Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/8365c896-7679-3a1f-add6-11d2ad396fb7.roa
File:                     8365c896-7679-3a1f-add6-11d2ad396fb7.roa (raw, json)
Hash identifier:          sKg94G04CllgPk8TTvB8RzdTF5AiEIPuMb4E5r47G2I=
Subject key identifier:   9B:D5:61:D0:40:5E:2D:CF:C6:EA:A2:52:E3:0C:1D:84:79:2B:29:A2
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328583F622DEEB13121263266744100
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/8365c896-7679-3a1f-add6-11d2ad396fb7.roa
Signing time:             Wed 26 Aug 2020 17:55:28 +0000
ROA not before:           Wed 26 Aug 2020 17:55:28 +0000
ROA not after:            Mon 30 Dec 2024 05:00:00 +0000
asID:                     212238
IP address blocks:        45.38.159.0/24 maxlen: 24
                          45.38.39.0/24 maxlen: 24
                          45.38.131.0/24 maxlen: 24
                          23.230.84.0/24 maxlen: 24
                          23.27.225.0/24 maxlen: 24
                          23.27.251.0/24 maxlen: 24
                          23.230.80.0/24 maxlen: 24
                          23.230.91.0/24 maxlen: 24
                          45.38.129.0/24 maxlen: 24
                          45.38.156.0/24 maxlen: 24
                          45.38.195.0/24 maxlen: 24
                          45.38.215.0/24 maxlen: 24
                          45.38.253.0/24 maxlen: 24
                          45.39.38.0/24 maxlen: 24
                          45.39.59.0/24 maxlen: 24
                          45.39.81.0/24 maxlen: 24
                          45.39.85.0/24 maxlen: 24
                          45.39.101.0/24 maxlen: 24
                          45.39.112.0/24 maxlen: 24
                          45.39.126.0/24 maxlen: 24
                          104.164.44.0/24 maxlen: 24
                          104.164.120.0/24 maxlen: 24
                          104.164.171.0/24 maxlen: 24
                          104.164.172.0/24 maxlen: 24
                          104.165.13.0/24 maxlen: 24
                          104.165.20.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:62:2d:ee:b1:31:21:26:32:66:74:41:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Aug 26 17:55:28 2020 GMT
            Not After : Dec 30 05:00:00 2024 GMT
        Subject: CN=9daf72b5-62b1-4086-84fe-d03d9e9b7ea6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f8:af:5d:2d:a3:61:5a:a5:6d:91:67:7f:d4:
                    5c:4c:04:44:e0:f6:d0:64:51:7d:1f:10:0b:71:f0:
                    b0:aa:99:b9:ef:df:95:17:e8:61:52:d3:ff:23:71:
                    e3:b2:55:64:f1:54:c6:1f:0f:62:8b:57:46:1a:f7:
                    e9:ec:06:90:23:c9:42:68:37:32:90:8f:75:17:6c:
                    41:7d:a7:1f:26:30:03:96:6d:29:c3:6b:2a:dd:62:
                    ab:db:d8:9e:90:80:5f:8c:b6:24:23:41:ee:44:9b:
                    db:32:56:c0:88:a9:d0:18:e3:ee:4d:9a:f0:68:24:
                    23:36:eb:19:1a:25:14:e2:e5:d4:b8:bc:e4:ae:87:
                    cb:76:05:e4:f5:f0:48:6d:0d:03:30:27:e5:c9:00:
                    8f:c2:9c:8d:08:f2:4b:91:63:1a:f5:27:86:e9:ff:
                    4a:f8:51:ba:dc:e8:c5:ae:00:fe:f2:8a:3b:e3:8f:
                    2e:d2:8f:56:fc:39:41:41:59:52:25:7b:0e:7b:42:
                    01:b0:06:0e:2b:c5:15:df:df:d5:f8:95:6f:5f:e2:
                    f8:f4:48:30:45:2d:c8:fe:0a:e9:a6:4d:a4:80:97:
                    0a:bc:ae:07:73:e9:8c:c6:8f:cb:b1:af:93:e0:d3:
                    9c:17:dd:b5:41:6d:80:b2:d1:88:c7:f2:be:08:69:
                    89:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:D5:61:D0:40:5E:2D:CF:C6:EA:A2:52:E3:0C:1D:84:79:2B:29:A2
