Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/0690bce0-39b0-3c45-a5b3-b68ce4e81959.roa
File:                     0690bce0-39b0-3c45-a5b3-b68ce4e81959.roa (raw, json)
Hash identifier:          sJgDzi98OYuk1ZiEPkCZ2o36Lt7FsQDHLEhEzpzjFHc=
Subject key identifier:   A1:F9:66:6F:9E:68:69:9F:A0:60:84:5D:E0:97:13:0E:64:95:67:D4
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553331C9AA328246AF0A77300
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/0690bce0-39b0-3c45-a5b3-b68ce4e81959.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        207.94.32.0/20 maxlen: 20

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:1c:9a:a3:28:24:6a:f0:a7:73:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=f2228f2d-bb4c-4629-b1d9-5b482c2656a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:0f:d0:32:80:c6:50:26:99:2b:44:07:26:df:
                    1d:3d:80:6d:ad:71:32:db:1a:e8:a3:8b:30:a6:67:
                    b4:fd:72:50:dc:2c:41:7f:ee:80:69:a7:82:51:8c:
                    d0:9e:5d:a9:7d:41:87:9b:75:21:55:92:f6:45:de:
                    14:52:f0:7d:aa:95:9d:a8:06:78:d9:dd:fc:eb:52:
                    86:78:7e:f8:de:3d:74:5f:eb:88:df:d1:a2:5c:82:
                    8d:86:03:2c:82:6b:d4:02:0c:7e:05:01:8e:6f:c0:
                    95:93:d4:bc:1a:48:a3:91:77:5c:1e:cd:1d:7d:e9:
                    80:b8:b9:81:20:59:98:38:0f:ad:7b:8a:ad:22:6e:
                    19:11:ff:66:fc:f6:0d:39:2d:64:27:24:ac:92:96:
                    bd:e2:e9:a0:5b:b8:ca:3c:76:77:51:c5:b0:a4:a3:
                    07:b8:60:20:25:be:eb:5f:82:3f:cf:70:b1:39:69:
                    6e:76:2d:f3:04:f7:2d:2e:2b:3f:9a:17:41:3a:10:
                    ec:a2:e1:db:0d:81:79:d0:30:66:19:93:5a:91:f5:
                    fd:87:ce:a2:e7:25:26:08:54:99:cd:79:8c:12:4e:
                    66:57:8f:77:35:9b:44:96:7b:11:d2:ab:b0:84:d9:
                    21:0c:26:9f:06:cc:1d:f5:61:3a:f2:7a:a2:ab:ff:
                    77:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:F9:66:6F:9E:68:69:9F:A0:60:84:5D:E0:97:13:0E:64:95:67:D4
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/0690bce0-39b0-3c45-a5b3-b68ce4e81959.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  207.94.32.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         83:58:ae:f7:4c:cf:22:3a:f5:2b:ce:40:7a:bc:79:5b:ca:f1:
         7f:af:b3:7d:19:db:c4:4d:1b:6f:b0:ab:a2:2d:9e:de:7b:33:
         36:0b:72:82:e4:77:06:c2:4f:90:3f:9e:e8:02:d4:04:6f:1a:
         ca:2a:54:a4:43:06:f7:85:fb:a8:01:7a:bc:a0:d6:ec:df:3e:
         e8:35:ae:41:87:16:7f:66:0e:03:7f:b6:04:75:c0:8e:05:cd:
         28:6e:b9:15:86:b9:65:c2:52:3e:a6:e4:05:84:3a:66:71:53:
         53:b0:c9:fd:b3:97:d1:16:f3:7b:1c:7e:4b:d2:58:2f:e3:d1:
         a2:9d:56:18:a4:5c:30:71:be:d1:a1:b4:66:ad:66:d0:d6:e9:
         f5:e8:a3:9a:e3:bf:c0:88:d1:69:1f:15:c8:32:e4:f4:01:2a:
         6a:cd:b2:c4:ce:8e:be:26:d4:40:ca:f9:24:fd:ca:31:ed:6c:
         d0:92:6e:e6:4a:14:b6:e5:00:cc:bc:85:02:66:a6:7f:26:7d:
         44:a4:20:85:e3:0a:dc:e1:5f:6a:7e:9a:2f:8d:0e:a2:db:bc:
         2c:ed:6a:c6:fa:5b:36:99:4f:99:90:d7:56:1a:c3:13:70:1c:
         a8:30:34:3d:0d:64:2a:25:5c:ca:d9:9c:c4:ae:95:7b:a5:bf:
         f9:5d:d4:25
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMxyaoygkavCncwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
ZjIyMjhmMmQtYmI0Yy00NjI5LWIxZDktNWI0ODJjMjY1NmE2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw/QMoDGUCaZK0QHJt8dPYBtrXEy2xroo4sw
pme0/XJQ3CxBf+6AaaeCUYzQnl2pfUGHm3UhVZL2Rd4UUvB9qpWdqAZ42d3861KG
eH743j10X+uI39GiXIKNhgMsgmvUAgx+BQGOb8CVk9S8GkijkXdcHs0dfemAuLmB
IFmYOA+te4qtIm4ZEf9m/PYNOS1kJySskpa94umgW7jKPHZ3UcWwpKMHuGAgJb7r
X4I/z3CxOWludi3zBPctLis/mhdBOhDsouHbDYF50DBmGZNakfX9h86i5yUmCFSZ
zXmMEk5mV493NZtElnsR0quwhNkhDCafBswd9WE68nqiq/93mwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKH5Zm+eaGmfoGCEXeCXEw5klWfUMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMDY5MGJjZTAtMzliMC0z
YzQ1LWE1YjMtYjY4Y2U0ZTgxOTU5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEz14gMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAINYrvdMzyI69SvOQHq8eVvK8X+vs30Z28RNG2+wq6Itnt57MzYLcoLk
dwbCT5A/nugC1ARvGsoqVKRDBveF+6gBeryg1uzfPug1rkGHFn9mDgN/tgR1wI4F
zShuuRWGuWXCUj6m5AWEOmZxU1Owyf2zl9EW83scfkvSWC/j0aKdVhikXDBxvtGh
tGatZtDW6fXoo5rjv8CI0WkfFcgy5PQBKmrNssTOjr4m1EDK+ST9yjHtbNCSbuZK
FLblAMy8hQJmpn8mfUSkIIXjCtzhX2p+mi+NDqLbvCztasb6WzaZT5mQ11YawxNw
HKgwND0NZColXMrZnMSulXulv/ld1CU=
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:00:21 2024 by rpki-client on console-ams.rpki-client.org