Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/3a95a4d5-8642-34b1-b4f9-a10111aeccaa.roa
File:                     3a95a4d5-8642-34b1-b4f9-a10111aeccaa.roa (raw, json)
Hash identifier:          Cmj2t+bJG9OhLxubxmT35y2dwwjCFn9uLtjhB6Nfbig=
Subject key identifier:   BE:14:12:DF:17:69:25:5A:E5:4B:C7:A0:D3:8E:66:E5:C6:A2:B2:C6
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583F4CD44D3BD78522EAF26022C0
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/3a95a4d5-8642-34b1-b4f9-a10111aeccaa.roa
Signing time:             Mon 19 Sep 2022 12:00:00 +0000
ROA not before:           Mon 19 Sep 2022 12:00:00 +0000
ROA not after:            Wed 20 Sep 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        165.140.105.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:4c:d4:4d:3b:d7:85:22:ea:f2:60:22:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Sep 19 12:00:00 2022 GMT
            Not After : Sep 20 04:00:00 2023 GMT
        Subject: CN=cbd06d93-3096-425d-b424-88ea8b01691d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:b5:d1:12:0e:9a:02:73:76:02:f8:77:22:4d:
                    15:85:20:9f:b9:92:ef:48:0f:f2:4a:df:26:f7:3a:
                    06:5f:32:de:d2:e9:76:cc:fc:7c:5f:c2:82:33:fc:
                    16:70:45:a0:f0:b8:ad:27:6c:a6:45:98:b8:81:c3:
                    4a:6f:29:4e:2e:9a:36:e1:70:7a:39:28:a7:aa:2b:
                    d9:f2:14:d0:d2:fe:9a:57:a3:ed:69:97:a0:3e:1b:
                    aa:2d:75:d8:17:76:1b:c9:14:11:02:a6:29:a3:28:
                    7a:65:5d:07:9b:08:b6:d6:ca:40:a7:03:6f:58:72:
                    b2:a8:00:53:42:46:3a:0e:07:04:b4:96:ca:4d:c5:
                    08:60:97:fd:19:e8:e7:5a:5b:49:43:7a:f1:16:a3:
                    46:83:7a:25:41:0a:de:31:50:34:60:00:61:18:c2:
                    35:ad:5d:f0:b7:76:85:72:19:69:6f:07:05:fe:22:
                    04:30:8b:80:c4:b6:54:2b:c9:c9:cb:5d:80:28:a3:
                    96:2f:11:de:94:40:fc:53:f5:73:60:11:f3:30:de:
                    53:24:d9:53:63:67:11:f9:e9:35:72:bd:8e:83:67:
                    2f:42:9f:1b:b6:ec:40:25:e2:7f:c7:f0:4d:2d:da:
                    fa:93:dd:96:00:24:b1:a2:a9:24:e6:e1:93:44:2a:
                    66:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:14:12:DF:17:69:25:5A:E5:4B:C7:A0:D3:8E:66:E5:C6:A2:B2:C6
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/3a95a4d5-8642-34b1-b4f9-a10111aeccaa.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.105.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         06:14:7b:42:ef:7e:fe:31:13:6c:8b:13:99:ca:21:15:c3:39:
         8d:c1:83:3f:be:1c:4d:cb:e2:44:ce:ea:f1:39:70:3f:0b:eb:
         de:9d:a2:00:8f:21:e7:11:61:63:d9:fc:4d:26:12:7b:ce:b3:
         98:79:46:b4:59:2a:d6:7b:e4:1d:25:58:a1:16:76:42:e1:67:
         29:35:8f:3e:cc:3b:3d:39:d1:e7:48:5a:59:7f:d5:83:64:ba:
         a5:9b:27:29:e5:5e:ba:62:35:f4:cc:78:d4:db:eb:b9:e5:a2:
         65:14:47:07:bc:00:68:6e:89:d6:6f:bb:b9:57:e0:8b:20:5b:
         84:46:03:10:39:e2:c9:42:e0:02:9e:36:ce:f4:38:1a:eb:eb:
         e6:c2:4e:e4:b6:8a:a3:b1:c8:da:97:18:ca:8a:16:97:d7:a2:
         37:c4:c8:09:0b:ee:e5:cf:a7:bb:33:64:41:8c:35:78:39:61:
         ac:a5:71:3b:02:06:8a:fa:d1:50:6a:36:18:17:3f:d7:a9:79:
         f4:be:38:49:5e:31:87:ba:d7:e6:eb:5a:91:e2:43:9c:ae:36:
         6d:93:20:d3:03:e7:c1:fd:a2:7e:df:d5:1d:c7:77:75:f6:46:
         79:4f:c8:e5:34:3a:cd:74:8e:65:29:af:6e:55:a2:54:26:9b:
         c3:38:0b:6d
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD9M1E0714Ui6vJgIsAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMDkxOTEyMDAwMFoXDTIzMDkyMDA0MDAwMFowLzEtMCsGA1UEAxMk
Y2JkMDZkOTMtMzA5Ni00MjVkLWI0MjQtODhlYThiMDE2OTFkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bXREg6aAnN2Avh3Ik0VhSCfuZLvSA/ySt8m
9zoGXzLe0ul2zPx8X8KCM/wWcEWg8LitJ2ymRZi4gcNKbylOLpo24XB6OSinqivZ
8hTQ0v6aV6PtaZegPhuqLXXYF3YbyRQRAqYpoyh6ZV0Hmwi21spApwNvWHKyqABT
QkY6DgcEtJbKTcUIYJf9GejnWltJQ3rxFqNGg3olQQreMVA0YABhGMI1rV3wt3aF
chlpbwcF/iIEMIuAxLZUK8nJy12AKKOWLxHelED8U/VzYBHzMN5TJNlTY2cR+ek1
cr2Og2cvQp8btuxAJeJ/x/BNLdr6k92WACSxoqkk5uGTRCpmVwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFL4UEt8XaSVa5UvHoNOOZuXGorLGMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvM2E5NWE0ZDUtODY0Mi0z
NGIxLWI0ZjktYTEwMTExYWVjY2FhLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApYxpMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAAYUe0Lvfv4xE2yLE5nKIRXDOY3Bgz++HE3L4kTO6vE5cD8L696dogCP
IecRYWPZ/E0mEnvOs5h5RrRZKtZ75B0lWKEWdkLhZyk1jz7MOz050edIWll/1YNk
uqWbJynlXrpiNfTMeNTb67nlomUURwe8AGhuidZvu7lX4IsgW4RGAxA54slC4AKe
Ns70OBrr6+bCTuS2iqOxyNqXGMqKFpfXojfEyAkL7uXPp7szZEGMNXg5YaylcTsC
Bor60VBqNhgXP9epefS+OEleMYe61+brWpHiQ5yuNm2TINMD58H9on7f1R3Hd3X2
RnlPyOU0Os10jmUpr25VolQmm8M4C20=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:49 2023 by rpki-client on console-fra.rpki-client.org