Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/2a9c1fac-1851-36e4-b8a9-e91d99480d2b.roa
File:                     2a9c1fac-1851-36e4-b8a9-e91d99480d2b.roa (raw, json)
Hash identifier:          VDFLHDKCOXTdN/3wPbIKpG4FYNX2sLosWoF4aKGk2BQ=
Subject key identifier:   7E:68:60:C4:C7:A6:A4:62:B7:E8:7C:45:94:72:69:9F:FE:EF:E5:BE
Certificate issuer:       /CN=23ddb57b-8888-40f4-bf17-518b6a50512d
Certificate serial:       010D0C9F43285843C9AE0AD7B8CE648291E05A00
Authority key identifier: 17:88:7D:65:E8:CC:18:17:F2:EC:48:B8:91:53:8B:39:B3:F2:2D:74
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/2a9c1fac-1851-36e4-b8a9-e91d99480d2b.roa
Signing time:             Sun 05 Nov 2023 14:00:20 +0000
ROA not before:           Sun 05 Nov 2023 14:00:20 +0000
ROA not after:            Sat 03 Feb 2024 14:00:20 +0000
asID:                     15169
IP address blocks:        8.8.4.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:c9:ae:0a:d7:b8:ce:64:82:91:e0:5a:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23ddb57b-8888-40f4-bf17-518b6a50512d
        Validity
            Not Before: Nov  5 14:00:20 2023 GMT
            Not After : Feb  3 14:00:20 2024 GMT
        Subject: CN=18f0bcdf-6223-4225-a1f4-c034e87200c9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:02:8b:75:b7:86:ab:e0:72:28:41:4e:a1:af:
                    7f:26:25:42:af:30:05:dc:98:f6:6c:b8:7b:09:24:
                    a7:07:8e:87:7f:f0:ce:94:b2:20:b7:89:32:e3:dc:
                    00:3c:9c:e9:c6:ff:34:3c:06:c8:b8:0b:47:f1:b8:
                    75:d4:15:4d:61:b0:4e:c7:c0:a9:de:97:99:06:9b:
                    a3:b6:b2:1e:82:e6:82:a9:b9:ce:86:4e:88:91:b4:
                    b0:94:f3:43:53:ce:55:05:b7:54:8d:32:36:47:bb:
                    eb:5f:78:7b:92:b5:59:ca:ee:25:15:66:dc:e6:25:
                    e4:75:40:08:00:7d:2d:eb:a9:aa:5e:f0:7d:68:5f:
                    a2:2d:5a:ed:c7:5a:63:39:5a:e2:0f:4f:81:b0:89:
                    9f:90:93:85:a1:9a:ff:e8:16:9e:c0:a9:32:7b:0a:
                    4c:35:1e:eb:30:68:45:fa:d4:41:bc:6c:3d:4a:3d:
                    4f:af:84:73:c7:c1:ec:0a:ce:f6:60:71:1c:c3:9e:
                    e7:a6:85:46:e5:36:b4:15:ca:a1:2a:12:a0:68:d7:
                    e9:57:e8:0d:1c:c4:a7:ce:9a:9d:58:ff:8e:ef:97:
                    ff:d9:1b:cc:f6:d4:28:43:d4:16:7f:2e:c3:08:61:
                    40:89:43:78:b7:94:e6:ab:c5:c9:da:1e:ed:25:64:
                    32:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:68:60:C4:C7:A6:A4:62:B7:E8:7C:45:94:72:69:9F:FE:EF:E5:BE
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/2a9c1fac-1851-36e4-b8a9-e91d99480d2b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/23ddb57b-8888-40f4-bf17-518b6a50512d.crl

            X509v3 Authority Key Identifier:
