Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/dfe56a72-a695-3f14-99d7-06a11f191325.roa
File:                     dfe56a72-a695-3f14-99d7-06a11f191325.roa (raw, json)
Hash identifier:          uS3lDaVmi5H7udSVpbCN+9ULZR8Ppa17ucphutBHWtg=
Subject key identifier:   D5:D0:65:28:15:16:7E:6B:44:64:6B:78:0F:BE:50:56:45:A9:F2:46
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328583D3F2F115F8B9604435ECE5540
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/dfe56a72-a695-3f14-99d7-06a11f191325.roa
Signing time:             Tue 15 Mar 2022 04:00:00 +0000
ROA not before:           Tue 15 Mar 2022 04:00:00 +0000
ROA not after:            Tue 07 Mar 2028 05:00:00 +0000
asID:                     7029
IP address blocks:        64.91.128.0/18 maxlen: 18
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:3f:2f:11:5f:8b:96:04:43:5e:ce:55:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 15 04:00:00 2022 GMT
            Not After : Mar  7 05:00:00 2028 GMT
        Subject: CN=c7c7cbe7-cb4c-4eec-8e85-2adc8f7b4742
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:2a:78:ba:b4:c8:c2:1c:b2:b7:83:03:8c:cd:
                    eb:6a:5d:04:d9:30:08:37:4b:bc:1e:93:4b:a5:4c:
                    12:5f:1f:3c:1e:99:40:26:84:b2:1d:3e:62:e0:0e:
                    16:96:ef:62:4f:0b:df:ca:e0:6b:e4:4c:0b:10:25:
                    5d:df:8d:54:eb:31:b8:e2:20:fe:ab:82:31:ba:9e:
                    8c:67:68:20:05:b3:fc:5b:1a:eb:46:9b:79:9c:d6:
                    a7:51:ac:f6:e1:2f:9e:7b:66:7a:3d:ba:65:f8:5f:
                    bc:4c:59:f2:4f:dd:72:fb:d9:4f:f9:14:50:e3:20:
                    57:be:69:0e:e6:c4:df:42:ed:f9:fa:d3:c6:3e:6e:
                    c7:9a:e6:4d:c1:68:f5:34:c9:d9:c0:bc:b4:8f:1b:
                    fb:0e:44:3e:7f:85:d0:7e:fd:14:67:83:23:50:1a:
                    f8:c8:b3:87:ef:83:45:ca:6f:a7:99:3a:7d:a4:ee:
                    9b:2d:7f:d5:cb:67:e9:05:7b:86:b1:48:7b:73:ab:
                    0f:50:35:6d:7a:26:b3:ed:11:de:4b:11:89:91:97:
                    2e:12:4f:cc:7d:35:8b:64:a2:83:de:36:46:d6:5e:
                    1f:04:bc:fd:10:9b:27:f1:8f:0a:2e:51:1e:7a:58:
                    c6:a2:b2:13:db:ce:ea:6a:6c:31:5f:d4:b4:a5:b1:
                    e0:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:D0:65:28:15:16:7E:6B:44:64:6B:78:0F:BE:50:56:45:A9:F2:46
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/dfe56a72-a695-3f14-99d7-06a11f191325.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.91.128.0/18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         58:1d:e4:5a:d9:dc:18:4d:ef:19:2d:ab:fa:a4:12:c7:88:56:
         4f:d7:2a:04:d0:ee:99:e2:37:e2:df:6b:c1:ae:76:4f:d0:a1:
         d5:52:1b:79:cc:ad:c0:75:cd:7b:41:a1:d9:c4:61:3c:3e:15:
         8a:25:28:f4:54:64:96:e3:94:63:a0:29:30:b1:36:6f:6a:dc:
         c4:c8:4f:7b:82:1c:c2:a0:ac:4d:7e:30:bd:32:4b:5d:9d:53:
         d0:d0:5e:98:54:5b:86:4f:27:94:d9:9a:43:81:bf:06:18:41:
         45:cb:3f:2b:db:4e:d8:a8:e5:82:e1:06:93:c6:01:0e:8a:82:
         75:c6:c3:4a:e1:77:4d:6c:10:f5:1b:17:88:47:17:c2:91:74:
         df:a8:49:18:d6:30:b5:d1:45:c3:d2:59:f1:5c:16:06:fd:4d:
         3e:6b:f1:64:ed:66:59:c2:ed:8d:ee:ef:f7:8d:c8:fb:0e:3b:
         5b:1a:0e:6d:47:04:6e:d1:35:f3:1a:22:06:10:4b:46:99:39:
         64:17:41:00:97:0f:b6:89:27:1c:e1:b1:be:02:61:40:80:f9:
         52:13:9d:4a:5d:b3:1a:1d:48:44:dc:66:4c:49:e5:de:7e:1e:
         7b:74:18:51:a8:74:72:f8:86:7d:b4:63:4e:92:ca:64:f1:1f:
         4a:59:38:ea
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0/LxFfi5YEQ17OVUAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTIyMDMxNTA0MDAwMFoXDTI4MDMwNzA1MDAwMFowLzEtMCsGA1UEAxMk
YzdjN2NiZTctY2I0Yy00ZWVjLThlODUtMmFkYzhmN2I0NzQyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSp4urTIwhyyt4MDjM3ral0E2TAIN0u8HpNL
pUwSXx88HplAJoSyHT5i4A4Wlu9iTwvfyuBr5EwLECVd341U6zG44iD+q4Ixup6M
Z2ggBbP8WxrrRpt5nNanUaz24S+ee2Z6Pbpl+F+8TFnyT91y+9lP+RRQ4yBXvmkO
5sTfQu35+tPGPm7HmuZNwWj1NMnZwLy0jxv7DkQ+f4XQfv0UZ4MjUBr4yLOH74NF
ym+nmTp9pO6bLX/Vy2fpBXuGsUh7c6sPUDVteiaz7RHeSxGJkZcuEk/MfTWLZKKD
3jZG1l4fBLz9EJsn8Y8KLlEeeljGorIT287qamwxX9S0pbHgGwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNXQZSgVFn5rRGRreA++UFZFqfJGMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZGZlNTZhNzItYTY5NS0z
ZjE0LTk5ZDctMDZhMTFmMTkxMzI1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGQFuAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFgd5FrZ3BhN7xktq/qkEseIVk/XKgTQ7pniN+Lfa8Gudk/QodVSG3nM
rcB1zXtBodnEYTw+FYolKPRUZJbjlGOgKTCxNm9q3MTIT3uCHMKgrE1+ML0yS12d
U9DQXphUW4ZPJ5TZmkOBvwYYQUXLPyvbTtio5YLhBpPGAQ6KgnXGw0rhd01sEPUb
F4hHF8KRdN+oSRjWMLXRRcPSWfFcFgb9TT5r8WTtZlnC7Y3u7/eNyPsOO1saDm1H
BG7RNfMaIgYQS0aZOWQXQQCXD7aJJxzhsb4CYUCA+VITnUpdsxodSETcZkxJ5d5+
Hnt0GFGodHL4hn20Y06SymTxH0pZOOo=
-----END CERTIFICATE-----
Generated at Sat Apr 12 00:00:59 2025 by rpki-client