb:4f:60:f9:a5:0d:7b:16:95:8c:55:df:e9:69:8a:8e:
         c0:cb:07:f1:0e:72:d3:29:7c:ea:f2:9c:0a:2a:f2:42:9a:23:
         d3:97:70:bc:cb:b5:95:37:87:ec:6a:6b:23:95:d7:84:d1:03:
         33:1b:6e:af:c2:7d:4c:1b:d5:13:74:49:2e:f1:42:0c:e6:51:
         9c:3e:c3:90:69:53:2e:6a:36:44:75:a6:a7:51:c1:17:16:34:
         ac:a7:7b:f2
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEfxVRQ4jhy4aL0SagAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MTEyMDE0MDA1MloXDTI1MDIxODE0MDA1MlowLzEtMCsGA1UEAxMk
OGY0NDZlMDMtOTMzMi00OTFmLTgzODQtMzAwZDIyNGI0NTliMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kZyPuGjR+jlYt0sIM67iwRkUkXDyy55R+Mb
NM0Zqa935/tbFVKAiCTJYCeDgcZwfHm99pJ7m5sovyMAJLtz+y8ELCm++PjCOotY
o3FHhUj1prh1tzSGCawEeiDR4KKgK+G6fJy3kbcDH1qww3c7GpGv76pxpkpkCySg
tAYq6xtzTEDjWB7xfNd4dBXsqGUeuGFo5tn1NhdRRaVbsZwrg8SxvOCS2NZKTVrH
idjh9QX5ShQFgK0NOSTKTa9fNC7hk5usapmTHiyhe8sgelKMykSxr+rgDczk4JcF
8is2EflPV1G2skTSM4/mVhfHaMwYtyvy+dqLviCIWHZEB3J7rwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDBAxffx8pNlsqXFhd7exSeRXLdpMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNTIyMWJjNGEtNDZmMi0z
MGFmLWEyZWEtMDg3NTVhYjg5NzNhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQASPKPMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAG707Rtz077mx48Ic8lzjASm3S0bifcHDH7TVOEFSZA0KeA68T2/vXAz
8nycIXFidPV/4R7wElNd46lHeL5IfQrXkzRVOkEyl3POp5+I8GyDhJYg0feGgLlm
/nZG+aujmWVRkx0+6HK8epb7HB63McUGV7kUkw9W8d4r752g+SIeMk1O4++uBhog
y7jPNeQYd30SW8VRXGIexIEjYu/VDSJXzPH3u09g+aUNexaVjFXf6WmKjsDLB/EO
ctMpfOrynAoq8kKaI9OXcLzLtZU3h+xqayOV14TRAzMbbq/CfUwb1RN0SS7xQgzm
UZw+w5BpUy5qNkR1pqdRwRcWNKyne/I=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:24:50 2025 by rpki-client