Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/e9a563f6-e5a6-346c-badd-b6d6bb0dc0d8.roa
File:                     e9a563f6-e5a6-346c-badd-b6d6bb0dc0d8.roa (raw, json)
Hash identifier:          4eSsZwLOJUurkxYlm7QdGvk++Va1AESYTScFroOz7b4=
Subject key identifier:   AB:A4:F7:F3:6D:76:89:AF:4E:1B:3F:79:CE:0C:8E:1E:11:48:E8:82
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F432858455332E5528FCCD0CCCFBA4C80
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/e9a563f6-e5a6-346c-badd-b6d6bb0dc0d8.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        66.245.128.0/19 maxlen: 19

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:32:e5:52:8f:cc:d0:cc:cf:ba:4c:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=f1def200-7576-4aae-a851-f0d48db21690
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:29:74:a3:35:0f:90:46:b3:d5:87:fb:91:29:
                    70:0c:66:05:31:43:d3:78:57:83:48:b3:a9:51:ba:
                    e4:0c:c5:a5:b8:85:ba:b9:d3:66:f4:47:3a:dc:b0:
                    cd:41:f4:a3:58:c2:3d:5b:76:0e:1c:0b:67:37:17:
                    a8:2b:59:71:43:9a:a8:83:ab:e2:51:07:4e:5a:ae:
                    d6:d6:fa:9c:82:af:3f:51:29:1e:2d:e5:17:d7:16:
                    72:2b:8d:06:8d:0b:6c:f9:f8:06:5c:a8:0e:9a:20:
                    4a:74:90:a1:e9:21:55:72:df:ef:86:bd:fc:fb:d4:
                    14:00:b1:86:89:30:10:af:1c:fa:bd:82:35:93:42:
                    ff:8e:54:ce:89:bf:4a:1a:ec:23:e1:fb:89:b9:79:
                    95:9c:56:5b:b2:7a:9b:ac:a7:c9:88:bb:45:45:76:
                    fb:01:42:95:55:18:05:4b:f3:c5:9c:66:9d:b0:68:
                    f3:98:1e:56:78:5e:37:6e:26:83:51:55:29:47:f3:
                    f5:c7:45:9b:ff:14:45:39:86:68:4f:a2:61:7e:2e:
                    e8:54:84:58:d3:66:54:4d:33:07:af:9b:47:53:0e:
                    e6:3c:6e:e9:e5:a8:f2:d3:0a:f2:71:0a:8c:e7:34:
                    cd:6a:94:ad:df:c5:24:9c:bb:ad:29:be:1f:e4:cc:
                    19:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:A4:F7:F3:6D:76:89:AF:4E:1B:3F:79:CE:0C:8E:1E:11:48:E8:82
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/e9a563f6-e5a6-346c-badd-b6d6bb0dc0d8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.245.128.0/19

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         53:c9:28:c3:be:fb:00:3d:90:dd:4c:8c:cd:91:33:17:e8:89:
         23:4b:9b:35:1e:2a:82:ba:68:ec:df:fd:55:eb:30:bb:be:f2:
         bf:ce:9d:b3:40:fc:38:7a:c1:12:87:78:2b:1c:5c:31:8f:f4:
         8a:ba:60:97:74:22:6d:7e:ba:66:0e:64:30:03:51:b6:ce:a4:
         11:dc:c2:d1:4a:fa:b4:4d:95:58:4e:25:cf:38:1f:7c:44:96:
         27:59:78:3e:0a:ba:54:6a:59:a7:86:11:0a:fe:36:eb:bf:18:
         84:dd:d2:7c:b1:7b:43:d0:03:08:b0:1c:c0:b9:22:45:50:a5:
         41:cf:ec:0b:e9:10:9b:8e:c7:61:43:7b:56:ea:41:c1:b6:3e:
         e1:53:68:37:ba:61:ab:15:f3:2e:e3:d5:2e:07:40:66:ed:17:
         3a:44:94:83:11:23:6b:83:07:90:82:f8:9a:99:33:00:7c:dd:
         f7:d0:e6:e9:8c:72:3d:98:65:b9:a7:db:60:67:4c:d0:bf:a4:
         bb:59:c4:98:1d:54:ec:de:f3:bc:f8:80:9c:93:6d:1c:bd:85:
         e1:1c:25:87:39:29:f7:17:b2:5d:93:b6:d6:a9:54:45:26:5d:
         0f:61:ab:61:06:c4:cd:89:a5:c9:ea:b0:08:54:c3:52:f9:77:
         88:68:f3:9f
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMuVSj8zQzM+6TIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
ZjFkZWYyMDAtNzU3Ni00YWFlLWE4NTEtZjBkNDhkYjIxNjkwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSl0ozUPkEaz1Yf7kSlwDGYFMUPTeFeDSLOp
UbrkDMWluIW6udNm9Ec63LDNQfSjWMI9W3YOHAtnNxeoK1lxQ5qog6viUQdOWq7W
1vqcgq8/USkeLeUX1xZyK40GjQts+fgGXKgOmiBKdJCh6SFVct/vhr38+9QUALGG
iTAQrxz6vYI1k0L/jlTOib9KGuwj4fuJuXmVnFZbsnqbrKfJiLtFRXb7AUKVVRgF
S/PFnGadsGjzmB5WeF43biaDUVUpR/P1x0Wb/xRFOYZoT6Jhfi7oVIRY02ZUTTMH
r5tHUw7mPG7p5ajy0wrycQqM5zTNapSt38UknLutKb4f5MwZSQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKuk9/NtdomvThs/ec4Mjh4RSOiCMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZTlhNTYzZjYtZTVhNi0z
NDZjLWJhZGQtYjZkNmJiMGRjMGQ4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFQvWAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAFPJKMO++wA9kN1MjM2RMxfoiSNLmzUeKoK6aOzf/VXrMLu+8r/OnbNA
/Dh6wRKHeCscXDGP9Iq6YJd0Im1+umYOZDADUbbOpBHcwtFK+rRNlVhOJc84H3xE
lidZeD4KulRqWaeGEQr+Nuu/GITd0nyxe0PQAwiwHMC5IkVQpUHP7AvpEJuOx2FD
e1bqQcG2PuFTaDe6YasV8y7j1S4HQGbtFzpElIMRI2uDB5CC+JqZMwB83ffQ5umM
cj2YZbmn22BnTNC/pLtZxJgdVOze87z4gJyTbRy9heEcJYc5KfcXsl2TttapVEUm
XQ9hq2EGxM2JpcnqsAhUw1L5d4ho858=
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:00:24 2024 by rpki-client on console-ams.rpki-client.org