Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/bbac38cf-468b-3abf-a9da-23fc83c0a29c.roa
File:                     bbac38cf-468b-3abf-a9da-23fc83c0a29c.roa (raw, json)
Hash identifier:          4AN1Hl44+3UoTQ7tZThfrPDGWNze2Im1B359ANwXerQ=
Subject key identifier:   9E:A2:7B:23:11:E7:95:AE:1D:70:18:33:53:B1:88:4A:B9:6A:94:9B
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583E6D63B0783205EA4293ED7000
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/bbac38cf-468b-3abf-a9da-23fc83c0a29c.roa
Signing time:             Fri 01 Jul 2022 12:00:00 +0000
ROA not before:           Fri 01 Jul 2022 12:00:00 +0000
ROA not after:            Sun 02 Jul 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3e:6d:63:b0:78:32:05:ea:42:93:ed:70:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Jul  1 12:00:00 2022 GMT
            Not After : Jul  2 04:00:00 2023 GMT
        Subject: CN=31bd1f2b-73a4-4f70-bd1a-79ffc1680834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:4a:a0:1a:13:06:4d:8f:20:49:a9:d2:e1:21:
                    02:42:3c:b9:ba:9c:ed:80:a6:c6:bd:fd:5c:41:f5:
                    72:31:2d:ce:12:7a:f1:dc:0b:2a:a3:47:df:22:77:
                    3c:ca:d0:f1:bc:27:5f:3c:47:99:7a:6c:4b:68:c6:
                    03:b7:d2:e4:41:be:f1:be:b9:b0:cf:49:ce:c0:4f:
                    cd:cb:8f:51:3d:cd:be:a8:ca:e8:4c:7d:13:3d:fd:
                    cc:ad:7d:4b:15:7a:2d:b7:e3:2f:a7:e2:66:6b:ad:
                    98:a3:d8:48:a6:8f:2a:ad:54:b8:9a:23:7b:36:91:
                    e3:e1:3a:75:d1:7b:8d:15:87:d4:13:59:68:fa:a8:
                    ed:a1:b4:27:cf:c1:e1:d7:39:a8:4d:61:c6:02:84:
                    af:58:d6:39:dc:2e:47:3c:09:8b:e4:68:45:33:72:
                    f7:2e:f2:83:06:88:76:e4:66:e6:51:b0:4b:9b:31:
                    9f:54:30:01:41:57:d8:a8:3b:a6:59:6b:5e:f9:2e:
                    73:eb:b0:a4:12:21:f2:29:48:b5:08:4c:cf:94:9e:
                    00:3c:bf:36:38:6e:80:3b:5d:44:58:8c:90:69:b0:
                    18:7e:7d:dd:24:d7:f5:97:72:ef:99:0f:61:1f:90:
                    f0:b8:a9:d7:19:f3:b7:00:0d:d5:71:fb:6c:ed:30:
                    66:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:A2:7B:23:11:E7:95:AE:1D:70:18:33:53:B1:88:4A:B9:6A:94:9B
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/bbac38cf-468b-3abf-a9da-23fc83c0a29c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         04:71:e5:03:26:6d:a2:d2:99:03:61:d6:54:20:98:36:f7:22:
         ff:69:f5:bc:bb:09:10:63:51:44:f8:5c:78:f2:a0:a8:19:bc:
         06:2d:91:58:17:d8:02:d1:26:d1:35:81:20:cb:c8:08:bd:84:
         2a:b8:24:52:fc:2b:8b:f6:47:cd:53:f4:21:0a:ae:71:6d:f3:
         10:1e:a1:80:9d:0e:1c:d5:a2:03:d9:60:90:c6:fe:22:b5:b6:
         7e:7d:a8:36:63:02:42:26:f6:63:38:e3:53:43:ac:cf:94:3a:
         c4:cc:a8:cb:d6:07:ce:03:44:8e:23:bc:c1:5a:5e:2c:26:9a:
         36:45:f2:ca:44:ed:1a:5a:14:8c:e2:25:b5:80:18:24:a9:94:
         ec:cb:0c:01:e4:ee:46:c3:1e:c8:9a:b6:66:df:03:e1:c9:3f:
         d8:b8:63:eb:65:ef:01:1c:59:b2:49:21:a9:20:85:e2:66:7c:
         63:15:b2:f8:1f:27:63:c4:80:76:a7:3d:39:54:5f:c6:71:fa:
         9f:28:22:16:a0:b5:e1:dc:c9:d8:93:32:24:13:bf:35:45:49:
         bb:2d:4f:d5:9f:42:20:ac:8a:47:06:04:44:4a:8e:b7:a5:9c:
         45:23:14:0d:e2:c0:83:b3:18:7e:c3:00:e7:c0:d4:a4:ec:07:
         81:39:04:f7
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWD5tY7B4MgXqQpPtcAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMDcwMTEyMDAwMFoXDTIzMDcwMjA0MDAwMFowLzEtMCsGA1UEAxMk
MzFiZDFmMmItNzNhNC00ZjcwLWJkMWEtNzlmZmMxNjgwODM0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EqgGhMGTY8gSanS4SECQjy5upztgKbGvf1c
QfVyMS3OEnrx3Asqo0ffInc8ytDxvCdfPEeZemxLaMYDt9LkQb7xvrmwz0nOwE/N
y49RPc2+qMroTH0TPf3MrX1LFXott+Mvp+Jma62Yo9hIpo8qrVS4miN7NpHj4Tp1
0XuNFYfUE1lo+qjtobQnz8Hh1zmoTWHGAoSvWNY53C5HPAmL5GhFM3L3LvKDBoh2
5GbmUbBLmzGfVDABQVfYqDumWWte+S5z67CkEiHyKUi1CEzPlJ4APL82OG6AO11E
WIyQabAYfn3dJNf1l3LvmQ9hH5DwuKnXGfO3AA3Vcfts7TBm2QIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFJ6ieyMR55WuHXAYM1OxiEq5apSbMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvYmJhYzM4Y2YtNDY4Yi0z
YWJmLWE5ZGEtMjNmYzgzYzBhMjljLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAARx5QMmbaLSmQNh1lQgmDb3Iv9p9by7CRBjUUT4XHjyoKgZvAYt
kVgX2ALRJtE1gSDLyAi9hCq4JFL8K4v2R81T9CEKrnFt8xAeoYCdDhzVogPZYJDG
/iK1tn59qDZjAkIm9mM441NDrM+UOsTMqMvWB84DRI4jvMFaXiwmmjZF8spE7Rpa
FIziJbWAGCSplOzLDAHk7kbDHsiatmbfA+HJP9i4Y+tl7wEcWbJJIakgheJmfGMV
svgfJ2PEgHanPTlUX8Zx+p8oIhagteHcydiTMiQTvzVFSbstT9WfQiCsikcGBERK
jrelnEUjFA3iwIOzGH7DAOfA1KTsB4E5BPc=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:45 2023 by rpki-client on console-ams.rpki-client.org