Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d3cd55dd-4ecd-3e68-86e0-681adaf23bfc.roa
File:                     d3cd55dd-4ecd-3e68-86e0-681adaf23bfc.roa (raw, json)
Hash identifier:          YmfjvKgqJhZdi3RAiMtNb84TkT7ppH4DPCtRevC0qc0=
Subject key identifier:   99:3A:6B:CB:67:07:48:3D:11:7D:DC:10:80:4E:C0:33:4A:BB:28:F7
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D3F2F0AEF03B9E94DFF5AA340
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d3cd55dd-4ecd-3e68-86e0-681adaf23bfc.roa
Signing time:             Tue 15 Mar 2022 04:00:00 +0000
ROA not before:           Tue 15 Mar 2022 04:00:00 +0000
ROA not after:            Tue 07 Mar 2028 05:00:00 +0000
asID:                     7029
IP address blocks:        64.82.0.0/17 maxlen: 17
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:3f:2f:0a:ef:03:b9:e9:4d:ff:5a:a3:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 15 04:00:00 2022 GMT
            Not After : Mar  7 05:00:00 2028 GMT
        Subject: CN=b91f22cf-ea00-4132-a58d-c2fb0fa1ccac
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:88:c6:02:d9:04:0b:a5:9e:0b:da:29:9b:79:1e:
                    27:b7:12:d1:e2:ba:e9:f4:f0:f2:79:c0:67:cd:fc:
                    d9:92:6b:dc:a9:3b:66:24:cd:40:7b:fd:8f:d4:96:
                    0c:b6:23:d1:ab:49:b8:21:b8:de:db:f5:3d:d8:26:
                    b9:83:f1:93:1b:d3:ee:c7:35:b6:34:6d:cc:3d:96:
                    68:a8:0e:e3:60:7a:b3:3f:4f:1f:f8:63:21:5d:77:
                    6f:6e:1a:9c:35:8f:90:38:f6:b4:7f:2a:82:94:be:
                    6c:37:26:b5:07:f8:5c:c6:b5:19:2f:80:b6:e0:22:
                    35:5f:c5:77:ff:70:43:17:42:a9:87:74:89:3f:f7:
                    50:cb:09:71:c1:31:8c:36:54:e8:bc:ae:66:7d:88:
                    16:54:80:fb:bb:83:17:10:23:74:f4:4e:5e:c6:2e:
                    12:aa:83:68:6e:0b:9a:ab:d6:66:0f:bd:8b:c6:6a:
                    9a:e7:c1:9f:b8:f8:7d:78:cf:e9:b0:11:e0:cf:f7:
                    37:83:8d:ef:c4:b8:c8:91:a6:d4:cb:ed:ec:e3:05:
                    11:ae:08:7f:ea:5b:c8:7c:42:a7:f6:83:7d:6c:e9:
                    0b:d3:86:d1:75:bb:e1:00:9e:7f:da:4b:69:54:74:
                    18:c1:e5:85:eb:11:d9:b4:39:28:7a:93:6f:72:6e:
                    f0:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:3A:6B:CB:67:07:48:3D:11:7D:DC:10:80:4E:C0:33:4A:BB:28:F7
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d3cd55dd-4ecd-3e68-86e0-681adaf23bfc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.82.0.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         03:81:be:b4:ac:02:f8:c8:27:e0:df:f1:3e:02:50:8a:b6:62:
         be:71:08:cd:db:3e:be:5d:e5:69:78:f4:6a:3b:ac:96:f7:33:
         a1:10:b9:28:c4:b3:ea:00:97:1d:dc:77:ba:9b:50:6b:86:e8:
         4e:62:14:47:38:3f:38:f0:e2:9d:b9:a2:13:28:a1:c3:c2:d4:
         a0:b4:48:46:cd:7e:c4:f8:55:93:0f:b8:e7:77:ea:01:db:18:
         54:82:71:7a:72:2e:4a:3d:c4:c1:1a:aa:d0:20:23:53:aa:a7:
         5c:ca:62:c4:3a:32:e7:dd:05:42:c7:80:ff:a7:3c:c0:d5:92:
         1b:10:85:76:9a:e2:f3:c7:1f:f8:b7:26:47:6a:90:c3:a8:81:
         3c:bb:7b:3f:08:3d:a0:eb:e4:91:af:bb:d3:af:64:61:22:87:
         fa:63:5b:8c:45:40:2f:d8:4c:f6:0f:3a:eb:60:4b:9e:4f:a9:
         39:80:9a:ce:80:3f:4d:8a:68:24:11:42:93:6d:11:d0:bf:e0:
         44:6e:a6:a0:f4:df:31:30:bf:5f:a1:0d:6e:9f:30:17:cf:99:
         60:38:c2:3e:a5:c1:82:c3:93:c1:7b:4b:bf:ad:7d:85:cb:c6:
         b2:36:3f:f3:fc:90:7c:40:ae:ea:a3:7b:05:77:9e:50:04:40:
         8c:49:16:1d
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0/LwrvA7npTf9ao0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMxNTA0MDAwMFoXDTI4MDMwNzA1MDAwMFowLzEtMCsGA1UEAxMk
YjkxZjIyY2YtZWEwMC00MTMyLWE1OGQtYzJmYjBmYTFjY2FjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMYC2QQLpZ4L2imbeR4ntxLR4rrp9PDyecBn
zfzZkmvcqTtmJM1Ae/2P1JYMtiPRq0m4Ibje2/U92Ca5g/GTG9PuxzW2NG3MPZZo
qA7jYHqzP08f+GMhXXdvbhqcNY+QOPa0fyqClL5sNya1B/hcxrUZL4C24CI1X8V3
/3BDF0Kph3SJP/dQywlxwTGMNlTovK5mfYgWVID7u4MXECN09E5exi4SqoNobgua
q9ZmD72Lxmqa58GfuPh9eM/psBHgz/c3g43vxLjIkabUy+3s4wURrgh/6lvIfEKn
9oN9bOkL04bRdbvhAJ5/2ktpVHQYweWF6xHZtDkoepNvcm7w2wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJk6a8tnB0g9EX3cEIBOwDNKuyj3MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZDNjZDU1ZGQtNGVjZC0z
ZTY4LTg2ZTAtNjgxYWRhZjIzYmZjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHQFIAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAAOBvrSsAvjIJ+Df8T4CUIq2Yr5xCM3bPr5d5Wl49Go7rJb3M6EQuSjE
s+oAlx3cd7qbUGuG6E5iFEc4Pzjw4p25ohMoocPC1KC0SEbNfsT4VZMPuOd36gHb
GFSCcXpyLko9xMEaqtAgI1Oqp1zKYsQ6MufdBULHgP+nPMDVkhsQhXaa4vPHH/i3
JkdqkMOogTy7ez8IPaDr5JGvu9OvZGEih/pjW4xFQC/YTPYPOutgS55PqTmAms6A
P02KaCQRQpNtEdC/4ERupqD03zEwv1+hDW6fMBfPmWA4wj6lwYLDk8F7S7+tfYXL
xrI2P/P8kHxAruqjewV3nlAEQIxJFh0=
-----END CERTIFICATE-----
Generated at Fri Apr 11 22:57:46 2025 by rpki-client