Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5099b784-b9db-4eb1-bfc6-b20b342c1e2a/89ada2c5-b1c6-3a46-9bc8-152f554b107b.roa
File:                     89ada2c5-b1c6-3a46-9bc8-152f554b107b.roa (raw, json)
Hash identifier:          O8aMztftfLK8Ry5bksKCTDxCHg1HIF3bdG3a0waVjyM=
Subject key identifier:   06:B1:69:06:4E:1E:03:53:E4:15:E4:01:F0:B4:03:77:AF:74:BE:8E
Certificate issuer:       /CN=5099b784-b9db-4eb1-bfc6-b20b342c1e2a
Certificate serial:       010D0C9F4328584940394C9AB81490929FDCB500
Authority key identifier: 1B:41:58:90:45:2F:98:34:51:39:C3:A4:83:4A:5C:A8:31:8A:22:4A
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5099b784-b9db-4eb1-bfc6-b20b342c1e2a.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5099b784-b9db-4eb1-bfc6-b20b342c1e2a/89ada2c5-b1c6-3a46-9bc8-152f554b107b.roa
Signing time:             Thu 20 Mar 2025 13:00:53 +0000
ROA not before:           Thu 20 Mar 2025 13:00:53 +0000
ROA not after:            Wed 18 Jun 2025 13:00:53 +0000
asID:                     1239
IP address blocks:        72.46.64.0/21 maxlen: 21
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:49:40:39:4c:9a:b8:14:90:92:9f:dc:b5:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5099b784-b9db-4eb1-bfc6-b20b342c1e2a
        Validity
            Not Before: Mar 20 13:00:53 2025 GMT
            Not After : Jun 18 13:00:53 2025 GMT
        Subject: CN=d7b0ccc3-fa3d-4b41-af7c-c94a4a98d468
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f7:62:8b:9a:b5:77:2d:87:33:0e:86:a8:a9:
                    eb:e2:e2:70:26:82:a1:92:c7:dc:53:2f:70:c2:05:
                    ab:0e:14:c8:fc:df:35:0b:82:c2:a3:e6:d5:3f:5b:
                    e0:4d:12:d8:87:5b:06:d6:16:fb:cc:c0:97:f3:a1:
                    5b:a4:d3:43:c0:12:1b:19:bc:5e:e6:ac:be:50:c9:
                    19:6e:8e:cc:cb:11:db:d8:99:0f:22:8d:fe:67:ae:
                    3f:fc:31:10:e6:8e:c3:3e:3e:9e:59:5b:65:7d:de:
                    66:6b:d8:51:18:d2:84:54:7d:9d:59:28:15:f4:a0:
                    d3:10:73:fb:8e:8e:42:c3:38:6e:dc:ee:b5:0a:25:
                    b2:bd:c6:f8:96:66:69:21:8a:3b:2f:2e:d4:06:fb:
                    1f:5c:8d:3d:97:09:56:89:53:9a:e3:58:a6:78:dd:
                    e2:7f:28:8e:33:7a:4a:70:44:cc:f0:d6:b2:c7:7c:
                    25:50:da:15:f3:7a:be:4d:92:53:89:82:d6:05:dc:
                    25:b9:f2:e4:0b:cb:14:cc:a0:a4:4a:57:34:0d:90:
                    d3:5d:01:91:d7:59:99:08:18:03:ca:46:91:25:f7:
                    b3:b8:0e:d1:66:30:2b:44:f8:d9:a5:03:43:d8:4e:
                    38:c5:e1:1b:77:81:8f:89:83:ca:22:55:e9:3c:7f:
                    bd:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:B1:69:06:4E:1E:03:53:E4:15:E4:01:F0:B4:03:77:AF:74:BE:8E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5099b784-b9db-4eb1-bfc6-b20b342c1e2a/89ada2c5-b1c6-3a46-9bc8-152f554b107b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5099b784-b9db-4eb1-bfc6-b20b342c1e2a/5099b784-b9db-4eb1-bfc6-b20b342c1e2a.crl

            X509v3 Authority Key Identifier:
                keyid:1B:41:58:90:45:2F:98:34:51:39:C3:A4:83:4A:5C:A8:31:8A:22:4A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/5099b784-b9db-4eb1-bfc6-b20b342c1e2a.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.46.64.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5f:d6:28:cc:ce:b1:28:5b:28:11:2f:ed:02:37:6c:d3:52:48:
         5d:02:16:37:6e:67:6c:54:3b:98:be:af:9e:e6:62:f2:3c:48:
         56:21:38:e7:d7:a4:e7:db:56:fb:f1:cf:77:62:cd:8a:d1:f8:
         bc:97:af:13:5b:f8:97:13:66:e0:2d:b6:3c:d3:c3:77:a0:12:
         82:39:19:94:85:ca:8f:87:4d:98:ad:8b:16:6d:ed:1f:b6:75:
         a5:99:e6:2c:b3:e5:72:7e:de:ca:33:42:52:92:8c:8e:e2:f6:
         e4:d4:9b:06:64:76:35:dd:9d:9a:02:7e:b0:16:71:cf:9a:73:
         09:22:53:a8:00:7a:d5:5b:ad:cb:f3:ca:17:ae:89:b7:c6:dd:
         72:a4:d4:eb:9b:83:1b:5c:1b:e6:67:fc:76:06:87:ac:30:60:
         7c:02:45:e2:2a:b4:2d:da:59:ec:27:68:00:72:8a:cb:d4:6f:
         fc:84:2c:3d:0b:43:ad:bb:f3:15:84:83:7b:5a:10:40:63:f8:
         99:1e:14:77:77:e2:42:0b:0a:8b:7f:a0:06:3b:be:33:74:66:
         5d:a2:da:3f:85:56:3b:a5:2c:30:aa:1b:66:3f:72:eb:28:ee:
         71:1a:c6:24:0c:0e:f5:ae:5a:d4:a1:11:37:32:00:82:c9:e0:
         d2:3d:d8:67
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWElAOUyauBSQkp/ctQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNTA5OWI3ODQtYjlkYi00ZWIxLWJmYzYtYjIwYjM0MmMx
ZTJhMB4XDTI1MDMyMDEzMDA1M1oXDTI1MDYxODEzMDA1M1owLzEtMCsGA1UEAxMk
ZDdiMGNjYzMtZmEzZC00YjQxLWFmN2MtYzk0YTRhOThkNDY4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPdii5q1dy2HMw6GqKnr4uJwJoKhksfcUy9w
wgWrDhTI/N81C4LCo+bVP1vgTRLYh1sG1hb7zMCX86FbpNNDwBIbGbxe5qy+UMkZ
bo7MyxHb2JkPIo3+Z64//DEQ5o7DPj6eWVtlfd5ma9hRGNKEVH2dWSgV9KDTEHP7
jo5Cwzhu3O61CiWyvcb4lmZpIYo7Ly7UBvsfXI09lwlWiVOa41imeN3ifyiOM3pK
cETM8Nayx3wlUNoV83q+TZJTiYLWBdwlufLkC8sUzKCkSlc0DZDTXQGR11mZCBgD
ykaRJfezuA7RZjArRPjZpQND2E44xeEbd4GPiYPKIlXpPH+9EQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAaxaQZOHgNT5BXkAfC0A3evdL6OMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy81MDk5
Yjc4NC1iOWRiLTRlYjEtYmZjNi1iMjBiMzQyYzFlMmEvODlhZGEyYzUtYjFjNi0z
YTQ2LTliYzgtMTUyZjU1NGIxMDdiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNTA5OWI3ODQtYjlkYi00ZWIxLWJm
YzYtYjIwYjM0MmMxZTJhLzUwOTliNzg0LWI5ZGItNGViMS1iZmM2LWIyMGIzNDJj
MWUyYS5jcmwwHwYDVR0jBBgwFoAUG0FYkEUvmDRROcOkg0pcqDGKIkowDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy81MDk5Yjc4NC1iOWRiLTRlYjEtYmZjNi1iMjBi
MzQyYzFlMmEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDSC5AMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAF/WKMzOsShbKBEv7QI3bNNSSF0CFjduZ2xUO5i+r57mYvI8SFYhOOfX
pOfbVvvxz3dizYrR+LyXrxNb+JcTZuAttjzTw3egEoI5GZSFyo+HTZitixZt7R+2
daWZ5iyz5XJ+3sozQlKSjI7i9uTUmwZkdjXdnZoCfrAWcc+acwkiU6gAetVbrcvz
yheuibfG3XKk1OubgxtcG+Zn/HYGh6wwYHwCReIqtC3aWewnaAByisvUb/yELD0L
Q6278xWEg3taEEBj+JkeFHd34kILCot/oAY7vjN0Zl2i2j+FVjulLDCqG2Y/cuso
7nEaxiQMDvWuWtShETcyAILJ4NI92Gc=
-----END CERTIFICATE-----
Generated at Mon May 12 02:10:59 2025 by rpki-client