Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/18dcc387-71b6-4973-962e-0d79c69f36ca/4bd24117-1aa9-3b55-90e1-ed1aa909e975.roa
File:                     4bd24117-1aa9-3b55-90e1-ed1aa909e975.roa (raw, json)
Hash identifier:          Pqy7yy/v7qIqr+SpVUtJxYOVtCOk6HMhbGavPPeSGZM=
Subject key identifier:   CC:FB:08:EC:43:FA:54:6E:C7:51:3C:86:5B:C5:72:D5:62:D5:77:03
Certificate issuer:       /CN=18dcc387-71b6-4973-962e-0d79c69f36ca
Certificate serial:       010D0C9F43285845BD48DEF0AF17EC73F8E51560
Authority key identifier: ED:25:10:0F:E2:2E:0E:5E:60:93:EB:11:7F:8D:0A:FF:07:3D:D3:9F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/18dcc387-71b6-4973-962e-0d79c69f36ca.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/18dcc387-71b6-4973-962e-0d79c69f36ca/4bd24117-1aa9-3b55-90e1-ed1aa909e975.roa
Signing time:             Thu 02 May 2024 13:00:34 +0000
ROA not before:           Thu 02 May 2024 13:00:34 +0000
ROA not after:            Wed 31 Jul 2024 13:00:34 +0000
asID:                     7922
IP address blocks:        208.68.248.0/22 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:bd:48:de:f0:af:17:ec:73:f8:e5:15:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18dcc387-71b6-4973-962e-0d79c69f36ca
        Validity
            Not Before: May  2 13:00:34 2024 GMT
            Not After : Jul 31 13:00:34 2024 GMT
        Subject: CN=a9700840-9f1a-43dd-b0ce-ee63d43e0bd9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:a8:0c:80:45:4f:3f:e3:2e:4d:01:f2:b9:f9:
                    04:a3:0b:26:ee:db:2b:e2:c9:15:a8:7c:72:98:89:
                    5a:7d:5c:bb:23:df:9f:20:2b:d0:77:69:44:41:41:
                    a1:df:9e:c7:98:88:11:96:6c:b3:98:1b:ce:13:20:
                    5d:b8:35:9c:f9:27:36:18:e2:cb:fd:ae:80:43:92:
                    66:c1:35:fa:74:38:d5:d0:6e:e7:2e:32:43:74:f0:
                    5a:11:d3:d1:be:e5:5f:b0:2e:16:f2:37:16:2c:19:
                    1a:1a:d3:bd:dd:4e:ed:65:ec:77:68:cc:99:7a:2f:
                    c2:b7:9d:b6:7f:6b:3e:a4:aa:6d:c2:9b:10:65:d2:
                    35:73:9d:67:36:5a:4b:85:3f:63:9f:a5:cd:b7:2d:
                    1f:9d:5b:2c:15:85:0b:49:2f:17:ae:d9:83:eb:6d:
                    e0:de:f3:15:39:34:64:73:0c:24:d5:c5:f6:d8:eb:
                    6a:28:e4:17:87:3b:b6:4a:61:82:79:27:cf:1c:7a:
                    5c:0b:7f:45:91:36:dc:43:22:0a:09:e3:a3:7d:c9:
                    84:ee:94:b2:40:e4:5f:94:ec:75:04:3d:ce:db:b1:
                    52:07:1f:9f:06:ce:5b:6c:e5:f5:58:39:a9:3f:fb:
                    cd:bb:ea:9d:3b:e3:f0:62:9a:f8:c7:f3:8a:96:a9:
                    a7:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:FB:08:EC:43:FA:54:6E:C7:51:3C:86:5B:C5:72:D5:62:D5:77:03
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/18dcc387-71b6-4973-962e-0d79c69f36ca/4bd24117-1aa9-3b55-90e1-ed1aa909e975.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/18dcc387-71b6-4973-962e-0d79c69f36ca/18dcc387-71b6-4973-962e-0d79c69f36ca.crl

            X509v3 Authority Key Identifier:
