Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/6ab59953-b29d-34ab-bfcd-def3a29b0770.roa
File:                     6ab59953-b29d-34ab-bfcd-def3a29b0770.roa (raw, json)
Hash identifier:          dcpTdL/+lFmGXj7ZiGMXXV4F3uq7E/2PrmXQtfcdfAg=
Subject key identifier:   CF:81:17:01:0C:86:03:DD:1A:44:1B:0E:57:11:9F:92:06:FC:AA:7D
Certificate issuer:       /CN=b0d6fd50-b543-4e97-a7f3-0d6a5908ca38
Certificate serial:       010D0C9F4328584806450BF6B7DE8D29D52823D0
Authority key identifier: B8:2D:73:8E:4B:5A:99:ED:25:54:55:58:EF:D1:33:51:15:68:F4:FF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/6ab59953-b29d-34ab-bfcd-def3a29b0770.roa
Signing time:             Thu 28 Nov 2024 02:00:38 +0000
ROA not before:           Thu 28 Nov 2024 02:00:38 +0000
ROA not after:            Wed 26 Feb 2025 02:00:38 +0000
asID:                     401190
IP address blocks:        64.130.40.0/21 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:06:45:0b:f6:b7:de:8d:29:d5:28:23:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d6fd50-b543-4e97-a7f3-0d6a5908ca38
        Validity
            Not Before: Nov 28 02:00:38 2024 GMT
            Not After : Feb 26 02:00:38 2025 GMT
        Subject: CN=3db27fe9-3e5e-40ff-9722-f8c0883ba0a4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:99:95:20:ef:1d:74:6e:d5:e2:a8:db:5b:cf:
                    42:83:39:7f:41:c6:1d:46:59:de:29:23:62:bb:cc:
                    e0:88:0d:d0:f9:c0:1c:d8:7a:0e:f4:92:4e:74:2b:
                    87:d0:4d:52:aa:ff:82:eb:bf:e9:a8:b7:bd:27:a8:
                    bf:e5:d0:25:4b:a7:50:11:86:ef:76:3a:63:d5:d9:
                    f0:1b:07:26:98:78:48:7f:50:88:59:cf:18:76:a6:
                    47:62:13:6c:9b:10:ad:ae:ab:f6:8d:40:58:6f:bc:
                    68:90:42:52:51:21:1a:e9:b3:be:aa:71:a5:dc:52:
                    0f:ba:31:b6:54:4b:e4:58:ff:fe:53:be:8e:e8:66:
                    3c:fe:c5:1d:e1:a4:80:34:9b:32:9c:91:56:75:1c:
                    f2:c0:52:72:7d:d2:bd:34:1f:68:cc:95:15:da:08:
                    99:2c:b2:6b:46:f5:1d:ff:63:f8:e5:c7:fa:b2:09:
                    b7:50:75:a3:5f:38:c6:e0:cb:36:53:46:16:53:be:
                    47:b5:74:e7:a2:8a:7e:52:b3:c9:40:46:4a:1d:72:
                    cc:8d:7b:8b:5d:d7:4b:fd:5a:57:91:8d:41:56:a6:
                    0f:5b:67:40:c5:5b:0f:fa:09:0e:bd:71:9e:d0:10:
                    b9:6a:43:ad:65:56:9e:97:68:e4:eb:eb:4b:6c:4d:
                    33:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:81:17:01:0C:86:03:DD:1A:44:1B:0E:57:11:9F:92:06:FC:AA:7D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/6ab59953-b29d-34ab-bfcd-def3a29b0770.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38.crl

            X509v3 Authority Key Identifier:
                keyid:B8:2D:73:8E:4B:5A:99:ED:25:54:55:58:EF:D1:33:51:15:68:F4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.130.40.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         49:6c:59:b6:7f:4c:42:ab:63:5b:bd:90:db:19:2c:3c:d7:bc:
         b5:d3:37:64:97:e6:36:63:86:97:63:5e:2f:2d:ad:72:9c:02:
         68:d9:00:99:54:0b:77:09:dd:80:c8:ee:78:7c:16:b2:04:35:
         0c:ad:f5:8b:3c:9e:c8:0e:4a:ac:00:03:61:80:94:95:50:97:
         4e:5c:74:65:48:7c:f6:52:61:5e:92:a5:3e:97:1f:6b:9c:5c:
         10:82:c7:9b:2b:ec:ac:c7:8d:81:ed:db:d8:76:05:c8:10:40:
         df:53:e5:18:72:42:ee:75:3f:14:15:97:7e:d8:30:23:a9:76:
         fc:9a:30:ef:6a:ec:0d:96:57:68:7d:65:c9:63:87:e8:6d:4e:
         3c:73:6a:24:b1:75:bf:02:c6:2b:0d:f2:78:90:1c:0b:c2:5c:
         a9:62:61:55:da:6d:d0:cb:ef:1b:9a:60:7c:56:6d:bb:e3:be:
         2c:04:37:46:3d:1b:02:33:7e:ec:08:8a:f5:b5:67:e1:08:25:
         92:af:b9:76:9a:5c:1c:57:72:ef:3d:07:43:18:bf:51:e7:fb:
         84:86:12:c9:a4:e3:18:c2:e6:fc:55:61:a1:c4:c8:d1:72:05:
         81:06:39:da:60:5a:a7:f0:51:19:27:98:7a:df:bb:20:2a:91:
         01:d2:dc:1a
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEgGRQv2t96NKdUoI9AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjBkNmZkNTAtYjU0My00ZTk3LWE3ZjMtMGQ2YTU5MDhj
YTM4MB4XDTI0MTEyODAyMDAzOFoXDTI1MDIyNjAyMDAzOFowLzEtMCsGA1UEAxMk
M2RiMjdmZTktM2U1ZS00MGZmLTk3MjItZjhjMDg4M2JhMGE0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpmVIO8ddG7V4qjbW89Cgzl/QcYdRlneKSNi
u8zgiA3Q+cAc2HoO9JJOdCuH0E1Sqv+C67/pqLe9J6i/5dAlS6dQEYbvdjpj1dnw
GwcmmHhIf1CIWc8YdqZHYhNsmxCtrqv2jUBYb7xokEJSUSEa6bO+qnGl3FIPujG2
VEvkWP/+U76O6GY8/sUd4aSANJsynJFWdRzywFJyfdK9NB9ozJUV2giZLLJrRvUd
/2P45cf6sgm3UHWjXzjG4Ms2U0YWU75HtXTnoop+UrPJQEZKHXLMjXuLXddL/VpX
kY1BVqYPW2dAxVsP+gkOvXGe0BC5akOtZVael2jk6+tLbE0zfwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFM+BFwEMhgPdGkQbDlcRn5IG/Kp9MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS9iMGQ2
ZmQ1MC1iNTQzLTRlOTctYTdmMy0wZDZhNTkwOGNhMzgvNmFiNTk5NTMtYjI5ZC0z
NGFiLWJmY2QtZGVmM2EyOWIwNzcwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvYjBkNmZkNTAtYjU0My00ZTk3LWE3
ZjMtMGQ2YTU5MDhjYTM4L2IwZDZmZDUwLWI1NDMtNGU5Ny1hN2YzLTBkNmE1OTA4
Y2EzOC5jcmwwHwYDVR0jBBgwFoAUuC1zjktame0lVFVY79EzURVo9P8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS9iMGQ2ZmQ1MC1iNTQzLTRlOTctYTdmMy0wZDZh
NTkwOGNhMzguY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDQIIoMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAElsWbZ/TEKrY1u9kNsZLDzXvLXTN2SX5jZjhpdjXi8trXKcAmjZAJlU
C3cJ3YDI7nh8FrIENQyt9Ys8nsgOSqwAA2GAlJVQl05cdGVIfPZSYV6SpT6XH2uc
XBCCx5sr7KzHjYHt29h2BcgQQN9T5RhyQu51PxQVl37YMCOpdvyaMO9q7A2WV2h9
Zcljh+htTjxzaiSxdb8CxisN8niQHAvCXKliYVXabdDL7xuaYHxWbbvjviwEN0Y9
GwIzfuwIivW1Z+EIJZKvuXaaXBxXcu89B0MYv1Hn+4SGEsmk4xjC5vxVYaHEyNFy
BYEGOdpgWqfwURknmHrfuyAqkQHS3Bo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:02:32 2025 by rpki-client