Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/64b091d0-b0f5-3563-897f-355018f96c7c.roa
File:                     64b091d0-b0f5-3563-897f-355018f96c7c.roa (raw, json)
Hash identifier:          oEPfoBS6E2ZBWxmSmND8O5bFF9o3WRQWZQnGIVVoT9k=
Subject key identifier:   EF:B0:6B:B1:BC:96:C1:5B:09:55:7E:63:32:C0:95:3A:36:95:DB:EF
Certificate issuer:       /CN=23ddb57b-8888-40f4-bf17-518b6a50512d
Certificate serial:       010D0C9F43285843C9AE0ABA7304FC364113B480
Authority key identifier: 17:88:7D:65:E8:CC:18:17:F2:EC:48:B8:91:53:8B:39:B3:F2:2D:74
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/64b091d0-b0f5-3563-897f-355018f96c7c.roa
Signing time:             Sun 05 Nov 2023 14:00:20 +0000
ROA not before:           Sun 05 Nov 2023 14:00:20 +0000
ROA not after:            Sat 03 Feb 2024 14:00:20 +0000
asID:                     15169
IP address blocks:        8.8.8.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:c9:ae:0a:ba:73:04:fc:36:41:13:b4:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23ddb57b-8888-40f4-bf17-518b6a50512d
        Validity
            Not Before: Nov  5 14:00:20 2023 GMT
            Not After : Feb  3 14:00:20 2024 GMT
        Subject: CN=2a7bd499-a8e1-487b-892e-216ffa8aa454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:a3:2a:6d:7b:0f:d6:5b:8c:7a:3e:ae:5d:ce:
                    5a:2d:50:d2:b1:fd:4a:e3:b3:77:63:55:94:1e:e6:
                    04:a8:96:41:4f:e3:71:61:c2:2e:81:a0:5a:78:c9:
                    87:5d:fd:1e:03:ce:74:d0:f9:b3:ff:40:d6:a9:c9:
                    fb:46:d2:c3:b7:92:9d:2c:f8:b4:b3:3b:b4:c4:ed:
                    ce:3a:f6:7c:dd:bd:5e:95:28:3e:fd:03:d7:7a:c6:
                    da:68:e8:7e:00:c5:72:a7:bc:5e:4f:49:32:1c:b7:
                    32:a9:7b:cf:f1:0d:af:e3:43:cd:77:00:e6:02:41:
                    7b:1b:9d:a2:4c:4d:4d:5f:04:09:55:81:a4:01:2b:
                    46:16:da:cf:ca:59:06:d3:f7:8e:87:5f:9d:2c:58:
                    00:5f:1c:4a:b4:4f:89:c6:dd:89:87:5c:fc:38:69:
                    95:3e:a0:07:66:2c:56:2c:70:17:02:86:77:7b:42:
                    f0:d9:d4:fe:1e:34:9e:4c:f9:b5:1b:cb:a1:23:73:
                    b5:26:b1:05:0f:67:c1:7e:95:e8:78:d2:58:20:9c:
                    33:e0:63:21:36:8a:80:d8:85:ac:3a:ed:d9:a9:82:
                    b0:dc:14:b6:7b:ce:2a:1c:5c:f7:e1:50:c6:44:7f:
                    8f:fb:fe:93:1d:b7:e7:c8:e8:a0:88:88:1b:39:f5:
                    d9:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:B0:6B:B1:BC:96:C1:5B:09:55:7E:63:32:C0:95:3A:36:95:DB:EF
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/64b091d0-b0f5-3563-897f-355018f96c7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d/23ddb57b-8888-40f4-bf17-518b6a50512d.crl

            X509v3 Authority Key Identifier:
                keyid:17:88:7D:65:E8:CC:18:17:F2:EC:48:B8:91:53:8B:39:B3:F2:2D:74

