Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/584a3e38-6f96-38fa-9fba-1b0f382843fd.roa
File:                     584a3e38-6f96-38fa-9fba-1b0f382843fd.roa (raw, json)
Hash identifier:          7NpaJtalbwHDN80WSXltqksDihGPHzfdw5aBed+GG2k=
Subject key identifier:   D8:0F:DC:70:70:5D:1F:63:20:A5:D9:ED:6A:E8:B3:44:44:E3:94:5D
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584711E070B93453A20C120BEB60
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/584a3e38-6f96-38fa-9fba-1b0f382843fd.roa
Signing time:             Sun 01 Sep 2024 13:00:41 +0000
ROA not before:           Sun 01 Sep 2024 13:00:41 +0000
ROA not after:            Sat 30 Nov 2024 14:00:41 +0000
asID:                     7029
IP address blocks:        64.113.192.0/19 maxlen: 19
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:11:e0:70:b9:34:53:a2:0c:12:0b:eb:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Sep  1 13:00:41 2024 GMT
            Not After : Nov 30 14:00:41 2024 GMT
        Subject: CN=a4b22b91-0bb7-4b4b-9f12-9f7174702b8f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:02:35:70:44:65:ac:96:fc:4a:a5:97:7a:35:
                    32:90:16:ca:08:6b:a0:57:b6:a4:cc:1b:47:03:d7:
                    b6:d4:37:4d:c9:65:db:13:c3:9b:b1:13:e0:6a:6f:
                    3f:0d:a6:d2:b6:a9:f5:da:42:9f:3b:13:f2:db:1c:
                    db:3b:77:64:b4:b8:07:1e:eb:70:d1:b5:9f:93:bd:
                    87:58:ff:8a:d5:f3:19:a6:4a:16:51:1a:f9:62:1c:
                    7b:9f:8e:8f:84:8a:1a:c8:6e:b7:ac:14:8d:cc:e9:
                    67:9c:c8:87:a3:de:6a:d5:ed:1f:86:b4:36:92:94:
                    a8:c8:2a:a5:ae:e6:39:2d:78:71:77:ae:34:f5:d0:
                    e9:e5:6d:2b:d8:61:fc:a6:cd:7d:f4:95:fa:12:6e:
                    61:42:2c:bd:a3:90:a7:b9:60:51:b2:e0:20:09:9e:
                    39:cb:4a:60:d1:ec:97:5b:02:00:0f:b1:f9:6c:2e:
                    ee:0f:85:0a:52:c6:0e:66:f1:f6:5c:d4:07:7d:8b:
                    da:9b:62:40:8d:34:a3:a4:00:fc:c4:02:04:77:64:
                    e5:9c:1d:c7:79:9f:7a:62:07:17:7e:bf:af:24:cd:
                    f7:9f:ba:74:1e:a5:51:1d:c4:12:33:cd:91:17:e4:
                    a9:57:7f:2e:02:c8:2c:f7:3d:43:c8:13:54:72:ad:
                    f2:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:0F:DC:70:70:5D:1F:63:20:A5:D9:ED:6A:E8:B3:44:44:E3:94:5D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/584a3e38-6f96-38fa-9fba-1b0f382843fd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.113.192.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         12:8b:5a:94:e3:12:c6:03:95:e7:db:9e:b0:6c:0f:d2:92:41:
         ab:12:18:8e:88:c2:6a:cc:db:df:13:c5:92:8d:fe:7e:c5:5b:
         93:78:9e:11:b9:51:12:65:5e:88:cb:51:ec:5e:4f:33:2e:09:
         a8:8c:e2:c4:5a:19:96:3f:5b:8f:71:3f:0b:c0:b1:a3:3f:c7:
         a0:e8:c3:38:83:5c:4e:51:e1:55:00:20:4b:bb:cd:23:1e:bd:
         1b:2c:31:53:e9:1d:7d:c3:0a:26:62:6d:4c:a2:de:1c:fb:66:
         94:91:4d:f6:08:ef:d1:19:61:93:55:d4:4b:88:94:f3:8f:8e:
         a0:38:92:16:2f:12:45:d5:29:7d:7a:d7:f7:6b:9d:45:8f:6e:
         17:c7:d5:2c:a8:2f:f2:39:7f:17:4d:97:52:3e:80:8b:17:df:
         c8:be:db:21:96:ca:85:e0:49:bf:62:93:dd:2b:e2:23:47:aa:
         ee:e4:33:43:fe:66:9d:32:44:ff:13:ae:2c:0d:80:11:07:6c:
         25:30:b0:2f:fc:53:8d:9f:c7:5b:cd:b5:19:94:29:dd:4a:97:
         08:a2:ba:f7:fc:5f:61:ed:fb:80:a9:0f:1a:ca:12:82:bd:25:
         29:ea:04:9c:f9:a2:e1:36:22:51:cb:03:65:b6:24:81:8a:f1:
         80:f9:b7:a0
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEcR4HC5NFOiDBIL62AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDkwMTEzMDA0MVoXDTI0MTEzMDE0MDA0MVowLzEtMCsGA1UEAxMk
YTRiMjJiOTEtMGJiNy00YjRiLTlmMTItOWY3MTc0NzAyYjhmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1gI1cERlrJb8SqWXejUykBbKCGugV7akzBtH
A9e21DdNyWXbE8ObsRPgam8/DabStqn12kKfOxPy2xzbO3dktLgHHutw0bWfk72H
WP+K1fMZpkoWURr5Yhx7n46PhIoayG63rBSNzOlnnMiHo95q1e0fhrQ2kpSoyCql
ruY5LXhxd6409dDp5W0r2GH8ps199JX6Em5hQiy9o5CnuWBRsuAgCZ45y0pg0eyX
WwIAD7H5bC7uD4UKUsYOZvH2XNQHfYvam2JAjTSjpAD8xAIEd2TlnB3HeZ96YgcX
fr+vJM33n7p0HqVRHcQSM82RF+SpV38uAsgs9z1DyBNUcq3yKQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNgP3HBwXR9jIKXZ7Wros0RE45RdMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNTg0YTNlMzgtNmY5Ni0z
OGZhLTlmYmEtMWIwZjM4Mjg0M2ZkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFQHHAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABKLWpTjEsYDlefbnrBsD9KSQasSGI6IwmrM298TxZKN/n7FW5N4nhG5
URJlXojLUexeTzMuCaiM4sRaGZY/W49xPwvAsaM/x6DowziDXE5R4VUAIEu7zSMe
vRssMVPpHX3DCiZibUyi3hz7ZpSRTfYI79EZYZNV1EuIlPOPjqA4khYvEkXVKX16
1/drnUWPbhfH1SyoL/I5fxdNl1I+gIsX38i+2yGWyoXgSb9ik90r4iNHqu7kM0P+
Zp0yRP8TriwNgBEHbCUwsC/8U42fx1vNtRmUKd1Klwiiuvf8X2Ht+4CpDxrKEoK9
JSnqBJz5ouE2IlHLA2W2JIGK8YD5t6A=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:05:28 2025 by rpki-client