Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/0058ecd6-78ae-3fcb-b68f-63a4cd01f1a6.roa
File:                     0058ecd6-78ae-3fcb-b68f-63a4cd01f1a6.roa (raw, json)
Hash identifier:          rKZqJEc/2x3ovYs2ssNImU+jjpNsze4KF9sasFlTWAE=
Subject key identifier:   EF:95:BF:97:C7:D7:52:27:75:84:65:77:4A:95:E6:29:C8:B1:B8:33
Certificate issuer:       /CN=aae465c0-2a10-495a-b7d2-2aa048b286a0
Certificate serial:       010D0C9F43285843582ECDED0335C8E181C7CC00
Authority key identifier: AA:F1:A5:1A:EB:A8:A8:DC:25:2D:5B:78:B4:E1:9A:18:D9:8A:8F:24
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/0058ecd6-78ae-3fcb-b68f-63a4cd01f1a6.roa
Signing time:             Mon 25 Sep 2023 22:17:38 +0000
ROA not before:           Mon 25 Sep 2023 22:17:38 +0000
ROA not after:            Sun 24 Dec 2023 23:17:38 +0000
asID:                     10911
IP address blocks:        64.94.205.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:58:2e:cd:ed:03:35:c8:e1:81:c7:cc:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=aae465c0-2a10-495a-b7d2-2aa048b286a0
        Validity
            Not Before: Sep 25 22:17:38 2023 GMT
            Not After : Dec 24 23:17:38 2023 GMT
        Subject: CN=37869fd9-b1de-4fe8-8e26-54529833d355
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:ed:76:c5:25:27:34:38:86:ef:3d:30:45:f2:
                    63:db:bb:e6:8a:51:3e:d6:4d:71:0c:30:5a:c6:78:
                    61:b0:b7:73:39:db:bd:bb:ee:2d:37:d9:ad:ee:07:
                    48:6e:09:3c:ca:f1:5b:6c:53:18:7b:de:0d:7c:18:
                    2a:45:22:09:b2:b9:0f:67:e9:e1:33:33:ae:6b:50:
                    4e:82:d0:38:41:78:e7:ed:1f:4f:ec:c2:65:f7:f2:
                    96:51:a5:33:3c:ee:19:67:93:b0:55:24:6b:e0:76:
                    de:e2:c2:fc:cf:bb:9d:41:92:b1:8e:86:97:be:07:
                    02:bc:59:15:99:49:7f:96:c1:f8:5c:f8:09:54:f8:
                    a5:83:03:86:46:ac:5a:7a:3a:19:c2:82:a8:6c:0a:
                    77:85:8b:0a:4a:d7:57:29:a1:a7:3b:25:ee:f7:3f:
                    8e:6f:85:d9:5b:fc:68:fd:02:13:e4:ae:30:20:ba:
                    e5:0d:11:71:39:7e:3b:c0:3c:24:ea:5e:6b:44:96:
                    44:02:99:0c:ec:ca:51:dc:a1:2f:58:30:62:fe:8e:
                    b7:d1:5f:b7:aa:fd:5b:ec:44:ec:91:e6:af:33:6a:
                    3d:79:19:28:fa:fc:4c:b3:f3:51:03:fc:db:5f:58:
                    3a:03:e5:88:1d:e2:c9:58:49:fe:e7:46:63:4f:d3:
                    24:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:95:BF:97:C7:D7:52:27:75:84:65:77:4A:95:E6:29:C8:B1:B8:33
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/0058ecd6-78ae-3fcb-b68f-63a4cd01f1a6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0/aae465c0-2a10-495a-b7d2-2aa048b286a0.crl

            X509v3 Authority Key Identifier:
                keyid:AA:F1:A5:1A:EB:A8:A8:DC:25:2D:5B:78:B4:E1:9A:18:D9:8A:8F:24

