Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/509226b6-36e8-30aa-9a5c-c35dada7c7d9.roa
File:                     509226b6-36e8-30aa-9a5c-c35dada7c7d9.roa (raw, json)
Hash identifier:          D4dNmfaJwPDfClzkUmTd5NUbekfwAlJh1VsS/cGAVNw=
Subject key identifier:   31:78:4F:BF:8F:E8:AB:E1:C6:7E:82:D7:F1:12:1C:8A:4D:22:EE:11
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F432858451E459E0EAAAED3738DE06420
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/509226b6-36e8-30aa-9a5c-c35dada7c7d9.roa
Signing time:             Wed 06 Mar 2024 14:00:31 +0000
ROA not before:           Wed 06 Mar 2024 14:00:31 +0000
ROA not after:            Tue 04 Jun 2024 13:00:31 +0000
asID:                     44477
IP address blocks:        107.164.114.0/24 maxlen: 24
                          107.164.119.0/24 maxlen: 24
                          107.164.108.0/24 maxlen: 24
                          107.164.110.0/24 maxlen: 24
                          107.164.163.0/24 maxlen: 24
                          107.164.165.0/24 maxlen: 24
                          107.164.134.0/24 maxlen: 24
                          107.164.155.0/24 maxlen: 24
                          107.164.122.0/24 maxlen: 24
                          107.164.126.0/24 maxlen: 24
                          104.252.233.0/24 maxlen: 24
                          104.253.158.0/24 maxlen: 24
                          104.165.206.0/24 maxlen: 24
                          104.252.2.0/24 maxlen: 24
                          104.164.209.0/24 maxlen: 24
                          104.165.166.0/24 maxlen: 24
                          104.164.198.0/24 maxlen: 24
                          104.164.205.0/24 maxlen: 24
                          107.164.64.0/24 maxlen: 24
                          107.164.62.0/24 maxlen: 24
                          107.164.63.0/24 maxlen: 24
                          107.164.27.0/24 maxlen: 24
                          107.164.52.0/24 maxlen: 24
                          104.253.165.0/24 maxlen: 24
                          107.164.23.0/24 maxlen: 24
                          104.164.176.0/24 maxlen: 24
                          23.230.237.0/24 maxlen: 24
                          45.38.169.0/24 maxlen: 24
                          23.27.7.0/24 maxlen: 24
                          23.230.175.0/24 maxlen: 24
                          45.39.79.0/24 maxlen: 24
                          45.38.134.0/24 maxlen: 24
                          104.164.153.0/24 maxlen: 24
                          107.164.193.0/24 maxlen: 24
                          104.164.169.0/24 maxlen: 24
                          107.164.196.0/24 maxlen: 24
                          104.164.144.0/24 maxlen: 24
                          104.164.148.0/24 maxlen: 24
                          107.164.192.0/24 maxlen: 24
                          104.164.36.0/24 maxlen: 24
                          104.164.47.0/24 maxlen: 24
                          45.39.210.0/24 maxlen: 24
                          104.164.32.0/24 maxlen: 24
                          107.165.131.0/24 maxlen: 24
                          107.164.214.0/24 maxlen: 24
                          107.164.217.0/24 maxlen: 24
                          107.165.209.0/24 maxlen: 24
                          107.165.217.0/24 maxlen: 24
                          107.165.168.0/24 maxlen: 24
                          107.165.208.0/24 maxlen: 24
                          107.165.132.0/24 maxlen: 24
