Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/af73be79-b429-3fe1-9bf1-7a7cf73add57.roa
File:                     af73be79-b429-3fe1-9bf1-7a7cf73add57.roa (raw, json)
Hash identifier:          9ClK/EUgQ3M2vw0mbCB9Kr0BynFppxKhVso4ZNIHDOE=
Subject key identifier:   81:75:80:95:54:22:EE:E3:06:2A:A6:59:B3:EA:6D:34:48:B4:5C:B5
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533319EAB811CB4C5D76DF40
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/af73be79-b429-3fe1-9bf1-7a7cf73add57.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        205.187.48.0/20 maxlen: 20
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:19:ea:b8:11:cb:4c:5d:76:df:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=5883cf39-36a8-4ea8-b422-d920211dc452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:92:3c:dd:eb:78:17:e9:16:b9:7d:5a:21:31:
                    e6:5f:80:16:ee:24:ac:4f:46:66:9a:c3:7e:73:81:
                    70:bd:e2:72:4b:b6:00:a3:fe:c2:cd:3e:b0:b1:f7:
                    d3:b0:7a:96:f0:82:31:ae:ba:7d:79:aa:66:fa:46:
                    89:40:a6:64:57:36:3e:2e:79:d4:77:0d:5e:d0:de:
                    89:97:ed:07:36:77:98:3b:ca:a3:26:cc:b4:1a:3f:
                    c1:2b:d0:1f:43:92:16:78:18:d8:31:96:59:90:d9:
                    11:26:9d:0b:0c:1f:29:c2:24:a1:89:2d:b5:79:28:
                    75:84:2b:73:b8:d2:11:6c:b2:8a:24:f2:fc:c6:9b:
                    66:c7:68:d9:97:50:93:32:e7:49:8d:db:f0:00:09:
                    8c:38:15:2f:c8:20:59:e8:0f:bb:78:09:c9:1f:02:
                    98:91:df:b0:df:6d:11:f3:41:b8:65:1b:3f:ac:cb:
                    03:aa:87:cb:6c:69:a2:f8:4c:a2:ef:38:39:79:9b:
                    14:2b:ca:be:a1:5d:0a:ec:cd:b0:3e:97:4f:6f:77:
                    7f:28:e6:18:95:53:75:5b:62:f6:86:bc:b2:3f:82:
                    61:95:c5:98:50:95:0e:97:78:f8:b5:f3:2d:46:75:
                    f5:7c:f1:1b:cb:1c:93:9b:5f:d4:36:04:b9:ce:5b:
                    d2:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:75:80:95:54:22:EE:E3:06:2A:A6:59:B3:EA:6D:34:48:B4:5C:B5
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/af73be79-b429-3fe1-9bf1-7a7cf73add57.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.187.48.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         46:33:94:4b:c6:cc:08:f8:9c:22:71:02:19:4a:d2:7c:74:d5:
         66:4d:00:f9:cd:8a:43:b7:e4:5b:1b:a4:1b:8f:ae:9c:9c:2b:
         a0:0f:4c:a7:b8:a7:9d:5d:fc:cd:35:11:26:69:dd:91:c0:a7:
         12:8d:d3:41:bd:f1:fc:b1:0a:f4:9e:b2:65:8a:3b:bb:6e:ce:
         16:dd:23:30:9b:f3:6e:47:e9:4f:d9:b0:a7:87:a8:4d:bd:08:
         f0:ff:f1:30:e2:67:ba:49:b5:5a:f2:cf:f3:09:a9:0c:29:90:
         52:8d:e2:73:46:a4:d7:53:09:39:47:e8:9b:f3:60:fe:14:31:
         59:be:4a:e9:29:27:04:4b:1b:4d:e6:0d:86:8f:20:32:ec:4f:
         d3:4b:86:8b:41:06:3f:06:24:0c:03:b8:55:7d:65:2b:56:c1:
         57:3a:c4:8b:ee:d7:ec:4b:b6:b6:f4:6a:f9:f5:dc:ea:4d:ee:
         9b:e0:58:99:a9:01:67:e0:02:5b:fd:7e:14:1e:dd:98:85:23:
         59:5e:7c:e6:20:2c:7f:ba:8c:24:e2:83:02:2f:fb:40:0b:3b:
         83:91:00:f6:d0:9d:4f:56:1e:45:aa:98:71:e1:22:77:12:6d:
         1f:e3:ee:1b:9b:19:d1:6e:5b:3e:2e:49:d8:2a:6a:c4:0d:02:
         d0:82:b6:ff
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMxnquBHLTF1230AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
NTg4M2NmMzktMzZhOC00ZWE4LWI0MjItZDkyMDIxMWRjNDUyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJI83et4F+kWuX1aITHmX4AW7iSsT0ZmmsN+
c4FwveJyS7YAo/7CzT6wsffTsHqW8IIxrrp9eapm+kaJQKZkVzY+LnnUdw1e0N6J
l+0HNneYO8qjJsy0Gj/BK9AfQ5IWeBjYMZZZkNkRJp0LDB8pwiShiS21eSh1hCtz
uNIRbLKKJPL8xptmx2jZl1CTMudJjdvwAAmMOBUvyCBZ6A+7eAnJHwKYkd+w320R
80G4ZRs/rMsDqofLbGmi+Eyi7zg5eZsUK8q+oV0K7M2wPpdPb3d/KOYYlVN1W2L2
hryyP4JhlcWYUJUOl3j4tfMtRnX1fPEbyxyTm1/UNgS5zlvSwQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIF1gJVUIu7jBiqmWbPqbTRItFy1MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvYWY3M2JlNzktYjQyOS0z
ZmUxLTliZjEtN2E3Y2Y3M2FkZDU3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEzbswMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEYzlEvGzAj4nCJxAhlK0nx01WZNAPnNikO35FsbpBuPrpycK6APTKe4
p51d/M01ESZp3ZHApxKN00G98fyxCvSesmWKO7tuzhbdIzCb825H6U/ZsKeHqE29
CPD/8TDiZ7pJtVryz/MJqQwpkFKN4nNGpNdTCTlH6JvzYP4UMVm+SukpJwRLG03m
DYaPIDLsT9NLhotBBj8GJAwDuFV9ZStWwVc6xIvu1+xLtrb0avn13OpN7pvgWJmp
AWfgAlv9fhQe3ZiFI1lefOYgLH+6jCTigwIv+0ALO4ORAPbQnU9WHkWqmHHhIncS
bR/j7hubGdFuWz4uSdgqasQNAtCCtv8=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:58:38 2025 by rpki-client