Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/25faa0f3-e5c7-3f42-ab44-ce5fe431995b.roa
File:                     25faa0f3-e5c7-3f42-ab44-ce5fe431995b.roa (raw, json)
Hash identifier:          h76W+yiKlfDFf0ka2ZPLXiMc4X+5h9WR48HAM/qF1HU=
Subject key identifier:   6F:66:F8:35:97:BF:E5:A1:B7:F2:54:9C:5B:68:F0:CA:D9:5A:29:67
Certificate issuer:       /CN=9f983207-8073-42af-88ee-df4902c8adaf
Certificate serial:       010D0C9F4328584319568489B9A74CCF5BA20140
Authority key identifier: C3:2C:B9:FB:7A:22:7F:4A:05:1E:4A:99:A8:FB:6E:8D:68:59:CA:A1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/25faa0f3-e5c7-3f42-ab44-ce5fe431995b.roa
Signing time:             Sun 03 Sep 2023 10:01:44 +0000
ROA not before:           Sun 03 Sep 2023 10:01:44 +0000
ROA not after:            Sat 02 Dec 2023 11:01:44 +0000
asID:                     65536
IP address blocks:        2620:bd:a000::/48 maxlen: 52

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:19:56:84:89:b9:a7:4c:cf:5b:a2:01:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f983207-8073-42af-88ee-df4902c8adaf
        Validity
            Not Before: Sep  3 10:01:44 2023 GMT
            Not After : Dec  2 11:01:44 2023 GMT
        Subject: CN=e584ffea-42e7-4155-a18c-2b7b9146077e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:f7:bb:1b:62:2f:7c:ad:de:21:0c:5b:4c:ea:
                    35:f5:c5:f1:dc:5b:1c:86:dc:73:a9:24:4e:84:cd:
                    d7:4f:2c:4f:8a:2c:ca:75:cb:9b:14:6f:c4:26:5c:
                    a3:f9:f8:50:32:f5:7e:53:18:7b:1e:72:c7:7a:25:
                    49:af:91:1d:91:cb:4a:0b:ff:96:fb:63:16:4a:b5:
                    b7:3d:7f:e6:90:bb:49:1f:82:8e:c8:3a:d8:09:4a:
                    6d:19:48:a1:6f:5f:25:64:38:fe:10:eb:1b:b8:08:
                    ec:a9:e4:71:63:0c:fd:85:b2:81:16:31:e1:99:f9:
                    0a:e8:ea:47:8b:ea:25:11:67:42:66:87:2c:27:6b:
                    8a:d0:4e:10:16:5a:40:86:7f:6f:f9:09:cc:43:89:
                    13:f8:d0:35:c6:f0:78:86:07:c6:25:73:f8:2e:07:
                    f4:c0:74:09:e0:49:83:d4:75:da:25:51:bd:ad:6a:
                    b6:b3:6b:d2:4d:73:9d:b5:6e:ab:2b:fa:61:58:5c:
                    57:6f:30:71:ce:39:8a:03:b4:f2:19:f0:e4:a3:b3:
                    45:22:23:16:37:24:1a:c4:4e:f6:8b:a5:0b:ec:33:
                    69:d0:67:29:fd:f3:81:63:dd:fa:8a:aa:02:30:88:
                    fc:5d:f8:a4:36:06:45:04:d4:c7:53:e8:89:20:a7:
                    e2:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:66:F8:35:97:BF:E5:A1:B7:F2:54:9C:5B:68:F0:CA:D9:5A:29:67
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/25faa0f3-e5c7-3f42-ab44-ce5fe431995b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/9f983207-8073-42af-88ee-df4902c8adaf.crl

            X509v3 Authority Key Identifier:
