Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/839388ff-a92a-3f07-867e-4347140b222c.roa
File:                     839388ff-a92a-3f07-867e-4347140b222c.roa (raw, json)
Hash identifier:          g//NcARxETuO8ROvet3Zw4aqqhqHjhU0Z8VwMkihbdQ=
Subject key identifier:   34:A4:27:D8:CA:44:30:EE:33:F8:FC:1F:22:70:1A:C9:CB:DF:A1:E8
Certificate issuer:       /CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
Certificate serial:       010D0C9F43285842229DA1A1D476EA87FBDCDE00
Authority key identifier: 00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/839388ff-a92a-3f07-867e-4347140b222c.roa
Signing time:             Wed 07 Jun 2023 01:00:16 +0000
ROA not before:           Wed 07 Jun 2023 01:00:16 +0000
ROA not after:            Tue 05 Sep 2023 01:00:16 +0000
asID:                     7862
IP address blocks:        146.23.52.0/23 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:42:22:9d:a1:a1:d4:76:ea:87:fb:dc:de:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
        Validity
            Not Before: Jun  7 01:00:16 2023 GMT
            Not After : Sep  5 01:00:16 2023 GMT
        Subject: CN=c1da2bd2-245b-43b8-ac7c-0406b6598cfa
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:20:b9:b8:75:fc:0d:2b:74:74:09:14:0c:72:
                    ef:69:68:92:fd:c0:5f:69:be:a5:ec:6b:cb:ac:f2:
                    70:1b:e0:4e:e1:22:33:7e:a2:92:96:fc:07:a5:f3:
                    2c:58:2c:f7:09:10:9f:cc:ea:5d:f1:6f:fd:1e:b1:
                    3b:fc:11:c8:49:d3:aa:76:d3:0a:6c:f6:34:6f:86:
                    e3:aa:93:da:ba:b4:e1:d5:dc:1d:6e:ba:87:21:2e:
                    12:51:b6:53:98:0f:44:74:ca:6d:cc:ef:33:7c:1a:
                    14:de:92:ac:ec:60:cd:f4:f5:6b:37:8f:13:44:60:
                    62:c0:c0:17:ff:04:a0:11:48:fa:53:89:23:82:33:
                    85:f7:3d:f3:5a:66:62:b4:79:cb:bf:10:1d:de:8b:
                    91:e3:24:74:ee:e2:a8:fa:5c:31:ae:56:53:12:76:
                    d7:7d:16:32:a8:63:35:19:2d:6e:12:14:9e:38:c4:
                    d7:4f:22:c2:08:94:ed:68:8c:25:b5:0d:87:c3:ac:
                    57:37:9f:00:0f:38:35:0a:65:7c:c3:76:62:47:da:
                    05:28:cf:8e:d3:94:ea:ea:d9:d4:5b:4f:af:3f:65:
                    b9:b4:fb:9b:95:30:6b:b2:75:98:a1:0e:1f:08:37:
                    bd:80:af:4f:cf:df:56:7e:80:b0:2a:db:4e:38:9c:
                    bc:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:A4:27:D8:CA:44:30:EE:33:F8:FC:1F:22:70:1A:C9:CB:DF:A1:E8
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/839388ff-a92a-3f07-867e-4347140b222c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/71ea89b4-ed85-463f-83d9-8453300bf2bd.crl

            X509v3 Authority Key Identifier:
