Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/c7f920da-dcee-37ad-8c56-f6f693b3f845.roa
File:                     c7f920da-dcee-37ad-8c56-f6f693b3f845.roa (raw, json)
Hash identifier:          zz/dsGQ82A6YA8p6FgaIxyWchWFVRrs4cYD168TwH7A=
Subject key identifier:   F4:79:17:AE:AF:58:D9:73:F0:10:E2:B7:A5:34:BD:BC:6B:9D:77:64
Certificate issuer:       /CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
Certificate serial:       010D0C9F432858423A5871859CAEB0D202D46700
Authority key identifier: 00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/c7f920da-dcee-37ad-8c56-f6f693b3f845.roa
Signing time:             Thu 15 Jun 2023 13:00:18 +0000
ROA not before:           Thu 15 Jun 2023 13:00:18 +0000
ROA not after:            Wed 13 Sep 2023 13:00:18 +0000
asID:                     7862
IP address blocks:        146.23.38.0/23 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:42:3a:58:71:85:9c:ae:b0:d2:02:d4:67:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71ea89b4-ed85-463f-83d9-8453300bf2bd
        Validity
            Not Before: Jun 15 13:00:18 2023 GMT
            Not After : Sep 13 13:00:18 2023 GMT
        Subject: CN=f5c3c077-3570-4c87-a587-e587c87f9a8c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:10:14:2e:46:01:81:5d:15:eb:5e:c6:eb:3f:
                    7c:5c:8f:7e:d8:d7:ab:52:fe:1a:83:d7:50:d0:9e:
                    34:c8:76:43:5d:4d:bd:f1:fd:21:a0:d6:b4:1c:d3:
                    42:de:8c:5c:60:58:f2:40:ca:7c:4e:b8:a7:72:07:
                    5b:ef:20:13:8e:c8:8e:3f:e7:e3:75:96:27:1e:ca:
                    13:4f:60:f0:dd:d0:8d:96:79:29:d9:2e:ec:de:fe:
                    6f:ed:ec:07:a9:87:96:fa:38:35:a8:6d:f0:0f:b6:
                    0b:62:dd:54:20:c9:8a:84:dc:68:35:a9:0a:79:59:
                    55:05:fb:1b:77:c8:df:89:d3:2c:c2:d0:02:20:d0:
                    37:4e:23:de:1c:49:9d:d6:c0:aa:58:38:a3:ab:5d:
                    17:6e:87:f0:04:ce:2a:dd:c4:4f:c9:1f:2b:f7:4f:
                    11:dc:27:35:13:ff:1a:8f:b9:2c:6a:cf:bc:8e:88:
                    76:de:08:10:08:d5:6f:99:60:1d:84:49:35:a9:13:
                    f4:64:8c:3d:65:97:d3:03:8f:a6:1c:9b:b8:c5:07:
                    62:26:5b:0b:60:44:7a:5c:77:07:d0:68:49:78:e5:
                    67:c1:b0:cb:20:67:5f:5f:3f:60:59:47:d9:cb:0e:
                    01:8e:0c:f8:28:c9:f2:40:12:84:8c:8c:4c:8e:b4:
                    67:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:79:17:AE:AF:58:D9:73:F0:10:E2:B7:A5:34:BD:BC:6B:9D:77:64
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/c7f920da-dcee-37ad-8c56-f6f693b3f845.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd/71ea89b4-ed85-463f-83d9-8453300bf2bd.crl

            X509v3 Authority Key Identifier:
                keyid:00:FA:28:B0:63:5E:34:0C:5A:99:8E:4A:5A:9E:34:69:3A:5A:56:62

