Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/f80f9298-8029-4285-89d7-27308341b2e0/e74a5ea5-527d-39b4-bae4-90d5fdc44892.roa
File:                     e74a5ea5-527d-39b4-bae4-90d5fdc44892.roa (raw, json)
Hash identifier:          g1mMebGYA3ne747l1weUz2d+BQjVWHlZxSZ25SYI2OI=
Subject key identifier:   95:7B:20:14:DF:CA:A7:ED:FC:1D:2B:C2:F0:BD:67:DA:C7:7A:2B:CC
Certificate issuer:       /CN=f80f9298-8029-4285-89d7-27308341b2e0
Certificate serial:       010D0C9F43285839B256A14D20AFB2501EC7F780
Authority key identifier: 67:6F:DF:98:DD:C5:B2:D6:A7:9F:9F:CF:0E:49:5C:38:64:D1:44:E7
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/f80f9298-8029-4285-89d7-27308341b2e0.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/f80f9298-8029-4285-89d7-27308341b2e0/e74a5ea5-527d-39b4-bae4-90d5fdc44892.roa
Signing time:             Mon 22 Jun 2020 04:00:00 +0000
ROA not before:           Mon 22 Jun 2020 04:00:00 +0000
ROA not after:            Wed 09 Jan 2030 05:00:00 +0000
asID:                     2639
IP address blocks:        199.67.64.0/20 maxlen: 24
                          199.67.80.0/21 maxlen: 24
                          199.67.88.0/22 maxlen: 24
                          199.67.92.0/23 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:39:b2:56:a1:4d:20:af:b2:50:1e:c7:f7:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f80f9298-8029-4285-89d7-27308341b2e0
        Validity
            Not Before: Jun 22 04:00:00 2020 GMT
            Not After : Jan  9 05:00:00 2030 GMT
        Subject: CN=4ac23cde-79fa-47af-9b1a-0685c1b01036
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:12:ca:0c:74:8d:c4:68:53:be:2f:a1:89:5a:
                    ff:76:e0:84:72:06:0d:30:81:2a:2a:62:63:a0:fd:
                    be:32:8d:69:25:e1:fa:97:28:2c:3a:1b:8b:16:84:
                    8c:93:29:dc:48:bd:f4:61:37:e4:44:92:d2:8e:c7:
                    9b:53:41:29:2e:83:f8:5c:d7:be:b8:d7:fd:e3:da:
                    34:8f:d2:93:d1:fb:0e:36:7f:2a:f2:ad:09:0f:a2:
                    1e:e8:73:5e:6a:82:07:ba:97:98:11:3c:25:04:28:
                    4f:7d:45:5f:29:ec:66:ca:04:a7:e3:cd:f9:94:b9:
                    50:5d:0b:f7:30:d9:de:10:33:5b:4b:13:d4:d7:0d:
                    f6:6d:c0:22:b9:83:4a:ec:b3:7b:ce:ea:6f:e1:0a:
                    78:66:b0:97:c0:d8:50:43:d0:7b:e7:04:c5:1c:2a:
                    db:bc:8d:cc:d0:43:6c:0f:00:2f:75:dc:d9:34:3b:
                    34:9e:26:f8:27:2c:cc:56:b6:e6:a9:95:eb:e3:c6:
                    a7:27:0b:0d:0d:c1:0e:04:74:81:64:a1:ce:4b:d9:
                    c6:a0:d9:2f:d4:5c:e1:99:5c:cb:55:95:10:53:4e:
                    2c:25:b8:6b:08:0a:7d:ff:2e:11:f8:bc:81:f2:ea:
                    35:c1:2b:9d:8a:f6:40:c5:1b:c3:e9:5a:30:bf:92:
                    ea:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:7B:20:14:DF:CA:A7:ED:FC:1D:2B:C2:F0:BD:67:DA:C7:7A:2B:CC
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/f80f9298-8029-4285-89d7-27308341b2e0/e74a5ea5-527d-39b4-bae4-90d5fdc44892.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/f80f9298-8029-4285-89d7-27308341b2e0/f80f9298-8029-4285-89d7-27308341b2e0.crl

            X509v3 Authority Key Identifier:
