Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/563d251f-6259-3586-865b-ee079b93b697.roa
File:                     563d251f-6259-3586-865b-ee079b93b697.roa (raw, json)
Hash identifier:          bA1kdLlSyFNJnEXobQ4ugmfEiqUSFEBpkw9i7El2CRM=
Subject key identifier:   0A:F3:23:A1:0F:A6:FD:68:C2:74:80:85:E9:0D:34:EF:03:E4:7B:05
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D3F5FEB690180A0351F43F7E0
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/563d251f-6259-3586-865b-ee079b93b697.roa
Signing time:             Tue 15 Mar 2022 04:00:00 +0000
ROA not before:           Tue 15 Mar 2022 04:00:00 +0000
ROA not after:            Tue 07 Mar 2028 05:00:00 +0000
asID:                     7029
IP address blocks:        205.147.219.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:3f:5f:eb:69:01:80:a0:35:1f:43:f7:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 15 04:00:00 2022 GMT
            Not After : Mar  7 05:00:00 2028 GMT
        Subject: CN=b1279f71-d7af-4490-b2ef-a8e0775346ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:f0:21:38:fd:19:03:36:b8:7a:89:02:e9:9e:
                    07:40:3c:60:8f:2d:3f:f7:9c:c5:1f:4d:3e:bd:71:
                    a7:99:02:c6:02:d6:41:d1:06:02:d7:de:91:a0:a5:
                    3b:15:81:1f:82:33:c8:a3:38:2e:5e:94:d2:20:9e:
                    f5:72:4c:2d:db:7c:17:6e:09:c4:21:24:df:d9:82:
                    03:2b:29:7a:13:26:b5:4c:ed:8c:ff:69:1c:58:29:
                    6b:0f:44:18:0c:c7:05:1f:92:ed:e7:55:a0:16:bc:
                    47:5d:83:de:f4:0c:06:92:56:09:9f:17:31:ca:10:
                    de:27:70:c5:e2:a8:2b:22:e1:cf:92:3c:27:35:5e:
                    72:2e:ff:d3:c0:1b:f6:14:28:17:36:c6:ba:85:24:
                    d8:96:8b:8a:bd:1b:5d:52:82:67:ca:80:86:54:f8:
                    59:9f:5a:bd:04:ee:f8:39:a4:c7:6c:e9:d7:dc:8d:
                    7c:2d:3f:20:e1:ae:38:10:c7:46:7e:23:43:8a:26:
                    ad:3e:4c:23:ec:46:56:2e:54:75:e4:52:36:ee:d5:
                    6f:d7:0b:88:12:b0:7a:cd:97:94:17:11:f3:98:ee:
                    d4:d7:9d:07:aa:c5:24:18:51:60:77:42:9f:d6:f7:
                    96:18:1f:87:b0:a8:7c:5f:29:96:84:33:cb:33:10:
                    95:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:F3:23:A1:0F:A6:FD:68:C2:74:80:85:E9:0D:34:EF:03:E4:7B:05
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/563d251f-6259-3586-865b-ee079b93b697.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.147.219.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         3c:ff:0b:56:db:10:2a:e0:48:88:78:aa:a1:0b:95:b4:bf:8a:
         1d:a3:e1:e6:b6:b8:d5:c3:7b:df:72:0b:a2:70:64:9c:78:77:
         6e:02:d6:dc:f4:69:bb:68:d7:02:55:11:67:13:8e:0c:8c:13:
         43:74:b3:3f:3d:ba:3d:17:bf:3d:22:bd:52:f4:a6:e4:13:65:
         dd:b0:e7:83:6b:c2:3f:aa:73:f9:c7:bc:1c:7a:23:b1:aa:e6:
         6b:e8:52:3a:3a:c1:e6:79:4b:c1:1a:d9:1e:90:df:e5:66:f4:
         6a:e3:4f:4b:52:ca:06:6f:c5:44:26:39:ee:0d:f5:3f:ee:f7:
         4c:82:f4:d3:7a:f3:eb:fc:a8:7f:38:54:7f:aa:b6:ff:bd:63:
         3a:27:a6:d0:94:4f:f7:a5:51:df:3b:2d:a9:61:04:47:92:94:
         8b:fd:ba:87:36:35:23:d2:63:56:08:c6:7a:c4:f1:ce:1d:a0:
         f3:01:d7:11:c3:46:2e:b7:59:ce:e6:76:87:ec:fe:9d:40:18:
         60:d7:f6:44:a7:14:11:20:9e:2c:7e:75:9f:1b:38:90:7d:72:
         5a:cc:75:ad:ba:76:f3:6f:b4:e9:4d:00:7c:9e:41:1c:cb:6e:
         84:7c:55:05:cf:f7:5b:63:fd:f5:85:44:bc:04:a5:ba:f7:51:
         04:49:7e:f0
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0/X+tpAYCgNR9D9+AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMxNTA0MDAwMFoXDTI4MDMwNzA1MDAwMFowLzEtMCsGA1UEAxMk
YjEyNzlmNzEtZDdhZi00NDkwLWIyZWYtYThlMDc3NTM0NmFlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvAhOP0ZAza4eokC6Z4HQDxgjy0/95zFH00+
vXGnmQLGAtZB0QYC196RoKU7FYEfgjPIozguXpTSIJ71ckwt23wXbgnEISTf2YID
Kyl6Eya1TO2M/2kcWClrD0QYDMcFH5Lt51WgFrxHXYPe9AwGklYJnxcxyhDeJ3DF
4qgrIuHPkjwnNV5yLv/TwBv2FCgXNsa6hSTYlouKvRtdUoJnyoCGVPhZn1q9BO74
OaTHbOnX3I18LT8g4a44EMdGfiNDiiatPkwj7EZWLlR15FI27tVv1wuIErB6zZeU
FxHzmO7U150HqsUkGFFgd0Kf1veWGB+HsKh8XymWhDPLMxCVqQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFArzI6EPpv1ownSAhekNNO8D5HsFMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNTYzZDI1MWYtNjI1OS0z
NTg2LTg2NWItZWUwNzliOTNiNjk3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzZPbMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADz/C1bbECrgSIh4qqELlbS/ih2j4ea2uNXDe99yC6JwZJx4d24C1tz0
abto1wJVEWcTjgyME0N0sz89uj0Xvz0ivVL0puQTZd2w54Nrwj+qc/nHvBx6I7Gq
5mvoUjo6weZ5S8Ea2R6Q3+Vm9GrjT0tSygZvxUQmOe4N9T/u90yC9NN68+v8qH84
VH+qtv+9YzonptCUT/elUd87LalhBEeSlIv9uoc2NSPSY1YIxnrE8c4doPMB1xHD
Ri63Wc7mdofs/p1AGGDX9kSnFBEgnix+dZ8bOJB9clrMda26dvNvtOlNAHyeQRzL
boR8VQXP91tj/fWFRLwEpbr3UQRJfvA=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:08:10 2025 by rpki-client