Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/8bd641a4-05af-3b2b-aed4-3e493e6405e9.roa
File:                     8bd641a4-05af-3b2b-aed4-3e493e6405e9.roa (raw, json)
Hash identifier:          KkhmDHv9DmFeBh+oGEHTDaKK/zHPky5mo7V5bXB8aOk=
Subject key identifier:   90:D4:C2:62:DA:4C:DA:E3:DE:21:B0:1E:5A:2B:41:3E:4C:43:8E:69
Certificate issuer:       /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial:       010D0C9F432858485CD02ECD34A0DA78CFD91880
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/8bd641a4-05af-3b2b-aed4-3e493e6405e9.roa
Signing time:             Sun 29 Dec 2024 02:00:39 +0000
ROA not before:           Sun 29 Dec 2024 02:00:39 +0000
ROA not after:            Sat 29 Mar 2025 01:00:39 +0000
asID:                     214943
IP address blocks:        66.63.187.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:5c:d0:2e:cd:34:a0:da:78:cf:d9:18:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
        Validity
            Not Before: Dec 29 02:00:39 2024 GMT
            Not After : Mar 29 01:00:39 2025 GMT
        Subject: CN=977a8235-47d8-4448-8e7a-c861d8d4c705
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:90:4b:2a:e4:82:30:84:3e:f7:81:98:1a:ba:
                    9f:8a:e4:69:0d:70:06:8d:0e:51:42:14:34:13:65:
                    c0:99:4f:7c:98:f5:93:fd:36:31:e4:02:c5:35:c4:
                    65:0b:10:9c:0b:ec:8f:91:61:1e:86:a2:04:ee:50:
                    c4:a7:7a:72:1f:05:e7:24:bf:0d:eb:5b:d0:44:33:
                    c3:43:8e:9c:63:f2:e6:10:06:27:39:41:a3:59:27:
                    bc:ea:60:7d:fe:5e:60:82:1e:ca:a1:08:a0:c6:3a:
                    15:e2:7a:a1:fb:f1:aa:4c:32:c8:d6:e7:f6:bf:5e:
                    84:47:39:3b:1d:81:ee:a2:74:f2:98:fc:ef:63:41:
                    87:16:85:1f:be:65:04:d6:b2:b7:a0:09:0d:bf:a6:
                    f5:2a:90:9a:7a:73:ac:b6:00:5a:63:4c:04:8e:a1:
                    1f:3a:fc:bf:a5:90:eb:b7:c5:0a:50:cf:65:b0:7e:
                    0a:7e:a6:40:eb:5d:77:fc:08:58:ea:94:13:5d:be:
                    93:66:11:ee:66:04:d6:f9:b1:86:c8:b7:68:86:11:
                    37:b1:03:ce:d4:46:75:1a:7d:4d:22:9f:50:33:eb:
                    60:a4:b4:00:a2:ae:0f:63:1b:ef:39:0d:c0:57:a9:
                    5b:c7:e0:cf:f4:a7:3f:9f:c2:2f:59:4e:03:d7:b8:
                    34:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:D4:C2:62:DA:4C:DA:E3:DE:21:B0:1E:5A:2B:41:3E:4C:43:8E:69
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/8bd641a4-05af-3b2b-aed4-3e493e6405e9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl

            X509v3 Authority Key Identifier:
                keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.63.187.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         1c:d1:01:34:a5:f1:32:f2:91:44:ee:e2:12:07:9d:37:d6:16:
         ff:6c:2f:21:c4:5f:77:b1:04:ca:b5:40:0f:35:f5:26:43:d9:
         06:f0:7c:67:fb:63:a6:9b:88:ab:8b:59:47:2c:d7:cd:95:86:
         4d:2c:ca:6d:a0:5a:49:41:25:d8:fe:6c:03:8f:eb:d9:4f:0a:
         5a:96:86:29:a7:97:cd:59:1c:d3:f1:58:0e:bc:29:97:f3:f0:
         6d:cc:62:b3:8b:05:bc:bb:16:28:c2:00:9c:29:18:5a:ee:66:
         63:68:e5:4f:ae:df:62:3e:09:d2:76:ce:c6:39:c9:c4:a5:39:
         ec:8f:fe:23:57:24:45:36:8d:8f:b3:ef:bf:c5:9e:a3:e8:c3:
         50:3f:4a:04:6c:55:08:c6:2b:90:1a:57:c5:40:fc:83:f5:19:
         ab:9e:57:75:58:09:b0:c8:13:cc:bd:06:a7:02:4e:8b:4c:10:
         5d:21:60:31:b6:11:35:6f:88:fc:03:c0:f6:ec:b6:bc:19:ac:
         12:17:0a:0a:78:7e:90:57:7b:a5:99:03:d1:1b:fb:d1:28:18:
         6c:90:62:91:5e:bc:42:f5:45:09:b4:af:31:b1:6d:fb:82:a4:
         49:e9:6c:71:06:aa:ce:e8:20:dc:94:02:1d:2e:a1:9a:fb:3d:
         33:eb:00:54
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEhc0C7NNKDaeM/ZGIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI0MTIyOTAyMDAzOVoXDTI1MDMyOTAxMDAzOVowLzEtMCsGA1UEAxMk
OTc3YTgyMzUtNDdkOC00NDQ4LThlN2EtYzg2MWQ4ZDRjNzA1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZBLKuSCMIQ+94GYGrqfiuRpDXAGjQ5RQhQ0
E2XAmU98mPWT/TYx5ALFNcRlCxCcC+yPkWEehqIE7lDEp3pyHwXnJL8N61vQRDPD
Q46cY/LmEAYnOUGjWSe86mB9/l5ggh7KoQigxjoV4nqh+/GqTDLI1uf2v16ERzk7
HYHuonTymPzvY0GHFoUfvmUE1rK3oAkNv6b1KpCaenOstgBaY0wEjqEfOvy/pZDr
t8UKUM9lsH4KfqZA6113/AhY6pQTXb6TZhHuZgTW+bGGyLdohhE3sQPO1EZ1Gn1N
Ip9QM+tgpLQAoq4PYxvvOQ3AV6lbx+DP9Kc/n8IvWU4D17g0mQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJDUwmLaTNrj3iGwHlorQT5MQ45pMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvOGJkNjQxYTQtMDVhZi0z
YjJiLWFlZDQtM2U0OTNlNjQwNWU5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQj+7MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABzRATSl8TLykUTu4hIHnTfWFv9sLyHEX3exBMq1QA819SZD2QbwfGf7
Y6abiKuLWUcs182Vhk0sym2gWklBJdj+bAOP69lPClqWhimnl81ZHNPxWA68KZfz
8G3MYrOLBby7FijCAJwpGFruZmNo5U+u32I+CdJ2zsY5ycSlOeyP/iNXJEU2jY+z
77/FnqPow1A/SgRsVQjGK5AaV8VA/IP1GaueV3VYCbDIE8y9BqcCTotMEF0hYDG2
ETVviPwDwPbstrwZrBIXCgp4fpBXe6WZA9Eb+9EoGGyQYpFevEL1RQm0rzGxbfuC
pEnpbHEGqs7oINyUAh0uoZr7PTPrAFQ=
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:41:14 2025 by rpki-client