Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6eb3f683-5247-4c55-a10b-2184f26c4f84/1d27ecfc-19f9-3d81-b1aa-71ed58969916.roa
File:                     1d27ecfc-19f9-3d81-b1aa-71ed58969916.roa (raw, json)
Hash identifier:          2qh7FuAZlEjjtby1QZHx3uyxHVazPXv6j9SC6GvCRDw=
Subject key identifier:   A2:96:DA:7B:C5:71:8D:85:73:51:94:AC:B2:F6:B5:CB:C6:8C:15:BC
Certificate issuer:       /CN=6eb3f683-5247-4c55-a10b-2184f26c4f84
Certificate serial:       010D0C9F43285838BB87BDAB257E686B957DB880
Authority key identifier: 67:73:D9:FB:48:23:BB:2A:CE:EF:C6:41:5B:9D:04:68:29:68:AB:6F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6eb3f683-5247-4c55-a10b-2184f26c4f84.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6eb3f683-5247-4c55-a10b-2184f26c4f84/1d27ecfc-19f9-3d81-b1aa-71ed58969916.roa
Signing time:             Mon 25 Jan 2021 05:00:00 +0000
ROA not before:           Mon 25 Jan 2021 05:00:00 +0000
ROA not after:            Sun 30 Apr 2023 04:00:00 +0000
asID:                     36445
IP address blocks:        149.248.76.0/22 maxlen: 22

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:38:bb:87:bd:ab:25:7e:68:6b:95:7d:b8:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6eb3f683-5247-4c55-a10b-2184f26c4f84
        Validity
            Not Before: Jan 25 05:00:00 2021 GMT
            Not After : Apr 30 04:00:00 2023 GMT
        Subject: CN=83ae9a0e-b049-4056-854b-a09ecb2843ba
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e4:11:d8:48:f3:3e:fb:57:f2:c2:cf:a1:0d:
                    d9:f6:45:27:1d:b4:bc:bb:d1:34:a2:6f:7f:f9:09:
                    4b:82:0a:e6:81:62:3c:3c:d9:03:c2:8b:d6:8e:34:
                    48:dc:97:2d:98:69:3c:62:2d:2c:3d:da:1d:50:b4:
                    db:2c:7b:4f:29:6a:9f:bc:5b:ff:ac:15:d4:1f:2d:
                    82:4b:f6:dd:90:39:85:2a:39:e2:02:b0:d2:91:26:
                    82:52:c9:93:61:81:c4:96:99:80:3c:ea:f6:d2:0e:
                    db:f0:15:69:b4:f7:17:6f:ed:31:2c:88:51:9a:2c:
                    ef:36:6e:e2:3e:30:49:52:3c:32:dc:27:a7:45:7f:
                    28:1c:56:6b:dc:41:4f:1c:b7:77:88:c7:ec:ed:e4:
                    5e:60:ef:f4:dd:a5:72:c5:69:0b:45:b5:3e:40:83:
                    27:c8:06:06:d3:11:b3:a6:2e:50:e3:a9:fe:9f:f7:
                    eb:4e:62:39:ad:6c:23:7b:c0:33:f3:6f:89:be:df:
                    43:84:73:a8:da:80:0f:0b:ad:f9:67:a4:2a:9f:65:
                    9f:9b:e4:f7:da:91:c6:2c:70:f0:32:cb:4f:c4:0a:
                    b6:b9:de:3e:76:e4:54:14:cc:a5:59:39:c4:d2:93:
                    0c:b6:7c:dd:8a:91:ad:aa:f1:41:ee:37:31:5b:a8:
                    a3:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:96:DA:7B:C5:71:8D:85:73:51:94:AC:B2:F6:B5:CB:C6:8C:15:BC
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6eb3f683-5247-4c55-a10b-2184f26c4f84/1d27ecfc-19f9-3d81-b1aa-71ed58969916.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6eb3f683-5247-4c55-a10b-2184f26c4f84/6eb3f683-5247-4c55-a10b-2184f26c4f84.crl

            X509v3 Authority Key Identifier:
                keyid:67:73:D9:FB:48:23:BB:2A:CE:EF:C6:41:5B:9D:04:68:29:68:AB:6F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/6eb3f683-5247-4c55-a10b-2184f26c4f84.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  149.248.76.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         8c:5b:b5:8d:7e:a6:c8:6c:4e:8d:36:0a:ec:c2:05:5b:df:13:
         c6:53:43:02:70:09:db:d8:84:bb:45:2d:e5:9b:41:c4:52:a2:
         f4:f2:8f:da:c3:98:b2:5e:0b:66:f7:92:d9:44:d0:8b:8c:e7:
         70:0e:81:87:3c:f4:11:00:f4:cf:1e:5b:1f:74:7b:85:6d:5a:
         16:8f:7f:7b:5a:32:81:7b:65:68:20:d9:25:e7:68:64:80:29:
         fe:94:ac:7c:6b:1d:a5:4d:c2:82:1f:7e:1c:c6:f4:3c:80:da:
         f4:4e:70:ed:18:b1:7f:2f:c8:71:b5:bf:63:90:73:9e:b3:73:
         2b:94:d2:77:11:6f:29:9c:82:9a:8a:0a:8b:9a:db:5a:00:a3:
         fc:80:a3:46:de:99:80:7b:a1:76:9b:3a:66:f8:93:55:5b:12:
         63:64:01:d7:3e:81:8b:c0:0a:14:fe:6b:2b:ad:dc:a7:e5:42:
         30:45:1c:89:33:82:e4:a3:39:a1:64:25:a4:5f:b2:8e:80:83:
         6d:2a:d4:5b:70:93:70:fd:72:18:dd:86:2a:9e:6e:2b:09:f6:
         5a:07:ed:1f:4c:c3:9a:a6:d4:ba:f1:17:9d:43:74:73:cf:9f:
         7f:c6:11:9e:82:2b:e1:9f:1d:52:eb:a3:7e:0b:1c:da:8b:b9:
         a9:8e:43:db
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWDi7h72rJX5oa5V9uIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNmViM2Y2ODMtNTI0Ny00YzU1LWExMGItMjE4NGYyNmM0
Zjg0MB4XDTIxMDEyNTA1MDAwMFoXDTIzMDQzMDA0MDAwMFowLzEtMCsGA1UEAxMk
ODNhZTlhMGUtYjA0OS00MDU2LTg1NGItYTA5ZWNiMjg0M2JhMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+QR2EjzPvtX8sLPoQ3Z9kUnHbS8u9E0om9/
+QlLggrmgWI8PNkDwovWjjRI3JctmGk8Yi0sPdodULTbLHtPKWqfvFv/rBXUHy2C
S/bdkDmFKjniArDSkSaCUsmTYYHElpmAPOr20g7b8BVptPcXb+0xLIhRmizvNm7i
PjBJUjwy3CenRX8oHFZr3EFPHLd3iMfs7eReYO/03aVyxWkLRbU+QIMnyAYG0xGz
pi5Q46n+n/frTmI5rWwje8Az82+Jvt9DhHOo2oAPC635Z6Qqn2Wfm+T32pHGLHDw
MstPxAq2ud4+duRUFMylWTnE0pMMtnzdipGtqvFB7jcxW6ijvQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKKW2nvFcY2Fc1GUrLL2tcvGjBW8MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82ZWIz
ZjY4My01MjQ3LTRjNTUtYTEwYi0yMTg0ZjI2YzRmODQvMWQyN2VjZmMtMTlmOS0z
ZDgxLWIxYWEtNzFlZDU4OTY5OTE2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNmViM2Y2ODMtNTI0Ny00YzU1LWEx
MGItMjE4NGYyNmM0Zjg0LzZlYjNmNjgzLTUyNDctNGM1NS1hMTBiLTIxODRmMjZj
NGY4NC5jcmwwHwYDVR0jBBgwFoAUZ3PZ+0gjuyrO78ZBW50EaCloq28wDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82ZWIzZjY4My01MjQ3LTRjNTUtYTEwYi0yMTg0
ZjI2YzRmODQuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQClfhMMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAIxbtY1+pshsTo02CuzCBVvfE8ZTQwJwCdvYhLtFLeWbQcRSovTyj9rD
mLJeC2b3ktlE0IuM53AOgYc89BEA9M8eWx90e4VtWhaPf3taMoF7ZWgg2SXnaGSA
Kf6UrHxrHaVNwoIffhzG9DyA2vROcO0YsX8vyHG1v2OQc56zcyuU0ncRbymcgpqK
Coua21oAo/yAo0bemYB7oXabOmb4k1VbEmNkAdc+gYvAChT+ayut3KflQjBFHIkz
guSjOaFkJaRfso6Ag20q1Ftwk3D9chjdhiqebisJ9loH7R9Mw5qm1LrxF51DdHPP
n3/GEZ6CK+GfHVLro34LHNqLuamOQ9s=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:37 2023 by rpki-client on console-ams.rpki-client.org