                keyid:67:6F:DF:98:DD:C5:B2:D6:A7:9F:9F:CF:0E:49:5C:38:64:D1:44:E7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/f80f9298-8029-4285-89d7-27308341b2e0.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.67.64.0-199.67.93.255

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         69:cc:3f:9a:18:7a:4f:1e:59:29:88:8a:e8:1d:83:94:07:00:
         59:bc:51:98:69:8f:f8:f6:ae:8a:aa:63:3f:a5:9b:9f:63:e9:
         33:ba:17:9c:9a:58:05:5b:6c:c0:d5:1c:db:88:6d:37:22:68:
         5a:46:84:d5:ac:6c:e1:dc:a0:94:81:94:09:e5:5a:88:41:c9:
         9f:87:03:cf:65:c3:ac:48:08:da:fd:50:20:b9:c9:75:86:b0:
         b2:d3:07:fc:a0:7c:c0:fe:87:91:8d:98:02:72:b1:86:de:6f:
         60:8e:0c:bb:e2:c5:4b:1a:37:d1:35:01:8d:33:6c:c6:b5:a7:
         53:4b:1d:3a:ad:bc:08:bc:bf:ca:a4:16:8c:f2:33:b4:d8:c4:
         50:b6:fa:03:bd:bc:f8:be:35:51:9f:28:ba:03:c1:01:29:a9:
         8f:35:51:10:b2:4f:fc:75:fc:54:78:be:6b:e3:ae:2c:b9:57:
         c9:22:6a:bd:13:0f:96:bd:56:35:e7:f8:57:61:70:ed:33:de:
         6d:48:01:78:d0:df:f0:f1:64:fa:4c:0a:bd:c6:c9:91:cc:1a:
         5f:00:65:78:1f:5f:6c:64:ff:a5:5b:94:27:a1:5e:11:ac:13:
         40:26:64:bb:47:f9:d9:d2:29:f9:35:74:3f:60:c9:0e:d7:e4:
         99:00:2d:ed
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgIUAQ0Mn0MoWDmyVqFNIK+yUB7H94AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjgwZjkyOTgtODAyOS00Mjg1LTg5ZDctMjczMDgzNDFi
MmUwMB4XDTIwMDYyMjA0MDAwMFoXDTMwMDEwOTA1MDAwMFowLzEtMCsGA1UEAxMk
NGFjMjNjZGUtNzlmYS00N2FmLTliMWEtMDY4NWMxYjAxMDM2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBLKDHSNxGhTvi+hiVr/duCEcgYNMIEqKmJj
oP2+Mo1pJeH6lygsOhuLFoSMkyncSL30YTfkRJLSjsebU0EpLoP4XNe+uNf949o0
j9KT0fsONn8q8q0JD6Ie6HNeaoIHupeYETwlBChPfUVfKexmygSn4835lLlQXQv3
MNneEDNbSxPU1w32bcAiuYNK7LN7zupv4Qp4ZrCXwNhQQ9B75wTFHCrbvI3M0ENs
DwAvddzZNDs0nib4JyzMVrbmqZXr48anJwsNDcEOBHSBZKHOS9nGoNkv1FzhmVzL
VZUQU04sJbhrCAp9/y4R+LyB8uo1wSudivZAxRvD6Vowv5LqQQIDAQABo4IDXTCC
A1kwHQYDVR0OBBYEFJV7IBTfyqft/B0rwvC9Z9rHeivMMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC9mODBm
OTI5OC04MDI5LTQyODUtODlkNy0yNzMwODM0MWIyZTAvZTc0YTVlYTUtNTI3ZC0z
OWI0LWJhZTQtOTBkNWZkYzQ0ODkyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvZjgwZjkyOTgtODAyOS00Mjg1LTg5
ZDctMjczMDgzNDFiMmUwL2Y4MGY5Mjk4LTgwMjktNDI4NS04OWQ3LTI3MzA4MzQx
YjJlMC5jcmwwHwYDVR0jBBgwFoAUZ2/fmN3Fstann5/PDklcOGTRROcwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC9mODBmOTI5OC04MDI5LTQyODUtODlkNy0yNzMw
ODM0MWIyZTAuY2VyMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAbHQ0AD
BAHHQ1wwVAYDVR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixo
dHRwczovL3d3dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkq
hkiG9w0BAQsFAAOCAQEAacw/mhh6Tx5ZKYiK6B2DlAcAWbxRmGmP+PauiqpjP6Wb
n2PpM7oXnJpYBVtswNUc24htNyJoWkaE1axs4dyglIGUCeVaiEHJn4cDz2XDrEgI
2v1QILnJdYawstMH/KB8wP6HkY2YAnKxht5vYI4Mu+LFSxo30TUBjTNsxrWnU0sd
Oq28CLy/yqQWjPIztNjEULb6A728+L41UZ8ougPBASmpjzVRELJP/HX8VHi+a+Ou
LLlXySJqvRMPlr1WNef4V2Fw7TPebUgBeNDf8PFk+kwKvcbJkcwaXwBleB9fbGT/
pVuUJ6FeEawTQCZku0f52dIp+TV0P2DJDtfkmQAt7Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:39:30 2023 by rpki-client on console-fra.rpki-client.org