Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/58d48643-0a31-3bed-878f-20354631e0eb.roa
File:                     58d48643-0a31-3bed-878f-20354631e0eb.roa (raw, json)
Hash identifier:          Pq/CBpQ3kd4w/wnyztTdyCDjDmferyXB8RSRqrnlmMc=
Subject key identifier:   71:BE:C9:28:8B:E4:74:46:B7:20:C2:6A:62:44:85:F3:0D:B9:CE:56
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F432858450EEADB26ACE57BAFA9A24380
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/58d48643-0a31-3bed-878f-20354631e0eb.roa
Signing time:             Fri 01 Mar 2024 02:00:27 +0000
ROA not before:           Fri 01 Mar 2024 02:00:27 +0000
ROA not after:            Thu 30 May 2024 01:00:27 +0000
asID:                     13213
IP address blocks:        104.164.168.0/24 maxlen: 24
                          23.27.179.0/24 maxlen: 24
                          45.38.236.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:0e:ea:db:26:ac:e5:7b:af:a9:a2:43:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar  1 02:00:27 2024 GMT
            Not After : May 30 01:00:27 2024 GMT
        Subject: CN=85e26cbb-7857-4519-ab07-81dbf9c2e2e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fe:59:af:64:ec:6f:c1:84:c0:f2:6b:4e:85:
                    63:f3:63:d1:b9:bb:0c:5c:48:d8:93:af:b9:4f:f6:
                    8a:eb:e7:11:14:2d:23:4e:26:03:12:a9:d0:5a:83:
                    47:85:2e:0b:68:30:f3:ad:bd:39:c2:62:54:fc:42:
                    6a:96:15:5c:ab:5a:4f:cf:a8:31:a8:2e:8b:3e:ed:
                    f6:a9:18:e5:ec:93:86:82:23:3f:1b:5b:b9:77:bf:
                    c7:97:24:f2:bd:b2:76:e7:0c:8f:f1:5b:97:66:5e:
                    19:19:24:5f:77:28:bb:48:3c:d5:50:ad:b2:a9:c5:
                    1f:58:50:46:ea:01:71:71:b0:41:d5:3b:34:d6:f5:
                    df:24:95:3c:8b:15:58:a6:48:88:3f:63:15:0a:b2:
                    ae:a4:34:35:f7:27:be:d4:f2:45:ed:7c:1e:84:4c:
                    48:9b:47:f4:63:df:5d:16:64:45:a3:5c:85:59:00:
                    ac:16:8b:5f:b7:26:10:35:bc:f5:a5:e2:9d:7a:4f:
                    e6:2a:44:a8:04:9e:8c:c3:49:b2:87:39:4b:3d:99:
                    4f:01:7a:bf:c4:31:1e:66:22:76:ef:44:99:d3:e4:
                    3c:0e:cd:14:b1:10:a4:0a:9e:9b:b8:41:87:42:93:
                    c1:d4:06:44:1b:44:80:70:0c:fb:e6:1b:1e:4b:97:
                    fb:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:BE:C9:28:8B:E4:74:46:B7:20:C2:6A:62:44:85:F3:0D:B9:CE:56
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/58d48643-0a31-3bed-878f-20354631e0eb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.179.0/24
                  45.38.236.0/24
                  104.164.168.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         06:8d:69:71:8c:70:59:0a:76:a3:d1:d7:c7:42:f1:cf:ad:8f:
         16:de:7b:27:5c:bb:2b:15:53:b2:82:4e:90:4a:0f:6a:d1:2f:
         ea:17:d6:f3:ec:97:21:cd:15:b6:c9:e3:c4:74:93:8f:7a:4b:
         b8:cf:20:4c:ce:79:00:0a:01:bd:44:99:5e:e7:cb:d3:cf:b6:
         35:f2:2c:e8:c3:61:76:26:ef:04:8d:6c:16:1c:08:01:a3:d9:
         f8:7f:48:c3:b7:26:88:aa:a0:ca:8b:ed:f7:53:be:54:f9:50:
         b2:6c:da:93:6b:1b:03:5f:dd:56:4a:24:8f:2c:1f:f9:29:94:
         ed:c1:80:d1:12:4e:28:41:42:56:85:2c:3a:85:45:d3:e0:ad:
         93:19:48:a8:81:1f:5d:d6:3c:97:55:86:6f:5e:e5:4b:f2:df:
         2f:fc:f7:aa:ee:48:1b:32:5d:b3:04:34:7d:2f:91:1e:b3:2b:
         0e:33:ee:8a:d6:f1:30:94:ac:0b:aa:6e:38:ca:92:0b:e0:0c:
         f3:a5:b9:de:91:fa:c1:49:24:a3:45:91:e2:73:aa:3e:f9:8c:
         59:12:c3:7b:05:3f:c1:bf:2f:e7:e5:75:eb:6c:57:69:f8:7c:
         13:d1:46:64:db:48:b2:50:3d:72:51:9f:3f:13:7c:b3:79:f9:
         26:ae:98:03
-----BEGIN CERTIFICATE-----
MIIGTzCCBTegAwIBAgIUAQ0Mn0MoWEUO6tsmrOV7r6miQ4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMwMTAyMDAyN1oXDTI0MDUzMDAxMDAyN1owLzEtMCsGA1UEAxMk
ODVlMjZjYmItNzg1Ny00NTE5LWFiMDctODFkYmY5YzJlMmU0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzP5Zr2Tsb8GEwPJrToVj82PRubsMXEjYk6+5
T/aK6+cRFC0jTiYDEqnQWoNHhS4LaDDzrb05wmJU/EJqlhVcq1pPz6gxqC6LPu32
qRjl7JOGgiM/G1u5d7/HlyTyvbJ25wyP8VuXZl4ZGSRfdyi7SDzVUK2yqcUfWFBG
6gFxcbBB1Ts01vXfJJU8ixVYpkiIP2MVCrKupDQ19ye+1PJF7XwehExIm0f0Y99d
FmRFo1yFWQCsFotftyYQNbz1peKdek/mKkSoBJ6Mw0myhzlLPZlPAXq/xDEeZiJ2
70SZ0+Q8Ds0UsRCkCp6buEGHQpPB1AZEG0SAcAz75hseS5f7fwIDAQABo4IDYTCC
A10wHQYDVR0OBBYEFHG+ySiL5HRGtyDCamJEhfMNuc5WMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvNThkNDg2NDMtMGEzMS0z
YmVkLTg3OGYtMjAzNTQ2MzFlMGViLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAFxuzAwQA
LSbsAwQAaKSoMFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcC
ARYsaHR0cHM6Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWww
DQYJKoZIhvcNAQELBQADggEBAAaNaXGMcFkKdqPR18dC8c+tjxbeeydcuysVU7KC
TpBKD2rRL+oX1vPslyHNFbbJ48R0k496S7jPIEzOeQAKAb1EmV7ny9PPtjXyLOjD
YXYm7wSNbBYcCAGj2fh/SMO3JoiqoMqL7fdTvlT5ULJs2pNrGwNf3VZKJI8sH/kp
lO3BgNESTihBQlaFLDqFRdPgrZMZSKiBH13WPJdVhm9e5Uvy3y/896ruSBsyXbME
NH0vkR6zKw4z7orW8TCUrAuqbjjKkgvgDPOlud6R+sFJJKNFkeJzqj75jFkSw3sF
P8G/L+fldetsV2n4fBPRRmTbSLJQPXJRnz8TfLN5+SaumAM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:24 2024 by rpki-client on console-fra.rpki-client.org