Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/20fea706-e8cd-3e2e-a6c6-b56746bd89bb.roa
File:                     20fea706-e8cd-3e2e-a6c6-b56746bd89bb.roa (raw, json)
Hash identifier:          mrZznuKWFiekGo30BjT3LYiW7AlvbMfZWCwMovW16E0=
Subject key identifier:   07:0C:D6:70:15:9D:3D:6F:65:20:AF:D5:1B:34:AE:08:2E:6E:BD:D3
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553332C22ED72663B8A40B630
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/20fea706-e8cd-3e2e-a6c6-b56746bd89bb.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        216.244.0.0/18 maxlen: 18

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:2c:22:ed:72:66:3b:8a:40:b6:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=1a2bb84e-1f96-4f8f-992e-4c272abef337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2d:f9:95:f7:04:73:c9:fb:35:95:ef:b1:3e:
                    9c:6a:5e:69:e0:26:8b:e2:16:d5:ff:5a:e9:36:9a:
                    27:f5:c2:21:5b:69:5b:00:a0:8a:b6:e2:89:6d:2a:
                    89:14:88:bc:9c:c1:cb:b1:5b:bd:2f:2f:27:4f:30:
                    53:24:b1:55:94:4b:eb:58:07:53:0a:08:db:91:ec:
                    45:6a:71:e2:c4:63:16:45:fd:2a:b0:a1:5f:24:0d:
                    6f:11:cd:9d:a2:e8:c0:ef:4f:9d:62:db:df:97:ec:
                    2e:92:ad:a0:cc:f8:b6:e5:e6:0e:81:4d:6b:b5:f2:
                    a6:f1:32:00:17:07:2f:be:ca:ea:59:34:18:88:df:
                    a3:e2:83:f7:3e:3e:d6:4e:ca:78:7e:4a:1a:0b:92:
                    42:ac:f5:bc:22:fc:3a:57:85:af:bc:e1:fe:0e:6f:
                    a7:19:f9:a2:c9:cc:12:18:c2:20:d9:11:80:ad:04:
                    cd:59:0a:b3:0b:3f:77:b5:ac:2d:43:fa:8f:c0:9a:
                    3f:8f:fc:40:43:26:e7:3e:c6:2f:52:b6:ae:80:f5:
                    82:34:a7:40:7d:ac:26:d4:a1:52:57:97:4b:5c:0c:
                    33:df:5a:16:d6:19:6e:6c:9e:1c:51:63:a2:91:d3:
                    50:d0:b9:73:00:d2:57:c1:6b:c7:4e:86:bb:af:7d:
                    a2:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:0C:D6:70:15:9D:3D:6F:65:20:AF:D5:1B:34:AE:08:2E:6E:BD:D3
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/20fea706-e8cd-3e2e-a6c6-b56746bd89bb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.244.0.0/18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         81:6b:9f:0f:ea:b8:de:bf:ba:df:a7:24:ce:7b:ad:99:eb:c0:
         7d:42:30:fc:c0:73:f2:f2:63:4a:aa:33:d5:5b:b9:5f:8e:69:
         15:d3:11:a0:71:b8:20:49:a3:fb:e8:63:0f:df:c3:b9:06:4c:
         56:43:ba:cd:8c:fa:91:be:2e:bd:9b:09:f5:f2:e6:a0:0d:f7:
         ae:cc:35:4e:eb:ba:ae:ac:35:dd:8e:f9:92:1d:9c:33:35:0a:
         d2:f1:d4:7a:dc:17:25:21:a0:f4:8a:0a:24:0f:4d:e0:53:25:
         9d:f8:55:f1:88:4c:54:eb:61:32:55:7c:9e:76:12:ce:0d:ce:
         45:ea:aa:1d:46:41:62:e4:11:33:ea:cc:43:50:94:11:ce:03:
         7b:1a:f8:d0:27:50:03:7d:49:e3:e3:22:76:20:c3:68:f1:e6:
         58:dc:ae:0b:9c:0a:85:5f:a7:96:58:a5:47:2c:42:62:cb:80:
         ce:ea:2d:32:da:40:24:2c:96:42:2a:c0:9b:5b:49:bb:9d:9c:
         77:73:8c:cf:eb:ec:4f:e3:97:18:11:7e:9d:ee:3c:b0:01:fe:
         2b:11:1a:b3:20:82:a9:31:38:cc:90:3c:d2:78:ad:7b:55:89:
         5d:d2:b4:33:50:00:af:cf:15:a3:87:0b:53:c8:9d:fa:e3:18:
         de:20:88:cb
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMywi7XJmO4pAtjAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
MWEyYmI4NGUtMWY5Ni00ZjhmLTk5MmUtNGMyNzJhYmVmMzM3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2S35lfcEc8n7NZXvsT6cal5p4CaL4hbV/1rp
Npon9cIhW2lbAKCKtuKJbSqJFIi8nMHLsVu9Ly8nTzBTJLFVlEvrWAdTCgjbkexF
anHixGMWRf0qsKFfJA1vEc2doujA70+dYtvfl+wukq2gzPi25eYOgU1rtfKm8TIA
FwcvvsrqWTQYiN+j4oP3Pj7WTsp4fkoaC5JCrPW8Ivw6V4WvvOH+Dm+nGfmiycwS
GMIg2RGArQTNWQqzCz93tawtQ/qPwJo/j/xAQybnPsYvUraugPWCNKdAfawm1KFS
V5dLXAwz31oW1hlubJ4cUWOikdNQ0LlzANJXwWvHToa7r32ilwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFAcM1nAVnT1vZSCv1Rs0rggubr3TMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMjBmZWE3MDYtZThjZC0z
ZTJlLWE2YzYtYjU2NzQ2YmQ4OWJiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQG2PQAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIFrnw/quN6/ut+nJM57rZnrwH1CMPzAc/LyY0qqM9VbuV+OaRXTEaBx
uCBJo/voYw/fw7kGTFZDus2M+pG+Lr2bCfXy5qAN967MNU7ruq6sNd2O+ZIdnDM1
CtLx1HrcFyUhoPSKCiQPTeBTJZ34VfGITFTrYTJVfJ52Es4NzkXqqh1GQWLkETPq
zENQlBHOA3sa+NAnUAN9SePjInYgw2jx5ljcrgucCoVfp5ZYpUcsQmLLgM7qLTLa
QCQslkIqwJtbSbudnHdzjM/r7E/jlxgRfp3uPLAB/isRGrMggqkxOMyQPNJ4rXtV
iV3StDNQAK/PFaOHC1PInfrjGN4giMs=
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:14 2024 by rpki-client on console-fra.rpki-client.org