Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/a8396dbc-a854-3114-907e-3a284f07ee4c.roa
File:                     a8396dbc-a854-3114-907e-3a284f07ee4c.roa (raw, json)
Hash identifier:          D1//ti/+qvj8FpF+ioFceTt0hYcodRIcDLfMtUy9FOk=
Subject key identifier:   4F:95:C2:36:C2:8D:36:0E:53:60:50:D3:C5:D0:91:E5:1A:BB:8B:11
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285847F15547588694242FD6EFF880
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/a8396dbc-a854-3114-907e-3a284f07ee4c.roa
Signing time:             Wed 20 Nov 2024 14:00:52 +0000
ROA not before:           Wed 20 Nov 2024 14:00:52 +0000
ROA not after:            Tue 18 Feb 2025 14:00:52 +0000
asID:                     395868
IP address blocks:        199.72.83.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:f1:55:47:58:86:94:24:2f:d6:ef:f8:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Nov 20 14:00:52 2024 GMT
            Not After : Feb 18 14:00:52 2025 GMT
        Subject: CN=d3e514b2-f098-44b9-8943-9f9db14ebdc0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:f4:81:7a:ba:ca:7c:93:11:c3:3a:e2:59:71:
                    ff:b2:91:a1:2b:1e:ad:8d:52:ff:08:c0:0f:b9:9e:
                    59:36:13:07:07:6d:74:b5:df:20:b7:26:87:9c:b2:
                    17:3b:7b:8d:41:01:30:88:1d:4c:35:1a:f4:39:6c:
                    b5:13:9a:14:d1:38:99:9a:de:54:fa:01:16:02:01:
                    b3:b4:f0:5d:70:e4:7d:ee:67:66:62:98:95:d3:9b:
                    cd:51:0c:8a:ed:78:6e:89:e0:2d:b4:91:12:57:2f:
                    99:93:37:4e:fb:06:bb:f5:1d:fb:2c:89:0b:79:2f:
                    2e:0d:46:32:24:fd:58:dd:c9:8d:65:17:24:19:83:
                    68:e2:a3:aa:34:13:db:02:8a:27:2b:7e:46:76:59:
                    b7:90:c6:83:de:2d:fc:55:43:1c:d0:2b:ef:2f:8f:
                    1b:31:ec:c2:7d:96:11:f7:62:f5:05:a3:61:09:cf:
                    64:34:c5:65:f9:36:6c:ba:c6:73:5d:ce:9d:04:19:
                    c3:66:ea:94:7a:00:f8:70:68:64:e3:cb:c8:62:9d:
                    5d:87:50:94:aa:43:d6:f8:e7:07:4e:e3:3a:2d:a6:
                    25:51:9c:ba:dc:c1:9c:a6:cc:b9:d0:94:95:04:1d:
                    2c:cb:ab:fe:c2:65:54:5c:93:90:7a:d0:f6:30:30:
                    93:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:95:C2:36:C2:8D:36:0E:53:60:50:D3:C5:D0:91:E5:1A:BB:8B:11
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/a8396dbc-a854-3114-907e-3a284f07ee4c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.72.83.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6c:4f:d3:90:e0:d6:83:07:87:24:0d:c9:cd:b3:90:50:23:79:
         50:d3:4e:70:c4:28:1a:45:d1:1c:79:1e:7a:61:9b:f6:89:6d:
         5f:84:a6:76:d4:3c:cf:96:8b:9a:b9:60:e8:3e:c6:1d:12:97:
         54:1c:83:a2:6d:58:1c:fc:11:79:39:2d:fd:65:63:a7:3c:99:
         35:96:b3:3a:43:67:e3:69:e4:05:95:f3:fd:5f:e8:66:2d:89:
         13:c3:9d:22:4f:9e:f3:cb:8a:f6:cf:f7:45:00:56:94:13:97:
         f3:d0:8c:e1:75:88:40:db:d2:0e:dd:10:2b:1e:57:ca:11:4f:
         2b:4a:ee:86:c9:12:ab:b4:7a:ae:e9:79:06:80:c8:fc:f0:b8:
         20:d3:17:a8:d1:05:38:b9:29:fe:6c:b1:a2:14:a6:70:a9:1b:
         bc:12:c7:36:33:4b:c3:ed:c7:6e:c2:77:27:dc:43:2b:ed:e5:
         e2:24:4d:3c:56:61:42:62:3f:49:b6:54:fa:61:32:2e:4d:2d:
         b2:f8:c6:ec:3a:0e:76:d0:95:99:fa:ba:75:e1:38:13:98:5e:
         65:d8:ab:c5:e5:b1:07:0a:ab:74:0e:15:15:32:d2:77:88:b1:
         74:67:1c:4d:bf:ec:76:e1:8c:0a:89:02:d8:52:23:09:3a:f6:
         6d:95:f0:5b
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEfxVUdYhpQkL9bv+IAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MTEyMDE0MDA1MloXDTI1MDIxODE0MDA1MlowLzEtMCsGA1UEAxMk
ZDNlNTE0YjItZjA5OC00NGI5LTg5NDMtOWY5ZGIxNGViZGMwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/SBerrKfJMRwzriWXH/spGhKx6tjVL/CMAP
uZ5ZNhMHB210td8gtyaHnLIXO3uNQQEwiB1MNRr0OWy1E5oU0TiZmt5U+gEWAgGz
tPBdcOR97mdmYpiV05vNUQyK7XhuieAttJESVy+ZkzdO+wa79R37LIkLeS8uDUYy
JP1Y3cmNZRckGYNo4qOqNBPbAoonK35Gdlm3kMaD3i38VUMc0CvvL48bMezCfZYR
92L1BaNhCc9kNMVl+TZsusZzXc6dBBnDZuqUegD4cGhk48vIYp1dh1CUqkPW+OcH
TuM6LaYlUZy63MGcpsy50JSVBB0sy6v+wmVUXJOQetD2MDCT9wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFE+VwjbCjTYOU2BQ08XQkeUau4sRMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvYTgzOTZkYmMtYTg1NC0z
MTE0LTkwN2UtM2EyODRmMDdlZTRjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAx0hTMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGxP05Dg1oMHhyQNyc2zkFAjeVDTTnDEKBpF0Rx5Hnphm/aJbV+EpnbU
PM+Wi5q5YOg+xh0Sl1Qcg6JtWBz8EXk5Lf1lY6c8mTWWszpDZ+Np5AWV8/1f6GYt
iRPDnSJPnvPLivbP90UAVpQTl/PQjOF1iEDb0g7dECseV8oRTytK7obJEqu0eq7p
eQaAyPzwuCDTF6jRBTi5Kf5ssaIUpnCpG7wSxzYzS8Ptx27CdyfcQyvt5eIkTTxW
YUJiP0m2VPphMi5NLbL4xuw6DnbQlZn6unXhOBOYXmXYq8XlsQcKq3QOFRUy0neI
sXRnHE2/7HbhjAqJAthSIwk69m2V8Fs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:31:40 2025 by rpki-client