Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/f4d19e41-81d0-3e50-adec-aba4fb6646da.roa
File:                     f4d19e41-81d0-3e50-adec-aba4fb6646da.roa (raw, json)
Hash identifier:          VH44zaM1igBJvehD1UNn2uUg8pSNTKtLwtKWdcGHyps=
Subject key identifier:   C0:87:D6:5E:DA:A7:EE:37:84:F6:AA:60:5E:D5:8A:F2:3D:CC:7A:C1
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553332A46FFC5CCA709868A00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/f4d19e41-81d0-3e50-adec-aba4fb6646da.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        216.135.128.0/17 maxlen: 17
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:2a:46:ff:c5:cc:a7:09:86:8a:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=9a31d4c9-3488-4e18-8d53-5a027fc3eac0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:bb:ad:22:ac:d6:39:ee:0b:9c:31:de:8d:6e:
                    66:82:58:26:b8:c0:9c:06:ef:3b:4e:09:b5:3e:03:
                    bf:bc:f6:4b:ed:12:5b:f6:e8:e5:94:68:2b:96:d0:
                    47:6b:67:32:a6:bf:29:7f:44:0b:1f:81:fe:47:63:
                    7e:19:1f:f3:07:55:ae:6a:78:ac:56:18:32:37:e3:
                    09:53:8e:c0:03:b9:ea:8b:5b:12:53:b9:41:1e:59:
                    3e:88:e0:31:c1:15:45:82:a0:c6:b5:8f:fb:43:b8:
                    16:8e:7a:e1:fc:7e:10:1d:61:bf:1b:4d:32:00:f3:
                    86:1a:bc:61:07:a1:c9:ce:6d:b8:ab:91:c5:31:69:
                    67:73:90:e0:97:1f:50:7a:a8:ad:21:f4:fa:ed:fb:
                    11:78:c4:49:15:2c:0c:a1:fd:62:a1:a1:28:1e:85:
                    8d:88:ae:e2:39:e4:fc:1f:d2:27:6c:f3:2f:27:10:
                    a5:96:82:fe:14:df:32:90:eb:89:c1:e2:5e:b4:ec:
                    54:ed:c2:88:36:be:cd:5b:f9:82:79:3d:02:7a:dd:
                    3f:8c:12:3f:e9:cc:a8:fb:a6:05:ec:56:c4:6e:e4:
                    22:a0:45:8f:64:43:8a:92:8a:54:f3:6f:15:49:97:
                    80:62:79:b6:e4:83:48:08:c4:1c:30:47:ca:47:3f:
                    a4:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:87:D6:5E:DA:A7:EE:37:84:F6:AA:60:5E:D5:8A:F2:3D:CC:7A:C1
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/f4d19e41-81d0-3e50-adec-aba4fb6646da.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.135.128.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5b:93:75:ad:01:b8:57:a1:73:7c:c1:83:fe:a9:40:28:0d:96:
         91:12:b9:30:26:b4:33:88:5f:92:7f:2b:30:04:8b:48:d0:dd:
         ca:76:66:90:87:41:a9:d0:fd:a2:c2:77:d2:e1:95:8d:92:8b:
         fc:12:2f:91:b7:5a:20:7e:6f:1c:a0:7a:f3:3e:05:6a:b5:74:
         19:71:4b:92:0f:a0:7d:39:c3:12:f1:5a:64:ad:a5:20:9f:e7:
         e5:d2:41:78:c9:92:d1:17:6c:15:78:8d:c2:78:58:b1:01:80:
         95:71:c7:01:7a:5f:e6:50:a2:9d:24:19:ae:29:9e:12:5d:b7:
         2f:ac:c5:4a:7c:0c:be:fa:a5:cc:3a:e8:88:e0:db:ab:a5:b6:
         cd:37:97:0f:76:05:40:97:d1:b1:ae:ec:ca:bb:5b:35:24:a6:
         78:97:3d:01:de:91:3c:13:1a:5c:a7:48:7c:24:00:ff:28:79:
         eb:21:e0:3c:c8:70:b8:ea:8a:13:67:c5:aa:06:2a:74:f4:c0:
         d9:65:bc:f4:b2:aa:c5:2a:9d:41:03:92:c4:05:e0:e7:da:5d:
         82:93:4f:3a:4d:7d:af:ba:cd:48:14:4a:15:5a:88:1c:15:72:
         24:95:ee:67:0a:ed:5d:ec:62:b3:85:14:ce:18:50:7a:41:d4:
         99:8a:72:12
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMypG/8XMpwmGigAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
OWEzMWQ0YzktMzQ4OC00ZTE4LThkNTMtNWEwMjdmYzNlYWMwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrutIqzWOe4LnDHejW5mglgmuMCcBu87Tgm1
PgO/vPZL7RJb9ujllGgrltBHa2cypr8pf0QLH4H+R2N+GR/zB1WuanisVhgyN+MJ
U47AA7nqi1sSU7lBHlk+iOAxwRVFgqDGtY/7Q7gWjnrh/H4QHWG/G00yAPOGGrxh
B6HJzm24q5HFMWlnc5Dglx9QeqitIfT67fsReMRJFSwMof1ioaEoHoWNiK7iOeT8
H9InbPMvJxClloL+FN8ykOuJweJetOxU7cKINr7NW/mCeT0Cet0/jBI/6cyo+6YF
7FbEbuQioEWPZEOKkopU828VSZeAYnm25INICMQcMEfKRz+kzQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFMCH1l7ap+43hPaqYF7VivI9zHrBMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZjRkMTllNDEtODFkMC0z
ZTUwLWFkZWMtYWJhNGZiNjY0NmRhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH2IeAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFuTda0BuFehc3zBg/6pQCgNlpESuTAmtDOIX5J/KzAEi0jQ3cp2ZpCH
QanQ/aLCd9LhlY2Si/wSL5G3WiB+bxygevM+BWq1dBlxS5IPoH05wxLxWmStpSCf
5+XSQXjJktEXbBV4jcJ4WLEBgJVxxwF6X+ZQop0kGa4pnhJdty+sxUp8DL76pcw6
6Ijg26ults03lw92BUCX0bGu7Mq7WzUkpniXPQHekTwTGlynSHwkAP8oeesh4DzI
cLjqihNnxaoGKnT0wNllvPSyqsUqnUEDksQF4OfaXYKTTzpNfa+6zUgUShVaiBwV
ciSV7mcK7V3sYrOFFM4YUHpB1JmKchI=
-----END CERTIFICATE-----
Generated at Tue Apr 15 14:55:11 2025 by rpki-client