Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d6ff3717-e5d1-38df-8341-033ba6868e60.roa
File:                     d6ff3717-e5d1-38df-8341-033ba6868e60.roa (raw, json)
Hash identifier:          /CMP5URaVtpQUAupVdbvBsci9DVLNrgzNle2ioRbYmc=
Subject key identifier:   77:32:C6:C3:B6:28:AE:58:C9:1C:17:F5:47:54:9B:0D:4B:0B:25:E1
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533319F84ACCB56EAAC5C100
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d6ff3717-e5d1-38df-8341-033ba6868e60.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        205.187.64.0/20 maxlen: 20
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:19:f8:4a:cc:b5:6e:aa:c5:c1:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=0362ea92-e9d3-44d8-855f-e2ad726c3d70
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:8b:a8:0c:8c:ba:35:3d:fc:53:16:eb:71:e4:
                    bf:fb:9b:25:9a:7a:fc:03:b7:95:62:dd:5c:d0:61:
                    a1:fc:2d:fa:63:8b:e1:ab:5d:4f:fa:d5:aa:8a:a7:
                    2d:20:6e:08:b6:5b:19:d9:93:0b:d3:0a:5f:57:6f:
                    1e:5c:be:ce:50:e0:10:8f:d9:ec:3e:d8:6b:24:30:
                    b8:94:7d:11:5d:35:7c:13:21:c4:c7:67:0e:cc:b1:
                    1a:d7:a8:c5:60:f1:bc:6d:d0:3f:50:fd:a1:18:39:
                    0d:68:cb:8d:d3:bb:9e:42:04:79:c6:87:1f:cb:17:
                    e7:ca:ae:13:5c:9d:07:c8:69:43:18:91:14:73:aa:
                    a7:23:ac:e3:bb:8f:d7:59:63:44:e8:7a:0c:67:49:
                    32:7e:74:17:32:1c:74:c1:6d:60:6a:a9:72:e0:60:
                    ed:a1:0f:8e:51:c3:83:a8:9f:25:ee:10:38:e6:82:
                    13:27:a6:35:35:95:89:5d:c5:ef:19:52:40:fe:f9:
                    a0:68:a4:d0:b9:9e:25:f5:fd:bd:96:94:6b:d5:51:
                    f6:72:a2:ea:7a:14:ae:8f:51:53:30:f9:bf:29:fe:
                    21:bc:c9:c8:16:bc:fe:7e:30:f1:e7:bb:d9:0a:3d:
                    9f:7d:8e:ec:cd:67:c5:1f:57:55:f1:65:05:20:e9:
                    f5:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:32:C6:C3:B6:28:AE:58:C9:1C:17:F5:47:54:9B:0D:4B:0B:25:E1
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d6ff3717-e5d1-38df-8341-033ba6868e60.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.187.64.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6e:18:bf:af:8b:80:a6:3c:ed:2b:70:ed:70:cb:a4:15:ca:35:
         fd:6c:92:2d:fb:31:5e:8c:c5:fd:c3:fd:f0:bb:a4:df:1e:f2:
         c7:49:ef:93:cc:be:65:eb:52:b7:c7:6a:6d:fa:10:07:b2:b0:
         c5:4b:3f:a2:d6:30:18:f7:8e:64:ae:f9:20:99:b0:d4:94:27:
         8a:4b:78:20:e9:b8:be:8f:dc:35:72:63:d0:f5:5f:7d:a4:c3:
         93:85:62:9d:d2:70:06:d9:09:5a:3a:3a:c4:b7:63:03:5d:80:
         43:6f:a8:11:e5:eb:61:55:48:92:1c:81:a6:91:4c:76:5d:ae:
         68:5f:09:65:26:bd:18:47:9d:64:61:dc:1b:44:aa:6a:5c:3d:
         ac:92:d3:26:16:0f:b2:7a:07:aa:3d:42:b8:96:3c:9c:97:6d:
         1c:60:ef:7b:a3:c7:c3:c4:df:c7:0e:ca:59:0a:d9:fb:b0:50:
         44:9e:b2:41:3a:47:60:62:1a:d3:c1:f4:cb:e9:54:84:77:e9:
         fc:fc:8f:53:7b:0c:a4:0b:be:10:23:44:83:65:8d:e5:49:4e:
         e6:92:80:10:15:d2:77:5b:12:8e:ae:9c:1f:8b:30:4c:cd:27:
         70:79:c6:b0:ac:1f:a6:88:7c:be:20:8a:e5:5e:68:76:04:93:
         dc:04:2f:1e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMxn4Ssy1bqrFwQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
MDM2MmVhOTItZTlkMy00NGQ4LTg1NWYtZTJhZDcyNmMzZDcwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIuoDIy6NT38UxbrceS/+5slmnr8A7eVYt1c
0GGh/C36Y4vhq11P+tWqiqctIG4ItlsZ2ZML0wpfV28eXL7OUOAQj9nsPthrJDC4
lH0RXTV8EyHEx2cOzLEa16jFYPG8bdA/UP2hGDkNaMuN07ueQgR5xocfyxfnyq4T
XJ0HyGlDGJEUc6qnI6zju4/XWWNE6HoMZ0kyfnQXMhx0wW1gaqly4GDtoQ+OUcOD
qJ8l7hA45oITJ6Y1NZWJXcXvGVJA/vmgaKTQuZ4l9f29lpRr1VH2cqLqehSuj1FT
MPm/Kf4hvMnIFrz+fjDx57vZCj2ffY7szWfFH1dV8WUFIOn14wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFHcyxsO2KK5YyRwX9UdUmw1LCyXhMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZDZmZjM3MTctZTVkMS0z
OGRmLTgzNDEtMDMzYmE2ODY4ZTYwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEzbtAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAG4Yv6+LgKY87Stw7XDLpBXKNf1ski37MV6Mxf3D/fC7pN8e8sdJ75PM
vmXrUrfHam36EAeysMVLP6LWMBj3jmSu+SCZsNSUJ4pLeCDpuL6P3DVyY9D1X32k
w5OFYp3ScAbZCVo6OsS3YwNdgENvqBHl62FVSJIcgaaRTHZdrmhfCWUmvRhHnWRh
3BtEqmpcPayS0yYWD7J6B6o9QriWPJyXbRxg73ujx8PE38cOylkK2fuwUESeskE6
R2BiGtPB9MvpVIR36fz8j1N7DKQLvhAjRINljeVJTuaSgBAV0ndbEo6unB+LMEzN
J3B5xrCsH6aIfL4giuVeaHYEk9wELx4=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:01:46 2025 by rpki-client