Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/e9558cb9-04af-30b7-b473-79dc5cf0389d.roa
File:                     e9558cb9-04af-30b7-b473-79dc5cf0389d.roa (raw, json)
Hash identifier:          X/MO6G2mjqjCLXWoIlcGrtUdSUsR89XvrXK0ih62UTQ=
Subject key identifier:   08:AD:19:8B:8D:66:DC:08:15:0E:35:68:F8:B4:3F:D0:8C:A6:90:36
Certificate issuer:       /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial:       010D0C9F432858483E1AB56F1D8B9D1358F14800
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/e9558cb9-04af-30b7-b473-79dc5cf0389d.roa
Signing time:             Wed 18 Dec 2024 02:00:39 +0000
ROA not before:           Wed 18 Dec 2024 02:00:39 +0000
ROA not after:            Tue 18 Mar 2025 01:00:39 +0000
asID:                     18779
IP address blocks:        104.223.68.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:3e:1a:b5:6f:1d:8b:9d:13:58:f1:48:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
        Validity
            Not Before: Dec 18 02:00:39 2024 GMT
            Not After : Mar 18 01:00:39 2025 GMT
        Subject: CN=3ac07bfc-b3ee-4d77-95dc-e43d826fdb22
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:24:e3:a9:f0:ca:dc:87:18:0a:4b:5a:8b:f7:
                    71:39:99:10:5b:91:69:db:69:df:a6:f4:3b:2d:40:
                    08:07:8e:62:9a:f8:4e:d8:06:8b:e0:48:75:97:94:
                    a1:32:47:59:cb:cb:53:25:12:55:23:28:5f:18:6b:
                    3b:30:87:33:c0:56:5b:8d:20:f1:07:7e:fa:ef:f7:
                    86:2a:c4:03:9c:be:41:00:58:7f:b2:c5:d4:f4:d5:
                    f8:90:f5:2d:f6:32:cf:c7:a1:a9:b6:2e:43:7e:1d:
                    6a:12:62:ae:33:30:e2:c5:80:2f:3e:74:af:66:0c:
                    a2:07:98:d7:8b:94:28:7d:fc:bb:e5:20:d8:93:38:
                    d7:81:03:39:a0:b0:9c:68:97:40:b2:6d:32:15:0b:
                    e7:bc:c8:e8:db:0d:25:af:03:32:d4:d0:7d:9a:8e:
                    18:73:fd:9d:5b:9a:9a:c7:42:50:13:49:3c:5a:d6:
                    48:4e:13:b4:22:43:27:a7:13:0a:a4:d3:94:2c:20:
                    3f:8e:ac:4d:7b:82:83:9b:7d:e2:e4:2d:9f:c4:15:
                    95:1d:25:d6:b5:ac:8f:ba:8b:fb:c5:f2:a6:47:59:
                    d4:2d:e3:2d:5a:48:13:cf:3b:58:85:a6:c7:be:b1:
                    89:e3:c2:e7:92:62:16:c7:42:51:fe:a8:3e:ed:16:
                    4d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:AD:19:8B:8D:66:DC:08:15:0E:35:68:F8:B4:3F:D0:8C:A6:90:36
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/e9558cb9-04af-30b7-b473-79dc5cf0389d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl

            X509v3 Authority Key Identifier:
                keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.223.68.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         1d:da:f0:03:f3:37:80:75:43:32:4f:f9:9e:b1:6b:4b:6a:f3:
         66:52:f1:16:d6:31:8c:b5:c7:5a:9a:5a:04:58:56:9c:82:42:
         21:ae:86:da:c2:a2:b2:1c:be:14:0e:32:51:17:56:1a:10:c4:
         c6:ca:1e:51:1b:45:a9:ae:b9:dc:e8:52:50:66:a0:89:a9:86:
         de:b3:a2:8a:a0:fa:c1:93:0e:ac:68:7b:d6:2f:5d:34:0c:a0:
         0a:c4:52:ae:b8:7d:82:21:80:5e:78:cb:27:af:6d:28:31:23:
         b7:b5:ac:c1:b0:42:29:45:1e:5f:00:e4:e4:30:27:fa:a0:8f:
         e6:4b:2e:93:96:3c:72:5f:49:5e:b0:b7:89:93:0a:b3:26:29:
         cf:9c:11:6c:3c:34:45:62:e2:ed:a8:3a:b3:69:fd:47:ac:3a:
         be:a1:09:ee:3f:04:b3:f0:bc:00:db:69:89:cc:61:0f:b2:c6:
         cc:86:6f:20:06:12:5f:eb:c2:0e:b9:ea:b2:ba:43:84:ba:4e:
         92:e0:88:68:72:a5:62:be:28:f9:24:09:82:44:96:d3:70:36:
         1b:41:02:8b:a2:10:f2:74:92:1d:94:5b:40:52:2d:f1:09:53:
         df:68:77:06:6e:c4:b5:89:fc:aa:a2:0b:0f:5c:d0:88:09:68:
         25:5f:3e:08
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEg+GrVvHYudE1jxSAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI0MTIxODAyMDAzOVoXDTI1MDMxODAxMDAzOVowLzEtMCsGA1UEAxMk
M2FjMDdiZmMtYjNlZS00ZDc3LTk1ZGMtZTQzZDgyNmZkYjIyMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApiTjqfDK3IcYCktai/dxOZkQW5Fp22nfpvQ7
LUAIB45imvhO2AaL4Eh1l5ShMkdZy8tTJRJVIyhfGGs7MIczwFZbjSDxB3767/eG
KsQDnL5BAFh/ssXU9NX4kPUt9jLPx6Gpti5Dfh1qEmKuMzDixYAvPnSvZgyiB5jX
i5Qoffy75SDYkzjXgQM5oLCcaJdAsm0yFQvnvMjo2w0lrwMy1NB9mo4Yc/2dW5qa
x0JQE0k8WtZIThO0IkMnpxMKpNOULCA/jqxNe4KDm33i5C2fxBWVHSXWtayPuov7
xfKmR1nULeMtWkgTzztYhabHvrGJ48LnkmIWx0JR/qg+7RZNbQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAitGYuNZtwIFQ41aPi0P9CMppA2MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvZTk1NThjYjktMDRhZi0z
MGI3LWI0NzMtNzlkYzVjZjAzODlkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAaN9EMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAB3a8APzN4B1QzJP+Z6xa0tq82ZS8RbWMYy1x1qaWgRYVpyCQiGuhtrC
orIcvhQOMlEXVhoQxMbKHlEbRamuudzoUlBmoImpht6zooqg+sGTDqxoe9YvXTQM
oArEUq64fYIhgF54yyevbSgxI7e1rMGwQilFHl8A5OQwJ/qgj+ZLLpOWPHJfSV6w
t4mTCrMmKc+cEWw8NEVi4u2oOrNp/UesOr6hCe4/BLPwvADbaYnMYQ+yxsyGbyAG
El/rwg656rK6Q4S6TpLgiGhypWK+KPkkCYJEltNwNhtBAouiEPJ0kh2UW0BSLfEJ
U99odwZuxLWJ/KqiCw9c0IgJaCVfPgg=
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:48:17 2025 by rpki-client