Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/257d74d6-0444-3a87-8da0-71037ea2dc34.roa
File:                     257d74d6-0444-3a87-8da0-71037ea2dc34.roa (raw, json)
Hash identifier:          0tTsZly0AcJhJwTnEBGlGZtk3jpYRjGUqXbS7O+gk5k=
Subject key identifier:   FD:3E:85:90:84:31:B9:A4:7A:3E:30:1F:97:8F:3B:4C:50:D6:E8:AF
Certificate issuer:       /CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
Certificate serial:       010D0C9F432858423A5870F4D59A3DFE6AE61C20
Authority key identifier: 00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/257d74d6-0444-3a87-8da0-71037ea2dc34.roa
Signing time:             Thu 15 Jun 2023 13:00:18 +0000
ROA not before:           Thu 15 Jun 2023 13:00:18 +0000
ROA not after:            Wed 13 Sep 2023 13:00:18 +0000
asID:                     7862
IP address blocks:        146.23.58.0/23 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:42:3a:58:70:f4:d5:9a:3d:fe:6a:e6:1c:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
        Validity
            Not Before: Jun 15 13:00:18 2023 GMT
            Not After : Sep 13 13:00:18 2023 GMT
        Subject: CN=595bf310-66e9-426e-a7a6-43abcbff25b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:7b:77:7c:93:74:33:2e:99:e8:ff:21:93:8b:
                    55:57:be:3f:c4:93:09:b2:7c:d2:36:1b:35:b7:bd:
                    7f:96:f2:77:59:a2:f6:d9:d5:37:0a:8e:11:ef:bd:
                    a3:3a:53:e1:66:d5:1d:6e:62:01:fd:f0:fa:67:4c:
                    eb:30:02:c4:26:c0:82:13:94:27:81:7e:7a:d6:53:
                    61:9f:34:77:e5:3b:e4:ce:1c:f5:66:9a:8d:3d:4a:
                    80:2e:8b:73:2d:aa:21:00:89:54:6a:98:4e:8d:37:
                    65:18:3d:39:9f:1a:50:25:9a:7b:8a:55:66:6a:13:
                    32:c2:ab:63:5a:3a:c7:87:03:39:b4:fe:98:13:eb:
                    03:90:7b:4a:f3:9f:64:fc:c5:5f:6b:0e:44:4c:05:
                    69:23:43:3c:0a:d2:ea:52:2a:8b:bd:ad:d6:73:1a:
                    f0:3b:d1:0c:d7:ca:5c:7a:5a:e8:25:dd:1d:0d:95:
                    ad:96:39:9e:5d:be:3c:e4:62:0a:27:a4:ae:43:ca:
                    fb:4a:b3:53:e4:f2:1e:a5:6a:78:6d:22:c4:be:47:
                    ad:ce:33:08:42:e5:e6:81:fd:54:50:14:c7:61:b7:
                    ab:52:c1:71:c5:40:cc:71:b8:be:47:12:13:b6:b0:
                    26:c7:16:a9:cb:b0:71:69:64:07:b0:e7:f1:ad:98:
                    e2:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FD:3E:85:90:84:31:B9:A4:7A:3E:30:1F:97:8F:3B:4C:50:D6:E8:AF
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/257d74d6-0444-3a87-8da0-71037ea2dc34.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/71ea89b4-ed85-463f-83d9-8453300bf2bd.crl

            X509v3 Authority Key Identifier:
