Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/13569dfd-6a89-302b-97f0-063dfe1789e8.roa
File:                     13569dfd-6a89-302b-97f0-063dfe1789e8.roa (raw, json)
Hash identifier:          v/HkUK4wasrGhVc7SMHxg1NdUbfGJaptvhrHOBiNtqI=
Subject key identifier:   38:B3:4E:BB:07:8C:AB:C1:86:61:A8:AB:6E:7C:0D:22:FD:48:1B:4B
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F43285839232B43B6AF6508DBFB3DFB00
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/13569dfd-6a89-302b-97f0-063dfe1789e8.roa
Signing time:             Wed 26 Aug 2020 04:00:00 +0000
ROA not before:           Wed 26 Aug 2020 04:00:00 +0000
ROA not after:            Tue 06 Jun 2023 04:00:00 +0000
asID:                     18530
IP address blocks:        104.253.107.0/24 maxlen: 24
                          104.252.177.0/24 maxlen: 24
                          45.39.90.0/24 maxlen: 24
                          104.253.45.0/24 maxlen: 24
                          104.253.61.0/24 maxlen: 24
                          104.253.100.0/24 maxlen: 24
                          104.253.101.0/24 maxlen: 24
                          104.253.110.0/24 maxlen: 24
                          136.0.74.0/24 maxlen: 24
                          136.0.79.0/24 maxlen: 24
                          136.0.125.0/24 maxlen: 24
                          142.252.118.0/24 maxlen: 24
                          142.252.130.0/24 maxlen: 24
                          142.252.134.0/24 maxlen: 24
                          142.252.136.0/24 maxlen: 24
                          142.252.146.0/24 maxlen: 24
                          142.252.147.0/24 maxlen: 24
                          142.252.152.0/24 maxlen: 24
                          142.252.221.0/24 maxlen: 24
                          172.120.4.0/24 maxlen: 24
                          166.88.121.0/24 maxlen: 24
                          142.252.250.0/24 maxlen: 24
                          142.252.248.0/24 maxlen: 24
                          142.252.249.0/24 maxlen: 24
                          142.252.251.0/24 maxlen: 24
                          172.120.11.0/24 maxlen: 24
                          172.121.104.0/24 maxlen: 24
                          172.121.129.0/24 maxlen: 24
                          172.252.31.0/24 maxlen: 24
                          209.73.141.0/24 maxlen: 24
                          216.172.142.0/24 maxlen: 24
                          104.253.42.0/24 maxlen: 24
                          104.252.180.0/24 maxlen: 24
                          104.252.248.0/24 maxlen: 24
                          104.252.9.0/24 maxlen: 24
                          104.252.104.0/24 maxlen: 24
                          104.252.106.0/24 maxlen: 24
                          23.27.226.0/24 maxlen: 24
                          23.27.223.0/24 maxlen: 24
                          23.230.249.0/24 maxlen: 24
                          45.39.64.0/24 maxlen: 24
                          50.117.38.0/24 maxlen: 24
                          45.38.252.0/24 maxlen: 24
                          50.118.202.0/24 maxlen: 24
