Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/bf10393e-2446-34de-b6cb-23c54c3cafb6.roa
File:                     bf10393e-2446-34de-b6cb-23c54c3cafb6.roa (raw, json)
Hash identifier:          RpfUdIyyyTVseT4z0SXy4LNrdxZsxveI2DZ2gZ9ewio=
Subject key identifier:   91:0D:BA:13:96:2D:F3:C0:27:6B:91:7F:B6:2F:32:7E:14:D5:11:1A
Certificate issuer:       /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial:       010D0C9F432858485CD02E9780E0C5650733B350
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/bf10393e-2446-34de-b6cb-23c54c3cafb6.roa
Signing time:             Sun 29 Dec 2024 02:00:39 +0000
ROA not before:           Sun 29 Dec 2024 02:00:39 +0000
ROA not after:            Sat 29 Mar 2025 01:00:39 +0000
asID:                     47692
IP address blocks:        66.63.180.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:5c:d0:2e:97:80:e0:c5:65:07:33:b3:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
        Validity
            Not Before: Dec 29 02:00:39 2024 GMT
            Not After : Mar 29 01:00:39 2025 GMT
        Subject: CN=3d77dc0f-eec4-4cb5-8c3d-ffdd0f44d426
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:41:63:a7:6f:d4:ee:62:74:76:3e:8f:59:0e:
                    70:70:29:9c:1c:95:f6:42:e0:0d:c1:01:27:4f:be:
                    03:f6:00:1b:c5:d7:36:a0:e3:56:a8:2e:ce:8a:75:
                    6c:38:e0:ba:9c:62:44:e1:77:ed:16:19:33:2e:d9:
                    8b:be:88:d5:25:eb:90:34:af:c8:9b:bb:34:3b:56:
                    73:1b:0a:f7:24:70:26:c6:9b:0e:69:7b:f9:07:2e:
                    64:74:a3:46:ce:53:88:27:e1:ab:fb:45:7f:c7:75:
                    79:63:a0:37:17:13:50:a9:7d:30:eb:e2:64:df:39:
                    58:c4:d9:13:a6:03:b2:4e:80:3c:e6:c1:f8:d2:40:
                    87:cf:ed:e6:67:4c:61:94:f2:49:3d:cd:70:0a:d6:
                    5e:6a:de:22:78:45:c4:5b:33:ab:f2:6e:b5:44:43:
                    6c:21:65:16:ff:67:ac:fa:19:2e:f9:f0:84:64:f7:
                    7e:87:f5:67:aa:b7:8e:ed:60:e4:cc:c2:cd:d5:f6:
                    38:64:79:06:ce:68:1c:47:0f:2d:ce:1c:b9:63:80:
                    ca:ac:e8:a8:db:32:36:e3:46:0a:22:c4:73:1a:02:
                    df:7d:29:22:fd:79:62:69:7a:97:bc:c9:68:24:61:
                    82:65:10:3f:92:d0:ad:f4:04:bd:ef:07:dd:ee:32:
                    ac:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:0D:BA:13:96:2D:F3:C0:27:6B:91:7F:B6:2F:32:7E:14:D5:11:1A
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/bf10393e-2446-34de-b6cb-23c54c3cafb6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl

            X509v3 Authority Key Identifier:
                keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.63.180.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7c:59:db:a0:3e:8d:a7:3b:37:de:ec:5e:0e:32:52:57:12:71:
         8f:c2:a5:aa:27:38:32:ad:0d:af:ee:f6:10:b1:c8:bc:19:cb:
         de:2c:29:9f:70:e6:9d:e7:97:a7:7c:53:14:07:e9:6b:28:74:
         e6:3b:3c:a2:70:cf:3e:a7:37:e6:0f:ae:70:64:53:46:54:8c:
         22:44:4c:67:86:89:74:6e:65:ff:61:0c:52:b5:41:fd:5d:cd:
         f4:1e:92:17:5a:4a:ff:71:d0:3c:98:dc:db:63:89:a2:4a:cf:
         b9:8f:74:d3:d5:60:7f:f6:0c:a7:39:35:8f:1c:12:6d:eb:4f:
         13:6b:01:2d:e2:f8:14:6e:e8:da:3b:a0:4c:2a:78:fd:7d:f2:
         1c:69:ba:26:eb:73:e6:58:2a:41:88:db:c1:3c:f1:80:26:ac:
         29:22:50:1d:fb:48:5a:46:54:24:ca:44:ac:5c:f0:01:91:57:
         f6:81:db:3b:b4:ad:21:10:68:f3:29:76:49:6f:aa:02:e3:53:
         9c:87:40:86:2e:f1:ce:f7:fd:a6:cb:27:d9:e7:c8:59:0a:36:
         68:6b:84:80:85:d4:a2:c4:13:b6:a7:d8:1a:eb:fb:61:95:45:
         b8:7d:09:91:52:7e:a4:e2:ad:ca:57:ca:be:38:2a:57:d7:9f:
         ae:e6:8d:c3
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEhc0C6XgODFZQczs1AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI0MTIyOTAyMDAzOVoXDTI1MDMyOTAxMDAzOVowLzEtMCsGA1UEAxMk
M2Q3N2RjMGYtZWVjNC00Y2I1LThjM2QtZmZkZDBmNDRkNDI2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskFjp2/U7mJ0dj6PWQ5wcCmcHJX2QuANwQEn
T74D9gAbxdc2oONWqC7OinVsOOC6nGJE4XftFhkzLtmLvojVJeuQNK/Im7s0O1Zz
Gwr3JHAmxpsOaXv5By5kdKNGzlOIJ+Gr+0V/x3V5Y6A3FxNQqX0w6+Jk3zlYxNkT
pgOyToA85sH40kCHz+3mZ0xhlPJJPc1wCtZeat4ieEXEWzOr8m61RENsIWUW/2es
+hku+fCEZPd+h/VnqreO7WDkzMLN1fY4ZHkGzmgcRw8tzhy5Y4DKrOio2zI240YK
IsRzGgLffSki/XliaXqXvMloJGGCZRA/ktCt9AS97wfd7jKs1QIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJENuhOWLfPAJ2uRf7YvMn4U1REaMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvYmYxMDM5M2UtMjQ0Ni0z
NGRlLWI2Y2ItMjNjNTRjM2NhZmI2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQj+0MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHxZ26A+jac7N97sXg4yUlcScY/CpaonODKtDa/u9hCxyLwZy94sKZ9w
5p3nl6d8UxQH6WsodOY7PKJwzz6nN+YPrnBkU0ZUjCJETGeGiXRuZf9hDFK1Qf1d
zfQekhdaSv9x0DyY3NtjiaJKz7mPdNPVYH/2DKc5NY8cEm3rTxNrAS3i+BRu6No7
oEwqeP198hxpuibrc+ZYKkGI28E88YAmrCkiUB37SFpGVCTKRKxc8AGRV/aB2zu0
rSEQaPMpdklvqgLjU5yHQIYu8c73/abLJ9nnyFkKNmhrhICF1KLEE7an2Brr+2GV
Rbh9CZFSfqTircpXyr44KlfXn67mjcM=
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:45:54 2025 by rpki-client