Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/926a9003-9c10-329f-bee3-000ef7205b17.roa
File:                     926a9003-9c10-329f-bee3-000ef7205b17.roa (raw, json)
Hash identifier:          FDtTc9cMALELeBmIvWmFrseCQMMgDzUIAC3i80byl7Q=
Subject key identifier:   D5:85:6E:12:61:58:53:1C:1F:50:AE:DA:05:71:0C:89:F5:ED:FB:FD
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D4FAF44FE3BB4722AD4E16F00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/926a9003-9c10-329f-bee3-000ef7205b17.roa
Signing time:             Mon 21 Mar 2022 04:00:00 +0000
ROA not before:           Mon 21 Mar 2022 04:00:00 +0000
ROA not after:            Mon 13 Mar 2028 04:00:00 +0000
asID:                     7029
IP address blocks:        209.177.0.0/20 maxlen: 20
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:4f:af:44:fe:3b:b4:72:2a:d4:e1:6f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 21 04:00:00 2022 GMT
            Not After : Mar 13 04:00:00 2028 GMT
        Subject: CN=a1d938e6-1240-4cff-af91-322cda00e155
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:b0:fb:55:99:b2:62:72:a1:82:da:c5:2c:a4:
                    3e:77:a9:a3:0d:d6:b7:76:8d:d6:76:06:ee:17:24:
                    b7:dc:65:56:11:09:f6:2a:1c:b2:ad:df:0d:12:ce:
                    05:89:44:2f:56:d7:22:0d:d4:32:3c:ec:87:54:fc:
                    2a:3e:b2:75:5e:3d:cd:00:8f:5c:14:43:4c:ed:17:
                    8f:33:87:8b:6a:41:8d:9d:75:40:fe:29:66:4a:70:
                    6d:31:4b:66:de:54:5a:3b:ad:56:f2:89:cd:9b:e1:
                    aa:c4:b8:36:69:58:d0:9d:99:04:97:43:dd:ec:ae:
                    04:4e:ad:43:15:cf:10:40:11:5a:27:2c:2e:48:0b:
                    4a:94:f4:fe:13:b4:fb:27:8e:6d:8a:d8:7b:cd:74:
                    80:4f:46:d1:9f:2c:96:80:7d:0a:14:fe:3b:c7:b8:
                    8e:14:fb:df:e5:20:17:3e:05:e0:7b:78:aa:9b:ff:
                    b3:26:cf:a3:f0:cf:c0:20:a1:27:03:cc:84:66:39:
                    f2:95:84:8d:73:5a:11:7b:a7:0e:80:7a:e8:c8:e9:
                    10:a1:e9:09:6e:31:e0:5d:cf:63:95:76:30:59:1b:
                    d3:00:32:c9:9d:c3:35:b2:ec:cd:98:d0:0e:c5:ce:
                    a9:d0:78:59:f0:39:85:4a:4c:aa:03:18:62:61:59:
                    99:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:85:6E:12:61:58:53:1C:1F:50:AE:DA:05:71:0C:89:F5:ED:FB:FD
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/926a9003-9c10-329f-bee3-000ef7205b17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.177.0.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         82:16:4d:46:a8:89:17:5a:b2:e4:69:fd:b6:54:c2:0e:d2:9c:
         26:43:c6:9f:fe:86:d6:f7:82:10:b7:82:e0:be:70:ec:c9:88:
         b4:2a:37:5f:4e:16:99:35:1c:65:1c:16:04:65:8e:3f:7c:5f:
         da:31:a1:5c:49:90:98:00:d2:45:e5:5d:ba:82:a2:6b:d4:c6:
         21:e2:ef:a3:a2:a2:ab:85:7d:da:55:19:b7:f6:67:a4:00:cb:
         81:c1:e4:22:19:d6:8b:c3:db:35:7a:47:c4:c1:c2:b1:8a:91:
         89:f9:34:97:b9:b7:63:ab:55:cd:56:8e:6a:b0:53:01:f3:08:
         73:24:87:20:a3:d8:2e:8d:33:86:18:f9:bf:39:d0:2e:31:36:
         bf:f3:47:ca:cc:5e:ae:3c:e0:7f:61:51:42:ca:61:49:5d:6a:
         e1:f5:eb:43:83:45:fa:a1:36:d8:65:a2:c6:fe:a1:5c:7f:d6:
         10:8b:0a:60:5c:f3:1c:8a:3e:09:f1:a0:38:3c:54:c3:8b:bd:
         b6:04:af:e8:1f:70:a1:58:d4:67:58:ce:5e:7e:27:0c:b7:be:
         03:9e:f1:b0:ee:44:4a:25:d2:fb:8c:09:e2:10:26:2f:fd:dc:
         0b:75:cd:77:56:4b:23:95:04:e7:84:7f:a6:ab:96:43:cc:26:
         3e:65:48:91
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD1Pr0T+O7RyKtThbwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMyMTA0MDAwMFoXDTI4MDMxMzA0MDAwMFowLzEtMCsGA1UEAxMk
YTFkOTM4ZTYtMTI0MC00Y2ZmLWFmOTEtMzIyY2RhMDBlMTU1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLD7VZmyYnKhgtrFLKQ+d6mjDda3do3Wdgbu
FyS33GVWEQn2Khyyrd8NEs4FiUQvVtciDdQyPOyHVPwqPrJ1Xj3NAI9cFENM7ReP
M4eLakGNnXVA/ilmSnBtMUtm3lRaO61W8onNm+GqxLg2aVjQnZkEl0Pd7K4ETq1D
Fc8QQBFaJywuSAtKlPT+E7T7J45tith7zXSAT0bRnyyWgH0KFP47x7iOFPvf5SAX
PgXge3iqm/+zJs+j8M/AIKEnA8yEZjnylYSNc1oRe6cOgHroyOkQoekJbjHgXc9j
lXYwWRvTADLJncM1suzNmNAOxc6p0HhZ8DmFSkyqAxhiYVmZ9wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNWFbhJhWFMcH1Cu2gVxDIn17fv9MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvOTI2YTkwMDMtOWMxMC0z
MjlmLWJlZTMtMDAwZWY3MjA1YjE3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE0bEAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIIWTUaoiRdasuRp/bZUwg7SnCZDxp/+htb3ghC3guC+cOzJiLQqN19O
Fpk1HGUcFgRljj98X9oxoVxJkJgA0kXlXbqComvUxiHi76OioquFfdpVGbf2Z6QA
y4HB5CIZ1ovD2zV6R8TBwrGKkYn5NJe5t2OrVc1WjmqwUwHzCHMkhyCj2C6NM4YY
+b850C4xNr/zR8rMXq484H9hUULKYUldauH160ODRfqhNthlosb+oVx/1hCLCmBc
8xyKPgnxoDg8VMOLvbYEr+gfcKFY1GdYzl5+Jwy3vgOe8bDuREol0vuMCeIQJi/9
3At1zXdWSyOVBOeEf6arlkPMJj5lSJE=
-----END CERTIFICATE-----
Generated at Wed Apr 16 21:38:39 2025 by rpki-client