Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/bbd7624e-b6ce-3f10-a2ca-87955f09d8b5.roa
File:                     bbd7624e-b6ce-3f10-a2ca-87955f09d8b5.roa (raw, json)
Hash identifier:          /7nrpqyU/LI9ux1vk+KfGnG351lUn7V7lCgXyKXevi4=
Subject key identifier:   0A:7D:E2:A9:4F:B7:C5:78:2F:DA:01:37:CC:17:0E:41:FF:61:F5:C1
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D3F33A3D65AE23271CD7AE080
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/bbd7624e-b6ce-3f10-a2ca-87955f09d8b5.roa
Signing time:             Tue 15 Mar 2022 04:00:00 +0000
ROA not before:           Tue 15 Mar 2022 04:00:00 +0000
ROA not after:            Tue 07 Mar 2028 05:00:00 +0000
asID:                     7029
IP address blocks:        64.233.0.0/17 maxlen: 17
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:3f:33:a3:d6:5a:e2:32:71:cd:7a:e0:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 15 04:00:00 2022 GMT
            Not After : Mar  7 05:00:00 2028 GMT
        Subject: CN=a1ce083b-a692-465b-a048-004c1678dd10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:84:2a:c7:cb:a2:10:bb:44:a5:85:e7:8f:67:ef:
                    00:e3:ed:79:67:5a:8f:88:17:4a:9a:e4:e1:56:51:
                    be:bc:24:b5:cc:28:f9:c6:79:d6:26:8f:28:37:0d:
                    17:67:a3:03:47:58:b4:a3:c1:ed:2f:ab:af:9c:71:
                    d1:b1:e3:f9:80:4d:f2:5c:98:3f:dc:88:d8:51:c2:
                    30:66:82:9a:88:fb:7e:4f:6e:f2:69:da:db:75:a6:
                    64:f5:04:41:43:9f:36:be:76:c5:3d:1a:cf:30:b7:
                    51:c6:05:ec:14:f9:e6:8b:11:e0:e5:84:d1:16:5c:
                    b5:5b:ad:23:93:db:ab:1a:ce:9b:61:b2:97:63:be:
                    bc:f5:9d:f6:36:fe:8b:42:8d:69:ef:f7:6f:66:6b:
                    87:ff:97:85:12:74:ca:6a:bd:b1:14:86:ed:ea:53:
                    1f:5e:3f:cf:2f:be:d2:2b:ba:7d:a9:1e:6f:7e:1b:
                    1e:10:a4:68:48:85:02:0f:53:82:12:bc:06:93:e9:
                    6e:a3:90:ad:ea:c9:ba:f7:09:82:84:78:1e:db:6d:
                    7e:37:5e:cc:21:c3:6b:c3:3f:f9:0e:74:01:e8:38:
                    18:4e:7c:58:af:df:12:31:7a:56:49:49:31:0a:d9:
                    60:4e:6c:2c:d2:e3:9d:14:fe:86:99:20:84:4e:f8:
                    f4:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:7D:E2:A9:4F:B7:C5:78:2F:DA:01:37:CC:17:0E:41:FF:61:F5:C1
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/bbd7624e-b6ce-3f10-a2ca-87955f09d8b5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.233.0.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6b:51:63:4b:59:d3:97:93:c9:1b:da:5a:f6:79:45:2e:d5:30:
         5b:f6:a8:56:90:2a:ac:7d:64:94:94:29:d1:1d:9b:32:21:97:
         9c:cb:ce:41:cf:10:cf:7a:e0:79:58:90:45:fa:88:75:5b:e8:
         a7:a6:93:d8:c8:f6:8c:87:7d:a7:7e:b6:47:b1:a5:12:79:76:
         ed:d4:9d:07:03:ad:3d:93:13:be:92:ed:06:a5:a6:59:e6:d8:
         07:a2:cd:6a:49:dc:77:84:7d:3a:9e:c3:eb:ed:ee:89:d0:61:
         03:5a:54:97:9f:1c:91:77:b9:29:07:b2:3d:b4:b7:59:7f:f9:
         9f:0d:b8:bd:5c:ee:5e:32:af:2c:f5:67:a8:4f:07:df:20:61:
         64:85:d9:28:d4:68:9c:38:03:d9:c3:5f:63:e7:af:e5:68:cc:
         f5:30:41:bc:1a:d1:9f:b9:23:76:4f:bc:ac:14:1c:99:76:08:
         a5:09:a5:55:e0:b6:26:5c:de:42:27:bf:7f:91:6f:9c:c3:07:
         19:6e:cf:21:01:55:b9:64:e5:01:29:62:b8:14:47:02:52:74:
         5f:d7:2e:e0:c1:35:6c:ae:6a:5b:0c:d3:6b:12:9f:de:0b:33:
         8b:5e:df:96:dd:c1:03:97:68:85:05:94:a6:9d:8a:f8:b5:f1:
         ad:07:23:f0
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0/M6PWWuIycc164IAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMxNTA0MDAwMFoXDTI4MDMwNzA1MDAwMFowLzEtMCsGA1UEAxMk
YTFjZTA4M2ItYTY5Mi00NjViLWEwNDgtMDA0YzE2NzhkZDEwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhCrHy6IQu0SlheePZ+8A4+15Z1qPiBdKmuTh
VlG+vCS1zCj5xnnWJo8oNw0XZ6MDR1i0o8HtL6uvnHHRseP5gE3yXJg/3IjYUcIw
ZoKaiPt+T27yadrbdaZk9QRBQ582vnbFPRrPMLdRxgXsFPnmixHg5YTRFly1W60j
k9urGs6bYbKXY7689Z32Nv6LQo1p7/dvZmuH/5eFEnTKar2xFIbt6lMfXj/PL77S
K7p9qR5vfhseEKRoSIUCD1OCErwGk+luo5Ct6sm69wmChHge221+N17MIcNrwz/5
DnQB6DgYTnxYr98SMXpWSUkxCtlgTmws0uOdFP6GmSCETvj0uQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAp94qlPt8V4L9oBN8wXDkH/YfXBMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvYmJkNzYyNGUtYjZjZS0z
ZjEwLWEyY2EtODc5NTVmMDlkOGI1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHQOkAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGtRY0tZ05eTyRvaWvZ5RS7VMFv2qFaQKqx9ZJSUKdEdmzIhl5zLzkHP
EM964HlYkEX6iHVb6Kemk9jI9oyHfad+tkexpRJ5du3UnQcDrT2TE76S7Qalplnm
2AeizWpJ3HeEfTqew+vt7onQYQNaVJefHJF3uSkHsj20t1l/+Z8NuL1c7l4yryz1
Z6hPB98gYWSF2SjUaJw4A9nDX2Pnr+VozPUwQbwa0Z+5I3ZPvKwUHJl2CKUJpVXg
tiZc3kInv3+Rb5zDBxluzyEBVblk5QEpYrgURwJSdF/XLuDBNWyualsM02sSn94L
M4te35bdwQOXaIUFlKadivi18a0HI/A=
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:20:51 2025 by rpki-client