Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/7b3ef7bb-41cd-3a48-9453-e6b69141a6b7.roa
File:                     7b3ef7bb-41cd-3a48-9453-e6b69141a6b7.roa (raw, json)
Hash identifier:          hgc8i0Xaa86AC4BAU9ShjxMKw6XyTz6ltk98WrRmOco=
Subject key identifier:   72:81:D5:A2:43:27:91:51:5E:E2:82:18:98:CC:CE:18:DD:54:E1:A7
Certificate issuer:       /CN=47e2bda9-427c-40c6-8b4d-1c85bd42d18a
Certificate serial:       010D0C9F43285841F8BD62EBD42ACFA103943F40
Authority key identifier: 35:29:D5:B9:E4:8A:DB:14:90:BA:15:B9:67:50:F0:F8:50:C7:19:AA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/7b3ef7bb-41cd-3a48-9453-e6b69141a6b7.roa
Signing time:             Tue 23 May 2023 01:00:16 +0000
ROA not before:           Tue 23 May 2023 01:00:16 +0000
ROA not after:            Mon 21 Aug 2023 01:00:16 +0000
asID:                     16509
IP address blocks:        159.140.144.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:41:f8:bd:62:eb:d4:2a:cf:a1:03:94:3f:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47e2bda9-427c-40c6-8b4d-1c85bd42d18a
        Validity
            Not Before: May 23 01:00:16 2023 GMT
            Not After : Aug 21 01:00:16 2023 GMT
        Subject: CN=1e7db1e7-597a-44c7-bcb0-a5c3ad3edd4d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:25:aa:0d:c9:5d:08:80:af:01:18:02:6f:b7:
                    eb:96:7d:b5:d0:30:ed:45:83:03:bb:2b:9e:9a:39:
                    6c:19:d9:1f:7f:3d:4d:33:50:6d:13:18:82:60:81:
                    ca:d0:05:4f:5c:34:dc:83:4e:c2:86:3e:4b:d7:e5:
                    54:43:01:35:1d:10:5d:ca:7f:e7:0b:d9:50:98:49:
                    cb:e5:39:fc:09:3f:37:61:a8:c5:12:bc:b3:6b:68:
                    72:50:2d:bb:2d:38:8c:08:31:09:01:ef:53:e8:b4:
                    c4:39:36:53:bf:76:93:c1:66:cb:de:67:3a:8a:06:
                    55:7d:26:71:2d:e9:62:38:ef:c6:0b:22:e3:e8:7c:
                    f7:65:5f:c6:4f:8b:3c:92:b3:88:26:a5:5f:fd:49:
                    12:bd:2d:e5:2f:6f:22:17:d9:a0:f7:3f:3f:19:5b:
                    cc:58:14:46:cd:ee:ae:e4:07:8f:df:77:5a:73:51:
                    76:02:59:2c:12:5d:64:36:97:6a:82:ac:27:d4:94:
                    0e:0d:4a:7e:48:bc:cc:c2:ed:88:1a:0a:33:43:ab:
                    e1:4c:c8:2b:e0:1f:39:40:bf:a9:ed:33:72:7d:26:
                    18:3f:77:2f:d1:cb:5d:b9:e6:8d:ae:29:0d:76:dd:
                    da:06:0b:2e:d2:60:cb:13:77:bd:f2:08:b1:d2:68:
                    fa:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:81:D5:A2:43:27:91:51:5E:E2:82:18:98:CC:CE:18:DD:54:E1:A7
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/7b3ef7bb-41cd-3a48-9453-e6b69141a6b7.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/47e2bda9-427c-40c6-8b4d-1c85bd42d18a.crl

            X509v3 Authority Key Identifier:
