Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d00d457c-db09-3c0c-94b6-9e44123bbcf1.roa
File:                     d00d457c-db09-3c0c-94b6-9e44123bbcf1.roa (raw, json)
Hash identifier:          SgswnL1sIbRHL1asgdz18hT6pgg/G9P9cXT5nIIqezU=
Subject key identifier:   9E:A7:46:46:63:43:CC:7D:77:F6:C2:0A:2C:BE:27:A7:B4:0F:25:2D
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F4328584553332BCA11E69B07682BFA80
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d00d457c-db09-3c0c-94b6-9e44123bbcf1.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        216.231.96.0/19 maxlen: 19

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:2b:ca:11:e6:9b:07:68:2b:fa:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=aab8953f-dd69-4d06-8af6-307e7ec6a2c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8b:60:f8:fb:7a:eb:20:98:d8:71:65:94:61:b6:
                    71:cd:2a:4e:90:a5:3a:7b:81:ec:bd:ff:51:b1:c1:
                    b5:5b:bf:99:20:db:33:54:f3:79:37:29:1a:be:41:
                    fc:90:1b:4a:59:41:cd:7f:b3:2a:ea:1e:94:7e:0b:
                    0d:cf:73:a9:62:84:4f:ca:b3:a3:93:4d:d4:f3:e4:
                    58:f9:75:3d:80:c4:3b:02:2a:a6:6c:ad:45:c9:1f:
                    19:d5:38:cf:b3:5c:d2:a2:b9:87:99:99:06:ff:9f:
                    77:8f:69:b7:da:0e:b1:3c:0e:14:83:cc:80:6e:3a:
                    81:82:da:1f:ca:d8:19:ba:a6:74:54:36:ee:4b:9c:
                    1d:17:c8:e0:c0:ba:c2:43:e7:4b:15:c9:d1:0d:1b:
                    e2:d9:68:0a:32:15:b1:60:17:1f:b0:26:30:81:a2:
                    15:16:73:8d:1c:44:6b:02:cc:3c:30:02:9a:07:2d:
                    fb:1f:11:41:7e:9a:8c:58:68:10:f6:bc:ca:ca:94:
                    12:43:86:a5:13:97:7a:e3:45:27:e1:65:12:7c:3d:
                    13:19:39:3c:f6:f5:9d:4b:17:3a:fb:3f:b6:bb:c6:
                    b2:e2:6d:e4:2b:8a:8e:c2:e9:0a:cf:69:e2:34:af:
                    92:ee:41:6d:d6:a1:9f:66:84:84:01:0b:d3:e5:78:
                    7d:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:A7:46:46:63:43:CC:7D:77:F6:C2:0A:2C:BE:27:A7:B4:0F:25:2D
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/d00d457c-db09-3c0c-94b6-9e44123bbcf1.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.231.96.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         68:4e:9d:a2:e4:e9:08:4a:95:d9:4f:0c:13:e1:e6:f9:aa:25:
         a6:52:e9:cf:ee:93:cf:ae:f2:06:df:20:85:19:af:80:98:80:
         c4:3a:a0:5d:fa:ea:f0:76:dd:50:84:88:35:5a:6b:59:06:78:
         56:d3:96:10:b3:48:18:15:7e:6c:79:c2:b4:02:de:4f:db:0b:
         05:e1:4d:dc:47:3c:b3:0e:36:d7:01:df:0b:73:85:d1:92:32:
         64:9f:c2:f4:48:df:35:e0:5c:f8:43:eb:45:23:9a:9b:74:05:
         d1:f9:d5:18:27:d2:c5:a8:3d:cc:b8:4a:fe:db:34:98:9a:b8:
         91:dd:4a:4f:d2:7e:c2:b1:c9:53:01:2e:90:be:20:b0:d8:70:
         a4:9e:10:f1:aa:22:d5:16:cb:09:1a:9c:1c:4a:2d:c3:82:64:
         73:4b:5e:24:ca:e4:34:86:7a:59:f0:ff:4f:f7:d0:ee:ff:41:
         0b:45:5c:e2:44:47:92:42:7d:6f:a4:f8:c5:c9:2d:91:09:26:
         90:f4:ce:25:7e:cb:24:31:6e:54:78:60:b9:66:f5:b6:61:cb:
         4c:50:cb:fe:ac:e8:06:1d:49:5d:08:a8:21:8e:8e:81:21:24:
         c7:0a:14:d9:f4:67:6c:e0:f5:3a:ce:10:f5:ae:93:00:d4:75:
         aa:e2:84:ea
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMyvKEeabB2gr+oAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
YWFiODk1M2YtZGQ2OS00ZDA2LThhZjYtMzA3ZTdlYzZhMmMxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2D4+3rrIJjYcWWUYbZxzSpOkKU6e4Hsvf9R
scG1W7+ZINszVPN5NykavkH8kBtKWUHNf7Mq6h6UfgsNz3OpYoRPyrOjk03U8+RY
+XU9gMQ7AiqmbK1FyR8Z1TjPs1zSormHmZkG/593j2m32g6xPA4Ug8yAbjqBgtof
ytgZuqZ0VDbuS5wdF8jgwLrCQ+dLFcnRDRvi2WgKMhWxYBcfsCYwgaIVFnONHERr
Asw8MAKaBy37HxFBfpqMWGgQ9rzKypQSQ4alE5d640Un4WUSfD0TGTk89vWdSxc6
+z+2u8ay4m3kK4qOwukKz2niNK+S7kFt1qGfZoSEAQvT5Xh93wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJ6nRkZjQ8x9d/bCCiy+J6e0DyUtMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZDAwZDQ1N2MtZGIwOS0z
YzBjLTk0YjYtOWU0NDEyM2JiY2YxLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF2OdgMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGhOnaLk6QhKldlPDBPh5vmqJaZS6c/uk8+u8gbfIIUZr4CYgMQ6oF36
6vB23VCEiDVaa1kGeFbTlhCzSBgVfmx5wrQC3k/bCwXhTdxHPLMONtcB3wtzhdGS
MmSfwvRI3zXgXPhD60Ujmpt0BdH51Rgn0sWoPcy4Sv7bNJiauJHdSk/SfsKxyVMB
LpC+ILDYcKSeEPGqItUWywkanBxKLcOCZHNLXiTK5DSGelnw/0/30O7/QQtFXOJE
R5JCfW+k+MXJLZEJJpD0ziV+yyQxblR4YLlm9bZhy0xQy/6s6AYdSV0IqCGOjoEh
JMcKFNn0Z2zg9TrOEPWukwDUdarihOo=
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:17 2024 by rpki-client on console-fra.rpki-client.org