Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/2657a44f-9403-3479-8655-c9faf16f3b24.roa
File:                     2657a44f-9403-3479-8655-c9faf16f3b24.roa (raw, json)
Hash identifier:          4w4jrjJfRLAmPA0kVs4vJ4SdsTNhIPWTh9sxlV+pi28=
Subject key identifier:   42:A7:A9:2C:43:BD:D4:43:D0:12:D6:58:BB:3A:97:86:09:75:B4:33
Certificate issuer:       /CN=8a13f263-84fb-4a2b-b136-d447ecc21508
Certificate serial:       010D0C9F432858401A3ED5B7DB52F0882E877290
Authority key identifier: C8:37:D2:6F:C6:51:9C:EF:BC:41:B2:83:91:2E:73:69:A3:B3:BE:A3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/2657a44f-9403-3479-8655-c9faf16f3b24.roa
Signing time:             Thu 01 Dec 2022 12:00:00 +0000
ROA not before:           Thu 01 Dec 2022 12:00:00 +0000
ROA not after:            Fri 06 Jun 2025 04:00:00 +0000
asID:                     19905
IP address blocks:        64.95.191.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:1a:3e:d5:b7:db:52:f0:88:2e:87:72:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a13f263-84fb-4a2b-b136-d447ecc21508
        Validity
            Not Before: Dec  1 12:00:00 2022 GMT
            Not After : Jun  6 04:00:00 2025 GMT
        Subject: CN=9ec1c7ed-06c5-40ef-98db-cb9ffe584d59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:d3:48:80:47:ae:87:5a:7b:61:13:bf:a6:c0:
                    87:9b:1d:4e:30:eb:1d:bc:04:1d:5f:79:1e:24:34:
                    f2:0b:c5:f5:e4:f2:30:c6:7a:d9:90:c8:0f:3e:89:
                    52:64:67:da:7e:9b:a8:31:a9:07:98:2b:cc:53:68:
                    0b:9b:4c:73:80:5f:8c:48:2f:e0:78:ae:2c:4d:02:
                    8a:4a:1a:4c:98:77:f1:6f:0c:79:4a:1a:63:74:94:
                    19:02:56:ac:95:3a:0b:ae:82:54:9b:cb:df:8f:44:
                    90:2d:4f:fa:b3:1d:17:c9:73:a1:9a:fb:52:9c:e6:
                    28:bd:d7:e3:18:e4:f9:a1:00:c9:3c:eb:73:73:d0:
                    d9:1e:ce:a9:b2:bb:1f:8f:4a:5c:9a:f8:7a:d2:c2:
                    d9:ce:67:55:ac:f9:17:b3:a5:2c:c9:1b:74:e8:c3:
                    81:dc:95:a4:48:87:3a:06:0c:7d:01:3d:ab:55:e6:
                    fb:55:c7:04:bb:46:7b:b0:1f:1d:63:b1:17:1e:64:
                    16:f0:91:89:3f:1a:dc:4d:bb:8c:f8:58:3b:a2:9a:
                    3d:77:35:68:55:bf:20:8b:4c:f6:6d:ce:87:f0:e7:
                    6b:84:80:c6:33:ad:b0:f7:92:60:90:9c:69:43:2b:
                    47:7f:e3:6c:ed:39:d6:78:84:86:7f:df:65:e4:e8:
                    c0:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:A7:A9:2C:43:BD:D4:43:D0:12:D6:58:BB:3A:97:86:09:75:B4:33
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/2657a44f-9403-3479-8655-c9faf16f3b24.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/8a13f263-84fb-4a2b-b136-d447ecc21508.crl

            X509v3 Authority Key Identifier:
                keyid:C8:37:D2:6F:C6:51:9C:EF:BC:41:B2:83:91:2E:73:69:A3:B3:BE:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.95.191.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4a:75:53:02:81:99:ac:35:b9:25:0d:46:a7:14:73:7f:ea:f0:
         0b:82:ed:75:2a:b0:ee:de:36:6b:b6:ab:70:a1:93:19:d7:34:
         7d:42:cd:37:5d:20:69:32:78:e3:6d:ba:43:28:63:f6:d2:38:
         43:b2:a1:dc:09:dc:de:43:91:8d:6f:8d:54:3e:ae:5a:a0:24:
         b0:07:e6:52:20:ba:19:68:86:7e:2a:5f:f0:41:ef:1d:17:43:
         8d:39:e2:3b:87:05:2e:41:4b:b5:b1:5d:d3:e9:76:88:1d:75:
         90:5d:b3:0f:1f:b0:fd:53:28:ac:97:0a:d0:dc:7d:ad:f1:c6:
         ed:17:ef:14:03:a8:66:42:ee:e3:9b:ec:d8:1f:ac:71:44:8e:
         43:2f:46:ca:60:0c:83:74:5a:eb:5d:bb:f6:b5:da:ba:54:ba:
         99:da:93:40:26:44:13:9e:e1:c9:26:cb:d5:aa:81:28:74:39:
         a0:80:90:da:98:fb:7e:ea:d3:b6:a0:b4:91:a3:b6:5a:18:56:
         a3:56:e8:07:c8:a2:d6:56:cf:86:c5:b1:c3:64:47:7b:e2:2d:
         89:3a:7c:f3:80:f2:e2:6f:21:d8:b8:31:03:04:54:9b:e3:6b:
         8f:84:b7:c9:1c:41:31:35:0c:3a:0b:ef:f8:79:84:f6:24:99:
         79:14:eb:53
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEAaPtW321LwiC6HcpAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOGExM2YyNjMtODRmYi00YTJiLWIxMzYtZDQ0N2VjYzIx
NTA4MB4XDTIyMTIwMTEyMDAwMFoXDTI1MDYwNjA0MDAwMFowLzEtMCsGA1UEAxMk
OWVjMWM3ZWQtMDZjNS00MGVmLTk4ZGItY2I5ZmZlNTg0ZDU5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9NIgEeuh1p7YRO/psCHmx1OMOsdvAQdX3ke
JDTyC8X15PIwxnrZkMgPPolSZGfafpuoMakHmCvMU2gLm0xzgF+MSC/geK4sTQKK
ShpMmHfxbwx5ShpjdJQZAlaslToLroJUm8vfj0SQLU/6sx0XyXOhmvtSnOYovdfj
GOT5oQDJPOtzc9DZHs6psrsfj0pcmvh60sLZzmdVrPkXs6UsyRt06MOB3JWkSIc6
Bgx9AT2rVeb7VccEu0Z7sB8dY7EXHmQW8JGJPxrcTbuM+Fg7opo9dzVoVb8gi0z2
bc6H8OdrhIDGM62w95JgkJxpQytHf+Ns7TnWeISGf99l5OjAkQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEKnqSxDvdRD0BLWWLs6l4YJdbQzMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS84YTEz
ZjI2My04NGZiLTRhMmItYjEzNi1kNDQ3ZWNjMjE1MDgvMjY1N2E0NGYtOTQwMy0z
NDc5LTg2NTUtYzlmYWYxNmYzYjI0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvOGExM2YyNjMtODRmYi00YTJiLWIx
MzYtZDQ0N2VjYzIxNTA4LzhhMTNmMjYzLTg0ZmItNGEyYi1iMTM2LWQ0NDdlY2My
MTUwOC5jcmwwHwYDVR0jBBgwFoAUyDfSb8ZRnO+8QbKDkS5zaaOzvqMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS84YTEzZjI2My04NGZiLTRhMmItYjEzNi1kNDQ3
ZWNjMjE1MDguY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQF+/MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEp1UwKBmaw1uSUNRqcUc3/q8AuC7XUqsO7eNmu2q3ChkxnXNH1CzTdd
IGkyeONtukMoY/bSOEOyodwJ3N5DkY1vjVQ+rlqgJLAH5lIguhlohn4qX/BB7x0X
Q4054juHBS5BS7WxXdPpdogddZBdsw8fsP1TKKyXCtDcfa3xxu0X7xQDqGZC7uOb
7NgfrHFEjkMvRspgDIN0Wutdu/a12rpUupnak0AmRBOe4ckmy9WqgSh0OaCAkNqY
+37q07agtJGjtloYVqNW6AfIotZWz4bFscNkR3viLYk6fPOA8uJvIdi4MQMEVJvj
a4+Et8kcQTE1DDoL7/h5hPYkmXkU61M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:14:08 2024 by rpki-client on console-fra.rpki-client.org