                          23.27.221.0/24 maxlen: 24
                          23.27.170.0/24 maxlen: 24
                          23.27.15.0/24 maxlen: 24
                          23.27.19.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:39:23:2b:43:b6:af:65:08:db:fb:3d:fb:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Aug 26 04:00:00 2020 GMT
            Not After : Jun  6 04:00:00 2023 GMT
        Subject: CN=a7291b9c-b647-44bb-8e28-5d93f3d5fdcc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:79:e3:63:e0:1d:fe:41:c9:8f:84:c7:44:10:
                    00:2f:69:aa:58:d2:65:f5:36:a8:a9:f8:a0:6b:5a:
                    8c:ce:c8:85:a5:1b:2c:45:3e:9c:7f:8d:d1:9b:4f:
                    56:ab:39:8a:50:0a:88:6b:31:99:62:74:89:35:73:
                    4b:29:45:b9:fa:44:8e:94:56:45:a9:28:61:22:45:
                    c7:4a:8b:f3:4d:8c:57:35:51:96:a9:01:b8:01:a0:
                    dd:fc:1d:b4:91:b9:cd:48:50:27:17:fd:5e:87:ff:
                    7d:97:47:21:8e:fa:25:12:15:00:f8:1c:b6:ba:28:
                    d2:c1:f7:9c:62:fa:01:1b:74:5b:54:59:61:77:34:
                    9c:27:d3:51:ef:89:99:a1:f3:74:5c:f6:e1:c7:bf:
                    ea:f9:92:10:fe:ca:c6:94:61:51:7c:4e:04:81:7c:
                    7b:38:c4:c2:3d:da:21:70:3f:15:fe:9d:20:48:e2:
                    70:dc:02:00:35:e5:6a:f4:e8:01:79:4d:5c:98:d8:
                    86:4f:ca:03:6d:20:01:58:47:a8:bf:65:f1:9b:bd:
                    f7:6a:02:4b:09:47:63:f8:e7:fd:9d:b5:26:96:df:
                    63:e8:f2:3c:27:cd:7f:2d:29:ac:31:2b:e6:05:29:
                    b1:4f:4c:e1:04:22:22:e9:34:da:ce:e8:dc:ea:66:
                    e3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:B3:4E:BB:07:8C:AB:C1:86:61:A8:AB:6E:7C:0D:22:FD:48:1B:4B
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/13569dfd-6a89-302b-97f0-063dfe1789e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.15.0/24
                  23.27.19.0/24
                  23.27.170.0/24
                  23.27.221.0/24
                  23.27.223.0/24
                  23.27.226.0/24
                  23.230.249.0/24
                  45.38.252.0/24
                  45.39.64.0/24
                  45.39.90.0/24
                  50.117.38.0/24
                  50.118.202.0/24
                  104.252.9.0/24
                  104.252.104.0/24
                  104.252.106.0/24
                  104.252.177.0/24
                  104.252.180.0/24
                  104.252.248.0/24
                  104.253.42.0/24
                  104.253.45.0/24
                  104.253.61.0/24
                  104.253.100.0/23
                  104.253.107.0/24
                  104.253.110.0/24
                  136.0.74.0/24
                  136.0.79.0/24
                  136.0.125.0/24
                  142.252.118.0/24
                  142.252.130.0/24
                  142.252.134.0/24
                  142.252.136.0/24
                  142.252.146.0/23
                  142.252.152.0/24
                  142.252.221.0/24
                  142.252.248.0/22
                  166.88.121.0/24
