Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/8448f6c8-0ee5-3d0e-be26-8346f588165e.roa
File:                     8448f6c8-0ee5-3d0e-be26-8346f588165e.roa (raw, json)
Hash identifier:          bAnrT5oPlm768TOBDFPh/2tklbgY3ojbqg0FEDI1F8E=
Subject key identifier:   48:77:1C:FE:11:9C:8E:74:61:A3:55:10:A2:B0:51:6B:5F:9B:D4:BA
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F43285840455E1BC9D6B3855803A83EC0
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/8448f6c8-0ee5-3d0e-be26-8346f588165e.roa
Signing time:             Sat 17 Dec 2022 12:00:00 +0000
ROA not before:           Sat 17 Dec 2022 12:00:00 +0000
ROA not after:            Mon 18 Dec 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:45:5e:1b:c9:d6:b3:85:58:03:a8:3e:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Dec 17 12:00:00 2022 GMT
            Not After : Dec 18 05:00:00 2023 GMT
        Subject: CN=c2c271e6-3036-4fb7-83c9-f7f8e4a441fd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b1:d6:bb:4a:49:51:c0:06:98:7d:c2:9a:00:
                    ad:42:31:b4:ce:78:55:3b:e0:85:b8:80:c4:5b:54:
                    6f:9a:e5:da:1a:cd:d7:af:4e:5f:3a:d1:2b:65:9b:
                    cf:cc:1b:f7:51:c8:67:1d:fd:fd:46:43:8b:04:59:
                    1e:41:6b:e7:79:ac:64:8e:a7:ac:11:46:22:3b:2e:
                    a7:73:a8:1c:48:dc:d8:91:05:bb:3b:7d:ba:2e:1a:
                    5f:41:c9:36:f3:f5:7b:a2:d1:b2:7e:9a:fe:00:a1:
                    0c:60:b2:ef:10:36:3b:c6:e3:23:46:76:d3:26:1a:
                    b6:8b:73:d6:4d:d2:41:bd:96:26:4d:b3:6d:58:a6:
                    a7:4a:14:c0:21:ec:99:42:c5:91:43:3d:83:db:1a:
                    c5:6c:ca:7c:e6:bc:8c:dc:e1:eb:8e:27:31:02:de:
                    6e:ac:65:af:06:af:61:55:a5:99:e6:60:eb:7b:63:
                    46:2f:c9:04:45:12:15:6e:d8:a2:1d:4e:53:96:9b:
                    c3:e7:d0:49:9a:b9:62:16:5a:5e:25:8c:91:a5:a5:
                    34:3f:a4:ac:c3:b3:06:d0:88:14:44:c7:e6:4d:40:
                    a5:59:6a:2c:18:f9:8d:52:84:74:02:e3:a3:6a:db:
                    62:b9:a3:01:40:ba:8b:60:04:79:37:03:d0:fb:03:
                    2d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:77:1C:FE:11:9C:8E:74:61:A3:55:10:A2:B0:51:6B:5F:9B:D4:BA
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/8448f6c8-0ee5-3d0e-be26-8346f588165e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         34:65:d0:8b:12:80:d3:80:32:17:04:b1:95:84:3c:a2:ce:7b:
         4c:ce:d5:fc:f4:40:e3:f9:d8:4c:86:f9:81:a6:d1:44:49:88:
         af:a9:3f:1a:e5:2c:3b:2a:3d:d2:ac:6d:4e:83:e6:e2:91:72:
         83:43:2e:e8:b1:f0:df:df:02:81:4e:93:7a:a8:ee:92:eb:90:
         1a:79:f2:24:0c:2e:e2:77:5e:b0:96:75:a8:b3:39:ba:6b:c1:
         61:d0:d4:d3:9e:fd:e4:db:5f:86:f7:26:35:b7:04:47:fc:62:
         37:af:93:53:1f:72:26:97:ab:38:9f:2c:75:71:97:d8:82:be:
         4f:5e:82:f6:2d:33:e5:a7:23:a2:8f:46:fb:2d:dc:4d:e4:35:
         fa:1f:eb:dc:2c:2b:69:df:0c:fa:64:87:41:d0:d4:44:c9:b2:
         bf:8e:2f:25:57:72:6d:bf:62:1c:4c:28:a4:6e:5e:f4:26:ce:
         3e:cf:f6:63:e8:34:5f:7c:de:87:f5:8d:5f:69:db:eb:64:2c:
         8d:6d:8c:9f:15:19:16:cd:32:7a:76:2a:d9:c0:de:b7:29:dc:
         09:82:db:7c:0c:e2:b4:3b:b3:88:b8:8a:16:18:9f:10:db:94:
         c3:79:94:db:61:40:a3:cd:da:51:d9:15:31:d3:e0:61:b4:5f:
         7a:87:3a:89
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEBFXhvJ1rOFWAOoPsAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTIxNzEyMDAwMFoXDTIzMTIxODA1MDAwMFowLzEtMCsGA1UEAxMk
YzJjMjcxZTYtMzAzNi00ZmI3LTgzYzktZjdmOGU0YTQ0MWZkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirHWu0pJUcAGmH3CmgCtQjG0znhVO+CFuIDE
W1RvmuXaGs3Xr05fOtErZZvPzBv3UchnHf39RkOLBFkeQWvneaxkjqesEUYiOy6n
c6gcSNzYkQW7O326LhpfQck28/V7otGyfpr+AKEMYLLvEDY7xuMjRnbTJhq2i3PW
TdJBvZYmTbNtWKanShTAIeyZQsWRQz2D2xrFbMp85ryM3OHrjicxAt5urGWvBq9h
VaWZ5mDre2NGL8kERRIVbtiiHU5TlpvD59BJmrliFlpeJYyRpaU0P6Ssw7MG0IgU
RMfmTUClWWosGPmNUoR0AuOjattiuaMBQLqLYAR5NwPQ+wMtTQIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFEh3HP4RnI50YaNVEKKwUWtfm9S6MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvODQ0OGY2YzgtMGVlNS0z
ZDBlLWJlMjYtODM0NmY1ODgxNjVlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBADRl0IsSgNOAMhcEsZWEPKLOe0zO1fz0QOP52EyG+YGm0URJiK+p
PxrlLDsqPdKsbU6D5uKRcoNDLuix8N/fAoFOk3qo7pLrkBp58iQMLuJ3XrCWdaiz
ObprwWHQ1NOe/eTbX4b3JjW3BEf8Yjevk1MfciaXqzifLHVxl9iCvk9egvYtM+Wn
I6KPRvst3E3kNfof69wsK2nfDPpkh0HQ1ETJsr+OLyVXcm2/YhxMKKRuXvQmzj7P
9mPoNF983of1jV9p2+tkLI1tjJ8VGRbNMnp2KtnA3rcp3AmC23wM4rQ7s4i4ihYY
nxDblMN5lNthQKPN2lHZFTHT4GG0X3qHOok=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:51 2023 by rpki-client on console-fra.rpki-client.org