Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/47b41716-d36b-3dd7-99bc-5a9b8cb8f519.roa
File:                     47b41716-d36b-3dd7-99bc-5a9b8cb8f519.roa (raw, json)
Hash identifier:          V+zSjb6uEWtJyaeuCRcvbPJejrXhHFlFG7evgYkJ2Ug=
Subject key identifier:   C5:73:2D:D5:B4:FE:95:EA:F8:A5:7D:7C:12:41:D5:C0:AE:E4:40:BE
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F43285843EA2AA8348E253022E1CBCB80
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/47b41716-d36b-3dd7-99bc-5a9b8cb8f519.roa
Signing time:             Fri 17 Nov 2023 05:17:18 +0000
ROA not before:           Fri 17 Nov 2023 05:17:18 +0000
ROA not after:            Thu 15 Feb 2024 05:17:18 +0000
asID:                     64267
IP address blocks:        166.88.220.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:ea:2a:a8:34:8e:25:30:22:e1:cb:cb:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Nov 17 05:17:18 2023 GMT
            Not After : Feb 15 05:17:18 2024 GMT
        Subject: CN=a1787221-26a8-47eb-85fe-bb1aad2f8ed0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:86:e6:7a:84:e2:d5:47:60:37:c0:0e:0c:f2:
                    87:5b:30:d3:79:a6:4c:67:e2:94:1c:63:62:7b:ed:
                    2d:1e:ed:6d:36:2f:46:3d:f8:31:59:49:08:79:f3:
                    4b:26:33:8e:af:dd:b7:d3:9e:7a:14:7c:3f:98:14:
                    f4:5d:93:a5:44:92:fe:50:f7:7d:59:9c:70:61:bc:
                    97:9a:76:f9:8d:24:ff:ba:40:ea:6d:a2:b4:9b:2f:
                    fc:f5:2e:f7:49:ba:d0:7a:f1:c6:b6:23:dd:cc:6f:
                    b4:7d:40:32:98:17:18:dd:65:ec:d4:30:23:d2:53:
                    81:04:d8:3b:ad:15:da:66:5e:a8:bf:40:b9:f2:b4:
                    2a:3b:a6:c1:67:e6:6b:88:50:1a:68:32:b0:75:eb:
                    3b:4a:e4:af:56:1c:09:1c:4d:50:1d:98:5d:d2:4b:
                    ab:5b:45:86:e0:b6:c0:d8:db:fd:b9:f5:87:e1:5f:
                    02:15:38:78:43:bb:b3:82:4d:5d:af:60:71:e3:f5:
                    29:5f:de:d9:2e:bd:94:c9:bf:08:95:23:3b:88:07:
                    05:2b:f4:df:10:ed:43:84:ec:d3:6a:13:77:e2:5f:
                    73:4c:ef:70:24:9b:d2:f4:23:72:b9:f9:80:28:f8:
                    ac:93:30:d4:d8:1a:a9:77:71:49:45:7b:36:52:33:
                    9c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:73:2D:D5:B4:FE:95:EA:F8:A5:7D:7C:12:41:D5:C0:AE:E4:40:BE
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/47b41716-d36b-3dd7-99bc-5a9b8cb8f519.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  166.88.220.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         91:71:eb:b5:58:b2:37:a6:07:92:37:71:6f:7e:17:c6:64:bb:
         69:6b:d2:7e:84:39:aa:94:39:86:d8:eb:15:a1:a2:43:f9:85:
         60:64:3a:13:f1:b1:92:b4:60:8b:36:48:be:4d:56:4c:0a:0a:
         f2:aa:e5:33:36:0b:2c:27:35:6f:5f:61:81:f4:f8:6a:ff:47:
         98:f7:c6:7b:19:93:9a:05:7b:71:65:ce:1d:25:48:ee:c0:bc:
         0d:2f:0e:b6:e3:01:b2:92:1f:5c:b2:09:48:41:8c:b6:16:91:
         ea:90:ff:14:70:79:0c:42:ee:84:44:cf:5f:74:38:70:86:d9:
         81:95:0f:32:8a:15:15:a5:2f:7c:d9:72:75:88:5c:af:32:94:
         37:fd:e1:bd:78:0d:9a:c2:e0:21:f2:e8:d0:ac:29:4b:64:e6:
         24:c2:f0:e6:e7:16:5a:b5:82:a4:a2:eb:fb:8e:35:ad:47:7c:
         b7:46:ed:ce:d2:7d:51:2c:85:4b:18:b5:f5:73:e5:18:10:71:
         26:11:ec:33:cb:02:ff:71:e0:f9:7b:41:be:8d:33:57:06:7a:
         f7:d6:4f:8f:9d:1e:73:0c:3e:c6:dc:ed:5b:05:65:de:f3:41:
         ba:03:65:3e:20:39:66:96:0a:c7:e1:95:13:4c:45:d1:75:38:
         e0:28:98:89
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEPqKqg0jiUwIuHLy4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIzMTExNzA1MTcxOFoXDTI0MDIxNTA1MTcxOFowLzEtMCsGA1UEAxMk
YTE3ODcyMjEtMjZhOC00N2ViLTg1ZmUtYmIxYWFkMmY4ZWQwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYbmeoTi1UdgN8AODPKHWzDTeaZMZ+KUHGNi
e+0tHu1tNi9GPfgxWUkIefNLJjOOr9230556FHw/mBT0XZOlRJL+UPd9WZxwYbyX
mnb5jST/ukDqbaK0my/89S73SbrQevHGtiPdzG+0fUAymBcY3WXs1DAj0lOBBNg7
rRXaZl6ov0C58rQqO6bBZ+ZriFAaaDKwdes7SuSvVhwJHE1QHZhd0kurW0WG4LbA
2Nv9ufWH4V8CFTh4Q7uzgk1dr2Bx4/UpX97ZLr2Uyb8IlSM7iAcFK/TfEO1DhOzT
ahN34l9zTO9wJJvS9CNyufmAKPiskzDU2Bqpd3FJRXs2UjOczQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFMVzLdW0/pXq+KV9fBJB1cCu5EC+MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvNDdiNDE3MTYtZDM2Yi0z
ZGQ3LTk5YmMtNWE5YjhjYjhmNTE5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApljcMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJFx67VYsjemB5I3cW9+F8Zku2lr0n6EOaqUOYbY6xWhokP5hWBkOhPx
sZK0YIs2SL5NVkwKCvKq5TM2CywnNW9fYYH0+Gr/R5j3xnsZk5oFe3Flzh0lSO7A
vA0vDrbjAbKSH1yyCUhBjLYWkeqQ/xRweQxC7oREz190OHCG2YGVDzKKFRWlL3zZ
cnWIXK8ylDf94b14DZrC4CHy6NCsKUtk5iTC8ObnFlq1gqSi6/uONa1HfLdG7c7S
fVEshUsYtfVz5RgQcSYR7DPLAv9x4Pl7Qb6NM1cGevfWT4+dHnMMPsbc7VsFZd7z
QboDZT4gOWaWCsfhlRNMRdF1OOAomIk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:06 2024 by rpki-client on console-ams.rpki-client.org