Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/d858000f-4529-3e0c-8f4b-126699c1276c.roa
File:                     d858000f-4529-3e0c-8f4b-126699c1276c.roa (raw, json)
Hash identifier:          4R9HKpPXVc2TLwNT9Vs9mwJvj3nNluUviUmjmvijI/E=
Subject key identifier:   33:27:E7:79:25:C0:F9:E9:E2:6D:08:C4:07:1D:A3:90:13:BA:E7:6D
Certificate issuer:       /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial:       010D0C9F432858488B5B807CB40DA4D716C82940
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/d858000f-4529-3e0c-8f4b-126699c1276c.roa
Signing time:             Tue 14 Jan 2025 18:08:37 +0000
ROA not before:           Tue 14 Jan 2025 18:08:37 +0000
ROA not after:            Mon 14 Apr 2025 17:08:37 +0000
asID:                     8100
IP address blocks:        155.94.240.0/20 maxlen: 20
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:8b:5b:80:7c:b4:0d:a4:d7:16:c8:29:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
        Validity
            Not Before: Jan 14 18:08:37 2025 GMT
            Not After : Apr 14 17:08:37 2025 GMT
        Subject: CN=dcf858c8-8f34-409e-b8bc-47bdf8aab983
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:45:74:21:f8:f4:84:bc:94:8c:97:6f:13:fa:
                    14:d0:dc:8f:9d:62:64:bc:c5:cd:d0:c5:4f:b1:42:
                    5b:cb:da:4f:5a:b0:40:f4:27:b8:b6:16:51:f3:33:
                    d3:f7:e9:66:61:1b:96:b1:28:66:c7:83:7f:56:86:
                    71:1d:40:6a:6b:66:c0:ca:ba:1b:38:99:ca:3e:bd:
                    7b:6f:44:4b:46:03:ef:bd:90:8e:c5:af:83:ab:68:
                    db:b7:4d:91:57:c1:3d:e9:be:41:85:f5:b5:4f:6a:
                    f7:f2:db:ac:e1:65:d3:65:90:95:bd:14:48:00:94:
                    18:da:2b:59:6d:44:f8:73:3b:4e:45:bb:55:84:59:
                    d7:0c:58:56:8c:51:8d:81:a5:20:b6:87:5f:43:10:
                    10:ba:00:0d:04:21:4a:ef:e5:9a:a2:30:b3:b0:3c:
                    d3:ae:db:6f:92:82:1f:60:83:91:d7:90:61:6c:74:
                    7f:d2:c7:10:08:cb:80:96:a4:86:36:a5:96:5d:36:
                    72:a7:42:6a:7c:55:10:63:49:21:30:7b:a3:be:4d:
                    46:61:32:36:ff:98:e9:74:3c:a0:05:c3:10:f3:77:
                    57:1f:57:1d:03:fc:1c:44:3b:24:58:f7:e6:fe:f9:
                    5c:d4:fa:7e:44:d7:cf:bf:6e:dc:b1:8a:63:23:e2:
                    d6:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:27:E7:79:25:C0:F9:E9:E2:6D:08:C4:07:1D:A3:90:13:BA:E7:6D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/d858000f-4529-3e0c-8f4b-126699c1276c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl

            X509v3 Authority Key Identifier:
                keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  155.94.240.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         54:aa:7f:b0:0b:fc:ce:fd:af:aa:7c:10:4c:d9:4e:d8:a3:e6:
         c9:96:a9:e1:ed:c3:4d:5d:f6:98:0d:c6:5e:cd:b4:f5:03:32:
         a9:ed:2a:7c:c2:02:9f:45:91:28:88:a3:c4:29:df:f9:f9:c1:
         15:8d:da:fd:08:0a:c2:0e:93:4f:f7:3b:77:33:0c:77:87:0f:
         3b:ae:20:00:a5:b2:ec:99:0f:08:59:69:e8:8e:a8:38:a3:47:
         c3:d6:53:09:4d:0e:dc:77:ad:f3:d3:eb:6d:db:f6:b9:44:b3:
         8a:7d:81:7d:44:79:45:60:ca:94:f5:60:8e:2e:16:0d:46:9c:
         42:f0:29:5d:60:b6:01:fe:d0:29:3b:07:bf:e2:e0:48:0a:e2:
         73:bc:74:ce:c3:bb:ee:28:8c:a2:b4:bc:cb:f4:e0:de:0e:92:
         fe:86:03:e7:30:ca:6f:4d:56:59:72:72:b0:49:b8:11:f7:88:
         69:87:fe:18:8f:b2:f8:10:b1:9e:f7:68:b3:18:3c:da:a4:ed:
         d1:17:25:75:17:53:db:d9:ee:98:40:b1:3e:ef:35:4f:b2:3f:
         60:68:0e:f3:35:d9:9f:d6:93:e0:8e:04:80:4c:66:cc:bd:db:
         87:16:fd:19:4d:0e:61:02:68:99:1d:24:8c:90:f6:9e:ba:f4:
         ab:29:39:d1
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEiLW4B8tA2k1xbIKUAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI1MDExNDE4MDgzN1oXDTI1MDQxNDE3MDgzN1owLzEtMCsGA1UEAxMk
ZGNmODU4YzgtOGYzNC00MDllLWI4YmMtNDdiZGY4YWFiOTgzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0V0Ifj0hLyUjJdvE/oU0NyPnWJkvMXN0MVP
sUJby9pPWrBA9Ce4thZR8zPT9+lmYRuWsShmx4N/VoZxHUBqa2bAyrobOJnKPr17
b0RLRgPvvZCOxa+Dq2jbt02RV8E96b5BhfW1T2r38tus4WXTZZCVvRRIAJQY2itZ
bUT4cztORbtVhFnXDFhWjFGNgaUgtodfQxAQugANBCFK7+WaojCzsDzTrttvkoIf
YIOR15BhbHR/0scQCMuAlqSGNqWWXTZyp0JqfFUQY0khMHujvk1GYTI2/5jpdDyg
BcMQ83dXH1cdA/wcRDskWPfm/vlc1Pp+RNfPv27csYpjI+LWpwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDMn53klwPnp4m0IxAcdo5ATuudtMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvZDg1ODAwMGYtNDUyOS0z
ZTBjLThmNGItMTI2Njk5YzEyNzZjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEm17wMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFSqf7AL/M79r6p8EEzZTtij5smWqeHtw01d9pgNxl7NtPUDMqntKnzC
Ap9FkSiIo8Qp3/n5wRWN2v0ICsIOk0/3O3czDHeHDzuuIAClsuyZDwhZaeiOqDij
R8PWUwlNDtx3rfPT623b9rlEs4p9gX1EeUVgypT1YI4uFg1GnELwKV1gtgH+0Ck7
B7/i4EgK4nO8dM7Du+4ojKK0vMv04N4Okv6GA+cwym9NVllycrBJuBH3iGmH/hiP
svgQsZ73aLMYPNqk7dEXJXUXU9vZ7phAsT7vNU+yP2BoDvM12Z/Wk+COBIBMZsy9
24cW/RlNDmECaJkdJIyQ9p669KspOdE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:36:52 2025 by rpki-client