Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/e5594a63-b220-3233-9f14-1f838dd362c1.roa
File:                     e5594a63-b220-3233-9f14-1f838dd362c1.roa (raw, json)
Hash identifier:          gKxWr6rfpEzNewUlM9GX4Zk0MIhKx4vio/Vv/OWgZxs=
Subject key identifier:   52:20:B3:15:B3:FF:7B:85:49:1D:07:CB:E3:30:63:A5:D4:CC:56:A0
Certificate issuer:       /CN=9f983207-8073-42af-88ee-df4902c8adaf
Certificate serial:       010D0C9F4328584309A72D2EBF2FC44E059196A0
Authority key identifier: C3:2C:B9:FB:7A:22:7F:4A:05:1E:4A:99:A8:FB:6E:8D:68:59:CA:A1
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/e5594a63-b220-3233-9f14-1f838dd362c1.roa
Signing time:             Mon 28 Aug 2023 19:11:19 +0000
ROA not before:           Mon 28 Aug 2023 19:11:19 +0000
ROA not after:            Sun 26 Nov 2023 20:11:19 +0000
asID:                     53416
IP address blocks:        2620:bd:a000::/48 maxlen: 52

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:09:a7:2d:2e:bf:2f:c4:4e:05:91:96:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9f983207-8073-42af-88ee-df4902c8adaf
        Validity
            Not Before: Aug 28 19:11:19 2023 GMT
            Not After : Nov 26 20:11:19 2023 GMT
        Subject: CN=ebf2b4e2-cd1a-42ed-9c9d-0752de3dad69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:79:5c:34:d4:d8:2a:2d:63:56:e8:82:e6:dc:
                    7d:93:c0:7e:90:88:aa:7c:4e:2b:e9:c9:04:e8:8a:
                    8c:15:9c:f5:80:fc:86:48:61:ef:3b:2c:c6:51:32:
                    cc:8a:05:6a:64:7e:9c:24:16:c0:17:12:6d:f3:98:
                    40:09:a7:6b:cb:ed:ec:c9:bc:35:2a:ed:8f:d8:c5:
                    08:00:92:79:a3:51:42:5a:ee:14:f1:2c:0f:0e:3a:
                    62:bd:6f:0a:5e:b9:46:1c:07:96:5f:07:44:6f:00:
                    db:f4:31:ee:67:0f:de:2d:75:28:ad:b7:39:96:c5:
                    41:89:a9:8d:01:d0:24:10:fc:8b:da:6e:28:45:b5:
                    ba:c8:93:65:c2:06:e0:93:25:48:4a:4c:e9:4b:93:
                    f6:cd:98:9a:d4:51:e8:c8:c5:0a:21:69:ff:3e:7c:
                    14:78:c4:e3:a1:13:04:00:79:33:09:c1:b8:56:af:
                    33:36:37:49:b8:76:5f:0c:7a:f5:ea:b8:38:62:e4:
                    07:2e:6b:45:70:4e:d9:e9:73:44:56:d2:c4:df:03:
                    38:1a:5d:1c:a9:66:bc:42:23:21:ea:92:21:bb:94:
                    8e:1f:c0:cc:0d:50:e2:2e:8a:2e:2e:f6:1a:6b:21:
                    9d:e8:a0:05:33:5a:4b:13:52:f7:46:64:3f:37:54:
                    74:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:20:B3:15:B3:FF:7B:85:49:1D:07:CB:E3:30:63:A5:D4:CC:56:A0
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/e5594a63-b220-3233-9f14-1f838dd362c1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf/9f983207-8073-42af-88ee-df4902c8adaf.crl

            X509v3 Authority Key Identifier:
                keyid:C3:2C:B9:FB:7A:22:7F:4A:05:1E:4A:99:A8:FB:6E:8D:68:59:CA:A1