                          45.38.231.0/24 maxlen: 24
                          45.39.69.0/24 maxlen: 24
                          107.164.80.0/24 maxlen: 24
                          107.164.81.0/24 maxlen: 24
                          107.164.92.0/24 maxlen: 24
                          107.164.99.0/24 maxlen: 24
                          104.164.165.0/24 maxlen: 24
                          107.164.84.0/24 maxlen: 24
                          107.164.90.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:1e:45:9e:0e:aa:ae:d3:73:8d:e0:64:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar  6 14:00:31 2024 GMT
            Not After : Jun  4 13:00:31 2024 GMT
        Subject: CN=635112fa-2e44-446f-a82b-a8f429d723c3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:12:00:25:e8:ec:1e:22:c4:e4:78:67:c4:24:
                    19:7d:43:0b:4b:c0:be:ef:9c:9f:8f:19:b0:26:85:
                    57:f5:e6:5e:31:85:a0:6a:d6:9d:74:91:fd:25:bf:
                    d6:d5:6a:25:3f:dd:44:98:36:89:8a:db:84:98:4f:
                    d6:b5:1b:ad:d5:da:b4:d5:d6:27:08:79:ea:56:29:
                    1c:21:e4:96:95:78:32:d5:7c:63:73:19:50:07:cb:
                    e0:47:8f:04:0a:8a:13:36:89:68:40:5d:c6:10:2b:
                    a2:ab:79:50:b7:0e:44:b5:70:33:b7:77:e3:76:64:
                    49:d2:57:2f:1f:02:77:eb:7b:ff:5c:a6:04:bb:1c:
                    98:2b:b2:a4:5d:3b:1e:3e:65:29:88:79:f5:5c:19:
                    f0:ec:e9:7b:45:4e:4e:2b:82:17:d6:3b:90:09:50:
                    a6:fc:06:fc:fb:1b:28:72:f8:94:5c:e3:e4:18:ee:
                    a9:96:be:da:cc:41:02:fb:a6:9b:53:dd:a9:79:7c:
                    71:71:95:83:9c:c5:2f:4c:14:8a:e7:a1:4a:74:51:
                    5f:f3:e9:b0:0b:58:22:e0:86:be:bd:a3:75:5e:44:
                    bd:51:01:81:b7:48:ce:ee:6b:0e:8d:e0:21:25:d0:
                    e2:c2:00:72:53:35:97:ea:d1:9f:f8:9b:68:e3:c8:
                    a7:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:78:4F:BF:8F:E8:AB:E1:C6:7E:82:D7:F1:12:1C:8A:4D:22:EE:11
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/509226b6-36e8-30aa-9a5c-c35dada7c7d9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.7.0/24
                  23.230.175.0/24
                  23.230.237.0/24
                  45.38.134.0/24
                  45.38.169.0/24
                  45.38.231.0/24
                  45.39.69.0/24
                  45.39.79.0/24
                  45.39.210.0/24
                  104.164.32.0/24
                  104.164.36.0/24
                  104.164.47.0/24
                  104.164.144.0/24
                  104.164.148.0/24
                  104.164.153.0/24
                  104.164.165.0/24
                  104.164.169.0/24
                  104.164.176.0/24
                  104.164.198.0/24
                  104.164.205.0/24
                  104.164.209.0/24
                  104.165.166.0/24
                  104.165.206.0/24
                  104.252.2.0/24
                  104.252.233.0/24
                  104.253.158.0/24
                  104.253.165.0/24
                  107.164.23.0/24
                  107.164.27.0/24
                  107.164.52.0/24
                  107.164.62.0-107.164.64.255
                  107.164.80.0/23
                  107.164.84.0/24
                  107.164.90.0/24
                  107.164.92.0/24
                  107.164.99.0/24
                  107.164.108.0/24
                  107.164.110.0/24
                  107.164.114.0/24