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/71ea89b4-ed85-463f-83d9-8453300bf2bd.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  146.23.38.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         db:32:11:fe:2b:83:6a:f0:ed:33:d0:2b:95:23:2b:0a:a3:de:
         ae:e9:14:de:20:3b:58:ae:51:0b:d7:53:f7:6b:66:9c:34:5a:
         fe:1d:d8:18:56:e2:d8:2c:ce:86:77:4d:a9:45:0f:1f:bd:1c:
         65:12:2d:e4:a9:3f:72:c0:2f:13:69:d0:b5:2a:9b:bd:2d:ec:
         f4:cf:37:62:98:11:4d:95:4d:e6:a8:40:c1:b6:e1:b0:4b:cb:
         c2:3e:fd:73:1d:e5:3a:22:c5:61:1a:bd:b5:47:3d:33:28:ae:
         d8:50:2a:96:be:07:1b:b8:38:88:69:27:43:cb:6a:01:83:c3:
         c2:98:dd:54:1f:51:ca:10:13:b4:da:f2:0a:0f:f3:dc:db:7b:
         8c:45:4c:28:72:e9:51:0a:3e:ea:f8:83:e1:f0:3e:2b:ec:67:
         9d:30:82:77:15:0a:ef:a6:44:eb:56:bc:66:e8:ff:e3:87:76:
         45:c4:a3:06:a4:96:25:c7:6e:6c:17:6a:cc:fa:b2:d7:0e:76:
         be:48:cf:2d:f3:b6:e1:64:16:1e:36:40:27:7e:35:a3:c6:1e:
         2c:d0:ad:c1:f9:1f:c9:e6:da:5a:c0:fe:c5:e1:60:27:36:f9:
         c2:c8:15:df:18:1d:8a:d6:b7:12:f2:c7:90:2a:64:2d:81:a9:
         3d:69:2d:85
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEI6WHGFnK6w0gLUZwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzFlYTg5YjQtZWQ4NS00NjNmLTgzZDktODQ1MzMwMGJm
MmJkMB4XDTIzMDYxNTEzMDAxOFoXDTIzMDkxMzEzMDAxOFowLzEtMCsGA1UEAxMk
ZjVjM2MwNzctMzU3MC00Yzg3LWE1ODctZTU4N2M4N2Y5YThjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBAULkYBgV0V617G6z98XI9+2NerUv4ag9dQ
0J40yHZDXU298f0hoNa0HNNC3oxcYFjyQMp8Trincgdb7yATjsiOP+fjdZYnHsoT
T2Dw3dCNlnkp2S7s3v5v7ewHqYeW+jg1qG3wD7YLYt1UIMmKhNxoNakKeVlVBfsb
d8jfidMswtACINA3TiPeHEmd1sCqWDijq10XbofwBM4q3cRPyR8r908R3Cc1E/8a
j7ksas+8joh23ggQCNVvmWAdhEk1qRP0ZIw9ZZfTA4+mHJu4xQdiJlsLYER6XHcH
0GhJeOVnwbDLIGdfXz9gWUfZyw4Bjgz4KMnyQBKEjIxMjrRnPQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFPR5F66vWNlz8BDit6U0vbxrnXdkMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC83MWVh
ODliNC1lZDg1LTQ2M2YtODNkOS04NDUzMzAwYmYyYmQvYzdmOTIwZGEtZGNlZS0z
N2FkLThjNTYtZjZmNjkzYjNmODQ1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvNzFlYTg5YjQtZWQ4NS00NjNmLTgz
ZDktODQ1MzMwMGJmMmJkLzcxZWE4OWI0LWVkODUtNDYzZi04M2Q5LTg0NTMzMDBi
ZjJiZC5jcmwwHwYDVR0jBBgwFoAUAPoosGNeNAxamY5KWp40aTpaVmIwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC83MWVhODliNC1lZDg1LTQ2M2YtODNkOS04NDUz
MzAwYmYyYmQuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBkhcmMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBANsyEf4rg2rw7TPQK5UjKwqj3q7pFN4gO1iuUQvXU/drZpw0Wv4d2BhW
4tgszoZ3TalFDx+9HGUSLeSpP3LALxNp0LUqm70t7PTPN2KYEU2VTeaoQMG24bBL
y8I+/XMd5ToixWEavbVHPTMorthQKpa+Bxu4OIhpJ0PLagGDw8KY3VQfUcoQE7Ta
8goP89zbe4xFTChy6VEKPur4g+HwPivsZ50wgncVCu+mROtWvGbo/+OHdkXEowak
liXHbmwXasz6stcOdr5Izy3ztuFkFh42QCd+NaPGHizQrcH5H8nm2lrA/sXhYCc2
+cLIFd8YHYrWtxLyx5AqZC2BqT1pLYU=
-----END CERTIFICATE-----
Generated at Mon Aug 7 15:18:47 2023 by rpki-client on console-fra.rpki-client.org