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/9f983207-8073-42af-88ee-df4902c8adaf.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:bd:a000::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7c:b3:5a:55:f2:91:0f:9a:b3:ee:94:21:72:a6:23:3a:e9:55:
         b5:2d:96:9c:d7:c3:95:57:51:40:22:a5:3a:bc:51:58:2c:53:
         d9:46:a9:f9:79:69:de:44:d8:c9:28:0c:73:73:cd:8b:cb:c7:
         e9:ac:49:18:0a:fc:1b:06:31:f9:9d:e9:90:52:07:b6:3e:bd:
         1b:7c:c9:46:f2:d9:a3:ae:eb:f8:b2:28:92:63:df:ca:a4:d7:
         aa:e8:7b:3c:a3:32:b3:42:37:98:0d:1b:c2:0e:e4:b7:84:04:
         52:f5:31:b9:c9:6e:db:46:de:99:35:54:3c:d4:48:ce:16:dc:
         83:9c:94:bb:cf:6e:68:9e:50:18:32:5e:02:a3:52:3d:7a:b9:
         c5:66:e7:51:7f:97:a2:82:24:8c:a1:4a:d6:1f:ec:17:8d:b0:
         a4:24:8d:be:26:f9:12:69:17:83:08:7f:97:aa:2c:98:9f:48:
         2c:93:60:51:8f:87:30:37:ac:37:af:dd:50:09:30:ed:45:f7:
         97:1e:cc:84:01:a1:d3:90:ee:93:83:03:61:09:71:02:06:40:
         54:5d:bb:92:4d:ac:f9:56:69:e4:bd:4d:2e:ca:0e:8d:f5:15:
         1a:39:6e:75:09:36:c8:11:33:7c:ea:e8:db:7a:c4:8f:ff:f8:
         84:09:2a:00
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEMJpy0uvy/ETgWRlqAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOWY5ODMyMDctODA3My00MmFmLTg4ZWUtZGY0OTAyYzhh
ZGFmMB4XDTIzMDgyODE5MTExOVoXDTIzMTEyNjIwMTExOVowLzEtMCsGA1UEAxMk
ZWJmMmI0ZTItY2QxYS00MmVkLTljOWQtMDc1MmRlM2RhZDY5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXlcNNTYKi1jVuiC5tx9k8B+kIiqfE4r6ckE
6IqMFZz1gPyGSGHvOyzGUTLMigVqZH6cJBbAFxJt85hACadry+3sybw1Ku2P2MUI
AJJ5o1FCWu4U8SwPDjpivW8KXrlGHAeWXwdEbwDb9DHuZw/eLXUorbc5lsVBiamN
AdAkEPyL2m4oRbW6yJNlwgbgkyVISkzpS5P2zZia1FHoyMUKIWn/PnwUeMTjoRME
AHkzCcG4Vq8zNjdJuHZfDHr16rg4YuQHLmtFcE7Z6XNEVtLE3wM4Gl0cqWa8QiMh
6pIhu5SOH8DMDVDiLoouLvYaayGd6KAFM1pLE1L3RmQ/N1R0GQIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFFIgsxWz/3uFSR0Hy+MwY6XUzFagMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi85Zjk4
MzIwNy04MDczLTQyYWYtODhlZS1kZjQ5MDJjOGFkYWYvZTU1OTRhNjMtYjIyMC0z
MjMzLTlmMTQtMWY4MzhkZDM2MmMxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81YjdmYjEyMi1k
ZmRmLTRjMGMtYjkwZC0zYmM3YTVmZWI4MmIvOWY5ODMyMDctODA3My00MmFmLTg4
ZWUtZGY0OTAyYzhhZGFmLzlmOTgzMjA3LTgwNzMtNDJhZi04OGVlLWRmNDkwMmM4
YWRhZi5jcmwwHwYDVR0jBBgwFoAUwyy5+3oif0oFHkqZqPtujWhZyqEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzViN2ZiMTIyLWRmZGYtNGMw
Yy1iOTBkLTNiYzdhNWZlYjgyYi85Zjk4MzIwNy04MDczLTQyYWYtODhlZS1kZjQ5
MDJjOGFkYWYuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAvaAA
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAHyzWlXykQ+as+6UIXKmIzrpVbUtlpzXw5VXUUAipTq8UVgsU9lG
qfl5ad5E2MkoDHNzzYvLx+msSRgK/BsGMfmd6ZBSB7Y+vRt8yUby2aOu6/iyKJJj
38qk16roezyjMrNCN5gNG8IO5LeEBFL1MbnJbttG3pk1VDzUSM4W3IOclLvPbmie
UBgyXgKjUj16ucVm51F/l6KCJIyhStYf7BeNsKQkjb4m+RJpF4MIf5eqLJifSCyT
YFGPhzA3rDev3VAJMO1F95cezIQBodOQ7pODA2EJcQIGQFRdu5JNrPlWaeS9TS7K
Do31FRo5bnUJNsgRM3zq6Nt6xI//+IQJKgA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:41:56 2024 by rpki-client on console-ams.rpki-client.org