                keyid:35:29:D5:B9:E4:8A:DB:14:90:BA:15:B9:67:50:F0:F8:50:C7:19:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.140.144.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         11:63:b0:4a:cd:cd:34:86:64:ed:77:06:73:25:ff:7e:fd:aa:
         6d:83:10:91:cf:1f:18:1f:92:07:79:df:a2:9d:da:d4:e9:9f:
         1b:ab:85:83:ec:07:c3:e2:a4:ec:84:c4:fe:1c:65:f8:df:e7:
         4c:d8:c4:f3:6b:1e:04:b1:40:5d:96:77:1e:43:4c:c9:c9:a1:
         2c:1a:d7:0d:99:e4:c7:9e:13:e9:ca:2f:51:a7:fe:49:54:e1:
         1b:69:e6:30:fb:68:7f:58:c5:79:52:c5:fd:fa:05:e9:df:43:
         32:13:03:70:de:42:b9:9c:0e:2c:15:6e:e3:03:58:df:a2:27:
         57:69:f0:c8:12:42:69:cb:d0:30:e1:38:60:b2:b0:ad:87:a6:
         0f:17:3b:61:b4:46:08:e7:1f:94:c4:be:1b:43:ff:a2:71:17:
         d1:6e:6b:b3:49:33:7c:0e:dc:fc:db:b6:2f:dc:95:79:20:a5:
         cf:c9:34:8e:f0:59:42:7f:e0:36:f7:4e:55:4a:32:47:26:d1:
         67:84:b1:d2:80:2c:72:f6:e7:07:d5:b6:3c:d0:ad:75:a3:43:
         00:6f:ca:4e:99:01:18:cd:6b:df:25:b4:3a:db:17:25:74:1c:
         a7:99:4b:47:9b:89:dc:39:b4:20:48:1e:da:2b:e2:16:40:79:
         7a:c7:da:e5
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEH4vWLr1CrPoQOUP0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDdlMmJkYTktNDI3Yy00MGM2LThiNGQtMWM4NWJkNDJk
MThhMB4XDTIzMDUyMzAxMDAxNloXDTIzMDgyMTAxMDAxNlowLzEtMCsGA1UEAxMk
MWU3ZGIxZTctNTk3YS00NGM3LWJjYjAtYTVjM2FkM2VkZDRkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiWqDcldCICvARgCb7frln210DDtRYMDuyue
mjlsGdkffz1NM1BtExiCYIHK0AVPXDTcg07Chj5L1+VUQwE1HRBdyn/nC9lQmEnL
5Tn8CT83YajFEryza2hyUC27LTiMCDEJAe9T6LTEOTZTv3aTwWbL3mc6igZVfSZx
LeliOO/GCyLj6Hz3ZV/GT4s8krOIJqVf/UkSvS3lL28iF9mg9z8/GVvMWBRGze6u
5AeP33dac1F2AlksEl1kNpdqgqwn1JQODUp+SLzMwu2IGgozQ6vhTMgr4B85QL+p
7TNyfSYYP3cv0ctdueaNrikNdt3aBgsu0mDLE3e98gix0mj69wIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFHKB1aJDJ5FRXuKCGJjMzhjdVOGnMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC80N2Uy
YmRhOS00MjdjLTQwYzYtOGI0ZC0xYzg1YmQ0MmQxOGEvN2IzZWY3YmItNDFjZC0z
YTQ4LTk0NTMtZTZiNjkxNDFhNmI3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvNDdlMmJkYTktNDI3Yy00MGM2LThi
NGQtMWM4NWJkNDJkMThhLzQ3ZTJiZGE5LTQyN2MtNDBjNi04YjRkLTFjODViZDQy
ZDE4YS5jcmwwHwYDVR0jBBgwFoAUNSnVueSK2xSQuhW5Z1Dw+FDHGaowDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC80N2UyYmRhOS00MjdjLTQwYzYtOGI0ZC0xYzg1
YmQ0MmQxOGEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn4yQMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABFjsErNzTSGZO13BnMl/379qm2DEJHPHxgfkgd536Kd2tTpnxurhYPs
B8PipOyExP4cZfjf50zYxPNrHgSxQF2Wdx5DTMnJoSwa1w2Z5MeeE+nKL1Gn/klU
4Rtp5jD7aH9YxXlSxf36BenfQzITA3DeQrmcDiwVbuMDWN+iJ1dp8MgSQmnL0DDh
OGCysK2Hpg8XO2G0RgjnH5TEvhtD/6JxF9Fua7NJM3wO3Pzbti/clXkgpc/JNI7w
WUJ/4Db3TlVKMkcm0WeEsdKALHL25wfVtjzQrXWjQwBvyk6ZARjNa98ltDrbFyV0
HKeZS0ebidw5tCBIHtor4hZAeXrH2uU=
-----END CERTIFICATE-----
Generated at Mon Aug 7 15:18:47 2023 by rpki-client on console-fra.rpki-client.org