Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/dd62a733-0e13-4012-8294-fce655e4a41a/4049fd72-7308-30a2-b12c-81a52983265f.roa
File:                     4049fd72-7308-30a2-b12c-81a52983265f.roa (raw, json)
Hash identifier:          uw5iBRXGC2wzy1Q4lmFUuaZUH4YSXbag+9UIYrF99z8=
Subject key identifier:   11:B7:2B:5B:D9:51:EC:DF:3E:15:C2:6F:66:E1:29:2D:5E:24:DF:92
Certificate issuer:       /CN=dd62a733-0e13-4012-8294-fce655e4a41a
Certificate serial:       010D0C9F432858485CB47578E528FC3845B5C300
Authority key identifier: 91:13:58:B4:76:AE:9F:A1:B0:7E:93:8D:BC:37:2C:AB:97:3D:76:DF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/dd62a733-0e13-4012-8294-fce655e4a41a.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/dd62a733-0e13-4012-8294-fce655e4a41a/4049fd72-7308-30a2-b12c-81a52983265f.roa
Signing time:             Sun 29 Dec 2024 01:04:51 +0000
ROA not before:           Sun 29 Dec 2024 01:04:51 +0000
ROA not after:            Sat 29 Mar 2025 00:04:51 +0000
asID:                     59426
IP address blocks:        104.218.236.0/23 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:5c:b4:75:78:e5:28:fc:38:45:b5:c3:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dd62a733-0e13-4012-8294-fce655e4a41a
        Validity
            Not Before: Dec 29 01:04:51 2024 GMT
            Not After : Mar 29 00:04:51 2025 GMT
        Subject: CN=a4ee8cf1-c87b-4b06-9c59-5275465b12a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:67:6a:ec:8e:be:f0:d7:2c:a8:c6:f7:a7:00:
                    75:43:b9:6b:63:cb:d2:7c:36:69:4c:bd:be:74:5e:
                    d2:1f:7c:52:19:4a:09:60:36:71:26:0f:46:9c:bb:
                    35:ce:b7:ce:c1:e2:fe:8b:26:0e:a6:de:c2:e7:21:
                    18:6b:ea:e9:6e:32:29:ff:0d:e1:60:8e:80:ee:d4:
                    15:24:0e:3f:88:a2:bc:6f:16:8c:3f:cf:f4:a9:89:
                    20:71:c3:93:af:8a:3d:18:4f:5c:98:29:34:3e:5d:
                    75:4c:24:e8:65:b0:33:6a:04:f4:88:d6:2e:b8:2d:
                    8d:51:ab:16:d3:e8:a4:a5:9c:08:c9:e9:54:fc:d6:
                    eb:5a:a5:7d:d6:c3:42:29:53:64:3f:99:9a:de:01:
                    94:56:26:ad:fa:d9:9c:59:b5:49:fe:13:42:24:7e:
                    6a:96:5a:ef:9d:2e:2b:b2:70:bc:66:a1:ed:1f:e9:
                    58:6d:ab:c8:a4:0c:0c:0c:06:3f:2b:66:8b:f8:0d:
                    1a:fd:9d:77:3a:6b:13:04:e7:ba:ba:63:2a:b7:6d:
                    a9:da:a6:1d:82:8a:24:7f:ca:34:a3:65:19:64:dd:
                    a2:e8:48:99:a0:fe:db:e2:34:3a:08:85:3c:9c:01:
                    9f:d7:a1:3c:b7:62:7c:d0:a9:34:fe:53:9b:56:f4:
                    52:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:B7:2B:5B:D9:51:EC:DF:3E:15:C2:6F:66:E1:29:2D:5E:24:DF:92
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/dd62a733-0e13-4012-8294-fce655e4a41a/4049fd72-7308-30a2-b12c-81a52983265f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/dd62a733-0e13-4012-8294-fce655e4a41a/dd62a733-0e13-4012-8294-fce655e4a41a.crl

            X509v3 Authority Key Identifier:
