Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/9c9d417c-6690-3ef9-8ada-00eaa36f7bfc.roa
File:                     9c9d417c-6690-3ef9-8ada-00eaa36f7bfc.roa (raw, json)
Hash identifier:          ckJ3UVWhoyr/R5f78WMK1p86SdcL0HZOXf6ZbYBLfLg=
Subject key identifier:   46:21:76:77:01:17:FE:46:53:19:FC:0C:CD:8C:E9:85:4A:30:5C:26
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553331F370758E8C3F08EC160
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/9c9d417c-6690-3ef9-8ada-00eaa36f7bfc.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        207.223.80.0/20 maxlen: 20
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:1f:37:07:58:e8:c3:f0:8e:c1:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=9620195e-5a30-4442-87fc-34ccdc6cb03d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:00:1a:42:2f:61:9f:0b:87:5b:a1:a7:79:21:
                    61:9a:7a:24:aa:a5:60:ea:e8:1b:6e:b4:ce:97:e8:
                    b1:5d:d3:a6:69:19:45:d1:1e:c3:11:b8:c4:e2:34:
                    d7:f7:c2:bd:40:10:1a:11:9b:8e:b8:27:03:79:07:
                    43:82:b3:99:bc:da:5b:80:91:dd:3f:4d:6c:e0:11:
                    d3:84:93:d5:93:d3:60:14:12:2b:da:91:7c:48:ac:
                    a7:c0:b0:bd:0e:5b:76:af:f3:6c:41:4a:a7:a4:75:
                    79:34:75:1f:4d:77:d1:a0:10:6b:ed:59:61:bb:ff:
                    a4:3a:74:dd:46:05:13:8f:57:2d:6c:63:88:a0:03:
                    a6:a2:d2:a2:d5:c9:5a:09:19:a8:e6:43:f2:e8:8a:
                    8f:c4:5b:95:d9:47:36:35:a1:55:e7:c6:4e:d9:ee:
                    03:9b:c3:6e:f3:3e:15:d9:66:c5:12:ab:99:4e:c0:
                    b3:4b:b1:60:05:bb:16:1f:da:a0:63:4d:2f:b9:fe:
                    77:20:8c:0f:15:d3:79:8a:8d:ce:bc:ba:0f:78:f5:
                    df:e4:3a:96:fb:12:08:d6:55:f6:69:68:7e:10:73:
                    81:ad:10:2c:ff:19:bd:15:af:84:91:9d:e7:58:e5:
                    b7:e2:75:e3:28:f8:01:c8:01:a3:e8:99:52:b3:64:
                    18:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:21:76:77:01:17:FE:46:53:19:FC:0C:CD:8C:E9:85:4A:30:5C:26
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/9c9d417c-6690-3ef9-8ada-00eaa36f7bfc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.223.80.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         44:db:63:9c:e8:42:30:e9:a6:d8:90:78:df:c0:38:13:43:c8:
         61:78:b5:f7:01:3e:06:11:40:7b:95:1c:17:c7:4d:4f:0d:bf:
         38:93:11:f1:f3:c1:9d:29:7e:18:cb:bc:48:90:3f:22:a9:5e:
         84:8e:24:73:a0:87:a8:e9:35:88:dc:07:84:76:9e:06:65:c8:
         7b:ab:76:ed:3c:28:97:4b:de:df:16:e3:77:3a:c5:b1:5c:f3:
         c0:58:dc:ce:59:2f:e8:b0:7b:a6:c3:18:f4:8d:ec:08:e6:cc:
         ed:cf:dd:6b:27:60:1f:4f:a0:c5:6c:ac:22:80:3b:41:e5:96:
         7f:a2:f9:54:64:63:e6:0d:e0:b1:6d:13:d3:2a:7c:16:ee:2b:
         5c:91:26:36:bd:a3:77:7a:3a:9a:5b:d3:cb:6f:46:79:a3:2a:
         35:fd:41:3e:d7:8b:d2:b0:64:41:04:41:a5:29:25:93:8c:81:
         f0:92:f0:30:e9:fb:28:a6:c4:49:fb:6c:ca:c5:bf:b2:53:9a:
         c5:1b:c8:cc:2f:ba:83:c6:b8:4c:bd:4f:37:7a:c2:74:d1:84:
         5e:63:45:1c:14:2d:c5:c4:d6:1d:82:f8:0b:97:24:3b:0b:f3:
         b3:32:fd:73:00:13:a7:6f:32:17:5c:a5:b8:b4:7d:80:8e:5f:
         a2:ff:b3:48
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMx83B1jow/COwWAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
OTYyMDE5NWUtNWEzMC00NDQyLTg3ZmMtMzRjY2RjNmNiMDNkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAAaQi9hnwuHW6GneSFhmnokqqVg6ugbbrTO
l+ixXdOmaRlF0R7DEbjE4jTX98K9QBAaEZuOuCcDeQdDgrOZvNpbgJHdP01s4BHT
hJPVk9NgFBIr2pF8SKynwLC9Dlt2r/NsQUqnpHV5NHUfTXfRoBBr7Vlhu/+kOnTd
RgUTj1ctbGOIoAOmotKi1claCRmo5kPy6IqPxFuV2Uc2NaFV58ZO2e4Dm8Nu8z4V
2WbFEquZTsCzS7FgBbsWH9qgY00vuf53IIwPFdN5io3OvLoPePXf5DqW+xII1lX2
aWh+EHOBrRAs/xm9Fa+EkZ3nWOW34nXjKPgByAGj6JlSs2QY4wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEYhdncBF/5GUxn8DM2M6YVKMFwmMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvOWM5ZDQxN2MtNjY5MC0z
ZWY5LThhZGEtMDBlYWEzNmY3YmZjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEz99QMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAETbY5zoQjDpptiQeN/AOBNDyGF4tfcBPgYRQHuVHBfHTU8NvziTEfHz
wZ0pfhjLvEiQPyKpXoSOJHOgh6jpNYjcB4R2ngZlyHurdu08KJdL3t8W43c6xbFc
88BY3M5ZL+iwe6bDGPSN7AjmzO3P3WsnYB9PoMVsrCKAO0Hlln+i+VRkY+YN4LFt
E9MqfBbuK1yRJja9o3d6Oppb08tvRnmjKjX9QT7Xi9KwZEEEQaUpJZOMgfCS8DDp
+yimxEn7bMrFv7JTmsUbyMwvuoPGuEy9Tzd6wnTRhF5jRRwULcXE1h2C+AuXJDsL
87My/XMAE6dvMhdcpbi0fYCOX6L/s0g=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:58:00 2025 by rpki-client