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/23ddb57b-8888-40f4-bf17-518b6a50512d.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  8.8.8.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         5e:03:9a:1e:7b:5c:2f:dd:8f:91:dc:5a:10:b6:0a:e4:c8:06:
         03:39:a0:d9:78:b0:28:2a:e1:17:57:7e:f4:ee:ff:96:23:11:
         2e:06:5b:5f:ea:34:88:91:39:73:93:a8:8c:f5:91:b6:55:09:
         4a:ea:7b:e5:a6:3f:a2:98:8b:92:74:ab:7f:8d:af:70:41:3f:
         31:3e:f8:4a:c5:20:ad:b4:bf:3f:6e:fe:f5:fb:00:1d:64:37:
         43:f7:e7:1f:9f:0d:b3:f2:e6:60:ff:40:9c:0a:d3:fc:4e:9a:
         43:17:47:53:27:3f:2e:83:a0:e6:81:ad:88:c1:9f:2e:5f:c3:
         0d:92:20:47:f3:a6:38:3d:28:42:b6:8a:95:3c:05:da:71:ad:
         8f:fc:52:fa:c9:53:e3:af:7e:5a:86:7a:6c:21:fc:4b:fd:dd:
         14:11:be:08:0d:18:11:9d:c2:fb:31:05:1b:c5:38:e9:69:63:
         26:b5:e1:f0:44:72:65:af:79:33:94:77:b1:61:8d:68:b6:a8:
         6d:95:e6:4c:17:cc:c7:3a:b6:79:f2:ca:59:1c:71:fd:a4:61:
         4a:a9:49:05:e3:2b:38:10:2a:4a:41:ca:3b:42:98:04:34:ff:
         28:2d:8a:5f:38:b9:47:ae:93:7d:e5:c4:36:3b:24:aa:06:e6:
         27:18:0d:49
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEPJrgq6cwT8NkETtIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMjNkZGI1N2ItODg4OC00MGY0LWJmMTctNTE4YjZhNTA1
MTJkMB4XDTIzMTEwNTE0MDAyMFoXDTI0MDIwMzE0MDAyMFowLzEtMCsGA1UEAxMk
MmE3YmQ0OTktYThlMS00ODdiLTg5MmUtMjE2ZmZhOGFhNDU0MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqMqbXsP1luMej6uXc5aLVDSsf1K47N3Y1WU
HuYEqJZBT+NxYcIugaBaeMmHXf0eA8500Pmz/0DWqcn7RtLDt5KdLPi0szu0xO3O
OvZ83b1elSg+/QPXesbaaOh+AMVyp7xeT0kyHLcyqXvP8Q2v40PNdwDmAkF7G52i
TE1NXwQJVYGkAStGFtrPylkG0/eOh1+dLFgAXxxKtE+Jxt2Jh1z8OGmVPqAHZixW
LHAXAoZ3e0Lw2dT+HjSeTPm1G8uhI3O1JrEFD2fBfpXoeNJYIJwz4GMhNoqA2IWs
Ou3ZqYKw3BS2e84qHFz34VDGRH+P+/6THbfnyOigiIgbOfXZVwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFO+wa7G8lsFbCVV+YzLAlTo2ldvvMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8yM2Rk
YjU3Yi04ODg4LTQwZjQtYmYxNy01MThiNmE1MDUxMmQvNjRiMDkxZDAtYjBmNS0z
NTYzLTg5N2YtMzU1MDE4Zjk2YzdjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvMjNkZGI1N2ItODg4OC00MGY0LWJm
MTctNTE4YjZhNTA1MTJkLzIzZGRiNTdiLTg4ODgtNDBmNC1iZjE3LTUxOGI2YTUw
NTEyZC5jcmwwHwYDVR0jBBgwFoAUF4h9ZejMGBfy7Ei4kVOLObPyLXQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi8yM2RkYjU3Yi04ODg4LTQwZjQtYmYxNy01MThi
NmE1MDUxMmQuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQACAgIMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAF4Dmh57XC/dj5HcWhC2CuTIBgM5oNl4sCgq4RdXfvTu/5YjES4GW1/q
NIiROXOTqIz1kbZVCUrqe+WmP6KYi5J0q3+Nr3BBPzE++ErFIK20vz9u/vX7AB1k
N0P35x+fDbPy5mD/QJwK0/xOmkMXR1MnPy6DoOaBrYjBny5fww2SIEfzpjg9KEK2
ipU8BdpxrY/8UvrJU+OvflqGemwh/Ev93RQRvggNGBGdwvsxBRvFOOlpYya14fBE
cmWveTOUd7FhjWi2qG2V5kwXzMc6tnnyylkccf2kYUqpSQXjKzgQKkpByjtCmAQ0
/ygtil84uUeuk33lxDY7JKoG5icYDUk=
-----END CERTIFICATE-----
Generated at Fri Dec 29 00:27:18 2023 by rpki-client on console-fra.rpki-client.org