                keyid:00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.23.58.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0f:7c:26:eb:40:87:62:0a:06:0d:f3:2f:20:dc:98:b4:da:62:
         d0:b9:9f:f6:3e:73:fc:44:88:c4:1c:67:42:32:27:50:be:a1:
         c1:24:8a:e7:0b:95:cd:9f:aa:2e:24:1a:09:f1:49:e9:8c:88:
         c7:9a:87:68:a2:d9:19:ac:72:46:31:01:f9:53:c2:13:60:95:
         d8:af:46:86:66:18:c7:83:5d:04:ba:a5:1b:60:7e:ea:a8:b2:
         a0:46:17:bb:77:d2:2e:ae:75:d3:14:55:11:6c:80:ed:42:c0:
         61:42:d4:d1:1c:0c:da:a1:c9:89:6f:7e:ac:b6:d8:c8:b0:1d:
         f5:46:26:f6:c6:28:0c:9e:1d:ab:87:65:98:e7:55:d8:90:22:
         49:a3:73:d9:ea:aa:97:c5:a1:0c:4c:1e:f4:4b:c0:3b:7b:b9:
         c4:0d:f7:fc:51:85:aa:28:71:f0:1a:67:92:ec:aa:c1:fe:6a:
         0a:4c:d6:a9:28:91:86:20:8b:58:ff:ed:0f:ba:02:84:7e:41:
         35:b3:f7:b4:b6:0e:28:25:56:1c:6b:2f:db:91:c6:c9:0b:83:
         e2:5e:cf:9e:a8:94:23:70:8b:11:74:c7:d6:d2:13:ab:03:fd:
         ce:b9:38:4b:85:b8:1b:f5:25:0d:21:e0:7c:90:44:96:db:88:
         cc:53:38:2b
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEI6WHD01Zo9/mrmHCAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzFlYTg5YjQtZWQ4NS00NjNmLTgzZDktODQ1MzMwMGJm
MmJkMB4XDTIzMDYxNTEzMDAxOFoXDTIzMDkxMzEzMDAxOFowLzEtMCsGA1UEAxMk
NTk1YmYzMTAtNjZlOS00MjZlLWE3YTYtNDNhYmNiZmYyNWI1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXt3fJN0My6Z6P8hk4tVV74/xJMJsnzSNhs1
t71/lvJ3WaL22dU3Co4R772jOlPhZtUdbmIB/fD6Z0zrMALEJsCCE5QngX561lNh
nzR35Tvkzhz1ZpqNPUqALotzLaohAIlUaphOjTdlGD05nxpQJZp7ilVmahMywqtj
WjrHhwM5tP6YE+sDkHtK859k/MVfaw5ETAVpI0M8CtLqUiqLva3WcxrwO9EM18pc
elroJd0dDZWtljmeXb485GIKJ6SuQ8r7SrNT5PIepWp4bSLEvketzjMIQuXmgf1U
UBTHYberUsFxxUDMcbi+RxITtrAmxxapy7BxaWQHsOfxrZjiIQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFP0+hZCEMbmkej4wH5ePO0xQ1uivMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83MWVh
ODliNC1lZDg1LTQ2M2YtODNkOS04NDUzMzAwYmYyYmQvMjU3ZDc0ZDYtMDQ0NC0z
YTg3LThkYTAtNzEwMzdlYTJkYzM0LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvNzFlYTg5YjQtZWQ4NS00NjNmLTgz
ZDktODQ1MzMwMGJmMmJkLzcxZWE4OWI0LWVkODUtNDYzZi04M2Q5LTg0NTMzMDBi
ZjJiZC5jcmwwHwYDVR0jBBgwFoAUAPoosGNeNAxamY5KWp40aTpaVmIwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC83MWVhODliNC1lZDg1LTQ2M2YtODNkOS04NDUz
MzAwYmYyYmQuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkhc6MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAA98JutAh2IKBg3zLyDcmLTaYtC5n/Y+c/xEiMQcZ0IyJ1C+ocEkiucL
lc2fqi4kGgnxSemMiMeah2ii2RmsckYxAflTwhNgldivRoZmGMeDXQS6pRtgfuqo
sqBGF7t30i6uddMUVRFsgO1CwGFC1NEcDNqhyYlvfqy22MiwHfVGJvbGKAyeHauH
ZZjnVdiQIkmjc9nqqpfFoQxMHvRLwDt7ucQN9/xRhaoocfAaZ5LsqsH+agpM1qko
kYYgi1j/7Q+6AoR+QTWz97S2DiglVhxrL9uRxskLg+Jez56olCNwixF0x9bSE6sD
/c65OEuFuBv1JQ0h4HyQRJbbiMxTOCs=
-----END CERTIFICATE-----
Generated at Mon Aug 7 15:18:47 2023 by rpki-client on console-fra.rpki-client.org