Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/7a19a173-b6ff-3d2e-b396-b21a18082c07.roa
File:                     7a19a173-b6ff-3d2e-b396-b21a18082c07.roa (raw, json)
Hash identifier:          KAUnz7KpzrtPxJmoqTxk+zGQ1/TB3nZeMcN0kzLe9C4=
Subject key identifier:   D4:B4:CE:30:C5:B3:6B:AB:67:0B:88:73:62:73:81:34:1E:6D:7A:FB
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F432858487916254E480EB045E173F840
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/7a19a173-b6ff-3d2e-b396-b21a18082c07.roa
Signing time:             Wed 08 Jan 2025 05:04:19 +0000
ROA not before:           Wed 08 Jan 2025 05:04:19 +0000
ROA not after:            Tue 08 Apr 2025 04:04:19 +0000
asID:                     7029
IP address blocks:        216.41.0.0/17 maxlen: 17
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:79:16:25:4e:48:0e:b0:45:e1:73:f8:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Jan  8 05:04:19 2025 GMT
            Not After : Apr  8 04:04:19 2025 GMT
        Subject: CN=8b597669-ddbd-465b-9cb7-1d97ee6d2c1c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:5e:c2:49:89:01:d0:9b:21:b1:88:30:1a:be:
                    35:cd:d8:18:f2:f0:ee:d5:5b:e8:3a:4c:5b:f9:95:
                    39:fd:eb:2e:99:f6:84:89:a4:a8:66:65:a5:3f:48:
                    0f:c3:bc:80:3d:2a:68:bb:38:ca:19:54:6f:d8:b2:
                    14:90:bd:7e:90:0e:97:a7:e8:55:2b:04:05:8a:b4:
                    18:22:88:b5:63:56:c5:62:af:db:be:e8:8f:d1:a5:
                    81:99:ce:92:16:57:ec:c7:9c:dd:b8:15:b0:c5:ed:
                    85:49:91:03:02:53:14:f2:2d:f3:b7:e1:8f:1f:11:
                    e9:60:b2:9e:15:12:7e:a2:f1:04:d4:17:72:43:93:
                    32:19:76:0f:2b:20:38:5b:bb:ac:bb:4e:99:d9:31:
                    0c:a0:d8:41:47:08:f1:02:5c:a2:87:8a:e9:d4:a0:
                    3e:10:9b:8c:d2:7b:38:db:a4:d5:68:9e:b6:16:dd:
                    72:26:be:ac:c4:61:bc:17:23:67:f3:39:30:6f:95:
                    c8:a0:de:39:f3:76:fd:99:e6:53:b8:ba:e1:d7:a5:
                    b1:24:3e:c0:ba:64:0c:ee:4c:a3:e5:55:ba:cb:32:
                    40:b0:c6:5a:27:9c:2f:80:7a:54:1d:9f:22:4b:20:
                    9d:18:1a:9b:8b:bf:75:c3:19:c6:01:85:3b:a0:92:
                    ee:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B4:CE:30:C5:B3:6B:AB:67:0B:88:73:62:73:81:34:1E:6D:7A:FB
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/7a19a173-b6ff-3d2e-b396-b21a18082c07.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.41.0.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         23:91:45:8a:fd:70:19:29:63:f0:0f:87:7a:59:33:13:ce:29:
         9b:ad:96:ec:a9:da:b5:05:82:d5:fb:a7:9c:7b:0a:91:24:68:
         50:2a:0d:a0:02:5f:0d:89:86:f3:1a:48:c5:57:2c:f0:b0:7a:
         e6:69:97:cd:e9:51:66:eb:84:a4:de:61:08:28:42:4b:5a:c6:
         4c:6b:92:07:ee:ca:8a:5f:19:e8:32:14:59:74:47:e9:0c:76:
         78:20:4e:75:95:31:43:2f:95:04:19:a4:c7:3e:01:06:95:93:
         52:e7:9c:d6:41:2d:80:94:84:2f:35:34:48:87:88:70:f8:f8:
         47:ce:94:d4:12:59:b6:b9:b0:3e:50:10:fe:16:da:77:93:d0:
         26:4d:04:a0:35:1d:02:8a:04:a0:89:26:dd:a4:d1:6d:98:ac:
         11:0e:c2:1e:6f:a9:84:d9:50:85:c4:37:68:6f:c7:15:87:5b:
         8e:59:0b:36:11:03:92:5a:4b:a5:de:51:aa:6e:0f:b8:3b:a3:
         b1:38:5e:da:7d:37:83:64:79:15:68:3f:72:4e:64:20:ab:c2:
         6b:e6:b0:f5:10:19:45:3a:5a:70:8f:13:ad:0f:7d:9d:df:36:
         b5:b9:7d:6b:9e:43:ba:95:a2:19:04:0c:2d:ca:ca:5d:62:58:
         7b:5a:0a:f7
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEh5FiVOSA6wReFz+EAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI1MDEwODA1MDQxOVoXDTI1MDQwODA0MDQxOVowLzEtMCsGA1UEAxMk
OGI1OTc2NjktZGRiZC00NjViLTljYjctMWQ5N2VlNmQyYzFjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAul7CSYkB0JshsYgwGr41zdgY8vDu1VvoOkxb
+ZU5/esumfaEiaSoZmWlP0gPw7yAPSpouzjKGVRv2LIUkL1+kA6Xp+hVKwQFirQY
Ioi1Y1bFYq/bvuiP0aWBmc6SFlfsx5zduBWwxe2FSZEDAlMU8i3zt+GPHxHpYLKe
FRJ+ovEE1BdyQ5MyGXYPKyA4W7usu06Z2TEMoNhBRwjxAlyih4rp1KA+EJuM0ns4
26TVaJ62Ft1yJr6sxGG8FyNn8zkwb5XIoN4583b9meZTuLrh16WxJD7AumQM7kyj
5VW6yzJAsMZaJ5wvgHpUHZ8iSyCdGBqbi791wxnGAYU7oJLudwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNS0zjDFs2urZwuIc2JzgTQebXr7MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvN2ExOWExNzMtYjZmZi0z
ZDJlLWIzOTYtYjIxYTE4MDgyYzA3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH2CkAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACORRYr9cBkpY/APh3pZMxPOKZutluyp2rUFgtX7p5x7CpEkaFAqDaAC
Xw2JhvMaSMVXLPCweuZpl83pUWbrhKTeYQgoQktaxkxrkgfuyopfGegyFFl0R+kM
dnggTnWVMUMvlQQZpMc+AQaVk1LnnNZBLYCUhC81NEiHiHD4+EfOlNQSWba5sD5Q
EP4W2neT0CZNBKA1HQKKBKCJJt2k0W2YrBEOwh5vqYTZUIXEN2hvxxWHW45ZCzYR
A5JaS6XeUapuD7g7o7E4Xtp9N4NkeRVoP3JOZCCrwmvmsPUQGUU6WnCPE60PfZ3f
NrW5fWueQ7qVohkEDC3Kyl1iWHtaCvc=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:19:46 2025 by rpki-client