                keyid:17:88:7D:65:E8:CC:18:17:F2:EC:48:B8:91:53:8B:39:B3:F2:2D:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  8.8.4.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         9e:8f:c8:46:7e:01:be:b8:76:54:3b:a4:c5:34:25:ce:1a:f0:
         2f:83:8d:85:da:a7:15:fb:6c:9b:24:f8:15:0a:06:da:8c:50:
         08:d7:e1:3c:28:9b:a4:80:09:ca:2e:60:4a:df:14:f2:47:ce:
         e0:e2:00:5b:ea:ae:8a:18:72:9f:b0:e3:9e:de:aa:a2:bb:a5:
         00:a6:61:c7:87:fe:c3:31:2a:8e:6b:2d:f3:e2:db:bc:3d:8d:
         01:3b:0e:dc:ee:1f:7c:3d:e9:84:a3:ae:dd:5e:f6:d9:e8:62:
         ac:9e:32:7f:db:12:ab:3e:a7:2c:72:5c:86:c9:1d:08:52:c8:
         3a:0f:c9:0f:3f:cf:2d:06:30:6b:94:c0:b5:4e:c4:66:6a:b9:
         07:11:a0:92:59:8a:7b:80:16:c4:4a:f9:13:75:08:46:a1:4a:
         49:80:e3:0b:0c:72:e7:99:35:54:6f:46:c8:93:28:70:d5:f4:
         a9:c8:e4:6e:bd:9d:f5:d0:df:b2:fe:2f:7d:31:5e:f0:d4:55:
         ad:15:0d:26:3f:19:97:51:fd:74:2b:9c:d0:1c:99:a5:7a:22:
         ee:ff:1c:54:3c:fc:83:72:37:59:78:7b:4f:ac:ec:8e:d4:97:
         d1:22:60:7e:21:42:0c:7d:69:05:c2:63:2f:bf:ef:90:f3:8a:
         29:79:3b:1f
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEPJrgrXuM5kgpHgWgAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMjNkZGI1N2ItODg4OC00MGY0LWJmMTctNTE4YjZhNTA1
MTJkMB4XDTIzMTEwNTE0MDAyMFoXDTI0MDIwMzE0MDAyMFowLzEtMCsGA1UEAxMk
MThmMGJjZGYtNjIyMy00MjI1LWExZjQtYzAzNGU4NzIwMGM5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugKLdbeGq+ByKEFOoa9/JiVCrzAF3Jj2bLh7
CSSnB46Hf/DOlLIgt4ky49wAPJzpxv80PAbIuAtH8bh11BVNYbBOx8Cp3peZBpuj
trIeguaCqbnOhk6IkbSwlPNDU85VBbdUjTI2R7vrX3h7krVZyu4lFWbc5iXkdUAI
AH0t66mqXvB9aF+iLVrtx1pjOVriD0+BsImfkJOFoZr/6BaewKkyewpMNR7rMGhF
+tRBvGw9Sj1Pr4Rzx8HsCs72YHEcw57npoVG5Ta0FcqhKhKgaNfpV+gNHMSnzpqd
WP+O75f/2RvM9tQoQ9QWfy7DCGFAiUN4t5Tmq8XJ2h7tJWQyVQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFH5oYMTHpqRit+h8RZRyaZ/+7+W+MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8yM2Rk
YjU3Yi04ODg4LTQwZjQtYmYxNy01MThiNmE1MDUxMmQvMmE5YzFmYWMtMTg1MS0z
NmU0LWI4YTktZTkxZDk5NDgwZDJiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvMjNkZGI1N2ItODg4OC00MGY0LWJm
MTctNTE4YjZhNTA1MTJkLzIzZGRiNTdiLTg4ODgtNDBmNC1iZjE3LTUxOGI2YTUw
NTEyZC5jcmwwHwYDVR0jBBgwFoAUF4h9ZejMGBfy7Ei4kVOLObPyLXQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8yM2RkYjU3Yi04ODg4LTQwZjQtYmYxNy01MThi
NmE1MDUxMmQuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQACAgEMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJ6PyEZ+Ab64dlQ7pMU0Jc4a8C+DjYXapxX7bJsk+BUKBtqMUAjX4Two
m6SACcouYErfFPJHzuDiAFvqrooYcp+w457eqqK7pQCmYceH/sMxKo5rLfPi27w9
jQE7DtzuH3w96YSjrt1e9tnoYqyeMn/bEqs+pyxyXIbJHQhSyDoPyQ8/zy0GMGuU
wLVOxGZquQcRoJJZinuAFsRK+RN1CEahSkmA4wsMcueZNVRvRsiTKHDV9KnI5G69
nfXQ37L+L30xXvDUVa0VDSY/GZdR/XQrnNAcmaV6Iu7/HFQ8/INyN1l4e0+s7I7U
l9EiYH4hQgx9aQXCYy+/75Dziil5Ox8=
-----END CERTIFICATE-----
Generated at Fri Dec 29 00:18:02 2023 by rpki-client on console-ams.rpki-client.org