Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/e16c280a-dc10-3efb-a3dd-768e900b7c97.roa
File:                     e16c280a-dc10-3efb-a3dd-768e900b7c97.roa (raw, json)
Hash identifier:          Lz/1ktmpwtUPcw2aXwWDiryuvnDrEOlo4+j49kJePCI=
Subject key identifier:   73:44:FA:77:10:BE:BF:14:AE:47:E4:B7:31:02:C9:0F:5A:CF:DC:9D
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584711E085FBEC84F15A599FE700
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/e16c280a-dc10-3efb-a3dd-768e900b7c97.roa
Signing time:             Sun 01 Sep 2024 13:00:41 +0000
ROA not before:           Sun 01 Sep 2024 13:00:41 +0000
ROA not after:            Sat 30 Nov 2024 14:00:41 +0000
asID:                     7029
IP address blocks:        216.36.48.0/20 maxlen: 20
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:11:e0:85:fb:ec:84:f1:5a:59:9f:e7:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Sep  1 13:00:41 2024 GMT
            Not After : Nov 30 14:00:41 2024 GMT
        Subject: CN=de3041fb-7d21-4925-9b04-5e3ee8a5c9a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:9a:ac:06:3e:8a:d0:95:04:86:3a:10:0c:1d:
                    61:ee:87:76:ba:c0:f5:b2:b2:54:3d:e4:33:bc:9b:
                    75:90:20:7c:3d:12:19:13:74:45:d0:1d:ad:99:a1:
                    08:33:96:80:90:c9:a6:ed:7e:c2:1e:34:f3:50:7a:
                    17:75:e8:10:39:fa:a6:ee:16:56:a9:a5:b2:ee:45:
                    84:66:b6:6f:ff:c9:26:92:7b:c5:1c:3d:57:59:74:
                    cc:1a:b5:6c:9b:69:34:af:c5:d0:7f:61:c2:a5:79:
                    e5:54:d3:ed:a7:07:06:b7:b6:3c:17:4b:9a:a1:50:
                    ba:c6:ee:a2:6c:00:6e:ce:78:4d:5c:8c:9d:91:93:
                    ad:6f:34:34:f8:f4:1d:7f:56:39:a0:10:2c:51:98:
                    3d:16:55:b3:1b:22:1a:25:cb:c3:28:49:d4:ad:ba:
                    63:17:d1:21:89:e9:47:37:c6:bb:8f:3c:2f:3a:9f:
                    37:bd:dc:d2:97:5b:d1:ee:2e:e0:a4:45:03:78:12:
                    61:f5:82:6b:ca:7c:c3:13:ea:8f:c5:48:c7:17:09:
                    a7:8c:81:2c:5d:40:69:c9:e0:9c:c5:b9:53:2e:88:
                    ad:01:e1:3a:2b:23:c2:0a:44:d2:d4:be:23:cc:a7:
                    98:1a:1a:8f:74:76:6b:aa:d4:fc:5d:00:82:8d:04:
                    ef:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:44:FA:77:10:BE:BF:14:AE:47:E4:B7:31:02:C9:0F:5A:CF:DC:9D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/e16c280a-dc10-3efb-a3dd-768e900b7c97.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.36.48.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         95:3b:29:a7:5a:c8:a0:9f:c9:67:89:d8:e5:a1:78:9b:c0:d5:
         af:63:90:aa:64:3e:70:37:7a:b8:01:c9:47:16:75:4f:0b:cc:
         64:32:af:6e:e2:e3:97:2a:f8:f4:37:b6:2c:34:f0:2f:bc:21:
         c8:78:5c:86:99:30:a3:6a:b8:8c:d7:0a:1a:89:89:18:65:24:
         fd:77:1a:e9:3f:a5:9a:8e:30:b0:dd:8a:4b:f2:5d:95:e3:e4:
         86:d0:69:c5:11:e0:c0:0c:e9:47:af:05:b3:80:3a:2f:0b:aa:
         2f:d4:aa:0c:63:97:89:45:f7:eb:07:b3:56:f1:7e:c7:c9:dc:
         7e:76:79:aa:e7:a3:39:46:83:5c:0d:d7:ce:a8:38:a3:c9:35:
         d5:41:4e:ee:f3:cf:ac:c1:8f:9c:37:03:b5:78:97:5b:3d:63:
         f7:ed:1f:a4:5d:15:3e:24:7a:6c:dc:c9:ed:db:25:33:cb:4b:
         23:98:d7:39:76:75:5d:24:cd:51:bb:6e:69:5d:f1:92:97:4a:
         56:54:63:3b:49:92:83:2a:5e:03:5b:d2:58:9a:4a:87:06:29:
         ba:71:74:64:e2:81:67:06:bb:71:2c:60:36:0e:04:81:f9:77:
         35:07:ee:bd:b1:14:08:53:04:35:38:13:a4:73:4b:44:d3:92:
         a4:7e:f4:d1
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEcR4IX77ITxWlmf5wAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDkwMTEzMDA0MVoXDTI0MTEzMDE0MDA0MVowLzEtMCsGA1UEAxMk
ZGUzMDQxZmItN2QyMS00OTI1LTliMDQtNWUzZWU4YTVjOWE0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJqsBj6K0JUEhjoQDB1h7od2usD1srJUPeQz
vJt1kCB8PRIZE3RF0B2tmaEIM5aAkMmm7X7CHjTzUHoXdegQOfqm7hZWqaWy7kWE
ZrZv/8kmknvFHD1XWXTMGrVsm2k0r8XQf2HCpXnlVNPtpwcGt7Y8F0uaoVC6xu6i
bABuznhNXIydkZOtbzQ0+PQdf1Y5oBAsUZg9FlWzGyIaJcvDKEnUrbpjF9EhielH
N8a7jzwvOp83vdzSl1vR7i7gpEUDeBJh9YJrynzDE+qPxUjHFwmnjIEsXUBpyeCc
xblTLoitAeE6KyPCCkTS1L4jzKeYGhqPdHZrqtT8XQCCjQTvLwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFHNE+ncQvr8UrkfktzECyQ9az9ydMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZTE2YzI4MGEtZGMxMC0z
ZWZiLWEzZGQtNzY4ZTkwMGI3Yzk3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE2CQwMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJU7KadayKCfyWeJ2OWheJvA1a9jkKpkPnA3ergByUcWdU8LzGQyr27i
45cq+PQ3tiw08C+8Ich4XIaZMKNquIzXChqJiRhlJP13Guk/pZqOMLDdikvyXZXj
5IbQacUR4MAM6UevBbOAOi8Lqi/Uqgxjl4lF9+sHs1bxfsfJ3H52earnozlGg1wN
186oOKPJNdVBTu7zz6zBj5w3A7V4l1s9Y/ftH6RdFT4kemzcye3bJTPLSyOY1zl2
dV0kzVG7bmld8ZKXSlZUYztJkoMqXgNb0liaSocGKbpxdGTigWcGu3EsYDYOBIH5
dzUH7r2xFAhTBDU4E6RzS0TTkqR+9NE=
-----END CERTIFICATE-----
Generated at Fri Apr 11 23:56:47 2025 by rpki-client