Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/2495e0a9-d8ad-3399-bd34-170cc00baff0.roa
File:                     2495e0a9-d8ad-3399-bd34-170cc00baff0.roa (raw, json)
Hash identifier:          6+IqLTAnQ+YaQgY2e65vhLBh1CEPwVqc3X7VDp1DOgU=
Subject key identifier:   A5:D5:A3:8F:A5:99:AB:D1:0C:02:F5:39:1D:2E:F2:64:86:C8:1E:EE
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328584273356D77203B8028C7041CC0
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/2495e0a9-d8ad-3399-bd34-170cc00baff0.roa
Signing time:             Wed 05 Jul 2023 21:50:52 +0000
ROA not before:           Wed 05 Jul 2023 21:50:52 +0000
ROA not after:            Tue 03 Oct 2023 21:50:52 +0000
asID:                     399114
IP address blocks:        166.88.173.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:42:73:35:6d:77:20:3b:80:28:c7:04:1c:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Jul  5 21:50:52 2023 GMT
            Not After : Oct  3 21:50:52 2023 GMT
        Subject: CN=0e521870-784d-4d85-905a-4b48b48273f2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:8c:12:0c:50:73:b2:34:da:d3:46:f9:3a:80:
                    22:6b:94:b8:e5:89:9f:7f:22:3a:2d:6d:c0:72:70:
                    76:3c:b2:e7:63:e7:4b:36:6f:c0:36:bd:d3:d1:3b:
                    06:30:4d:b0:77:b4:47:2c:e6:29:14:e3:fd:3c:3b:
                    0c:29:af:b0:4f:65:f6:91:cd:d7:8d:65:0e:42:01:
                    8f:f4:05:71:12:75:d2:a3:55:b7:a4:26:a6:c7:cf:
                    36:5d:6b:f8:c6:9e:fe:43:66:64:bd:ae:c4:fc:37:
                    ea:11:8a:fe:70:f8:54:90:2b:0e:11:25:a6:f3:c5:
                    f7:ca:59:5e:af:29:85:f0:8d:35:62:b0:48:86:55:
                    ee:92:1a:c2:fc:3d:8b:21:ab:78:3c:eb:9e:b7:7f:
                    ed:97:27:ea:5b:c6:46:34:9b:48:38:26:5d:ad:3a:
                    41:e3:73:3e:27:16:b6:87:d9:63:51:bf:e1:23:0e:
                    69:ba:c1:71:51:37:9f:75:d0:ce:df:cd:e4:f5:b0:
                    27:9b:c3:9a:9d:38:19:cf:5d:ac:37:fa:db:23:f9:
                    c0:70:70:d2:bb:69:f6:2f:7a:ae:9e:f5:70:d0:96:
                    11:f8:b5:8b:8b:87:f2:ea:d1:56:62:5b:9e:1b:61:
                    95:af:14:68:d6:33:68:f9:0f:d9:56:4b:a4:98:9d:
                    98:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:D5:A3:8F:A5:99:AB:D1:0C:02:F5:39:1D:2E:F2:64:86:C8:1E:EE
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/2495e0a9-d8ad-3399-bd34-170cc00baff0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.88.173.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4f:74:9d:64:d4:8b:bd:43:84:6a:04:a1:f3:9d:11:71:2c:cf:
         25:74:96:7e:e8:34:ed:95:e5:f0:de:02:f6:eb:2e:2c:4e:d0:
         16:88:e7:82:ac:e0:66:b9:3b:80:f7:bc:f4:aa:2e:2c:ce:f6:
         46:4a:87:40:31:ce:47:c5:1b:1e:6d:23:69:1b:6f:10:bf:7d:
         25:9b:2a:a8:56:6b:00:d5:f1:60:83:48:f6:d4:4b:5c:8b:2a:
         52:02:ec:8d:c5:52:44:a1:84:b3:30:d0:45:a4:3f:3b:ce:4c:
         30:db:08:76:ad:31:31:79:1c:6b:be:57:1c:80:58:c9:11:51:
         62:2b:0e:1f:9f:4c:37:13:7e:bd:27:84:e9:ee:de:cb:9a:6b:
         3b:a9:14:8a:3d:57:14:4d:cc:62:9a:b5:03:3d:b3:93:98:b5:
         0d:a4:29:7c:f9:89:8b:54:2c:e6:d9:bc:0d:7c:4c:a4:b8:95:
         ae:85:8d:1f:79:00:28:01:ec:8f:04:95:d1:01:c2:35:b0:70:
         b6:c8:6c:36:97:3e:a5:75:14:a4:76:e7:d1:66:24:40:e8:24:
         a3:71:77:9d:af:84:ea:0e:26:75:73:97:55:99:6d:7b:ff:3c:
         e5:3f:2c:e5:9a:51:92:f9:e0:d6:a2:9c:fc:1e:a3:ec:37:b2:
         26:34:58:41
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEJzNW13IDuAKMcEHMAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIzMDcwNTIxNTA1MloXDTIzMTAwMzIxNTA1MlowLzEtMCsGA1UEAxMk
MGU1MjE4NzAtNzg0ZC00ZDg1LTkwNWEtNGI0OGI0ODI3M2YyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIwSDFBzsjTa00b5OoAia5S45YmffyI6LW3A
cnB2PLLnY+dLNm/ANr3T0TsGME2wd7RHLOYpFOP9PDsMKa+wT2X2kc3XjWUOQgGP
9AVxEnXSo1W3pCamx882XWv4xp7+Q2Zkva7E/DfqEYr+cPhUkCsOESWm88X3ylle
rymF8I01YrBIhlXukhrC/D2LIat4POuet3/tlyfqW8ZGNJtIOCZdrTpB43M+Jxa2
h9ljUb/hIw5pusFxUTefddDO383k9bAnm8OanTgZz12sN/rbI/nAcHDSu2n2L3qu
nvVw0JYR+LWLi4fy6tFWYlueG2GVrxRo1jNo+Q/ZVkukmJ2YNQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKXVo4+lmavRDAL1OR0u8mSGyB7uMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvMjQ5NWUwYTktZDhhZC0z
Mzk5LWJkMzQtMTcwY2MwMGJhZmYwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAplitMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAE90nWTUi71DhGoEofOdEXEszyV0ln7oNO2V5fDeAvbrLixO0BaI54Ks
4Ga5O4D3vPSqLizO9kZKh0AxzkfFGx5tI2kbbxC/fSWbKqhWawDV8WCDSPbUS1yL
KlIC7I3FUkShhLMw0EWkPzvOTDDbCHatMTF5HGu+VxyAWMkRUWIrDh+fTDcTfr0n
hOnu3suaazupFIo9VxRNzGKatQM9s5OYtQ2kKXz5iYtULObZvA18TKS4la6FjR95
ACgB7I8EldEBwjWwcLbIbDaXPqV1FKR259FmJEDoJKNxd52vhOoOJnVzl1WZbXv/
POU/LOWaUZL54NainPweo+w3siY0WEE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:19 2024 by rpki-client on console-fra.rpki-client.org