                  107.164.119.0/24
                  107.164.122.0/24
                  107.164.126.0/24
                  107.164.134.0/24
                  107.164.155.0/24
                  107.164.163.0/24
                  107.164.165.0/24
                  107.164.192.0/23
                  107.164.196.0/24
                  107.164.214.0/24
                  107.164.217.0/24
                  107.165.131.0-107.165.132.255
                  107.165.168.0/24
                  107.165.208.0/23
                  107.165.217.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         37:c2:82:ef:b1:f9:db:4f:c2:41:a7:7d:6e:61:3d:31:2c:81:
         2c:6b:dc:f1:90:9d:a1:d2:6c:7f:f4:16:82:b0:68:d1:04:2f:
         3f:80:c0:27:57:35:f1:2b:50:80:54:a7:ee:99:75:e9:34:b8:
         e4:cb:4a:01:24:f9:3d:3e:50:71:7b:cb:87:86:01:52:f5:89:
         46:df:f0:a2:34:ee:8d:e1:dd:ee:9b:a6:39:0f:4e:6f:88:e2:
         d7:80:dd:7d:65:76:d8:d8:b8:0d:49:46:9c:e4:f9:f3:01:19:
         55:c8:25:78:4e:ff:9c:6d:b1:d0:6e:b2:bb:4e:b5:3b:0d:eb:
         83:83:bd:97:f9:07:29:a8:64:d8:ac:91:8e:15:ef:49:8c:57:
         94:a4:d6:80:13:c8:b7:43:28:85:0b:12:5a:78:fd:e8:41:93:
         91:b4:14:34:d3:23:6e:c1:32:f6:07:01:99:f4:a9:5f:e9:47:
         bc:4c:3d:99:6e:28:9e:b7:fe:91:0b:55:bc:8f:ad:a9:5b:e4:
         49:ab:f2:68:03:77:9d:ef:1a:e2:e6:a2:42:e2:9f:44:a3:81:
         2b:eb:34:ed:e5:3c:bf:c1:b8:d2:e7:19:ac:8e:c2:01:0d:f6:
         a2:b2:b5:1c:f4:7b:a5:3c:89:80:ad:b1:1f:36:1c:6d:25:d4:
         60:f8:19:3f
-----BEGIN CERTIFICATE-----
MIIHmzCCBoOgAwIBAgIUAQ0Mn0MoWEUeRZ4Oqq7Tc43gZCAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMwNjE0MDAzMVoXDTI0MDYwNDEzMDAzMVowLzEtMCsGA1UEAxMk
NjM1MTEyZmEtMmU0NC00NDZmLWE4MmItYThmNDI5ZDcyM2MzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRIAJejsHiLE5HhnxCQZfUMLS8C+75yfjxmw
JoVX9eZeMYWgataddJH9Jb/W1WolP91EmDaJituEmE/WtRut1dq01dYnCHnqVikc
IeSWlXgy1XxjcxlQB8vgR48ECooTNoloQF3GECuiq3lQtw5EtXAzt3fjdmRJ0lcv
HwJ363v/XKYEuxyYK7KkXTsePmUpiHn1XBnw7Ol7RU5OK4IX1juQCVCm/Ab8+xso
cviUXOPkGO6plr7azEEC+6abU92peXxxcZWDnMUvTBSK56FKdFFf8+mwC1gi4Ia+
vaN1XkS9UQGBt0jO7msOjeAhJdDiwgByUzWX6tGf+Jto48inwwIDAQABo4IErTCC
BKkwHQYDVR0OBBYEFDF4T7+P6Kvhxn6C1/ESHIpNIu4RMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvNTA5MjI2YjYtMzZlOC0z
MGFhLTlhNWMtYzM1ZGFkYTdjN2Q5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIIBdQYIKwYBBQUHAQcBAf8EggFkMIIBYDCCAVwEAgABMIIB
VAMEABcbBwMEABfmrwMEABfm7QMEAC0mhgMEAC0mqQMEAC0m5wMEAC0nRQMEAC0n
TwMEAC0n0gMEAGikIAMEAGikJAMEAGikLwMEAGikkAMEAGiklAMEAGikmQMEAGik
pQMEAGikqQMEAGiksAMEAGikxgMEAGikzQMEAGik0QMEAGilpgMEAGilzgMEAGj8
AgMEAGj86QMEAGj9ngMEAGj9pQMEAGukFwMEAGukGwMEAGukNDAMAwQBa6Q+AwQA
a6RAAwQBa6RQAwQAa6RUAwQAa6RaAwQAa6RcAwQAa6RjAwQAa6RsAwQAa6RuAwQA
a6RyAwQAa6R3AwQAa6R6AwQAa6R+AwQAa6SGAwQAa6SbAwQAa6SjAwQAa6SlAwQB
a6TAAwQAa6TEAwQAa6TWAwQAa6TZMAwDBABrpYMDBABrpYQDBABrpagDBAFrpdAD
BABrpdkwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixo
dHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkq
hkiG9w0BAQsFAAOCAQEAN8KC77H520/CQad9bmE9MSyBLGvc8ZCdodJsf/QWgrBo
0QQvP4DAJ1c18StQgFSn7pl16TS45MtKAST5PT5QcXvLh4YBUvWJRt/wojTujeHd
7pumOQ9Ob4ji14DdfWV22Ni4DUlGnOT58wEZVcgleE7/nG2x0G6yu061Ow3rg4O9
l/kHKahk2KyRjhXvSYxXlKTWgBPIt0MohQsSWnj96EGTkbQUNNMjbsEy9gcBmfSp
X+lHvEw9mW4onrf+kQtVvI+tqVvkSavyaAN3ne8a4uaiQuKfRKOBK+s07eU8v8G4
0ucZrI7CAQ32orK1HPR7pTyJgK2xHzYcbSXUYPgZPw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:07 2024 by rpki-client on console-ams.rpki-client.org