Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/0e3efd6a-ff28-3a16-84b5-198cf181a4ee.roa
File:                     0e3efd6a-ff28-3a16-84b5-198cf181a4ee.roa (raw, json)
Hash identifier:          40od7H7k8wlL/tv30j8ensookygT7LupmDZX7e6D/CE=
Subject key identifier:   35:EF:37:71:EE:F2:FA:27:D5:DF:1D:A2:3D:98:AD:95:39:7A:22:7F
Certificate issuer:       /CN=aae465c0-2a10-495a-b7d2-2aa048b286a0
Certificate serial:       010D0C9F432858481C9A8C8A8ADD3A4D5AAE6D00
Authority key identifier: AA:F1:A5:1A:EB:A8:A8:DC:25:2D:5B:78:B4:E1:9A:18:D9:8A:8F:24
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/0e3efd6a-ff28-3a16-84b5-198cf181a4ee.roa
Signing time:             Fri 06 Dec 2024 02:00:39 +0000
ROA not before:           Fri 06 Dec 2024 02:00:39 +0000
ROA not after:            Thu 06 Mar 2025 02:00:39 +0000
asID:                     21734
IP address blocks:        64.74.225.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:1c:9a:8c:8a:8a:dd:3a:4d:5a:ae:6d:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aae465c0-2a10-495a-b7d2-2aa048b286a0
        Validity
            Not Before: Dec  6 02:00:39 2024 GMT
            Not After : Mar  6 02:00:39 2025 GMT
        Subject: CN=6064e0ff-3fd5-478f-93bd-4f7164798228
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:1f:f0:cd:b8:91:d9:cd:c2:04:ad:f1:a7:30:
                    17:f0:6a:77:1b:62:a7:06:17:a5:58:c8:88:1b:6a:
                    95:19:4c:28:f2:4e:9b:6d:36:bc:f9:50:91:84:2a:
                    d9:39:a7:cb:f3:41:95:10:e5:a0:3f:61:33:5e:63:
                    5c:64:ce:a7:2f:d0:03:b1:41:5d:89:fb:67:d3:0e:
                    a2:a5:b5:97:03:8e:4a:fc:8a:21:63:6e:77:71:22:
                    1f:15:6b:00:57:a3:41:98:bf:a8:cc:03:54:29:d1:
                    11:92:6f:22:26:ad:d7:79:3b:60:24:48:e4:78:75:
                    13:b9:61:d6:88:7f:a2:fa:82:8d:6e:b8:58:d1:4d:
                    44:f7:75:1f:14:43:83:4d:86:d0:40:00:56:47:a5:
                    cc:4e:e6:39:89:e7:45:11:7f:11:cf:aa:60:f8:b8:
                    36:e6:63:4f:58:f1:a4:bf:c3:02:89:f5:3d:67:85:
                    09:db:9e:79:89:62:d3:ec:4c:04:5d:80:b8:09:83:
                    cd:53:4c:34:9f:8c:50:d1:f1:5f:75:59:ec:40:9b:
                    5b:f6:39:46:4c:a9:d7:d4:75:09:22:49:25:5b:4a:
                    0e:9c:a7:80:78:cf:c5:a4:9b:77:2a:e2:2e:18:33:
                    06:67:04:ec:b8:1a:91:8d:39:ea:d9:c2:20:6f:cb:
                    f8:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:EF:37:71:EE:F2:FA:27:D5:DF:1D:A2:3D:98:AD:95:39:7A:22:7F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/0e3efd6a-ff28-3a16-84b5-198cf181a4ee.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/aae465c0-2a10-495a-b7d2-2aa048b286a0.crl

            X509v3 Authority Key Identifier:
                keyid:AA:F1:A5:1A:EB:A8:A8:DC:25:2D:5B:78:B4:E1:9A:18:D9:8A:8F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.74.225.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4b:5e:5e:33:d4:24:6a:12:4e:6c:45:d1:3e:01:c4:93:fe:3b:
         78:1d:69:f8:24:e5:24:ce:cc:1d:c8:87:b0:18:00:c0:c5:0b:
         45:59:16:b5:70:94:fc:1d:43:3d:32:c1:4c:f0:c9:d5:26:4d:
         9b:51:ce:8e:12:5a:b4:63:75:5d:8a:7e:bf:0a:74:f9:39:1c:
         24:18:5d:e4:27:06:c9:7e:f0:f9:a1:2b:ae:d5:ba:c1:a5:cc:
         e0:0f:f7:ab:07:45:0f:27:f4:bf:9a:33:97:c2:db:08:c2:23:
         a6:a2:09:b8:60:fa:eb:05:40:59:ab:4e:c2:0a:26:48:38:36:
         bb:b3:78:0e:bb:cb:93:98:72:95:c6:cf:1a:21:05:c6:7d:aa:
         0d:73:89:03:e6:ab:d3:39:33:8a:ed:23:b5:62:3f:83:84:eb:
         f8:c3:c8:1b:c6:df:c9:79:21:c1:4c:f2:c2:b1:d6:57:d2:9c:
         3c:96:b2:28:14:2c:b0:b6:90:16:70:e3:20:ba:ef:ac:f7:c1:
         b0:16:64:94:eb:c6:51:4a:fd:71:9c:2b:80:89:41:6d:8a:85:
         cf:c9:47:fc:f5:ca:fc:f5:2f:c0:29:24:8b:55:de:91:bc:b0:
         e7:9f:04:2a:9b:36:1f:34:ee:f9:e7:62:2a:74:3f:b6:f9:00:
         45:79:af:01
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEgcmoyKit06TVqubQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYWFlNDY1YzAtMmExMC00OTVhLWI3ZDItMmFhMDQ4YjI4
NmEwMB4XDTI0MTIwNjAyMDAzOVoXDTI1MDMwNjAyMDAzOVowLzEtMCsGA1UEAxMk
NjA2NGUwZmYtM2ZkNS00NzhmLTkzYmQtNGY3MTY0Nzk4MjI4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR/wzbiR2c3CBK3xpzAX8Gp3G2KnBhelWMiI
G2qVGUwo8k6bbTa8+VCRhCrZOafL80GVEOWgP2EzXmNcZM6nL9ADsUFdiftn0w6i
pbWXA45K/IohY253cSIfFWsAV6NBmL+ozANUKdERkm8iJq3XeTtgJEjkeHUTuWHW
iH+i+oKNbrhY0U1E93UfFEODTYbQQABWR6XMTuY5iedFEX8Rz6pg+Lg25mNPWPGk
v8MCifU9Z4UJ2555iWLT7EwEXYC4CYPNU0w0n4xQ0fFfdVnsQJtb9jlGTKnX1HUJ
IkklW0oOnKeAeM/FpJt3KuIuGDMGZwTsuBqRjTnq2cIgb8v4CwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDXvN3Hu8von1d8doj2YrZU5eiJ/MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS9hYWU0
NjVjMC0yYTEwLTQ5NWEtYjdkMi0yYWEwNDhiMjg2YTAvMGUzZWZkNmEtZmYyOC0z
YTE2LTg0YjUtMTk4Y2YxODFhNGVlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvYWFlNDY1YzAtMmExMC00OTVhLWI3
ZDItMmFhMDQ4YjI4NmEwL2FhZTQ2NWMwLTJhMTAtNDk1YS1iN2QyLTJhYTA0OGIy
ODZhMC5jcmwwHwYDVR0jBBgwFoAUqvGlGuuoqNwlLVt4tOGaGNmKjyQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS9hYWU0NjVjMC0yYTEwLTQ5NWEtYjdkMi0yYWEw
NDhiMjg2YTAuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQErhMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEteXjPUJGoSTmxF0T4BxJP+O3gdafgk5STOzB3Ih7AYAMDFC0VZFrVw
lPwdQz0ywUzwydUmTZtRzo4SWrRjdV2Kfr8KdPk5HCQYXeQnBsl+8PmhK67VusGl
zOAP96sHRQ8n9L+aM5fC2wjCI6aiCbhg+usFQFmrTsIKJkg4NruzeA67y5OYcpXG
zxohBcZ9qg1ziQPmq9M5M4rtI7ViP4OE6/jDyBvG38l5IcFM8sKx1lfSnDyWsigU
LLC2kBZw4yC676z3wbAWZJTrxlFK/XGcK4CJQW2Khc/JR/z1yvz1L8ApJItV3pG8
sOefBCqbNh807vnnYip0P7b5AEV5rwE=
-----END CERTIFICATE-----
Generated at Fri Mar 14 07:22:03 2025 by rpki-client