                  172.120.4.0/24
                  172.120.11.0/24
                  172.121.104.0/24
                  172.121.129.0/24
                  172.252.31.0/24
                  209.73.141.0/24
                  216.172.142.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         70:64:b4:a0:f2:2a:76:95:fe:9e:39:bd:8d:d7:d6:9b:6f:b2:
         74:2a:72:e8:49:41:27:b6:68:27:b2:2e:60:72:38:9a:c4:16:
         ea:7b:fb:47:f5:14:a4:b8:87:2b:7f:20:0d:49:13:7b:7a:cf:
         6c:7e:af:58:2c:f6:2d:9f:88:7f:73:ff:4e:95:98:6e:f9:40:
         9e:f7:e0:e0:20:1e:91:f2:da:4b:1e:6f:02:1f:90:5a:cc:ec:
         59:0e:61:95:d4:02:cf:c9:30:26:ba:8b:87:e1:f9:3d:be:89:
         e0:3d:fb:37:de:8f:ad:e4:e2:2d:65:89:06:da:fc:26:38:f1:
         6d:e6:0d:03:cc:d0:70:61:9f:23:f8:db:a4:8e:63:71:35:c6:
         a3:64:ec:fc:a7:0a:93:ed:64:52:d3:1b:6e:ff:7d:00:c4:71:
         c3:e1:06:33:02:f5:17:86:3b:ad:11:2b:8b:fa:cd:ff:2f:b7:
         75:fa:97:e4:c8:03:d2:47:01:e0:b8:0f:1a:48:d2:e4:e0:84:
         f5:a4:82:8b:6e:39:b8:fe:b6:1e:13:48:bc:ab:4b:37:3b:c6:
         a3:c0:42:bc:e4:82:2a:50:40:dc:db:28:6c:65:f2:7d:a9:d8:
         3d:d9:cf:33:95:86:e1:ba:68:9b:b0:8b:92:60:9a:de:04:8b:
         5d:f1:a2:2b
-----BEGIN CERTIFICATE-----
MIIHSTCCBjGgAwIBAgIUAQ0Mn0MoWDkjK0O2r2UI2/s9+wAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIwMDgyNjA0MDAwMFoXDTIzMDYwNjA0MDAwMFowLzEtMCsGA1UEAxMk
YTcyOTFiOWMtYjY0Ny00NGJiLThlMjgtNWQ5M2YzZDVmZGNjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13njY+Ad/kHJj4THRBAAL2mqWNJl9Taoqfig
a1qMzsiFpRssRT6cf43Rm09WqzmKUAqIazGZYnSJNXNLKUW5+kSOlFZFqShhIkXH
SovzTYxXNVGWqQG4AaDd/B20kbnNSFAnF/1eh/99l0chjvolEhUA+By2uijSwfec
YvoBG3RbVFlhdzScJ9NR74mZofN0XPbhx7/q+ZIQ/srGlGFRfE4EgXx7OMTCPdoh
cD8V/p0gSOJw3AIANeVq9OgBeU1cmNiGT8oDbSABWEeov2Xxm733agJLCUdj+Of9
nbUmlt9j6PI8J81/LSmsMSvmBSmxT0zhBCIi6TTazujc6mbjLwIDAQABo4IEWzCC
BFcwHQYDVR0OBBYEFDizTrsHjKvBhmGoq258DSL9SBtLMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvMTM1NjlkZmQtNmE4OS0z
MDJiLTk3ZjAtMDYzZGZlMTc4OWU4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBIwYIKwYBBQUHAQcBAf8EggESMIIBDjCCAQoEAgABMIIB
AgMEABcbDwMEABcbEwMEABcbqgMEABcb3QMEABcb3wMEABcb4gMEABfm+QMEAC0m
/AMEAC0nQAMEAC0nWgMEADJ1JgMEADJ2ygMEAGj8CQMEAGj8aAMEAGj8agMEAGj8
sQMEAGj8tAMEAGj8+AMEAGj9KgMEAGj9LQMEAGj9PQMEAWj9ZAMEAGj9awMEAGj9
bgMEAIgASgMEAIgATwMEAIgAfQMEAI78dgMEAI78ggMEAI78hgMEAI78iAMEAY78
kgMEAI78mAMEAI783QMEAo78+AMEAKZYeQMEAKx4BAMEAKx4CwMEAKx5aAMEAKx5
gQMEAKz8HwMEANFJjQMEANisjjBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDow
OAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtp
L2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQBwZLSg8ip2lf6eOb2N19abb7J0
KnLoSUEntmgnsi5gcjiaxBbqe/tH9RSkuIcrfyANSRN7es9sfq9YLPYtn4h/c/9O
lZhu+UCe9+DgIB6R8tpLHm8CH5BazOxZDmGV1ALPyTAmuouH4fk9vongPfs33o+t
5OItZYkG2vwmOPFt5g0DzNBwYZ8j+NukjmNxNcajZOz8pwqT7WRS0xtu/30AxHHD
4QYzAvUXhjutESuL+s3/L7d1+pfkyAPSRwHguA8aSNLk4IT1pIKLbjm4/rYeE0i8
q0s3O8ajwEK85IIqUEDc2yhsZfJ9qdg92c8zlYbhumibsIuSYJreBItd8aIr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:18 2024 by rpki-client on console-fra.rpki-client.org