Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/0480ea26-b7ae-3ff7-b3bb-79bc90de91a1.roa
File:                     0480ea26-b7ae-3ff7-b3bb-79bc90de91a1.roa (raw, json)
Hash identifier:          6rpD16gDLNR2AtyhqFxOhlDsdubWC7wo+ZqANz5dhn0=
Subject key identifier:   15:23:35:0E:A3:9B:3E:90:82:AE:47:BF:46:C9:3A:33:9F:27:B7:46
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553331E93E12A9C5113BF9FC0
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/0480ea26-b7ae-3ff7-b3bb-79bc90de91a1.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        207.220.0.0/19 maxlen: 19

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:1e:93:e1:2a:9c:51:13:bf:9f:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=7403fa18-e4be-4cca-995b-d57ca815c616
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:f5:56:07:92:46:14:ad:c6:2a:78:f0:e6:1b:
                    ad:a3:8d:4a:47:0d:cc:5b:23:9b:d9:96:b8:c6:a5:
                    35:75:83:56:2f:47:d1:dd:51:64:de:d2:a3:33:2d:
                    f6:8d:65:c2:ed:02:f0:8a:8f:45:53:a8:a1:08:d4:
                    25:38:c2:9b:4c:84:fe:e1:2b:5c:73:53:d0:3f:15:
                    da:8d:80:94:ff:5c:f3:55:e9:45:fa:2a:a7:65:e6:
                    61:ca:21:52:3d:cf:cd:c9:cc:65:ea:15:ee:0c:87:
                    21:2a:bf:fb:8a:be:c4:80:96:39:63:7c:1f:3a:17:
                    7d:06:16:af:02:41:49:6b:f4:a4:cb:dc:1f:9e:00:
                    74:ad:11:30:1e:15:a4:49:ca:0d:51:9d:b9:f8:d4:
                    b0:97:13:08:28:4d:b2:ea:29:6a:c7:60:78:42:2a:
                    ca:40:ee:55:f2:6e:2f:2c:26:55:59:00:3e:ec:71:
                    a4:f9:8a:64:fb:5b:b9:a0:e3:75:f9:85:ea:ef:9a:
                    bb:ca:bd:10:77:7f:8f:eb:45:bf:f4:1f:02:17:6c:
                    98:7e:59:21:d8:a0:6c:2e:8c:16:95:49:8e:24:74:
                    31:35:d5:ac:31:f8:53:89:04:10:e4:56:83:1a:6c:
                    87:bd:cc:07:8c:95:eb:c4:3b:44:52:4c:9f:37:4e:
                    e4:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:23:35:0E:A3:9B:3E:90:82:AE:47:BF:46:C9:3A:33:9F:27:B7:46
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/0480ea26-b7ae-3ff7-b3bb-79bc90de91a1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.220.0.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         8b:4b:79:73:48:54:e8:85:22:a6:e5:16:5a:f8:c7:e9:76:ff:
         03:5e:0a:78:ba:86:3a:71:11:c9:cc:25:bf:e7:f3:bf:72:1c:
         79:ec:98:f6:65:60:a3:2d:d8:0e:31:5a:df:bd:cf:4e:db:a5:
         97:3f:d6:ea:d6:a7:be:da:be:7c:d2:6a:5c:56:c1:00:bb:7e:
         54:91:cc:2e:b2:74:0e:89:33:a1:2c:6f:d4:d9:f1:54:d3:bd:
         1b:74:68:c2:6c:f5:cb:43:b8:73:a3:ba:c6:9a:22:ac:fd:c8:
         84:5f:70:5c:60:06:f3:91:86:b3:5c:7a:e7:19:d3:fd:10:0e:
         d4:56:33:fc:f2:a9:e3:56:d2:3d:b1:21:fa:9c:de:05:03:df:
         52:69:e8:71:93:9e:08:c2:dd:25:1a:ba:83:26:b0:19:ae:80:
         96:c3:d7:32:54:1d:4d:72:a5:51:a8:2e:7c:80:52:79:a5:da:
         c4:de:75:c7:c6:32:8f:60:27:d9:57:8f:d5:a6:71:1a:30:94:
         13:b2:51:e3:5c:47:a2:49:d8:62:03:13:34:e5:57:71:bf:bc:
         5a:d9:bd:13:4e:69:de:06:56:48:ee:21:ab:65:ed:48:de:06:
         e4:b4:3f:35:df:30:6a:20:d7:ef:b7:df:34:06:9e:65:9b:4e:
         fe:4d:75:fc
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMx6T4SqcURO/n8AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
NzQwM2ZhMTgtZTRiZS00Y2NhLTk5NWItZDU3Y2E4MTVjNjE2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfVWB5JGFK3GKnjw5huto41KRw3MWyOb2Za4
xqU1dYNWL0fR3VFk3tKjMy32jWXC7QLwio9FU6ihCNQlOMKbTIT+4Stcc1PQPxXa
jYCU/1zzVelF+iqnZeZhyiFSPc/Nycxl6hXuDIchKr/7ir7EgJY5Y3wfOhd9Bhav
AkFJa/Sky9wfngB0rREwHhWkScoNUZ25+NSwlxMIKE2y6ilqx2B4QirKQO5V8m4v
LCZVWQA+7HGk+Ypk+1u5oON1+YXq75q7yr0Qd3+P60W/9B8CF2yYflkh2KBsLowW
lUmOJHQxNdWsMfhTiQQQ5FaDGmyHvcwHjJXrxDtEUkyfN07kmwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBUjNQ6jmz6Qgq5Hv0bJOjOfJ7dGMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMDQ4MGVhMjYtYjdhZS0z
ZmY3LWIzYmItNzliYzkwZGU5MWExLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFz9wAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAItLeXNIVOiFIqblFlr4x+l2/wNeCni6hjpxEcnMJb/n879yHHnsmPZl
YKMt2A4xWt+9z07bpZc/1urWp77avnzSalxWwQC7flSRzC6ydA6JM6Esb9TZ8VTT
vRt0aMJs9ctDuHOjusaaIqz9yIRfcFxgBvORhrNceucZ0/0QDtRWM/zyqeNW0j2x
Ifqc3gUD31Jp6HGTngjC3SUauoMmsBmugJbD1zJUHU1ypVGoLnyAUnml2sTedcfG
Mo9gJ9lXj9WmcRowlBOyUeNcR6JJ2GIDEzTlV3G/vFrZvRNOad4GVkjuIatl7Uje
BuS0PzXfMGog1++33zQGnmWbTv5Ndfw=
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:00:21 2024 by rpki-client on console-ams.rpki-client.org