Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/526e655c-b572-3e13-9c69-a401937fd975.roa
File:                     526e655c-b572-3e13-9c69-a401937fd975.roa (raw, json)
Hash identifier:          2CSLPpxI8aMCb/cnT3B0UbIeJx+Y4i7P0KaIyJpJZ+g=
Subject key identifier:   2B:3A:2D:1E:C7:FF:6B:E3:AD:9C:43:66:15:88:77:39:54:9B:4D:47
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D4FB2896437C8FACB2A6D99A0
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/526e655c-b572-3e13-9c69-a401937fd975.roa
Signing time:             Mon 21 Mar 2022 04:00:00 +0000
ROA not before:           Mon 21 Mar 2022 04:00:00 +0000
ROA not after:            Mon 13 Mar 2028 04:00:00 +0000
asID:                     7029
IP address blocks:        216.215.128.0/17 maxlen: 17
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:4f:b2:89:64:37:c8:fa:cb:2a:6d:99:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 21 04:00:00 2022 GMT
            Not After : Mar 13 04:00:00 2028 GMT
        Subject: CN=b743420c-d58d-42ed-a0e6-9158deabc517
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:fe:c8:2b:db:c5:c6:6e:02:05:4b:8a:31:84:
                    da:a0:6e:4e:b4:79:3b:1a:cd:57:cc:21:87:2c:40:
                    40:10:87:b4:2f:4c:42:fd:05:a8:39:35:54:f8:1b:
                    f0:31:81:a5:cd:47:71:88:7c:74:8d:3c:b0:b7:cb:
                    e0:04:65:9b:7f:9e:eb:81:10:1e:9e:21:27:0a:f4:
                    f9:9f:17:ae:bc:4b:18:1b:4d:3c:06:5b:e2:98:59:
                    21:58:bf:5b:dd:36:38:39:09:91:4d:db:6d:96:ce:
                    0e:67:49:8b:6f:d4:39:6d:17:e3:68:44:6a:0e:c4:
                    87:88:fc:a5:cf:ae:98:1f:e0:2b:7c:96:c8:96:23:
                    92:5c:c7:32:18:c5:a9:60:19:5e:09:d5:b2:64:02:
                    f9:e1:30:1a:d4:ba:06:10:51:6a:d5:54:a9:84:66:
                    10:5d:57:60:ac:0c:6b:f8:59:d1:78:ab:59:96:48:
                    08:b7:6c:2b:10:a9:cd:c5:4e:ca:0d:8b:57:0a:5e:
                    78:ed:fc:b3:50:b0:8e:4a:40:da:9e:26:cf:c5:3a:
                    c7:a5:96:c5:68:d9:7d:b4:98:49:fb:b1:c0:8a:f5:
                    d0:22:28:a2:2b:04:78:66:3e:31:1d:e0:5c:bb:83:
                    96:52:b0:9c:cd:52:44:18:e4:8e:26:e2:51:61:ee:
                    73:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:3A:2D:1E:C7:FF:6B:E3:AD:9C:43:66:15:88:77:39:54:9B:4D:47
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/526e655c-b572-3e13-9c69-a401937fd975.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.215.128.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         88:b5:88:82:50:6c:05:8c:57:af:7c:52:f8:b8:5a:53:9d:a1:
         f3:0c:27:2f:a1:ab:98:65:5d:0b:4f:59:b1:38:49:fc:39:e5:
         5a:e5:da:e5:9b:31:8d:75:d5:ad:49:7b:5f:e5:a2:41:53:26:
         1c:38:e0:88:cc:b1:94:55:dd:d3:c5:02:ca:6f:87:e1:f3:54:
         93:55:8e:db:f2:bd:9e:45:8e:6d:a2:3d:ca:6f:0a:ef:74:42:
         ca:9a:03:79:06:8c:fb:07:82:aa:f7:4f:7f:76:14:77:93:05:
         3f:2c:81:a1:b4:7a:7d:69:3e:36:3b:db:ce:82:f6:1e:29:82:
         63:03:e6:8d:02:ee:b5:8b:ff:06:f6:a0:fc:6f:4a:d8:93:77:
         fa:9e:fc:f4:ad:94:01:b0:92:27:97:8c:90:5c:7f:16:cb:8d:
         96:b7:28:0a:3e:9c:f6:94:bf:ca:5d:7a:3d:97:ab:61:64:74:
         19:2e:b2:0c:06:f1:63:02:04:51:4e:59:02:3e:18:2b:58:1f:
         b2:49:9c:d2:c4:63:d9:a7:81:bf:87:48:7e:7c:b6:76:9c:27:
         71:a7:77:4e:c8:8a:a4:2e:3e:7b:04:17:24:e9:9b:dd:6c:bd:
         93:fa:00:3d:97:da:d8:6b:2a:71:67:c0:68:da:7d:39:f8:0f:
         99:c5:8f:18
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD1PsolkN8j6yyptmaAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMyMTA0MDAwMFoXDTI4MDMxMzA0MDAwMFowLzEtMCsGA1UEAxMk
Yjc0MzQyMGMtZDU4ZC00MmVkLWEwZTYtOTE1OGRlYWJjNTE3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/7IK9vFxm4CBUuKMYTaoG5OtHk7Gs1XzCGH
LEBAEIe0L0xC/QWoOTVU+BvwMYGlzUdxiHx0jTywt8vgBGWbf57rgRAeniEnCvT5
nxeuvEsYG008BlvimFkhWL9b3TY4OQmRTdttls4OZ0mLb9Q5bRfjaERqDsSHiPyl
z66YH+ArfJbIliOSXMcyGMWpYBleCdWyZAL54TAa1LoGEFFq1VSphGYQXVdgrAxr
+FnReKtZlkgIt2wrEKnNxU7KDYtXCl547fyzULCOSkDanibPxTrHpZbFaNl9tJhJ
+7HAivXQIiiiKwR4Zj4xHeBcu4OWUrCczVJEGOSOJuJRYe5zZwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFCs6LR7H/2vjrZxDZhWIdzlUm01HMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNTI2ZTY1NWMtYjU3Mi0z
ZTEzLTljNjktYTQwMTkzN2ZkOTc1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH2NeAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIi1iIJQbAWMV698Uvi4WlOdofMMJy+hq5hlXQtPWbE4Sfw55Vrl2uWb
MY111a1Je1/lokFTJhw44IjMsZRV3dPFAspvh+HzVJNVjtvyvZ5Fjm2iPcpvCu90
QsqaA3kGjPsHgqr3T392FHeTBT8sgaG0en1pPjY7286C9h4pgmMD5o0C7rWL/wb2
oPxvStiTd/qe/PStlAGwkieXjJBcfxbLjZa3KAo+nPaUv8pdej2Xq2FkdBkusgwG
8WMCBFFOWQI+GCtYH7JJnNLEY9mngb+HSH58tnacJ3Gnd07IiqQuPnsEFyTpm91s
vZP6AD2X2thrKnFnwGjafTn4D5nFjxg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:01:55 2025 by rpki-client