                keyid:00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.23.52.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         14:8e:9c:e3:d3:63:86:d0:4e:8f:85:06:16:e2:0a:0e:d0:b4:
         0f:ab:48:20:95:94:c7:34:87:5a:a8:c7:2c:67:08:29:c8:ec:
         54:8c:12:f0:cd:e3:85:a5:35:70:ab:eb:fa:37:40:83:34:78:
         04:ac:6c:79:15:f7:29:7e:de:a0:a2:d7:d8:67:49:27:7a:f3:
         b8:c5:35:1c:2c:c5:55:5c:6c:fd:44:40:1b:03:fc:0c:4f:74:
         cd:ed:95:16:bd:48:b1:86:1d:9f:82:b8:87:bc:3c:21:fb:c6:
         f1:b3:f6:9a:1a:ca:b0:40:26:dd:ff:94:c8:5d:8b:a0:42:09:
         ce:25:b6:8e:11:c7:38:30:d5:d0:34:6e:cc:17:b4:d2:4d:97:
         46:e5:86:6f:95:b6:21:23:6d:c0:26:c9:77:44:4a:2f:60:03:
         29:33:f6:4e:50:3d:cc:d7:20:92:f5:0d:45:cd:58:1a:b8:63:
         35:f5:30:ff:e0:50:f3:3a:1c:45:a3:3d:1b:8b:b5:97:0a:6f:
         9a:ad:16:3e:76:1f:0e:38:c1:fa:d1:45:a4:51:20:50:a0:6a:
         42:f7:84:ad:1d:08:fb:99:4c:12:d1:28:eb:50:d6:ab:1b:c4:
         6d:09:a9:67:67:52:17:9d:be:f2:fd:1a:1a:5a:d7:5c:8b:96:
         93:77:8b:3a
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEIinaGh1Hbqh/vc3gAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzFlYTg5YjQtZWQ4NS00NjNmLTgzZDktODQ1MzMwMGJm
MmJkMB4XDTIzMDYwNzAxMDAxNloXDTIzMDkwNTAxMDAxNlowLzEtMCsGA1UEAxMk
YzFkYTJiZDItMjQ1Yi00M2I4LWFjN2MtMDQwNmI2NTk4Y2ZhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCC5uHX8DSt0dAkUDHLvaWiS/cBfab6l7GvL
rPJwG+BO4SIzfqKSlvwHpfMsWCz3CRCfzOpd8W/9HrE7/BHISdOqdtMKbPY0b4bj
qpPaurTh1dwdbrqHIS4SUbZTmA9EdMptzO8zfBoU3pKs7GDN9PVrN48TRGBiwMAX
/wSgEUj6U4kjgjOF9z3zWmZitHnLvxAd3ouR4yR07uKo+lwxrlZTEnbXfRYyqGM1
GS1uEhSeOMTXTyLCCJTtaIwltQ2Hw6xXN58ADzg1CmV8w3ZiR9oFKM+O05Tq6tnU
W0+vP2W5tPublTBrsnWYoQ4fCDe9gK9Pz99WfoCwKttOOJy8HwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFDSkJ9jKRDDuM/j8HyJwGsnL36HoMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83MWVh
ODliNC1lZDg1LTQ2M2YtODNkOS04NDUzMzAwYmYyYmQvODM5Mzg4ZmYtYTkyYS0z
ZjA3LTg2N2UtNDM0NzE0MGIyMjJjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvNzFlYTg5YjQtZWQ4NS00NjNmLTgz
ZDktODQ1MzMwMGJmMmJkLzcxZWE4OWI0LWVkODUtNDYzZi04M2Q5LTg0NTMzMDBi
ZjJiZC5jcmwwHwYDVR0jBBgwFoAUAPoosGNeNAxamY5KWp40aTpaVmIwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC83MWVhODliNC1lZDg1LTQ2M2YtODNkOS04NDUz
MzAwYmYyYmQuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkhc0MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABSOnOPTY4bQTo+FBhbiCg7QtA+rSCCVlMc0h1qoxyxnCCnI7FSMEvDN
44WlNXCr6/o3QIM0eASsbHkV9yl+3qCi19hnSSd687jFNRwsxVVcbP1EQBsD/AxP
dM3tlRa9SLGGHZ+CuIe8PCH7xvGz9poayrBAJt3/lMhdi6BCCc4lto4Rxzgw1dA0
bswXtNJNl0blhm+VtiEjbcAmyXdESi9gAykz9k5QPczXIJL1DUXNWBq4YzX1MP/g
UPM6HEWjPRuLtZcKb5qtFj52Hw44wfrRRaRRIFCgakL3hK0dCPuZTBLRKOtQ1qsb
xG0JqWdnUhedvvL9Ghpa11yLlpN3izo=
-----END CERTIFICATE-----
Generated at Mon Aug 7 15:15:39 2023 by rpki-client on console-ams.rpki-client.org