Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/65a7161d-2924-34be-a4b6-135d275922fb.roa
File:                     65a7161d-2924-34be-a4b6-135d275922fb.roa (raw, json)
Hash identifier:          qKbdFb0ADiVwHNFkFipEryO/QZ4XxBj2PsuI7Iamr5Y=
Subject key identifier:   9D:82:13:A4:61:13:9E:BC:B6:5F:C2:42:99:93:C8:46:9C:8B:DC:B4
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285847F15517D086E41FBE6453DC80
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/65a7161d-2924-34be-a4b6-135d275922fb.roa
Signing time:             Wed 20 Nov 2024 14:00:52 +0000
ROA not before:           Wed 20 Nov 2024 14:00:52 +0000
ROA not after:            Tue 18 Feb 2025 14:00:52 +0000
asID:                     53271
IP address blocks:        72.243.144.0/23 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:f1:55:17:d0:86:e4:1f:be:64:53:dc:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Nov 20 14:00:52 2024 GMT
            Not After : Feb 18 14:00:52 2025 GMT
        Subject: CN=c57f0e29-da1c-4c97-bc51-d177b2647a88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:00:ae:ea:41:d9:54:32:4f:6b:4b:4a:7f:b0:
                    68:53:94:9b:d6:40:e7:33:6e:7c:30:17:1e:14:30:
                    57:9e:d8:ca:35:f6:11:0b:e7:75:56:3b:0c:ef:be:
                    9f:68:29:92:d1:ad:97:fd:58:74:ba:15:0b:cb:ca:
                    ca:d6:a9:64:00:cf:0c:f2:fd:29:8e:bd:fd:50:2d:
                    55:87:18:73:09:9a:d5:8d:7a:ae:1d:af:b8:35:d9:
                    1f:36:11:1d:dd:99:01:51:0e:e2:c9:17:31:d0:ef:
                    ca:1c:05:7a:b1:01:3f:eb:ce:8b:7b:5a:71:0e:83:
                    1a:0c:aa:b2:2d:a1:b8:8a:09:97:aa:d1:95:da:97:
                    79:57:df:35:ec:68:40:f1:c3:7e:a9:c7:e8:b3:44:
                    42:b2:35:9f:54:4a:36:98:a2:a2:17:dc:8f:d4:da:
                    e0:86:04:f9:cc:3f:c6:b0:b1:b1:7a:8b:7f:82:6f:
                    68:50:40:c7:4e:3e:ef:03:95:8c:6d:d8:1a:21:fa:
                    ad:99:bb:5e:09:4e:10:67:3e:f1:5d:96:9e:b3:d7:
                    14:42:25:79:89:85:1e:71:54:8e:80:1d:5d:65:0d:
                    76:27:f1:52:3e:9c:f2:67:c3:ca:8a:4a:37:f8:12:
                    78:5f:5a:d8:f3:b4:3b:91:0d:ac:ce:6d:68:86:ed:
                    1f:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:82:13:A4:61:13:9E:BC:B6:5F:C2:42:99:93:C8:46:9C:8B:DC:B4
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/65a7161d-2924-34be-a4b6-135d275922fb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.243.144.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5e:65:5a:79:9b:60:42:94:ea:0a:f7:1d:7a:4c:fc:ab:bc:c9:
         60:71:4d:5e:e4:70:7f:ee:11:75:7e:00:dc:f8:4b:7b:26:77:
         bd:93:f9:ce:f5:61:ba:d0:5e:ee:f5:f2:a5:82:50:8d:85:f2:
         36:75:bd:20:f3:4f:10:a7:08:09:e1:89:58:bc:87:e5:f0:b0:
         14:87:9f:e3:6f:47:e2:12:55:a7:a1:fa:2c:6b:d5:a2:bb:95:
         1f:d2:f6:2d:0f:2d:41:0c:79:e3:b5:f5:a4:19:1a:dd:a6:49:
         68:87:e5:19:c9:ff:46:94:66:c6:b6:08:6d:0a:53:8c:a7:32:
         d3:f8:47:66:a0:0c:2c:8c:d3:67:0e:76:35:92:c8:e6:ef:4c:
         b4:3f:ec:8c:f4:b7:fe:3a:6b:78:c7:85:69:80:d1:8a:72:45:
         07:fc:88:3d:24:a1:f8:fa:f1:ac:cf:21:67:66:ae:2d:41:4e:
         de:25:76:ea:a6:db:a0:26:3e:b1:4b:08:c4:52:ad:a3:01:92:
         b9:9f:dc:77:26:55:e0:e8:00:b1:1e:4c:29:c1:ec:a7:29:b6:
         af:3a:a9:c8:ee:28:28:8f:ac:0b:68:4a:64:b4:ee:51:92:62:
         bf:71:f2:4c:ed:73:3f:8d:f3:4b:12:6d:4d:15:45:2f:d8:fd:
         b4:60:b2:a5
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEfxVRfQhuQfvmRT3IAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MTEyMDE0MDA1MloXDTI1MDIxODE0MDA1MlowLzEtMCsGA1UEAxMk
YzU3ZjBlMjktZGExYy00Yzk3LWJjNTEtZDE3N2IyNjQ3YTg4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngCu6kHZVDJPa0tKf7BoU5Sb1kDnM258MBce
FDBXntjKNfYRC+d1VjsM776faCmS0a2X/Vh0uhULy8rK1qlkAM8M8v0pjr39UC1V
hxhzCZrVjXquHa+4NdkfNhEd3ZkBUQ7iyRcx0O/KHAV6sQE/686Le1pxDoMaDKqy
LaG4igmXqtGV2pd5V9817GhA8cN+qcfos0RCsjWfVEo2mKKiF9yP1NrghgT5zD/G
sLGxeot/gm9oUEDHTj7vA5WMbdgaIfqtmbteCU4QZz7xXZaes9cUQiV5iYUecVSO
gB1dZQ12J/FSPpzyZ8PKiko3+BJ4X1rY87Q7kQ2szm1ohu0fPQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJ2CE6RhE568tl/CQpmTyEaci9y0MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNjVhNzE2MWQtMjkyNC0z
NGJlLWE0YjYtMTM1ZDI3NTkyMmZiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBSPOQMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAF5lWnmbYEKU6gr3HXpM/Ku8yWBxTV7kcH/uEXV+ANz4S3smd72T+c71
YbrQXu718qWCUI2F8jZ1vSDzTxCnCAnhiVi8h+XwsBSHn+NvR+ISVaeh+ixr1aK7
lR/S9i0PLUEMeeO19aQZGt2mSWiH5RnJ/0aUZsa2CG0KU4ynMtP4R2agDCyM02cO
djWSyObvTLQ/7Iz0t/46a3jHhWmA0YpyRQf8iD0kofj68azPIWdmri1BTt4lduqm
26AmPrFLCMRSraMBkrmf3HcmVeDoALEeTCnB7Kcptq86qcjuKCiPrAtoSmS07lGS
Yr9x8kztcz+N80sSbU0VRS/Y/bRgsqU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:29 2025 by rpki-client