Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/8aafbf17-6baa-33e2-a17b-9df7a4533153.roa
File:                     8aafbf17-6baa-33e2-a17b-9df7a4533153.roa (raw, json)
Hash identifier:          dxGxkChypC9fKIdQ450/BN7eS3GJ4YQQAJsMFQb6Usc=
Subject key identifier:   A3:FB:9E:33:63:AD:06:57:C4:B2:EE:62:DE:D4:76:4E:DA:49:A8:DD
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583F22FED5EF1B77FD4C49FC8E80
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/8aafbf17-6baa-33e2-a17b-9df7a4533153.roa
Signing time:             Sun 04 Sep 2022 12:00:00 +0000
ROA not before:           Sun 04 Sep 2022 12:00:00 +0000
ROA not after:            Tue 05 Sep 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        165.140.105.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:22:fe:d5:ef:1b:77:fd:4c:49:fc:8e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Sep  4 12:00:00 2022 GMT
            Not After : Sep  5 04:00:00 2023 GMT
        Subject: CN=d756bde5-a05c-4829-a7d8-bad406a94654
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:b7:26:f4:e4:48:66:14:ce:f4:d3:56:e0:e1:
                    36:05:16:e1:7d:26:52:c7:ee:85:a9:4b:b2:36:2f:
                    9b:f4:36:27:6b:16:7a:03:47:db:67:1f:4f:3f:d0:
                    2e:5f:f8:26:69:0d:62:97:2e:c3:97:f8:d1:14:60:
                    78:43:ac:7c:a0:aa:d1:3d:d3:24:77:1e:8e:cb:1e:
                    37:cf:1c:26:5e:d3:50:c0:c3:2b:d4:14:07:17:f1:
                    fd:ce:9f:23:24:3d:97:a6:0f:45:2f:e7:10:57:a0:
                    02:fd:6d:76:09:d1:a2:7d:95:07:0d:b3:c7:f3:e3:
                    be:ed:3b:18:fa:6b:4f:d9:d3:2f:a2:fd:57:ff:d1:
                    74:6b:61:54:ce:70:23:0d:53:26:62:5f:2a:02:b1:
                    80:ee:61:7c:4b:09:5e:19:89:d3:f6:4e:14:2b:31:
                    d6:ad:0f:e7:69:6e:32:7e:17:7c:61:9a:3a:5b:e4:
                    b7:55:e1:c3:99:8a:29:a4:37:22:32:b5:95:62:f3:
                    27:9a:9d:bb:aa:cf:27:b8:af:76:09:d9:00:84:33:
                    dc:bf:5d:aa:f2:11:81:d5:d0:4b:cd:93:37:00:b5:
                    e4:c9:34:42:2d:fc:ed:25:4f:d2:d6:57:2c:6a:58:
                    22:2a:7d:4f:d2:0e:a1:d2:53:e8:5e:e9:a7:de:bc:
                    34:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:FB:9E:33:63:AD:06:57:C4:B2:EE:62:DE:D4:76:4E:DA:49:A8:DD
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/8aafbf17-6baa-33e2-a17b-9df7a4533153.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.105.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         39:dc:1a:42:29:a9:1f:ae:49:42:05:94:9f:29:62:3f:1e:22:
         d5:6f:02:15:75:eb:a7:9b:92:cb:d8:97:fe:75:6a:bf:18:d5:
         03:b2:b5:a7:89:99:e3:5b:ed:1c:8a:77:c1:cb:49:b5:37:e1:
         bc:66:44:1b:54:4a:15:d4:2c:82:30:21:9d:1d:9a:8a:dd:55:
         2e:97:fa:36:71:ef:d3:c6:24:65:6a:43:8b:69:94:ef:e0:14:
         e0:e5:a5:93:46:f4:50:ed:50:a6:42:cd:9c:3e:90:e3:8c:d1:
         22:cb:12:68:8c:cb:9f:3c:5c:58:d7:d9:28:25:c8:d3:42:cd:
         e4:05:a4:0d:7e:f4:a8:7c:e7:6d:e7:98:82:49:cb:33:0f:0e:
         9d:40:96:25:53:11:42:81:26:a2:ca:59:53:82:7f:70:ff:87:
         dd:d0:56:f2:14:d4:62:92:ea:2c:91:ee:ca:c6:f8:25:24:e8:
         44:68:4f:f9:28:5a:67:ba:08:60:1d:e5:f8:f9:6b:29:2a:7f:
         a7:33:5c:71:36:63:83:5a:d1:14:b7:19:64:02:06:16:1b:c4:
         9a:35:92:fe:ee:47:d6:d1:20:57:44:84:de:47:cc:de:47:ce:
         3f:9c:e2:0e:6d:42:3d:a3:cc:a1:1f:73:a2:f7:4d:5d:a7:67:
         11:94:bb:1d
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD8i/tXvG3f9TEn8joAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMDkwNDEyMDAwMFoXDTIzMDkwNTA0MDAwMFowLzEtMCsGA1UEAxMk
ZDc1NmJkZTUtYTA1Yy00ODI5LWE3ZDgtYmFkNDA2YTk0NjU0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLcm9ORIZhTO9NNW4OE2BRbhfSZSx+6FqUuy
Ni+b9DYnaxZ6A0fbZx9PP9AuX/gmaQ1ily7Dl/jRFGB4Q6x8oKrRPdMkdx6Oyx43
zxwmXtNQwMMr1BQHF/H9zp8jJD2Xpg9FL+cQV6AC/W12CdGifZUHDbPH8+O+7TsY
+mtP2dMvov1X/9F0a2FUznAjDVMmYl8qArGA7mF8SwleGYnT9k4UKzHWrQ/naW4y
fhd8YZo6W+S3VeHDmYoppDciMrWVYvMnmp27qs8nuK92CdkAhDPcv12q8hGB1dBL
zZM3ALXkyTRCLfztJU/S1lcsalgiKn1P0g6h0lPoXumn3rw01wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKP7njNjrQZXxLLuYt7Udk7aSajdMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvOGFhZmJmMTctNmJhYS0z
M2UyLWExN2ItOWRmN2E0NTMzMTUzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApYxpMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADncGkIpqR+uSUIFlJ8pYj8eItVvAhV166ebksvYl/51ar8Y1QOytaeJ
meNb7RyKd8HLSbU34bxmRBtUShXULIIwIZ0dmordVS6X+jZx79PGJGVqQ4tplO/g
FODlpZNG9FDtUKZCzZw+kOOM0SLLEmiMy588XFjX2SglyNNCzeQFpA1+9Kh8523n
mIJJyzMPDp1AliVTEUKBJqLKWVOCf3D/h93QVvIU1GKS6iyR7srG+CUk6ERoT/ko
Wme6CGAd5fj5aykqf6czXHE2Y4Na0RS3GWQCBhYbxJo1kv7uR9bRIFdEhN5HzN5H
zj+c4g5tQj2jzKEfc6L3TV2nZxGUux0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:51 2023 by rpki-client on console-fra.rpki-client.org