Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/47da3a87-872d-3387-a446-f7b3ad2a9605.roa
File:                     47da3a87-872d-3387-a446-f7b3ad2a9605.roa (raw, json)
Hash identifier:          +tg/Uj1KmGt/8HNiic9osbqSkMpqCGI8p/PtQTPVjSk=
Subject key identifier:   EC:BF:A4:D7:72:54:A7:E5:57:95:84:6A:F1:ED:4E:EE:CD:E5:4F:23
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553330B1E86D9AF1597368400
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/47da3a87-872d-3387-a446-f7b3ad2a9605.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        165.121.0.0/16 maxlen: 16

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:0b:1e:86:d9:af:15:97:36:84:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=27ed06b2-ba1d-45f9-af54-ded3bc392fde
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:e3:3f:4e:14:cd:c1:f3:c8:32:30:1d:4c:5e:
                    61:76:51:7e:9f:ac:0a:ec:86:ec:b7:c1:e8:8d:fc:
                    74:d2:fe:f4:46:14:97:99:85:97:0c:23:98:00:c5:
                    c1:d1:ed:01:86:0d:ff:6c:d1:c1:2d:8d:d1:12:c3:
                    e8:14:19:eb:74:31:25:a7:f9:e6:b3:8e:b0:65:76:
                    36:8d:66:46:53:42:54:78:ff:30:25:60:12:5e:c5:
                    09:c4:6c:1f:93:48:d6:40:88:a3:5b:c0:4c:02:f3:
                    ca:4a:40:6a:ea:7f:ce:c2:0f:a3:76:1d:3f:75:d9:
                    e6:18:93:e6:b7:78:e1:64:b0:c6:bd:1b:1a:5f:52:
                    0b:81:2d:7c:88:6d:63:e1:09:8a:0f:dd:8c:40:64:
                    70:20:bd:f9:11:4a:4d:b9:c2:dd:12:aa:e0:07:c8:
                    f3:a8:1d:9f:c6:ca:83:c2:db:51:89:83:da:54:c7:
                    c4:c0:56:e7:43:ef:22:00:9b:23:98:ea:64:cd:6d:
                    e0:f5:aa:6d:5f:43:0b:06:aa:48:64:f0:9e:e1:19:
                    28:2f:09:73:82:01:08:c5:37:b0:53:45:bc:da:01:
                    db:96:54:f4:7a:fe:b8:95:74:22:29:f2:37:77:b5:
                    54:be:68:bc:44:a6:fe:9f:0b:50:e3:7e:55:fd:39:
                    aa:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:BF:A4:D7:72:54:A7:E5:57:95:84:6A:F1:ED:4E:EE:CD:E5:4F:23
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/47da3a87-872d-3387-a446-f7b3ad2a9605.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.121.0.0/16

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         80:75:5b:e5:dd:31:73:dc:12:e7:4e:ad:e0:c3:8e:41:51:32:
         99:be:c6:dc:10:e3:2d:11:57:13:08:8d:f5:f7:fa:6a:9c:03:
         1e:0a:6a:37:9c:08:f4:27:b2:3a:af:7d:5e:a3:a2:43:31:30:
         c9:5f:37:aa:7a:c7:2e:f4:5a:c1:f6:25:46:5e:ca:8a:b4:64:
         48:8d:87:28:49:a3:47:48:51:4b:8b:a4:77:42:ab:52:46:e7:
         e2:90:59:35:9a:43:23:df:f2:67:a5:2b:b9:3d:06:cc:f8:94:
         ad:21:3d:75:4d:9e:e9:33:b7:c5:bb:76:5e:4f:b8:52:09:9d:
         e1:28:93:d9:69:2c:db:68:3c:ad:86:dc:4b:56:e7:b4:83:da:
         c6:4e:6c:b8:86:11:b5:5c:34:af:10:0f:89:03:92:5c:27:a2:
         e2:22:90:38:54:d2:b8:7d:4d:8a:3d:28:3a:ec:e7:7c:a9:fb:
         7e:fd:f3:dd:14:af:eb:90:b9:7d:19:98:f6:ad:25:31:4c:f1:
         e9:55:62:65:9b:3a:0f:81:4f:bf:ef:26:c5:cd:ee:fa:4f:8f:
         0b:07:4b:e7:6f:06:61:05:a9:42:ca:e4:90:43:8f:65:00:f9:
         ea:78:2d:a5:75:50:98:e9:16:0e:46:8a:5c:7b:7b:a1:c9:8c:
         c0:4b:fd:91
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgIUAQ0Mn0MoWEVTMwsehtmvFZc2hAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
MjdlZDA2YjItYmExZC00NWY5LWFmNTQtZGVkM2JjMzkyZmRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeM/ThTNwfPIMjAdTF5hdlF+n6wK7Ibst8Ho
jfx00v70RhSXmYWXDCOYAMXB0e0Bhg3/bNHBLY3REsPoFBnrdDElp/nms46wZXY2
jWZGU0JUeP8wJWASXsUJxGwfk0jWQIijW8BMAvPKSkBq6n/Owg+jdh0/ddnmGJPm
t3jhZLDGvRsaX1ILgS18iG1j4QmKD92MQGRwIL35EUpNucLdEqrgB8jzqB2fxsqD
wttRiYPaVMfEwFbnQ+8iAJsjmOpkzW3g9aptX0MLBqpIZPCe4RkoLwlzggEIxTew
U0W82gHbllT0ev64lXQiKfI3d7VUvmi8RKb+nwtQ435V/TmqJwIDAQABo4IDVDCC
A1AwHQYDVR0OBBYEFOy/pNdyVKflV5WEavHtTu7N5U8jMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNDdkYTNhODctODcyZC0z
Mzg3LWE0NDYtZjdiM2FkMmE5NjA1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMApXkwVAYD
VR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3
dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsF
AAOCAQEAgHVb5d0xc9wS506t4MOOQVEymb7G3BDjLRFXEwiN9ff6apwDHgpqN5wI
9CeyOq99XqOiQzEwyV83qnrHLvRawfYlRl7KirRkSI2HKEmjR0hRS4ukd0KrUkbn
4pBZNZpDI9/yZ6UruT0GzPiUrSE9dU2e6TO3xbt2Xk+4Ugmd4SiT2Wks22g8rYbc
S1bntIPaxk5suIYRtVw0rxAPiQOSXCei4iKQOFTSuH1Nij0oOuznfKn7fv3z3RSv
65C5fRmY9q0lMUzx6VViZZs6D4FPv+8mxc3u+k+PCwdL528GYQWpQsrkkEOPZQD5
6ngtpXVQmOkWDkaKXHt7ocmMwEv9kQ==
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:15 2024 by rpki-client on console-fra.rpki-client.org