                keyid:ED:25:10:0F:E2:2E:0E:5E:60:93:EB:11:7F:8D:0A:FF:07:3D:D3:9F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/871da40f-793a-4a45-a0a9-978148321a07/18dcc387-71b6-4973-962e-0d79c69f36ca.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  208.68.248.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5d:62:78:6e:64:3c:d3:cd:a3:45:70:13:ae:ec:9f:38:8a:dd:
         aa:45:c1:51:e2:cd:77:10:64:47:1d:83:9d:0b:9e:ac:01:5f:
         d8:87:44:e1:1f:46:eb:51:1b:ad:e4:33:8f:59:18:94:c1:82:
         10:92:9e:d9:14:10:51:15:f1:0d:48:51:23:7c:d5:ff:8c:ba:
         d3:38:88:7a:96:e4:9d:76:c4:5e:40:5c:5f:32:b8:a9:52:4a:
         ca:98:fa:c7:ac:81:27:15:1d:17:d7:51:58:d6:c8:1e:fc:d5:
         43:6b:48:91:ba:55:c5:fb:6f:c8:03:e4:ea:bb:75:6a:a1:43:
         b0:8c:3d:80:51:17:f1:a3:07:58:a3:5f:10:02:fd:22:61:23:
         21:7e:9b:62:bf:86:6b:3f:b4:0f:d6:f3:2a:03:e1:38:18:0d:
         2c:72:67:00:23:af:5e:fd:82:38:33:50:b9:fe:11:26:d8:38:
         fd:b2:56:2d:b2:6f:e2:fd:88:25:de:8a:1e:9d:1f:91:c4:ad:
         dd:14:fe:0d:f2:82:cc:ab:3a:39:43:e9:4c:44:04:60:b8:0f:
         38:8c:eb:32:9c:23:ac:0c:3b:45:e3:d3:9a:28:84:21:d6:1d:
         32:84:48:66:97:7f:0d:c2:b1:8f:1c:92:73:7e:5e:e0:24:62:
         88:c7:ab:b2
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEW9SN7wrxfsc/jlFWAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMThkY2MzODctNzFiNi00OTczLTk2MmUtMGQ3OWM2OWYz
NmNhMB4XDTI0MDUwMjEzMDAzNFoXDTI0MDczMTEzMDAzNFowLzEtMCsGA1UEAxMk
YTk3MDA4NDAtOWYxYS00M2RkLWIwY2UtZWU2M2Q0M2UwYmQ5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2agMgEVPP+MuTQHyufkEowsm7tsr4skVqHxy
mIlafVy7I9+fICvQd2lEQUGh357HmIgRlmyzmBvOEyBduDWc+Sc2GOLL/a6AQ5Jm
wTX6dDjV0G7nLjJDdPBaEdPRvuVfsC4W8jcWLBkaGtO93U7tZex3aMyZei/Ct522
f2s+pKptwpsQZdI1c51nNlpLhT9jn6XNty0fnVssFYULSS8XrtmD623g3vMVOTRk
cwwk1cX22OtqKOQXhzu2SmGCeSfPHHpcC39FkTbcQyIKCeOjfcmE7pSyQORflOx1
BD3O27FSBx+fBs5bbOX1WDmpP/vNu+qdO+PwYpr4x/OKlqmnswIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFMz7COxD+lRux1E8hlvFctVi1XcDMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0NS1hMGE5LTk3ODE0ODMyMWEwNy8xOGRj
YzM4Ny03MWI2LTQ5NzMtOTYyZS0wZDc5YzY5ZjM2Y2EvNGJkMjQxMTctMWFhOS0z
YjU1LTkwZTEtZWQxYWE5MDllOTc1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy84NzFkYTQwZi03
OTNhLTRhNDUtYTBhOS05NzgxNDgzMjFhMDcvMThkY2MzODctNzFiNi00OTczLTk2
MmUtMGQ3OWM2OWYzNmNhLzE4ZGNjMzg3LTcxYjYtNDk3My05NjJlLTBkNzljNjlm
MzZjYS5jcmwwHwYDVR0jBBgwFoAU7SUQD+IuDl5gk+sRf40K/wc9058wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzg3MWRhNDBmLTc5M2EtNGE0
NS1hMGE5LTk3ODE0ODMyMWEwNy8xOGRjYzM4Ny03MWI2LTQ5NzMtOTYyZS0wZDc5
YzY5ZjM2Y2EuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC0ET4MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAF1ieG5kPNPNo0VwE67snziK3apFwVHizXcQZEcdg50LnqwBX9iHROEf
RutRG63kM49ZGJTBghCSntkUEFEV8Q1IUSN81f+MutM4iHqW5J12xF5AXF8yuKlS
SsqY+sesgScVHRfXUVjWyB781UNrSJG6VcX7b8gD5Oq7dWqhQ7CMPYBRF/GjB1ij
XxAC/SJhIyF+m2K/hms/tA/W8yoD4TgYDSxyZwAjr179gjgzULn+ESbYOP2yVi2y
b+L9iCXeih6dH5HErd0U/g3ygsyrOjlD6UxEBGC4DziM6zKcI6wMO0Xj05oohCHW
HTKESGaXfw3CsY8cknN+XuAkYojHq7I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:14:10 2024 by rpki-client on console-fra.rpki-client.org