Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/afb449c3-e5e7-3ee2-85ec-a9bb2a06bd8d.roa
File:                     afb449c3-e5e7-3ee2-85ec-a9bb2a06bd8d.roa (raw, json)
Hash identifier:          +SSfzQPQ+XbJL9p7NuYg2pkkqW2tXCokh9gyG78ualE=
Subject key identifier:   2C:71:4E:90:DD:7C:74:A0:40:F5:E9:71:29:09:C0:C7:1E:B8:3E:41
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328584018E8EBD48014187BF6FC3B00
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/afb449c3-e5e7-3ee2-85ec-a9bb2a06bd8d.roa
Signing time:             Thu 01 Dec 2022 12:00:00 +0000
ROA not before:           Thu 01 Dec 2022 12:00:00 +0000
ROA not after:            Sat 02 Dec 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:18:e8:eb:d4:80:14:18:7b:f6:fc:3b:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Dec  1 12:00:00 2022 GMT
            Not After : Dec  2 05:00:00 2023 GMT
        Subject: CN=a94785e5-e551-4242-a219-7d9acb00ce9b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:76:24:02:8f:3e:c7:56:ec:43:48:c9:4b:54:
                    14:60:f7:4c:01:f8:49:59:2a:24:43:0d:bf:84:d3:
                    8c:8a:49:3d:67:8c:37:3f:68:bf:cf:a9:ee:9c:d4:
                    33:e5:74:46:10:71:8e:29:44:17:44:2e:16:32:51:
                    19:ca:fc:ea:87:53:78:a3:85:fd:da:61:0d:1a:c9:
                    49:15:c8:e6:79:64:5c:f6:1f:00:3e:23:49:30:d3:
                    d4:a7:40:b1:3c:24:38:0a:97:e6:7b:49:25:fd:92:
                    7d:dd:83:2e:2e:63:d2:46:01:9b:bd:69:01:59:31:
                    6d:23:b3:24:44:a8:a2:a4:2e:41:3f:ef:ce:02:86:
                    d1:22:73:e9:be:3b:8e:a5:80:74:54:49:39:5a:ce:
                    ae:a8:4e:a8:0e:b9:04:99:ed:dc:2b:36:03:6a:0b:
                    8e:61:65:8b:4d:e7:fa:ad:44:7d:5d:48:f4:b3:05:
                    dd:e2:5e:2a:63:e1:0c:4e:55:0e:31:66:cf:f6:cf:
                    90:0a:d9:14:15:9d:c3:24:07:44:dd:25:e2:a8:83:
                    61:6f:76:78:7c:3c:de:0f:1b:18:0f:15:6e:6b:db:
                    8c:52:bb:3c:46:83:a9:d4:66:a9:94:2e:6c:df:b9:
                    e3:bb:d2:8f:fd:c3:9a:d6:f5:25:21:7a:43:51:6d:
                    1a:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:71:4E:90:DD:7C:74:A0:40:F5:E9:71:29:09:C0:C7:1E:B8:3E:41
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/afb449c3-e5e7-3ee2-85ec-a9bb2a06bd8d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         35:10:ad:16:df:9c:88:31:ba:6b:48:fb:7f:f3:37:f1:2e:0d:
         0a:20:28:ab:bd:ab:11:11:1e:c7:e6:1b:0c:db:3c:27:8e:55:
         c6:02:95:69:1b:07:f2:b0:7b:de:e3:40:52:74:72:95:10:35:
         85:e8:c3:f4:c2:3e:45:4d:45:14:54:d8:28:db:39:85:9c:f2:
         e4:bc:a2:71:b4:00:55:1f:a0:2c:05:b4:82:ef:23:f4:03:08:
         f6:e6:b2:27:9e:49:66:dc:55:7e:61:ac:a5:79:45:bc:3b:ca:
         b1:cd:85:a7:c5:59:2a:59:94:4d:44:e5:ef:6e:f8:e3:82:4c:
         99:c1:ce:ae:33:da:46:af:03:a7:ca:9e:ec:16:c0:8f:db:ca:
         aa:72:9f:c3:f4:8d:88:4f:49:33:ad:b3:38:f8:74:e4:d5:04:
         2c:dd:1c:42:aa:8e:fc:e0:01:df:b9:0d:f2:41:f7:83:bd:ff:
         6e:07:3c:0b:e9:3f:77:86:81:34:48:95:96:16:df:73:2c:44:
         6d:92:7a:f8:c2:ec:7f:25:00:72:40:bb:e8:01:3d:36:cf:43:
         a6:ab:5c:49:c5:1a:32:6a:f5:49:55:72:a3:41:2f:02:91:f0:
         e2:2f:30:f8:00:e5:f6:a3:9d:15:2f:18:fe:00:eb:9c:c4:0b:
         0e:fa:4d:38
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEAY6OvUgBQYe/b8OwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTIwMTEyMDAwMFoXDTIzMTIwMjA1MDAwMFowLzEtMCsGA1UEAxMk
YTk0Nzg1ZTUtZTU1MS00MjQyLWEyMTktN2Q5YWNiMDBjZTliMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXYkAo8+x1bsQ0jJS1QUYPdMAfhJWSokQw2/
hNOMikk9Z4w3P2i/z6nunNQz5XRGEHGOKUQXRC4WMlEZyvzqh1N4o4X92mENGslJ
FcjmeWRc9h8APiNJMNPUp0CxPCQ4Cpfme0kl/ZJ93YMuLmPSRgGbvWkBWTFtI7Mk
RKiipC5BP+/OAobRInPpvjuOpYB0VEk5Ws6uqE6oDrkEme3cKzYDaguOYWWLTef6
rUR9XUj0swXd4l4qY+EMTlUOMWbP9s+QCtkUFZ3DJAdE3SXiqINhb3Z4fDzeDxsY
DxVua9uMUrs8RoOp1GaplC5s37nju9KP/cOa1vUlIXpDUW0a3QIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFCxxTpDdfHSgQPXpcSkJwMceuD5BMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvYWZiNDQ5YzMtZTVlNy0z
ZWUyLTg1ZWMtYTliYjJhMDZiZDhkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBADUQrRbfnIgxumtI+3/zN/EuDQogKKu9qxERHsfmGwzbPCeOVcYC
lWkbB/Kwe97jQFJ0cpUQNYXow/TCPkVNRRRU2CjbOYWc8uS8onG0AFUfoCwFtILv
I/QDCPbmsieeSWbcVX5hrKV5Rbw7yrHNhafFWSpZlE1E5e9u+OOCTJnBzq4z2kav
A6fKnuwWwI/byqpyn8P0jYhPSTOtszj4dOTVBCzdHEKqjvzgAd+5DfJB94O9/24H
PAvpP3eGgTRIlZYW33MsRG2SevjC7H8lAHJAu+gBPTbPQ6arXEnFGjJq9UlVcqNB
LwKR8OIvMPgA5fajnRUvGP4A65zECw76TTg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:51 2023 by rpki-client on console-fra.rpki-client.org