Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/53312cfb-e76e-3e45-9603-467e72897f43.roa
File:                     53312cfb-e76e-3e45-9603-467e72897f43.roa (raw, json)
Hash identifier:          MWzKzF6X5NT15zZNYDqOVl+TMZlILZU4cekl904O3qc=
Subject key identifier:   09:95:AF:C1:19:D2:32:DB:7C:B4:56:93:33:71:49:02:7A:B4:96:DD
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D4FB239EA1CC700605CFBA280
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/53312cfb-e76e-3e45-9603-467e72897f43.roa
Signing time:             Mon 21 Mar 2022 04:00:00 +0000
ROA not before:           Mon 21 Mar 2022 04:00:00 +0000
ROA not after:            Mon 13 Mar 2028 04:00:00 +0000
asID:                     7029
IP address blocks:        216.135.128.0/17 maxlen: 17
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:4f:b2:39:ea:1c:c7:00:60:5c:fb:a2:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 21 04:00:00 2022 GMT
            Not After : Mar 13 04:00:00 2028 GMT
        Subject: CN=6fa79bdf-c9ac-4509-854e-39c18701c93e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:93:bf:ec:1b:ab:c9:1a:4e:e8:f9:e4:a8:58:
                    b4:38:15:8c:e8:c1:a5:45:60:39:1f:b5:80:05:29:
                    93:e2:12:98:13:18:f7:e2:92:89:8d:ad:94:60:8f:
                    27:52:5d:70:b4:d4:d9:5e:1c:2e:f7:7d:90:fe:a0:
                    87:d4:ab:2b:d5:4f:d2:24:72:e3:6c:5e:82:49:aa:
                    24:57:f9:42:33:43:a5:d2:4b:00:76:54:ab:3e:17:
                    15:83:d2:6c:39:68:ef:fa:5a:1b:cd:5d:a6:65:b1:
                    ec:d1:ce:0e:4f:3c:87:bd:ef:85:f9:8e:af:c0:0e:
                    38:3c:1c:89:7f:87:cf:e9:b2:ad:52:68:43:0c:54:
                    42:2d:40:4c:04:3a:5c:43:ff:db:be:4a:6e:ed:05:
                    c0:67:86:6c:71:a9:0f:db:49:1a:5a:9b:f6:a0:5a:
                    a1:ab:03:2c:c5:9a:8f:51:06:c6:e3:d0:ac:08:f7:
                    f1:a8:d3:a6:a5:79:21:8b:6f:d9:25:69:47:67:aa:
                    9f:0c:d7:77:e7:0e:d3:8c:9d:d9:38:59:b2:1a:da:
                    35:ab:d4:cb:dc:bd:ee:4e:b2:31:03:49:f7:a0:85:
                    63:12:60:13:53:5a:dd:14:99:93:94:8f:d2:1d:a2:
                    0d:2d:d9:70:10:7a:a4:68:40:99:97:48:f9:f3:60:
                    56:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:95:AF:C1:19:D2:32:DB:7C:B4:56:93:33:71:49:02:7A:B4:96:DD
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/53312cfb-e76e-3e45-9603-467e72897f43.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.135.128.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         78:3e:d6:7c:15:6c:21:63:72:65:56:76:b0:a4:aa:c7:61:d1:
         85:bf:e5:10:45:33:ae:90:dc:49:1d:df:42:51:4e:3f:af:bd:
         fb:71:60:0f:d5:d1:56:06:b6:4b:35:0a:95:11:b2:a2:59:ae:
         3c:64:49:dd:8e:29:d2:b5:84:13:ea:b5:60:55:3e:bc:02:3d:
         51:80:21:bc:9b:a9:a7:6f:7a:4b:85:d8:67:45:b7:4e:aa:44:
         4f:cd:85:1e:3d:2f:cd:54:0e:16:71:76:b0:d8:03:a7:6e:3a:
         ab:59:a7:23:5a:cd:92:15:65:19:a1:43:55:f5:4c:96:60:c9:
         44:c3:35:c4:a8:b8:43:2e:82:9f:7c:53:01:1f:6b:f1:e5:b0:
         18:b3:40:20:3a:2e:7e:4b:2b:b0:27:01:d6:cc:c0:6b:f6:97:
         d6:f7:da:f1:92:0a:0e:87:86:7d:10:62:6d:29:32:54:0f:56:
         8e:55:ce:7c:f1:36:85:73:3e:36:65:96:7b:29:6b:09:9c:93:
         51:22:c0:0f:cd:2b:60:6b:d6:08:ec:dd:6b:ea:93:47:0f:51:
         68:a1:b0:a8:ef:9d:90:32:79:28:e1:8c:5c:cd:a6:4b:95:b9:
         45:6a:7a:9d:dc:9b:9b:03:55:48:4a:0b:d7:47:9b:3b:ab:49:
         4b:b5:2d:74
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD1PsjnqHMcAYFz7ooAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMyMTA0MDAwMFoXDTI4MDMxMzA0MDAwMFowLzEtMCsGA1UEAxMk
NmZhNzliZGYtYzlhYy00NTA5LTg1NGUtMzljMTg3MDFjOTNlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5O/7BuryRpO6PnkqFi0OBWM6MGlRWA5H7WA
BSmT4hKYExj34pKJja2UYI8nUl1wtNTZXhwu932Q/qCH1Ksr1U/SJHLjbF6CSaok
V/lCM0Ol0ksAdlSrPhcVg9JsOWjv+lobzV2mZbHs0c4OTzyHve+F+Y6vwA44PByJ
f4fP6bKtUmhDDFRCLUBMBDpcQ//bvkpu7QXAZ4ZscakP20kaWpv2oFqhqwMsxZqP
UQbG49CsCPfxqNOmpXkhi2/ZJWlHZ6qfDNd35w7TjJ3ZOFmyGto1q9TL3L3uTrIx
A0n3oIVjEmATU1rdFJmTlI/SHaINLdlwEHqkaECZl0j582BWgwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAmVr8EZ0jLbfLRWkzNxSQJ6tJbdMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNTMzMTJjZmItZTc2ZS0z
ZTQ1LTk2MDMtNDY3ZTcyODk3ZjQzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH2IeAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHg+1nwVbCFjcmVWdrCkqsdh0YW/5RBFM66Q3Ekd30JRTj+vvftxYA/V
0VYGtks1CpURsqJZrjxkSd2OKdK1hBPqtWBVPrwCPVGAIbybqadvekuF2GdFt06q
RE/NhR49L81UDhZxdrDYA6duOqtZpyNazZIVZRmhQ1X1TJZgyUTDNcSouEMugp98
UwEfa/HlsBizQCA6Ln5LK7AnAdbMwGv2l9b32vGSCg6Hhn0QYm0pMlQPVo5Vznzx
NoVzPjZllnspawmck1EiwA/NK2Br1gjs3Wvqk0cPUWihsKjvnZAyeSjhjFzNpkuV
uUVqep3cm5sDVUhKC9dHmzurSUu1LXQ=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:02:37 2025 by rpki-client