                keyid:91:13:58:B4:76:AE:9F:A1:B0:7E:93:8D:BC:37:2C:AB:97:3D:76:DF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/dd62a733-0e13-4012-8294-fce655e4a41a.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  104.218.236.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         59:8a:11:fe:9f:ab:f8:ef:c3:07:f6:52:59:70:cc:44:17:ce:
         34:27:fa:c9:15:a5:15:f6:de:08:70:cf:08:b6:ef:ce:32:a4:
         aa:ef:7c:cb:6e:66:45:e0:b1:00:e1:8d:29:05:bc:c2:ec:e6:
         7b:a6:77:c3:c4:99:09:dd:dc:c6:2f:af:5b:b5:5c:e3:a8:30:
         ff:63:a9:f7:de:05:61:8d:1b:08:2e:cf:42:95:c7:8b:99:a3:
         bc:19:15:bf:63:6b:aa:dc:74:68:7b:2a:af:64:ea:5f:65:a2:
         02:7b:d3:1a:69:cb:3a:9e:aa:97:9a:79:d7:5e:08:92:cf:06:
         cd:e5:51:88:97:f8:2c:79:0a:6c:47:6c:a4:6a:a1:8c:73:3f:
         c5:5f:28:53:2e:1c:83:8d:11:cf:a2:19:20:d4:b7:0d:47:1e:
         59:78:31:d9:50:80:ff:f3:37:da:66:c0:48:5e:73:5a:d2:b5:
         dc:39:2e:4b:fc:48:ad:d6:c5:8b:be:b4:3a:27:b0:17:31:2f:
         0b:96:f4:df:b1:9c:64:9c:2a:2f:43:a9:98:8c:6f:c2:4e:57:
         1a:cc:5e:d9:3f:93:9e:0d:ec:b2:3a:00:a6:46:8a:b3:6e:45:
         04:4a:87:09:1b:65:68:48:ac:5e:74:a5:b4:5a:55:3f:b7:2b:
         d1:fd:94:a3
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEhctHV45Sj8OEW1wwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZGQ2MmE3MzMtMGUxMy00MDEyLTgyOTQtZmNlNjU1ZTRh
NDFhMB4XDTI0MTIyOTAxMDQ1MVoXDTI1MDMyOTAwMDQ1MVowLzEtMCsGA1UEAxMk
YTRlZThjZjEtYzg3Yi00YjA2LTljNTktNTI3NTQ2NWIxMmE1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2dq7I6+8NcsqMb3pwB1Q7lrY8vSfDZpTL2+
dF7SH3xSGUoJYDZxJg9GnLs1zrfOweL+iyYOpt7C5yEYa+rpbjIp/w3hYI6A7tQV
JA4/iKK8bxaMP8/0qYkgccOTr4o9GE9cmCk0Pl11TCToZbAzagT0iNYuuC2NUasW
0+ikpZwIyelU/NbrWqV91sNCKVNkP5ma3gGUViat+tmcWbVJ/hNCJH5qllrvnS4r
snC8ZqHtH+lYbavIpAwMDAY/K2aL+A0a/Z13OmsTBOe6umMqt22p2qYdgookf8o0
o2UZZN2i6EiZoP7b4jQ6CIU8nAGf16E8t2J80Kk0/lObVvRSlwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBG3K1vZUezfPhXCb2bhKS1eJN+SMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS9kZDYy
YTczMy0wZTEzLTQwMTItODI5NC1mY2U2NTVlNGE0MWEvNDA0OWZkNzItNzMwOC0z
MGEyLWIxMmMtODFhNTI5ODMyNjVmLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvZGQ2MmE3MzMtMGUxMy00MDEyLTgy
OTQtZmNlNjU1ZTRhNDFhL2RkNjJhNzMzLTBlMTMtNDAxMi04Mjk0LWZjZTY1NWU0
YTQxYS5jcmwwHwYDVR0jBBgwFoAUkRNYtHaun6GwfpONvDcsq5c9dt8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS9kZDYyYTczMy0wZTEzLTQwMTItODI5NC1mY2U2
NTVlNGE0MWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBaNrsMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFmKEf6fq/jvwwf2UllwzEQXzjQn+skVpRX23ghwzwi2784ypKrvfMtu
ZkXgsQDhjSkFvMLs5numd8PEmQnd3MYvr1u1XOOoMP9jqffeBWGNGwguz0KVx4uZ
o7wZFb9ja6rcdGh7Kq9k6l9logJ70xppyzqeqpeaeddeCJLPBs3lUYiX+Cx5CmxH
bKRqoYxzP8VfKFMuHIONEc+iGSDUtw1HHll4MdlQgP/zN9pmwEhec1rStdw5Lkv8
SK3WxYu+tDonsBcxLwuW9N+xnGScKi9DqZiMb8JOVxrMXtk/k54N7LI6AKZGirNu
RQRKhwkbZWhIrF50pbRaVT+3K9H9lKM=
-----END CERTIFICATE-----
Generated at Fri Apr 11 21:40:59 2025 by rpki-client