Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/65dae2a0-0cb7-46e8-ae17-abeb06007e1a/f01a4ebf-669c-36fd-9597-fc2754e6a3a9.roa
File:                     f01a4ebf-669c-36fd-9597-fc2754e6a3a9.roa (raw, json)
Hash identifier:          Cfcl9W3OiFEJjWFP+o+lk0GlQwI+0cuy7F69ihvSkXE=
Subject key identifier:   16:78:12:7A:AD:53:18:37:BB:3F:B8:62:7C:01:BE:BD:25:52:5B:92
Certificate issuer:       /CN=65dae2a0-0cb7-46e8-ae17-abeb06007e1a
Certificate serial:       010D0C9F432858486D904BA8B6B7376FF9407280
Authority key identifier: 1A:49:9D:8B:77:A3:3A:DF:1F:CD:4E:BA:51:CC:1A:A3:FA:A3:F6:25
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/65dae2a0-0cb7-46e8-ae17-abeb06007e1a.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/65dae2a0-0cb7-46e8-ae17-abeb06007e1a/f01a4ebf-669c-36fd-9597-fc2754e6a3a9.roa
Signing time:             Sat 04 Jan 2025 02:00:39 +0000
ROA not before:           Sat 04 Jan 2025 02:00:39 +0000
ROA not after:            Fri 04 Apr 2025 01:00:39 +0000
asID:                     46450
IP address blocks:        96.126.65.0/24 maxlen: 24
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:6d:90:4b:a8:b6:b7:37:6f:f9:40:72:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65dae2a0-0cb7-46e8-ae17-abeb06007e1a
        Validity
            Not Before: Jan  4 02:00:39 2025 GMT
            Not After : Apr  4 01:00:39 2025 GMT
        Subject: CN=68f527c1-a679-4883-a1c6-15e2eb28f02a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:15:80:85:56:e7:b8:09:a0:39:6d:80:0a:3a:
                    87:21:10:ae:b7:c3:1a:97:a3:27:0a:a3:e8:47:09:
                    06:5d:6b:b1:49:ef:ad:ab:24:d6:0a:14:e3:3f:cf:
                    b3:f8:84:a0:b7:f8:d9:e0:20:66:0d:0e:97:81:c2:
                    80:cb:80:8a:95:43:26:08:14:91:57:fe:d8:1f:18:
                    d0:49:4c:6a:9c:94:0f:78:f8:58:88:03:76:f1:db:
                    50:9d:b6:86:bc:f6:a2:92:0d:b0:24:6a:06:ca:6b:
                    2a:47:93:03:b1:67:13:51:2f:e0:de:56:3e:5d:5a:
                    49:19:d8:53:6b:84:76:90:d8:37:ad:15:ff:ab:b4:
                    06:09:17:f3:27:08:83:15:22:8f:1e:a2:4b:16:a6:
                    ed:c1:04:bd:d1:3d:d8:84:f5:96:1b:cd:41:1a:8f:
                    0a:65:e7:b4:dd:71:61:5b:d5:06:4a:11:f9:13:2f:
                    3d:f8:6c:82:15:1a:ce:31:76:2e:63:d3:89:5a:29:
                    56:56:6f:07:ad:47:7a:0b:31:15:ba:a4:dd:8a:78:
                    13:77:ee:1c:cd:37:fb:57:c7:22:54:be:db:86:e2:
                    ee:82:5a:aa:46:0e:34:03:25:d3:70:47:7a:9e:c6:
                    02:42:da:6c:bd:06:4e:e9:2d:8c:f0:ec:1b:a8:1c:
                    5e:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:78:12:7A:AD:53:18:37:BB:3F:B8:62:7C:01:BE:BD:25:52:5B:92
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/65dae2a0-0cb7-46e8-ae17-abeb06007e1a/f01a4ebf-669c-36fd-9597-fc2754e6a3a9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/65dae2a0-0cb7-46e8-ae17-abeb06007e1a/65dae2a0-0cb7-46e8-ae17-abeb06007e1a.crl

            X509v3 Authority Key Identifier:
                keyid:1A:49:9D:8B:77:A3:3A:DF:1F:CD:4E:BA:51:CC:1A:A3:FA:A3:F6:25

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/65dae2a0-0cb7-46e8-ae17-abeb06007e1a.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  96.126.65.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         bc:b0:44:6d:f4:c7:25:e0:d6:a6:a5:80:a7:7c:21:32:65:d2:
         4f:fe:6b:12:8d:3f:1b:66:95:d0:4a:42:40:85:7d:18:0e:78:
         e4:9a:d8:4e:36:ab:20:1e:c4:09:33:58:7e:a5:75:1e:d3:73:
         f6:e7:b5:a5:0b:1d:ea:fa:85:c6:f9:a1:9a:91:32:f7:b5:3d:
         e8:21:33:dc:eb:54:bf:4b:3f:ee:32:ee:8a:fb:40:40:5c:e7:
         85:82:01:7e:ad:4a:ba:0a:57:35:a8:17:f8:39:72:a7:11:07:
         c9:07:bd:85:90:0b:49:56:2f:75:2b:04:77:a8:5b:4a:d6:f6:
         ec:f3:07:e3:7a:cb:60:e2:9e:3c:69:d9:0b:ef:58:de:f5:c6:
         e9:e1:e9:23:0a:34:3d:92:9c:8b:54:fd:8f:e7:d4:7e:c0:8e:
         b3:d4:89:b3:5c:46:eb:1c:1b:ab:48:57:4d:b5:76:87:66:ae:
         bf:b0:56:44:37:36:eb:27:ec:8a:ad:e0:83:eb:1e:b0:83:43:
         c2:ec:71:d8:80:31:74:25:f6:2c:80:82:99:e0:65:06:2f:07:
         77:22:23:5e:3c:de:bc:79:63:15:b7:3e:33:d9:7e:76:7f:d6:
         00:b2:eb:6e:22:09:c2:6a:b8:d9:4d:b4:ce:aa:ad:55:82:f9:
         51:c7:77:36
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEhtkEuotrc3b/lAcoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjVkYWUyYTAtMGNiNy00NmU4LWFlMTctYWJlYjA2MDA3
ZTFhMB4XDTI1MDEwNDAyMDAzOVoXDTI1MDQwNDAxMDAzOVowLzEtMCsGA1UEAxMk
NjhmNTI3YzEtYTY3OS00ODgzLWExYzYtMTVlMmViMjhmMDJhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBWAhVbnuAmgOW2ACjqHIRCut8Mal6MnCqPo
RwkGXWuxSe+tqyTWChTjP8+z+ISgt/jZ4CBmDQ6XgcKAy4CKlUMmCBSRV/7YHxjQ
SUxqnJQPePhYiAN28dtQnbaGvPaikg2wJGoGymsqR5MDsWcTUS/g3lY+XVpJGdhT
a4R2kNg3rRX/q7QGCRfzJwiDFSKPHqJLFqbtwQS90T3YhPWWG81BGo8KZee03XFh
W9UGShH5Ey89+GyCFRrOMXYuY9OJWilWVm8HrUd6CzEVuqTdingTd+4czTf7V8ci
VL7bhuLuglqqRg40AyXTcEd6nsYCQtpsvQZO6S2M8OwbqBxeuwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBZ4EnqtUxg3uz+4YnwBvr0lUluSMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS82NWRh
ZTJhMC0wY2I3LTQ2ZTgtYWUxNy1hYmViMDYwMDdlMWEvZjAxYTRlYmYtNjY5Yy0z
NmZkLTk1OTctZmMyNzU0ZTZhM2E5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNjVkYWUyYTAtMGNiNy00NmU4LWFl
MTctYWJlYjA2MDA3ZTFhLzY1ZGFlMmEwLTBjYjctNDZlOC1hZTE3LWFiZWIwNjAw
N2UxYS5jcmwwHwYDVR0jBBgwFoAUGkmdi3ejOt8fzU66Ucwao/qj9iUwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS82NWRhZTJhMC0wY2I3LTQ2ZTgtYWUxNy1hYmVi
MDYwMDdlMWEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAYH5BMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBALywRG30xyXg1qalgKd8ITJl0k/+axKNPxtmldBKQkCFfRgOeOSa2E42
qyAexAkzWH6ldR7Tc/bntaULHer6hcb5oZqRMve1PeghM9zrVL9LP+4y7or7QEBc
54WCAX6tSroKVzWoF/g5cqcRB8kHvYWQC0lWL3UrBHeoW0rW9uzzB+N6y2Dinjxp
2QvvWN71xunh6SMKND2SnItU/Y/n1H7AjrPUibNcRuscG6tIV021dodmrr+wVkQ3
Nusn7Iqt4IPrHrCDQ8LscdiAMXQl9iyAgpngZQYvB3ciI1483rx5YxW3PjPZfnZ/
1gCy624iCcJquNlNtM6qrVWC+VHHdzY=
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:33:09 2025 by rpki-client