                keyid:C3:2C:B9:FB:7A:22:7F:4A:05:1E:4A:99:A8:FB:6E:8D:68:59:CA:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:bd:a000::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         bc:04:72:43:b2:f9:13:68:b2:7f:68:57:04:02:cb:c1:00:7b:
         c5:8d:74:80:4c:b2:11:62:04:38:be:c2:a9:2e:22:06:51:c0:
         06:91:ac:32:3a:2f:95:7e:a9:1b:ed:f8:0b:d8:0c:c9:d8:78:
         2b:e9:13:66:a9:dc:26:cd:bd:12:a5:96:bd:7c:d0:bd:fc:20:
         1f:3e:61:2e:da:8c:4f:b5:cc:18:cc:9b:e4:49:a6:a6:45:1e:
         09:72:d8:46:04:88:f1:b6:b7:6c:50:c1:13:02:9a:e6:9d:78:
         eb:7c:b5:ff:04:9c:b1:1c:aa:ef:72:fa:fb:95:49:43:5e:04:
         8d:11:13:41:33:72:5c:fc:1a:9a:1e:3f:7a:5b:5e:9a:dc:54:
         18:b5:c3:69:bb:5f:91:d8:c2:16:68:c7:72:b9:20:13:2f:df:
         5e:98:95:c8:c8:0f:eb:e9:c9:39:2e:22:72:ba:67:3a:02:7b:
         4f:44:ae:d4:c8:1e:98:19:38:c1:40:86:ec:ed:09:b3:28:ab:
         5d:7d:0d:1f:bb:1c:1b:85:61:d9:67:8c:cb:5c:7a:f4:9a:3c:
         d4:05:73:58:ed:20:c9:f8:fb:74:11:1b:bf:fa:97:0c:e0:d3:
         13:d6:1f:ff:fc:8c:46:77:65:8a:f7:15:15:27:98:17:e6:56:
         b1:ff:42:e9
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEMZVoSJuadMz1uiAUAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOWY5ODMyMDctODA3My00MmFmLTg4ZWUtZGY0OTAyYzhh
ZGFmMB4XDTIzMDkwMzEwMDE0NFoXDTIzMTIwMjExMDE0NFowLzEtMCsGA1UEAxMk
ZTU4NGZmZWEtNDJlNy00MTU1LWExOGMtMmI3YjkxNDYwNzdlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6fe7G2IvfK3eIQxbTOo19cXx3FschtxzqSRO
hM3XTyxPiizKdcubFG/EJlyj+fhQMvV+Uxh7HnLHeiVJr5EdkctKC/+W+2MWSrW3
PX/mkLtJH4KOyDrYCUptGUihb18lZDj+EOsbuAjsqeRxYwz9hbKBFjHhmfkK6OpH
i+olEWdCZocsJ2uK0E4QFlpAhn9v+QnMQ4kT+NA1xvB4hgfGJXP4Lgf0wHQJ4EmD
1HXaJVG9rWq2s2vSTXOdtW6rK/phWFxXbzBxzjmKA7TyGfDko7NFIiMWNyQaxE72
i6UL7DNp0Gcp/fOBY936iqoCMIj8XfikNgZFBNTHU+iJIKfibwIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFG9m+DWXv+Wht/JUnFto8MrZWilnMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi85Zjk4
MzIwNy04MDczLTQyYWYtODhlZS1kZjQ5MDJjOGFkYWYvMjVmYWEwZjMtZTVjNy0z
ZjQyLWFiNDQtY2U1ZmU0MzE5OTViLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81YjdmYjEyMi1k
ZmRmLTRjMGMtYjkwZC0zYmM3YTVmZWI4MmIvOWY5ODMyMDctODA3My00MmFmLTg4
ZWUtZGY0OTAyYzhhZGFmLzlmOTgzMjA3LTgwNzMtNDJhZi04OGVlLWRmNDkwMmM4
YWRhZi5jcmwwHwYDVR0jBBgwFoAUwyy5+3oif0oFHkqZqPtujWhZyqEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMw
Yy1iOTBkLTNiYzdhNWZlYjgyYi85Zjk4MzIwNy04MDczLTQyYWYtODhlZS1kZjQ5
MDJjOGFkYWYuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAvaAA
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBALwEckOy+RNosn9oVwQCy8EAe8WNdIBMshFiBDi+wqkuIgZRwAaR
rDI6L5V+qRvt+AvYDMnYeCvpE2ap3CbNvRKllr180L38IB8+YS7ajE+1zBjMm+RJ
pqZFHgly2EYEiPG2t2xQwRMCmuadeOt8tf8EnLEcqu9y+vuVSUNeBI0RE0Ezclz8
GpoeP3pbXprcVBi1w2m7X5HYwhZox3K5IBMv316YlcjID+vpyTkuInK6ZzoCe09E
rtTIHpgZOMFAhuztCbMoq119DR+7HBuFYdlnjMtcevSaPNQFc1jtIMn4+3QRG7/6
lwzg0xPWH//8jEZ3ZYr3FRUnmBfmVrH/Quk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:14 2024 by rpki-client on console-fra.rpki-client.org