Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/870da1df-3763-33fe-b843-1fd222d18b61.roa
File:                     870da1df-3763-33fe-b843-1fd222d18b61.roa (raw, json)
Hash identifier:          7b83CIEJTp1EASl8og0mEUMI5KukgT5KgnlM0yKNZgs=
Subject key identifier:   D5:B8:DF:AE:74:58:27:43:FE:4E:8C:B3:90:87:AC:D7:BD:89:74:92
Certificate issuer:       /CN=b0d6fd50-b543-4e97-a7f3-0d6a5908ca38
Certificate serial:       010D0C9F43285847BAC6B098215C20714B5AE1F4
Authority key identifier: B8:2D:73:8E:4B:5A:99:ED:25:54:55:58:EF:D1:33:51:15:68:F4:FF
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/870da1df-3763-33fe-b843-1fd222d18b61.roa
Signing time:             Fri 01 Nov 2024 01:00:30 +0000
ROA not before:           Fri 01 Nov 2024 01:00:30 +0000
ROA not after:            Thu 30 Jan 2025 02:00:30 +0000
asID:                     20473
IP address blocks:        64.130.40.0/21 maxlen: 21
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:47:ba:c6:b0:98:21:5c:20:71:4b:5a:e1:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b0d6fd50-b543-4e97-a7f3-0d6a5908ca38
        Validity
            Not Before: Nov  1 01:00:30 2024 GMT
            Not After : Jan 30 02:00:30 2025 GMT
        Subject: CN=c944c6bf-344b-4a8b-9e4e-5db2cc622000
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e7:cf:12:38:0d:99:aa:d9:f6:6d:d2:0a:3c:
                    3e:81:c0:51:83:4a:c2:39:e1:23:26:3c:19:15:b4:
                    07:fd:60:00:41:bb:c0:7d:ad:92:31:1b:30:e5:34:
                    5d:79:8c:61:71:eb:28:cc:dc:11:c8:b3:96:04:09:
                    30:12:79:2a:78:2b:cb:24:27:b9:1a:9e:d1:f4:d5:
                    14:84:19:dd:3e:3d:d7:5a:cd:45:0c:6a:c1:9f:45:
                    b0:d1:45:3b:e1:eb:33:ea:ff:37:b3:a6:6b:ad:81:
                    6c:2a:3b:ba:f8:f6:68:f6:5f:0b:18:8f:67:4b:db:
                    ea:e4:55:a5:0b:23:82:fe:80:01:96:f0:c1:3a:ba:
                    bb:26:e2:db:b4:03:98:5b:ec:25:37:78:60:37:96:
                    20:d5:e8:6b:d4:ce:1a:a5:ca:86:29:f7:5b:06:e0:
                    db:e0:9a:75:d5:37:47:53:c1:79:7d:7a:27:67:2f:
                    c9:09:9c:34:61:51:cd:ff:da:fd:93:f4:a8:50:77:
                    27:2e:25:af:01:52:5d:91:20:c6:8a:c3:01:58:ac:
                    e6:1f:39:b6:3f:a2:85:c8:1f:c2:b8:fa:40:21:56:
                    a6:9c:3b:a1:14:83:c5:c6:27:a5:70:b2:a9:85:2d:
                    d7:a8:e5:d4:ae:9d:2c:c9:da:b4:81:e8:c1:f1:ff:
                    c6:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:B8:DF:AE:74:58:27:43:FE:4E:8C:B3:90:87:AC:D7:BD:89:74:92
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/870da1df-3763-33fe-b843-1fd222d18b61.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38.crl

            X509v3 Authority Key Identifier:
                keyid:B8:2D:73:8E:4B:5A:99:ED:25:54:55:58:EF:D1:33:51:15:68:F4:FF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/b0d6fd50-b543-4e97-a7f3-0d6a5908ca38.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.130.40.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         08:d8:5d:8c:9d:9f:ed:eb:24:ca:77:93:a4:15:b1:fd:ff:74:
         0b:be:d7:b9:6c:1c:59:92:9d:34:17:0e:94:7f:ea:02:20:2a:
         db:73:40:9c:f7:c3:8d:ae:53:78:74:9c:a9:5f:15:da:39:e8:
         af:0d:f9:71:6a:f5:2b:ff:43:73:71:e9:af:93:3f:9b:d8:bc:
         46:77:d7:17:b4:5b:2b:37:b7:63:50:14:fc:bf:bd:81:56:13:
         29:b1:bb:ea:9a:c0:80:cc:9b:1b:3d:91:4f:67:a2:51:0e:16:
         9f:0f:7c:f0:88:e7:09:96:f5:ed:c6:2d:29:7a:2f:05:ab:a4:
         94:30:bd:a2:11:dd:41:9b:b3:83:3e:a9:48:91:a3:d1:11:4a:
         46:cf:50:de:35:1f:ab:83:40:03:4a:e8:34:de:4d:95:d4:4e:
         0c:a5:de:59:2f:63:81:c1:c2:28:f8:71:2d:f7:d8:7a:02:a3:
         13:20:f8:24:20:ec:78:e7:36:c1:01:62:e5:9e:96:ce:ed:f4:
         8f:9d:95:0c:d6:ce:83:a5:5d:1b:08:ab:0d:2c:c7:8d:67:8e:
         93:cd:5f:d4:99:b3:f5:e0:d2:64:f9:f1:ba:3b:73:b9:7f:91:
         cd:ed:9c:bd:c9:78:96:c3:82:78:24:a8:e8:b5:a3:9a:75:cb:
         f3:17:56:9b
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEe6xrCYIVwgcUta4fQwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYjBkNmZkNTAtYjU0My00ZTk3LWE3ZjMtMGQ2YTU5MDhj
YTM4MB4XDTI0MTEwMTAxMDAzMFoXDTI1MDEzMDAyMDAzMFowLzEtMCsGA1UEAxMk
Yzk0NGM2YmYtMzQ0Yi00YThiLTllNGUtNWRiMmNjNjIyMDAwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqefPEjgNmarZ9m3SCjw+gcBRg0rCOeEjJjwZ
FbQH/WAAQbvAfa2SMRsw5TRdeYxhcesozNwRyLOWBAkwEnkqeCvLJCe5Gp7R9NUU
hBndPj3XWs1FDGrBn0Ww0UU74esz6v83s6ZrrYFsKju6+PZo9l8LGI9nS9vq5FWl
CyOC/oABlvDBOrq7JuLbtAOYW+wlN3hgN5Yg1ehr1M4apcqGKfdbBuDb4Jp11TdH
U8F5fXonZy/JCZw0YVHN/9r9k/SoUHcnLiWvAVJdkSDGisMBWKzmHzm2P6KFyB/C
uPpAIVamnDuhFIPFxielcLKphS3XqOXUrp0sydq0gejB8f/GAQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNW43650WCdD/k6Ms5CHrNe9iXSSMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS9iMGQ2
ZmQ1MC1iNTQzLTRlOTctYTdmMy0wZDZhNTkwOGNhMzgvODcwZGExZGYtMzc2My0z
M2ZlLWI4NDMtMWZkMjIyZDE4YjYxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvYjBkNmZkNTAtYjU0My00ZTk3LWE3
ZjMtMGQ2YTU5MDhjYTM4L2IwZDZmZDUwLWI1NDMtNGU5Ny1hN2YzLTBkNmE1OTA4
Y2EzOC5jcmwwHwYDVR0jBBgwFoAUuC1zjktame0lVFVY79EzURVo9P8wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS9iMGQ2ZmQ1MC1iNTQzLTRlOTctYTdmMy0wZDZh
NTkwOGNhMzguY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDQIIoMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAAjYXYydn+3rJMp3k6QVsf3/dAu+17lsHFmSnTQXDpR/6gIgKttzQJz3
w42uU3h0nKlfFdo56K8N+XFq9Sv/Q3Nx6a+TP5vYvEZ31xe0Wys3t2NQFPy/vYFW
Eymxu+qawIDMmxs9kU9nolEOFp8PfPCI5wmW9e3GLSl6LwWrpJQwvaIR3UGbs4M+
qUiRo9ERSkbPUN41H6uDQANK6DTeTZXUTgyl3lkvY4HBwij4cS332HoCoxMg+CQg
7HjnNsEBYuWels7t9I+dlQzWzoOlXRsIqw0sx41njpPNX9SZs/Xg0mT58bo7c7l/
kc3tnL3JeJbDgngkqOi1o5p1y/MXVps=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:01 2025 by rpki-client