Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/93c7fa55-aae0-3d28-8f0e-5926415989e8.roa
File:                     93c7fa55-aae0-3d28-8f0e-5926415989e8.roa (raw, json)
Hash identifier:          pX7JwJ/tlazU7z6m683ixHJnbtS0+3cOr931a7dw4Jg=
Subject key identifier:   53:EF:7F:D9:10:EE:2C:4E:89:CB:73:EB:14:81:DB:B0:60:ED:C4:EA
Certificate issuer:       /CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
Certificate serial:       010D0C9F43285848A41A189FDED5C0B6ABDB2340
Authority key identifier: A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/93c7fa55-aae0-3d28-8f0e-5926415989e8.roa
Signing time:             Thu 23 Jan 2025 14:52:02 +0000
ROA not before:           Thu 23 Jan 2025 14:52:02 +0000
ROA not after:            Wed 23 Apr 2025 13:52:02 +0000
asID:                     8100
IP address blocks:        66.212.16.0/21 maxlen: 21
Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:48:a4:1a:18:9f:de:d5:c0:b6:ab:db:23:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6876d5a8-5dd6-440a-97e2-5e20b9e00f5c
        Validity
            Not Before: Jan 23 14:52:02 2025 GMT
            Not After : Apr 23 13:52:02 2025 GMT
        Subject: CN=ea1c0d60-4cef-41b7-bbe6-ee462932d888
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:1e:65:ef:90:d4:e5:22:7a:45:7c:d7:02:bb:
                    25:8e:fa:1e:0a:19:50:6d:0b:63:b5:38:ed:9a:03:
                    f5:f3:17:f7:6d:71:5f:3c:c8:05:7c:8d:bf:2c:f3:
                    2d:c3:c7:61:19:69:4d:89:76:3c:3e:a3:11:db:67:
                    16:b0:80:95:c4:8b:91:9c:4d:e6:e2:05:39:36:86:
                    87:00:a1:d5:d2:e0:ed:1c:45:b6:62:30:10:28:c1:
                    64:01:ab:f4:7b:43:c2:db:57:8d:c2:8f:17:bb:2d:
                    b2:c6:16:1f:21:f7:f2:84:5c:80:b6:91:5f:a9:38:
                    d1:0d:44:e2:1b:5d:4a:ae:50:2c:e8:25:f8:5b:dc:
                    cc:e7:1c:34:60:4d:a6:8c:58:f7:7f:6f:97:93:38:
                    28:c0:cc:39:ef:02:21:71:58:3a:3a:4c:3a:ec:3c:
                    5d:1c:41:72:98:20:f3:c4:58:81:0b:2e:01:37:1e:
                    30:8a:d6:29:b5:44:bd:dd:53:97:17:86:b8:2a:b0:
                    5b:ec:11:7a:81:5d:a2:08:06:71:63:94:4f:2d:03:
                    ef:08:8d:0b:9b:c5:5b:98:fa:c8:b7:25:d4:1a:f9:
                    4f:94:48:f7:1d:76:55:96:64:35:37:dd:1c:d1:9a:
                    c0:82:8c:ef:3c:85:ec:26:27:10:9e:ad:64:db:90:
                    97:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:EF:7F:D9:10:EE:2C:4E:89:CB:73:EB:14:81:DB:B0:60:ED:C4:EA
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/93c7fa55-aae0-3d28-8f0e-5926415989e8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.crl

            X509v3 Authority Key Identifier:
                keyid:A1:27:6E:C4:CF:90:E9:A7:8A:38:DD:8C:B9:B8:D1:1C:F0:17:9A:B3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6876d5a8-5dd6-440a-97e2-5e20b9e00f5c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.212.16.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         36:53:e6:f8:7a:dc:e7:45:ce:cf:9d:8a:19:c6:d2:0c:19:ff:
         94:13:41:16:72:12:0f:53:cb:a5:f1:a0:d9:b1:e2:8f:16:35:
         74:a4:99:21:5d:14:38:3c:45:c5:19:92:2a:ec:19:bb:7e:1e:
         38:96:e4:b3:04:af:45:a5:6c:a5:32:32:48:41:9b:d8:83:42:
         34:0d:a5:48:0e:73:3c:69:93:85:26:1a:5d:9d:aa:26:78:e7:
         13:be:b1:84:05:97:c4:a6:61:b6:93:3f:b6:ed:2d:1b:ff:90:
         0b:c1:94:7c:65:e1:51:b2:8d:ad:b4:4e:f7:2f:04:f9:16:7a:
         9a:45:2d:0b:ff:05:90:01:94:12:ff:12:6c:56:1d:ea:ee:73:
         dd:7a:a3:2d:2e:30:13:b1:1e:43:ea:a2:0b:2e:4a:fc:0c:dc:
         37:4c:6b:de:fe:7f:4b:7f:84:77:d3:db:03:ad:72:8e:79:e3:
         0c:f7:d8:f2:75:42:75:29:dd:00:65:fb:c3:4f:cb:42:4d:21:
         32:a6:9d:cf:f0:5d:a1:3d:7a:7d:5b:0a:11:94:02:63:76:a1:
         2d:c6:0d:98:39:d2:b1:c7:2f:5f:ab:c0:a7:5b:ba:c4:5e:91:
         ad:0a:38:7b:dd:53:7e:cc:55:7f:ff:d5:10:ad:d7:6d:9d:cf:
         63:d0:b5:c5
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEikGhif3tXAtqvbI0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjg3NmQ1YTgtNWRkNi00NDBhLTk3ZTItNWUyMGI5ZTAw
ZjVjMB4XDTI1MDEyMzE0NTIwMloXDTI1MDQyMzEzNTIwMlowLzEtMCsGA1UEAxMk
ZWExYzBkNjAtNGNlZi00MWI3LWJiZTYtZWU0NjI5MzJkODg4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh5l75DU5SJ6RXzXArsljvoeChlQbQtjtTjt
mgP18xf3bXFfPMgFfI2/LPMtw8dhGWlNiXY8PqMR22cWsICVxIuRnE3m4gU5NoaH
AKHV0uDtHEW2YjAQKMFkAav0e0PC21eNwo8Xuy2yxhYfIffyhFyAtpFfqTjRDUTi
G11KrlAs6CX4W9zM5xw0YE2mjFj3f2+XkzgowMw57wIhcVg6Okw67DxdHEFymCDz
xFiBCy4BNx4witYptUS93VOXF4a4KrBb7BF6gV2iCAZxY5RPLQPvCI0Lm8VbmPrI
tyXUGvlPlEj3HXZVlmQ1N90c0ZrAgozvPIXsJicQnq1k25CXQwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFFPvf9kQ7ixOictz6xSB27Bg7cTqMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2
ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIwYjllMDBmNWMvOTNjN2ZhNTUtYWFlMC0z
ZDI4LThmMGUtNTkyNjQxNTk4OWU4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjg3NmQ1YTgtNWRkNi00NDBhLTk3
ZTItNWUyMGI5ZTAwZjVjLzY4NzZkNWE4LTVkZDYtNDQwYS05N2UyLTVlMjBiOWUw
MGY1Yy5jcmwwHwYDVR0jBBgwFoAUoSduxM+Q6aeKON2MubjRHPAXmrMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ODc2ZDVhOC01ZGQ2LTQ0MGEtOTdlMi01ZTIw
YjllMDBmNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDQtQQMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADZT5vh63OdFzs+dihnG0gwZ/5QTQRZyEg9Ty6XxoNmx4o8WNXSkmSFd
FDg8RcUZkirsGbt+HjiW5LMEr0WlbKUyMkhBm9iDQjQNpUgOczxpk4UmGl2dqiZ4
5xO+sYQFl8SmYbaTP7btLRv/kAvBlHxl4VGyja20TvcvBPkWeppFLQv/BZABlBL/
EmxWHeruc916oy0uMBOxHkPqogsuSvwM3DdMa97+f0t/hHfT2wOtco554wz32PJ1
QnUp3QBl+8NPy0JNITKmnc/wXaE9en1bChGUAmN2oS3GDZg50rHHL1+rwKdbusRe
ka0KOHvdU37MVX//1RCt122dz2PQtcU=
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:43:35 2025 by rpki-client