Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/a487f1ae-00cd-3917-9c9c-4cb879ba4962.roa
File:                     a487f1ae-00cd-3917-9c9c-4cb879ba4962.roa (raw, json)
Hash identifier:          QkLOfCYvigj5aO/9BDOP6Gm8uvam7wlfFcSyJGxhiu0=
Subject key identifier:   0D:43:C8:02:38:E4:07:FA:B5:1D:FD:53:CF:1E:71:A9:1E:24:21:CC
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285849B14A417DD54E76DE9C726F00
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/a487f1ae-00cd-3917-9c9c-4cb879ba4962.roa
Signing time:             Wed 30 Apr 2025 01:00:47 +0000
ROA not before:           Wed 30 Apr 2025 01:00:47 +0000
ROA not after:            Tue 29 Jul 2025 01:00:47 +0000
asID:                     7029
IP address blocks:        205.147.224.0/21 maxlen: 21
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:b1:4a:41:7d:d5:4e:76:de:9c:72:6f:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Apr 30 01:00:47 2025 GMT
            Not After : Jul 29 01:00:47 2025 GMT
        Subject: CN=8a05f471-0832-474d-a6e7-a2dee4110a37
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:77:06:cb:f6:36:04:77:be:cf:4c:3b:ec:dc:
                    fc:33:ec:42:b6:43:83:72:60:d9:90:0e:a8:ba:04:
                    64:54:82:fe:97:62:e9:9e:e3:ca:4d:dd:71:3d:94:
                    e8:d4:5f:1a:3d:8d:8d:fa:70:a5:cc:3c:04:26:69:
                    1d:4d:0a:e0:f2:25:bf:93:e2:c1:63:18:d6:73:2a:
                    ec:c8:4f:eb:1a:4a:28:8d:ed:0c:99:7a:19:b9:fa:
                    f1:68:75:43:a7:e1:10:da:1b:07:a0:48:40:ac:55:
                    0c:0f:e8:7d:52:44:08:5d:bb:45:62:93:89:12:bf:
                    7f:1c:21:da:d2:eb:61:67:54:66:0d:32:49:2f:46:
                    12:a1:1a:28:ff:ee:13:42:9a:d1:3f:e1:0e:a8:40:
                    86:6a:a2:d3:05:2a:61:bb:26:2c:8f:34:ad:bc:ab:
                    30:7e:38:4f:04:48:d2:13:da:f7:e5:68:32:9d:5f:
                    5f:ed:ca:f6:5f:c5:c4:f4:5a:46:eb:d2:44:6e:87:
                    30:84:39:95:51:94:cd:cb:34:98:40:be:8f:94:4a:
                    7b:3f:b8:cf:18:60:92:81:d7:95:22:f1:c8:13:6a:
                    5e:42:b8:ca:a3:75:83:6a:5e:6e:48:49:e2:8f:eb:
                    25:33:6f:11:6b:ed:29:5b:e0:b1:6b:a4:82:bd:03:
                    3b:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:43:C8:02:38:E4:07:FA:B5:1D:FD:53:CF:1E:71:A9:1E:24:21:CC
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/a487f1ae-00cd-3917-9c9c-4cb879ba4962.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  205.147.224.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5e:df:13:14:85:01:d5:7c:66:fc:4d:f0:94:94:9e:04:cc:c8:
         d2:f5:9e:4c:06:9b:a1:23:57:eb:63:49:6a:8e:8f:3c:22:6b:
         36:0c:06:65:49:18:65:ef:46:25:ba:42:67:17:d8:ac:98:7c:
         f4:12:1a:dc:74:e5:ce:8e:7f:84:73:22:93:1c:8e:7f:e6:74:
         3a:ae:11:2e:c8:3a:e1:e7:42:d2:aa:85:e4:09:5b:c5:23:2e:
         2f:dd:44:7f:84:16:10:d4:0e:c1:de:49:65:9b:54:4f:9e:f0:
         9e:93:8f:5c:b4:d2:ec:10:6e:fb:38:fb:e8:1a:1d:01:c1:8f:
         27:5f:90:1a:c5:36:0b:00:7a:a9:21:14:4d:f0:95:8b:d6:04:
         8e:6e:8d:bd:6d:9a:86:b3:2b:3a:fa:3f:ef:3a:d3:59:0e:2d:
         dc:ee:8c:ec:e7:e5:81:93:a9:9e:39:34:9f:c0:f5:c2:07:40:
         a0:b8:bd:ae:ce:92:8a:7d:71:d6:a8:72:9d:ef:4f:99:c2:d8:
         81:21:0d:a9:cf:87:89:96:a4:52:f2:53:21:48:74:24:d7:43:
         c9:ff:9f:29:43:7b:42:51:e3:f4:fa:12:ef:83:6c:94:98:20:
         c2:92:f7:91:c1:9e:ed:f2:24:bb:8a:f6:64:eb:2a:47:7a:21:
         5b:68:df:6b
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEmxSkF91U523pxybwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI1MDQzMDAxMDA0N1oXDTI1MDcyOTAxMDA0N1owLzEtMCsGA1UEAxMk
OGEwNWY0NzEtMDgzMi00NzRkLWE2ZTctYTJkZWU0MTEwYTM3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyncGy/Y2BHe+z0w77Nz8M+xCtkODcmDZkA6o
ugRkVIL+l2LpnuPKTd1xPZTo1F8aPY2N+nClzDwEJmkdTQrg8iW/k+LBYxjWcyrs
yE/rGkooje0MmXoZufrxaHVDp+EQ2hsHoEhArFUMD+h9UkQIXbtFYpOJEr9/HCHa
0uthZ1RmDTJJL0YSoRoo/+4TQprRP+EOqECGaqLTBSphuyYsjzStvKswfjhPBEjS
E9r35WgynV9f7cr2X8XE9FpG69JEbocwhDmVUZTNyzSYQL6PlEp7P7jPGGCSgdeV
IvHIE2peQrjKo3WDal5uSEnij+slM28Ra+0pW+Cxa6SCvQM7AQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFA1DyAI45Af6tR39U88ecakeJCHMMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvYTQ4N2YxYWUtMDBjZC0z
OTE3LTljOWMtNGNiODc5YmE0OTYyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDzZPgMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAF7fExSFAdV8ZvxN8JSUngTMyNL1nkwGm6EjV+tjSWqOjzwiazYMBmVJ
GGXvRiW6QmcX2KyYfPQSGtx05c6Of4RzIpMcjn/mdDquES7IOuHnQtKqheQJW8Uj
Li/dRH+EFhDUDsHeSWWbVE+e8J6Tj1y00uwQbvs4++gaHQHBjydfkBrFNgsAeqkh
FE3wlYvWBI5ujb1tmoazKzr6P+8601kOLdzujOzn5YGTqZ45NJ/A9cIHQKC4va7O
kop9cdaocp3vT5nC2IEhDanPh4mWpFLyUyFIdCTXQ8n/nylDe0JR4/T6Eu+DbJSY
IMKS95HBnu3yJLuK9mTrKkd6IVto32s=
-----END CERTIFICATE-----
Generated at Sun May 11 06:34:15 2025 by rpki-client