Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/c5031a78-ec0b-3194-9467-02169e021fda.roa
File:                     c5031a78-ec0b-3194-9467-02169e021fda.roa (raw, json)
Hash identifier:          P1OwwohDedLZbJhtTJbz0rB7+B71O+OLZx4Oa66VIgQ=
Subject key identifier:   9D:12:DE:40:6E:63:C3:CE:A2:9B:54:F9:4B:9B:85:95:69:4C:14:8D
Certificate issuer:       /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial:       010D0C9F43285848396650D075207D73EBBBFF00
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/c5031a78-ec0b-3194-9467-02169e021fda.roa
Signing time:             Mon 16 Dec 2024 09:34:07 +0000
ROA not before:           Mon 16 Dec 2024 09:34:07 +0000
ROA not after:            Sun 16 Mar 2025 08:34:07 +0000
asID:                     6079
IP address blocks:        204.44.88.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:39:66:50:d0:75:20:7d:73:eb:bb:ff:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
        Validity
            Not Before: Dec 16 09:34:07 2024 GMT
            Not After : Mar 16 08:34:07 2025 GMT
        Subject: CN=232867df-07db-4465-82b6-c97a761fd01b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:90:c2:93:5e:bc:25:2b:75:35:ae:ce:86:f9:
                    c5:b4:b7:8d:98:92:03:2a:64:6a:55:0e:47:5b:33:
                    2f:30:f9:fc:47:58:3e:fd:c0:0b:d0:68:39:4a:e3:
                    db:cd:cf:6c:54:89:f6:f4:70:2d:9b:2f:e9:b4:8f:
                    fd:15:bd:be:2a:b0:2f:b6:07:5c:31:36:a8:33:21:
                    48:36:9f:c0:c7:46:0a:f4:fe:8e:cc:c4:a9:ae:01:
                    71:d2:dc:85:a6:0b:87:d6:91:cf:7f:0e:3d:ca:dd:
                    4c:31:f1:bf:2e:c4:23:3d:b6:66:5b:ae:09:a2:7a:
                    0a:98:dd:dc:92:4e:c6:dc:5d:75:c2:41:dc:11:2a:
                    26:c7:4c:63:db:8d:e8:94:3e:28:35:8f:b0:5e:bf:
                    98:a4:5b:3b:77:76:78:c6:6e:1a:00:16:5e:fd:47:
                    6e:34:d5:8d:a7:95:ef:f3:c7:6a:b3:39:9d:c0:db:
                    a7:e6:70:0c:9a:be:04:76:c3:ed:35:c6:80:08:83:
                    b9:a5:30:14:ab:5f:03:ad:01:1b:4d:fe:9e:2c:ca:
                    8a:67:3b:90:db:3c:ac:b8:8e:c4:5b:23:43:2a:2d:
                    02:83:24:44:ec:d6:07:a2:59:66:d0:4f:17:21:e5:
                    08:6d:2c:3f:c3:29:18:40:b0:b9:83:04:8a:44:46:
                    f2:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:12:DE:40:6E:63:C3:CE:A2:9B:54:F9:4B:9B:85:95:69:4C:14:8D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/c5031a78-ec0b-3194-9467-02169e021fda.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl

            X509v3 Authority Key Identifier:
                keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.44.88.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         59:b1:10:08:79:8f:56:45:35:42:0b:ff:2e:74:a9:15:84:50:
         1a:f3:15:51:33:6f:45:72:0e:36:47:fc:ff:de:44:62:aa:c7:
         90:76:2c:13:09:22:ea:70:b9:c8:5e:fb:f6:a5:46:da:ef:2a:
         eb:e2:83:a1:31:bb:1a:5d:0f:85:ac:26:1f:ff:a2:8a:f0:ba:
         a7:88:9c:87:51:15:c7:a9:1c:33:d5:fc:d8:c5:81:5e:06:a9:
         c2:b2:ae:fd:81:5b:04:b5:79:15:18:f0:5f:da:51:dc:60:c0:
         e5:01:6e:e0:1d:c1:92:4a:39:ef:7b:46:d5:8d:f9:41:50:2b:
         49:f7:88:8f:88:4a:a8:84:06:85:39:78:10:27:c1:3a:70:c1:
         b4:af:0d:0d:a2:7c:95:46:c9:cd:ea:31:be:1d:51:7c:46:82:
         06:c3:7b:08:ff:c7:d3:fe:8a:36:3d:78:17:34:03:19:32:24:
         88:7c:e7:fa:85:02:2f:4d:31:06:88:d2:3d:48:48:94:de:52:
         d2:fe:47:07:b9:7e:48:d4:dd:58:a3:72:dc:0e:81:17:92:58:
         da:4e:f9:bf:ea:ca:16:11:19:2e:b9:c4:63:f4:e2:e7:3f:81:
         b7:f8:4b:89:8e:22:d0:f9:de:b8:13:87:88:2e:80:9e:38:c2:
         53:93:db:27
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEg5ZlDQdSB9c+u7/wAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI0MTIxNjA5MzQwN1oXDTI1MDMxNjA4MzQwN1owLzEtMCsGA1UEAxMk
MjMyODY3ZGYtMDdkYi00NDY1LTgyYjYtYzk3YTc2MWZkMDFiMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5DCk168JSt1Na7OhvnFtLeNmJIDKmRqVQ5H
WzMvMPn8R1g+/cAL0Gg5SuPbzc9sVIn29HAtmy/ptI/9Fb2+KrAvtgdcMTaoMyFI
Np/Ax0YK9P6OzMSprgFx0tyFpguH1pHPfw49yt1MMfG/LsQjPbZmW64JonoKmN3c
kk7G3F11wkHcESomx0xj243olD4oNY+wXr+YpFs7d3Z4xm4aABZe/UduNNWNp5Xv
88dqszmdwNun5nAMmr4EdsPtNcaACIO5pTAUq18DrQEbTf6eLMqKZzuQ2zysuI7E
WyNDKi0CgyRE7NYHollm0E8XIeUIbSw/wykYQLC5gwSKREbyCQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJ0S3kBuY8POoptU+UubhZVpTBSNMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvYzUwMzFhNzgtZWMwYi0z
MTk0LTk0NjctMDIxNjllMDIxZmRhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzCxYMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFmxEAh5j1ZFNUIL/y50qRWEUBrzFVEzb0VyDjZH/P/eRGKqx5B2LBMJ
Iupwuche+/alRtrvKuvig6ExuxpdD4WsJh//oorwuqeInIdRFcepHDPV/NjFgV4G
qcKyrv2BWwS1eRUY8F/aUdxgwOUBbuAdwZJKOe97RtWN+UFQK0n3iI+ISqiEBoU5
eBAnwTpwwbSvDQ2ifJVGyc3qMb4dUXxGggbDewj/x9P+ijY9eBc0AxkyJIh85/qF
Ai9NMQaI0j1ISJTeUtL+Rwe5fkjU3VijctwOgReSWNpO+b/qyhYRGS65xGP04uc/
gbf4S4mOItD53rgTh4gugJ44wlOT2yc=
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:43:34 2025 by rpki-client