Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5d9e60b6-d3ac-3be6-9040-fd295fe83dfd.roa
File:                     5d9e60b6-d3ac-3be6-9040-fd295fe83dfd.roa (raw, json)
Hash identifier:          oL0eA/vxx8lyZ8B5CGZzTgNtEOPNwF2Tn04RTMtYGV0=
Subject key identifier:   6B:0A:7E:5F:87:EF:98:1E:E8:28:FE:86:C4:1A:F7:FE:68:71:AD:8E
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285847F1550AEB19316E0A591F54A0
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5d9e60b6-d3ac-3be6-9040-fd295fe83dfd.roa
Signing time:             Wed 20 Nov 2024 14:00:52 +0000
ROA not before:           Wed 20 Nov 2024 14:00:52 +0000
ROA not after:            Tue 18 Feb 2025 14:00:52 +0000
asID:                     7029
IP address blocks:        216.7.0.0/19 maxlen: 19
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:f1:55:0a:eb:19:31:6e:0a:59:1f:54:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Nov 20 14:00:52 2024 GMT
            Not After : Feb 18 14:00:52 2025 GMT
        Subject: CN=6be5b8e8-2881-4bc8-9a8e-9da63ea347dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:17:d7:ea:a9:58:50:9e:ec:61:dd:87:9d:1c:
                    8d:16:19:2f:1b:5a:e6:a8:b8:ca:c7:cf:28:81:f5:
                    d8:55:ae:7b:d0:0e:7d:2e:82:85:0d:7c:c5:4e:ad:
                    74:9c:f6:06:51:6c:4c:cf:a0:20:bd:8f:22:6e:1b:
                    8b:6e:4a:f8:a5:87:66:ad:71:00:31:81:0f:a2:79:
                    73:3b:ba:3f:e7:17:73:a5:9d:d4:eb:19:13:c2:3e:
                    12:2d:b9:88:16:3b:e8:78:14:5e:17:e9:ca:dd:7d:
                    18:ac:fe:ef:80:af:2a:6a:dc:b0:b8:c5:b3:9c:e3:
                    95:c3:2b:a3:e9:c9:3c:ce:32:32:b2:be:12:84:81:
                    63:96:92:ef:27:5e:2e:5a:84:62:d8:8c:54:d0:e7:
                    e3:44:78:bc:5c:df:af:51:aa:27:50:1a:6f:d1:a2:
                    7a:c4:99:15:af:cf:cb:e0:a2:ec:c0:7f:48:97:60:
                    fc:38:20:d7:37:48:a3:8d:86:0b:81:c7:89:5b:ab:
                    8a:d3:82:17:80:d2:41:f9:d3:b0:d3:46:05:ab:03:
                    14:eb:7f:3e:30:51:53:a6:25:cb:06:58:6d:f9:cf:
                    c6:a6:be:49:d5:c3:61:d1:47:20:c9:23:b4:19:2c:
                    26:5d:8b:5e:cf:29:96:05:33:97:36:25:8a:a1:09:
                    40:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:0A:7E:5F:87:EF:98:1E:E8:28:FE:86:C4:1A:F7:FE:68:71:AD:8E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/5d9e60b6-d3ac-3be6-9040-fd295fe83dfd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.7.0.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6c:ba:e2:d1:c4:56:e7:e6:5f:d3:35:d1:76:34:d9:61:90:8f:
         25:df:78:a7:0f:2f:6b:94:72:2d:48:ae:d1:61:b8:d2:18:25:
         f4:30:0c:ea:4c:3f:53:57:53:86:9b:ce:ba:b4:b8:be:0a:b1:
         2f:56:1b:ca:f5:43:fd:56:bc:86:4e:d4:9e:1b:1c:f5:3a:03:
         27:c8:17:2a:cd:c9:39:70:e6:a8:e3:17:02:e8:b8:f0:ea:e1:
         56:48:9c:87:10:00:2b:96:bf:b7:83:c2:4d:8c:72:03:13:a5:
         61:cd:cd:4a:d3:20:a9:dd:ea:2b:3f:97:06:50:c2:b2:ed:14:
         34:8b:b5:35:9e:08:e5:97:c4:ef:28:ff:b4:33:7d:14:e6:a5:
         4f:84:d0:6e:39:3a:7b:01:30:c0:3c:a5:76:14:9e:7d:43:d0:
         40:f2:14:38:a3:ed:02:1c:82:6a:34:66:c6:1b:b5:ad:cf:16:
         e3:1d:33:25:da:92:d5:25:5a:3b:08:37:2e:f8:3a:f5:f0:56:
         9e:7b:a8:ee:ca:9e:cd:3f:e3:8f:d4:c7:2d:9f:71:fb:3d:dd:
         b8:e5:d5:38:20:b1:06:7f:4e:bd:dc:88:a2:45:ca:82:f9:f6:
         dc:4d:a5:5f:e3:a7:05:ce:fe:99:87:67:26:0a:e6:d9:6a:74:
         0c:42:8e:ef
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEfxVQrrGTFuClkfVKAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MTEyMDE0MDA1MloXDTI1MDIxODE0MDA1MlowLzEtMCsGA1UEAxMk
NmJlNWI4ZTgtMjg4MS00YmM4LTlhOGUtOWRhNjNlYTM0N2RkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRfX6qlYUJ7sYd2HnRyNFhkvG1rmqLjKx88o
gfXYVa570A59LoKFDXzFTq10nPYGUWxMz6AgvY8ibhuLbkr4pYdmrXEAMYEPonlz
O7o/5xdzpZ3U6xkTwj4SLbmIFjvoeBReF+nK3X0YrP7vgK8qatywuMWznOOVwyuj
6ck8zjIysr4ShIFjlpLvJ14uWoRi2IxU0OfjRHi8XN+vUaonUBpv0aJ6xJkVr8/L
4KLswH9Il2D8OCDXN0ijjYYLgceJW6uK04IXgNJB+dOw00YFqwMU638+MFFTpiXL
Blht+c/Gpr5J1cNh0UcgySO0GSwmXYtezymWBTOXNiWKoQlArwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFGsKfl+H75ge6Cj+hsQa9/5oca2OMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNWQ5ZTYwYjYtZDNhYy0z
YmU2LTkwNDAtZmQyOTVmZTgzZGZkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF2AcAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGy64tHEVufmX9M10XY02WGQjyXfeKcPL2uUci1IrtFhuNIYJfQwDOpM
P1NXU4abzrq0uL4KsS9WG8r1Q/1WvIZO1J4bHPU6AyfIFyrNyTlw5qjjFwLouPDq
4VZInIcQACuWv7eDwk2McgMTpWHNzUrTIKnd6is/lwZQwrLtFDSLtTWeCOWXxO8o
/7QzfRTmpU+E0G45OnsBMMA8pXYUnn1D0EDyFDij7QIcgmo0ZsYbta3PFuMdMyXa
ktUlWjsINy74OvXwVp57qO7Kns0/44/Uxy2fcfs93bjl1TggsQZ/Tr3ciKJFyoL5
9txNpV/jpwXO/pmHZyYK5tlqdAxCju8=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:13:29 2025 by rpki-client