Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/e62b0277-307a-38f4-bf57-394073dce203.roa
File:                     e62b0277-307a-38f4-bf57-394073dce203.roa (raw, json)
Hash identifier:          4qh2diGb3mOXtcLYQIl0h/fXw9xwU5doltLGmeFAB5s=
Subject key identifier:   22:D5:24:C9:6B:11:1D:40:32:B6:93:1D:5D:40:86:5E:DD:5A:74:3F
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328584535E29FC20351220F14C7DF00
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/e62b0277-307a-38f4-bf57-394073dce203.roa
Signing time:             Fri 15 Mar 2024 01:00:26 +0000
ROA not before:           Fri 15 Mar 2024 01:00:26 +0000
ROA not after:            Thu 13 Jun 2024 01:00:26 +0000
asID:                     54500
IP address blocks:        136.0.119.0/24 maxlen: 24
                          50.117.16.0/24 maxlen: 24
                          136.0.118.0/24 maxlen: 24
                          136.0.117.0/24 maxlen: 24
                          173.245.82.0/24 maxlen: 24
                          136.0.120.0/24 maxlen: 24
                          205.164.41.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:35:e2:9f:c2:03:51:22:0f:14:c7:df:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar 15 01:00:26 2024 GMT
            Not After : Jun 13 01:00:26 2024 GMT
        Subject: CN=3af0fb5f-7fee-450e-a08b-09e4564c782d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:4c:5b:70:b8:ce:43:9c:fc:04:7a:f8:c3:5a:
                    a9:db:09:86:17:49:85:27:80:9d:43:3e:c0:70:17:
                    0f:7f:1d:83:07:76:90:d2:03:5c:fd:ac:65:84:23:
                    87:f5:56:ce:f1:f9:d0:56:0d:3e:88:47:00:e2:74:
                    a5:2f:ba:c4:63:b5:1d:76:05:00:33:86:af:35:0a:
                    26:77:71:d0:6f:7b:b8:bd:ff:b1:c7:9d:03:6b:41:
                    d9:08:65:4b:59:7a:fc:3e:60:98:c0:5e:1a:35:23:
                    6a:c8:38:c4:19:a6:3e:93:1d:49:bb:d6:84:5a:f4:
                    38:c9:a1:ce:d4:bf:14:5d:7b:66:80:45:0d:ea:21:
                    fe:2c:5b:56:7f:e9:6d:80:91:e3:c1:ac:55:4f:8e:
                    a7:ae:26:cb:a0:ec:28:9a:28:40:9e:bd:a7:5f:b4:
                    71:9f:bb:47:77:c8:cf:5e:3f:db:13:30:18:89:53:
                    d0:12:d1:f6:90:2f:51:31:84:47:4e:79:0d:55:89:
                    2c:a6:5a:ca:16:6e:3c:aa:df:e0:a3:8b:62:fd:10:
                    89:95:67:2b:13:bf:d9:80:a9:1b:f8:84:0c:ab:1f:
                    88:a7:04:59:48:55:4c:48:fd:8f:88:e0:1b:3e:45:
                    c5:32:4d:f3:16:53:86:76:da:ad:15:a5:b9:ea:fa:
                    cf:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:D5:24:C9:6B:11:1D:40:32:B6:93:1D:5D:40:86:5E:DD:5A:74:3F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/e62b0277-307a-38f4-bf57-394073dce203.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.117.16.0/24
                  136.0.117.0-136.0.120.255
                  173.245.82.0/24
                  205.164.41.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         2e:6a:c7:46:66:ca:8c:a0:12:74:8b:d7:bd:01:9b:b5:4b:f8:
         f1:ab:ec:a8:b4:44:56:b6:45:70:94:e4:4f:15:02:f3:88:d6:
         02:97:4b:01:a3:07:48:9a:11:31:6a:ef:55:56:e4:91:66:d1:
         2e:c9:78:ed:09:d3:c0:32:51:c3:e4:32:95:de:c8:35:9b:b1:
         0b:6c:aa:4c:03:cc:91:13:4f:c2:79:2c:18:ae:d0:0e:dc:08:
         ea:fa:57:70:94:24:84:fc:da:63:90:de:ed:02:37:65:f9:a4:
         27:76:d7:d6:7a:45:d5:77:01:0c:ee:ba:e7:fc:87:67:5e:e7:
         75:39:a3:42:e8:e9:60:b6:47:51:8a:d3:49:98:87:f4:d5:e8:
         a8:4a:36:09:b5:49:d4:ff:af:26:1e:6d:3c:27:bc:97:54:d8:
         92:9a:40:fd:e0:38:f5:fd:6e:a4:e3:27:85:f2:cd:45:6c:43:
         c8:21:47:d7:02:1c:59:dd:d2:c7:aa:51:30:1e:fa:7d:64:38:
         5f:ef:08:7f:89:39:a3:54:f3:5c:d2:83:aa:47:1b:70:c6:b8:
         88:11:bd:81:b6:f4:0f:b1:6f:16:87:5b:9c:59:5c:3f:2d:ad:
         52:73:23:fe:4f:b3:5f:99:89:d5:29:f7:e6:eb:21:68:3a:ef:
         e2:8c:e9:25
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgIUAQ0Mn0MoWEU14p/CA1EiDxTH3wAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMxNTAxMDAyNloXDTI0MDYxMzAxMDAyNlowLzEtMCsGA1UEAxMk
M2FmMGZiNWYtN2ZlZS00NTBlLWEwOGItMDllNDU2NGM3ODJkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00xbcLjOQ5z8BHr4w1qp2wmGF0mFJ4CdQz7A
cBcPfx2DB3aQ0gNc/axlhCOH9VbO8fnQVg0+iEcA4nSlL7rEY7UddgUAM4avNQom
d3HQb3u4vf+xx50Da0HZCGVLWXr8PmCYwF4aNSNqyDjEGaY+kx1Ju9aEWvQ4yaHO
1L8UXXtmgEUN6iH+LFtWf+ltgJHjwaxVT46nribLoOwomihAnr2nX7Rxn7tHd8jP
Xj/bEzAYiVPQEtH2kC9RMYRHTnkNVYksplrKFm48qt/go4ti/RCJlWcrE7/ZgKkb
+IQMqx+IpwRZSFVMSP2PiOAbPkXFMk3zFlOGdtqtFaW56vrPgQIDAQABo4IDbzCC
A2swHQYDVR0OBBYEFCLVJMlrER1AMraTHV1Ahl7dWnQ/MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvZTYyYjAyNzctMzA3YS0z
OGY0LWJmNTctMzk0MDczZGNlMjAzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAMnUQMAwD
BACIAHUDBACIAHgDBACt9VIDBADNpCkwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcO
AjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMv
cnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsFAAOCAQEALmrHRmbKjKASdIvXvQGb
tUv48avsqLREVrZFcJTkTxUC84jWApdLAaMHSJoRMWrvVVbkkWbRLsl47QnTwDJR
w+Qyld7INZuxC2yqTAPMkRNPwnksGK7QDtwI6vpXcJQkhPzaY5De7QI3ZfmkJ3bX
1npF1XcBDO665/yHZ17ndTmjQujpYLZHUYrTSZiH9NXoqEo2CbVJ1P+vJh5tPCe8
l1TYkppA/eA49f1upOMnhfLNRWxDyCFH1wIcWd3Sx6pRMB76fWQ4X+8If4k5o1Tz
XNKDqkcbcMa4iBG9gbb0D7FvFodbnFlcPy2tUnMj/k+zX5mJ1Sn35ushaDrv4ozp
JQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:33 2024 by rpki-client on console-fra.rpki-client.org