Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/02face4d-6885-3625-b094-d9790a7e28aa.roa
File:                     02face4d-6885-3625-b094-d9790a7e28aa.roa (raw, json)
Hash identifier:          e22D/EpMUuhxCzWxh5Wp6lsxJkoLBE10l1l6H4oyT8Q=
Subject key identifier:   02:2E:02:4F:83:BD:7A:33:8C:16:17:2A:61:7B:B4:E0:39:54:72:A0
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328584026F833DBD2F67E7906FB20C0
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/02face4d-6885-3625-b094-d9790a7e28aa.roa
Signing time:             Tue 06 Dec 2022 12:00:00 +0000
ROA not before:           Tue 06 Dec 2022 12:00:00 +0000
ROA not after:            Thu 07 Dec 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:26:f8:33:db:d2:f6:7e:79:06:fb:20:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Dec  6 12:00:00 2022 GMT
            Not After : Dec  7 05:00:00 2023 GMT
        Subject: CN=64ca5efe-855e-4250-b4e0-624c20db544f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:20:59:1c:0d:e0:32:86:7c:7d:2f:3c:31:82:
                    76:a7:15:13:6a:a9:8a:26:b7:20:ea:5d:4b:33:bf:
                    4f:4d:0c:01:9a:88:8f:f2:03:0e:69:11:0a:5e:92:
                    60:39:34:d4:d0:51:37:d3:10:9b:7f:8d:99:17:50:
                    84:79:81:92:1d:9e:a1:36:8e:7b:93:8c:70:06:0f:
                    f4:bd:af:b0:c7:76:ed:39:b9:27:d7:b0:7c:f6:92:
                    08:69:6b:de:cf:9d:2a:d5:dc:4a:34:00:ba:85:7b:
                    3d:f3:09:0d:1c:2d:0a:df:0b:c1:41:42:de:ba:ce:
                    79:c5:fc:07:cd:28:66:3a:67:de:cc:f3:ed:ce:25:
                    a6:bd:a7:1d:97:e6:88:4e:d2:4c:ac:85:90:9e:bb:
                    be:b9:1e:be:b6:f2:ff:06:61:76:db:a5:18:8d:de:
                    ff:45:50:bf:73:b5:a4:de:5c:8e:3e:36:d3:92:7f:
                    9b:01:43:6a:59:79:19:ab:07:c6:a1:fe:a9:5f:89:
                    5c:f2:02:e4:15:75:d3:0a:5e:6d:57:7a:68:07:b4:
                    d5:2b:64:05:6d:4b:bd:04:d4:db:89:68:f0:0f:a4:
                    b8:b4:5e:f6:76:30:32:b5:7f:b9:3a:24:1d:f5:72:
                    b2:5f:d1:c3:1a:52:bb:a6:a6:95:65:e9:1d:dc:c1:
                    fd:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:2E:02:4F:83:BD:7A:33:8C:16:17:2A:61:7B:B4:E0:39:54:72:A0
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/02face4d-6885-3625-b094-d9790a7e28aa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         61:3d:97:f7:77:e1:58:ad:3c:68:77:4e:f9:6a:29:c3:91:ca:
         f9:6a:1c:e2:12:d5:fe:2a:3f:f6:23:93:28:8f:31:26:a1:00:
         00:47:4e:06:d5:45:35:14:37:9a:64:ff:4f:9d:9e:95:ec:36:
         df:fc:10:b5:ae:18:6d:6b:3e:1b:ee:f4:90:eb:76:f2:b0:45:
         fe:95:ab:d7:fb:45:17:6d:a9:12:fc:81:99:f9:14:9a:20:50:
         53:1a:f8:71:05:87:c6:34:21:5e:94:bc:62:56:0c:ff:25:d0:
         2b:9b:91:c2:7e:df:fd:3c:8a:0f:38:63:94:0c:78:25:0d:9c:
         87:a2:5f:4e:46:2a:ff:ea:67:bb:b3:7f:bd:81:60:9c:29:07:
         52:d3:5e:37:a7:d6:31:5b:8d:42:78:77:24:9b:2e:c6:b5:0b:
         1d:b6:8d:ef:59:e0:5f:ba:08:db:25:97:be:bb:68:7d:5a:07:
         ba:f9:ca:73:6b:b2:50:c4:36:b7:3f:d7:95:45:a6:30:18:c5:
         8d:bf:03:cf:8b:38:06:f0:53:00:e2:c9:d0:18:4b:70:1c:21:
         73:b0:5a:d2:9e:36:5a:9c:32:89:ea:d4:aa:b5:10:4c:5a:1f:
         a3:3a:8a:91:1b:e3:dd:e7:d8:a8:e2:03:f9:ff:11:31:52:1a:
         c4:4a:55:1c
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEAm+DPb0vZ+eQb7IMAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTIwNjEyMDAwMFoXDTIzMTIwNzA1MDAwMFowLzEtMCsGA1UEAxMk
NjRjYTVlZmUtODU1ZS00MjUwLWI0ZTAtNjI0YzIwZGI1NDRmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSBZHA3gMoZ8fS88MYJ2pxUTaqmKJrcg6l1L
M79PTQwBmoiP8gMOaREKXpJgOTTU0FE30xCbf42ZF1CEeYGSHZ6hNo57k4xwBg/0
va+wx3btObkn17B89pIIaWvez50q1dxKNAC6hXs98wkNHC0K3wvBQULeus55xfwH
zShmOmfezPPtziWmvacdl+aITtJMrIWQnru+uR6+tvL/BmF226UYjd7/RVC/c7Wk
3lyOPjbTkn+bAUNqWXkZqwfGof6pX4lc8gLkFXXTCl5tV3poB7TVK2QFbUu9BNTb
iWjwD6S4tF72djAytX+5OiQd9XKyX9HDGlK7pqaVZekd3MH9XQIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFAIuAk+DvXozjBYXKmF7tOA5VHKgMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvMDJmYWNlNGQtNjg4NS0z
NjI1LWIwOTQtZDk3OTBhN2UyOGFhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAGE9l/d34VitPGh3TvlqKcORyvlqHOIS1f4qP/YjkyiPMSahAABH
TgbVRTUUN5pk/0+dnpXsNt/8ELWuGG1rPhvu9JDrdvKwRf6Vq9f7RRdtqRL8gZn5
FJogUFMa+HEFh8Y0IV6UvGJWDP8l0CubkcJ+3/08ig84Y5QMeCUNnIeiX05GKv/q
Z7uzf72BYJwpB1LTXjen1jFbjUJ4dySbLsa1Cx22je9Z4F+6CNsll767aH1aB7r5
ynNrslDENrc/15VFpjAYxY2/A8+LOAbwUwDiydAYS3AcIXOwWtKeNlqcMonq1Kq1
EExaH6M6ipEb493n2KjiA/n/ETFSGsRKVRw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:41 2023 by rpki-client on console-ams.rpki-client.org