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/a73420cb-b3cc-4b03-bda7-1be204933ae5/aae465c0-2a10-495a-b7d2-2aa048b286a0.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.94.205.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         61:d5:44:c5:9e:43:7c:bc:89:ec:a5:c7:43:7b:70:4e:53:b7:
         19:23:1c:ad:d2:b3:a2:84:c5:84:80:c6:de:5d:b2:0c:6e:6a:
         cf:4a:cd:69:4d:a7:6d:7f:54:aa:1b:fa:0d:a5:0f:c9:5a:f5:
         fc:2d:1d:c0:ca:c1:23:b4:b1:e8:07:e6:03:ee:48:b7:59:2a:
         b2:15:1c:0d:d1:b8:a1:8b:c4:06:51:01:4a:3c:5a:6b:1c:7c:
         03:02:64:0f:6e:12:22:ed:84:d8:27:3d:64:fa:ff:d9:94:f1:
         58:d5:a9:e8:e2:8d:74:af:89:e6:09:d9:56:c0:13:0e:05:d0:
         56:f2:ee:ef:cd:a6:7e:75:a6:94:1e:c8:21:1e:12:c7:5f:e1:
         af:9f:38:4b:7f:2d:81:01:4f:6b:1f:c4:71:66:e1:08:bb:f7:
         ad:ee:0b:17:3a:9c:cd:a8:5a:a8:6b:5f:dc:24:20:94:2c:ca:
         e0:d7:94:cd:ef:89:c6:3d:81:c7:41:38:61:5e:24:a6:7d:a7:
         30:e8:af:84:f7:9e:c1:90:cc:7e:bc:7d:4f:4e:7e:24:dc:ec:
         7d:3f:3b:79:2c:ad:e5:26:b0:34:11:e8:f1:77:a8:a0:63:45:
         2c:4a:31:af:12:8b:b2:46:8e:4d:69:71:9b:b1:89:53:ee:f3:
         81:56:61:e1
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWENYLs3tAzXI4YHHzAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYWFlNDY1YzAtMmExMC00OTVhLWI3ZDItMmFhMDQ4YjI4
NmEwMB4XDTIzMDkyNTIyMTczOFoXDTIzMTIyNDIzMTczOFowLzEtMCsGA1UEAxMk
Mzc4NjlmZDktYjFkZS00ZmU4LThlMjYtNTQ1Mjk4MzNkMzU1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAre12xSUnNDiG7z0wRfJj27vmilE+1k1xDDBa
xnhhsLdzOdu9u+4tN9mt7gdIbgk8yvFbbFMYe94NfBgqRSIJsrkPZ+nhMzOua1BO
gtA4QXjn7R9P7MJl9/KWUaUzPO4ZZ5OwVSRr4Hbe4sL8z7udQZKxjoaXvgcCvFkV
mUl/lsH4XPgJVPilgwOGRqxaejoZwoKobAp3hYsKStdXKaGnOyXu9z+Ob4XZW/xo
/QIT5K4wILrlDRFxOX47wDwk6l5rRJZEApkM7MpR3KEvWDBi/o630V+3qv1b7ETs
keavM2o9eRko+vxMs/NRA/zbX1g6A+WIHeLJWEn+50ZjT9MkkwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFO+Vv5fH11IndYRld0qV5inIsbgzMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIwMy1iZGE3LTFiZTIwNDkzM2FlNS9hYWU0
NjVjMC0yYTEwLTQ5NWEtYjdkMi0yYWEwNDhiMjg2YTAvMDA1OGVjZDYtNzhhZS0z
ZmNiLWI2OGYtNjNhNGNkMDFmMWE2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9hNzM0MjBjYi1i
M2NjLTRiMDMtYmRhNy0xYmUyMDQ5MzNhZTUvYWFlNDY1YzAtMmExMC00OTVhLWI3
ZDItMmFhMDQ4YjI4NmEwL2FhZTQ2NWMwLTJhMTAtNDk1YS1iN2QyLTJhYTA0OGIy
ODZhMC5jcmwwHwYDVR0jBBgwFoAUqvGlGuuoqNwlLVt4tOGaGNmKjyQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2E3MzQyMGNiLWIzY2MtNGIw
My1iZGE3LTFiZTIwNDkzM2FlNS9hYWU0NjVjMC0yYTEwLTQ5NWEtYjdkMi0yYWEw
NDhiMjg2YTAuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQF7NMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGHVRMWeQ3y8ieylx0N7cE5TtxkjHK3Ss6KExYSAxt5dsgxuas9KzWlN
p21/VKob+g2lD8la9fwtHcDKwSO0segH5gPuSLdZKrIVHA3RuKGLxAZRAUo8Wmsc
fAMCZA9uEiLthNgnPWT6/9mU8VjVqejijXSvieYJ2VbAEw4F0Fby7u/Npn51ppQe
yCEeEsdf4a+fOEt/LYEBT2sfxHFm4Qi7963uCxc6nM2oWqhrX9wkIJQsyuDXlM3v
icY9gcdBOGFeJKZ9pzDor4T3nsGQzH68fU9OfiTc7H0/O3ksreUmsDQR6PF3qKBj
RSxKMa8Si7JGjk1pcZuxiVPu84FWYeE=
-----END CERTIFICATE-----
Generated at Tue Oct 10 19:34:25 2023 by rpki-client on console-fra.rpki-client.org