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/8365c896-7679-3a1f-add6-11d2ad396fb7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.225.0/24
                  23.27.251.0/24
                  23.230.80.0/24
                  23.230.84.0/24
                  23.230.91.0/24
                  45.38.39.0/24
                  45.38.129.0/24
                  45.38.131.0/24
                  45.38.156.0/24
                  45.38.159.0/24
                  45.38.195.0/24
                  45.38.215.0/24
                  45.38.253.0/24
                  45.39.38.0/24
                  45.39.59.0/24
                  45.39.81.0/24
                  45.39.85.0/24
                  45.39.101.0/24
                  45.39.112.0/24
                  45.39.126.0/24
                  104.164.44.0/24
                  104.164.120.0/24
                  104.164.171.0-104.164.172.255
                  104.165.13.0/24
                  104.165.20.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6e:19:86:78:32:a6:88:eb:9a:fd:9d:87:bc:c5:8c:4f:8d:7c:
         a0:f6:0e:b3:af:24:ff:e7:e6:78:d7:87:f9:ff:f0:cf:1d:8f:
         2a:80:00:77:ee:b2:f1:7b:e7:de:ae:76:2d:7d:bd:51:0d:5f:
         f6:28:74:46:f0:d1:cd:07:8c:5e:90:52:58:40:17:84:21:69:
         ae:96:13:d3:c1:6f:e6:de:97:9f:28:f8:f4:56:31:43:80:88:
         8f:56:65:ec:0a:65:40:35:ef:d4:fc:5e:3a:eb:c2:26:db:e4:
         94:dd:73:a0:2e:34:bc:44:14:f1:7c:c9:f7:d9:92:b3:ac:c1:
         6c:11:27:d3:b3:c3:2a:80:e9:7f:23:47:3e:f1:46:d0:cc:4f:
         d5:04:0c:7d:1f:14:1e:1b:31:65:7d:0e:51:9b:65:1f:74:d6:
         6d:f5:ac:ca:0d:d9:4a:3a:9e:1c:9d:83:3a:79:b4:ce:9f:ee:
         4e:68:de:01:7c:52:bd:32:fa:05:f7:f7:70:95:fd:27:06:61:
         a2:bd:00:88:a7:78:a6:87:41:d7:0a:08:9f:7b:96:35:1b:69:
         4b:80:e6:f8:06:c5:a8:3b:72:28:3f:ba:f7:3f:5a:71:d7:67:
         d3:3a:1c:ed:fd:c7:e8:72:3a:20:6a:96:ec:58:a2:d0:61:f2:
         f8:92:2b:96
-----BEGIN CERTIFICATE-----
MIIG4DCCBcigAwIBAgIUAQ0Mn0MoWD9iLe6xMSEmMmZ0QQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTIwMDgyNjE3NTUyOFoXDTI0MTIzMDA1MDAwMFowLzEtMCsGA1UEAxMk
OWRhZjcyYjUtNjJiMS00MDg2LTg0ZmUtZDAzZDllOWI3ZWE2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfivXS2jYVqlbZFnf9RcTARE4PbQZFF9HxAL
cfCwqpm579+VF+hhUtP/I3HjslVk8VTGHw9ii1dGGvfp7AaQI8lCaDcykI91F2xB
facfJjADlm0pw2sq3WKr29iekIBfjLYkI0HuRJvbMlbAiKnQGOPuTZrwaCQjNusZ
GiUU4uXUuLzkrofLdgXk9fBIbQ0DMCflyQCPwpyNCPJLkWMa9SeG6f9K+FG63OjF
rgD+8oo7448u0o9W/DlBQVlSJXsOe0IBsAYOK8UV39/V+JVvX+L49EgwRS3I/grp
pk2kgJcKvK4Hc+mMxo/Lsa+T4NOcF921QW2AstGIx/K+CGmJDwIDAQABo4ID8jCC
A+4wHQYDVR0OBBYEFJvVYdBAXi3PxuqiUuMMHYR5KymiMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvODM2NWM4OTYtNzY3OS0z
YTFmLWFkZDYtMTFkMmFkMzk2ZmI3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAX
G+EDBAAXG/sDBAAX5lADBAAX5lQDBAAX5lsDBAAtJicDBAAtJoEDBAAtJoMDBAAt
JpwDBAAtJp8DBAAtJsMDBAAtJtcDBAAtJv0DBAAtJyYDBAAtJzsDBAAtJ1EDBAAt
J1UDBAAtJ2UDBAAtJ3ADBAAtJ34DBABopCwDBABopHgwDAMEAGikqwMEAGikrAME
AGilDQMEAGilFDBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUH
AgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1s
MA0GCSqGSIb3DQEBCwUAA4IBAQBuGYZ4MqaI65r9nYe8xYxPjXyg9g6zryT/5+Z4
14f5//DPHY8qgAB37rLxe+fernYtfb1RDV/2KHRG8NHNB4xekFJYQBeEIWmulhPT
wW/m3pefKPj0VjFDgIiPVmXsCmVANe/U/F4668Im2+SU3XOgLjS8RBTxfMn32ZKz
rMFsESfTs8MqgOl/I0c+8UbQzE/VBAx9HxQeGzFlfQ5Rm2UfdNZt9azKDdlKOp4c
nYM6ebTOn+5OaN4BfFK9MvoF9/dwlf0nBmGivQCIp3imh0HXCgife5Y1G2lLgOb4
BsWoO3IoP7r3P1px12fTOhzt/cfocjogapbsWKLQYfL4kiuW
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:09 2024 by rpki-client on console-ams.rpki-client.org