Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3af35cfc-2385-44c7-b33c-0a6ce0409bfb/353afeba-9192-3284-9883-d8f0ae49f2db.roa
File:                     353afeba-9192-3284-9883-d8f0ae49f2db.roa (raw, json)
Hash identifier:          76wZiRS+0wXwShCQrVRi0aODCjJdCvHdBW4Z3YYqtIA=
Subject key identifier:   CE:42:14:F7:65:CE:42:60:70:02:05:4E:B9:8A:87:60:A1:D5:BA:16
Certificate issuer:       /CN=3af35cfc-2385-44c7-b33c-0a6ce0409bfb
Certificate serial:       010D0C9F4328576D51CC73C042CFC16DE257672F
Authority key identifier: B1:EA:79:8F:FD:1C:16:05:9B:A3:5B:AF:B2:83:6C:18:20:D7:51:8F
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3af35cfc-2385-44c7-b33c-0a6ce0409bfb.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3af35cfc-2385-44c7-b33c-0a6ce0409bfb/353afeba-9192-3284-9883-d8f0ae49f2db.roa
Signing time:             Sat 19 Oct 2019 04:47:21 +0000
ROA not before:           Tue 10 Oct 2017 04:00:00 +0000
ROA not after:            Sun 10 Oct 2027 04:00:00 +0000
asID:                     7393
IP address blocks:        66.201.105.0/24 maxlen: 24
                          72.29.4.0/24 maxlen: 24
                          74.127.40.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:6d:e2:57:67:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3af35cfc-2385-44c7-b33c-0a6ce0409bfb
        Validity
            Not Before: Oct 10 04:00:00 2017 GMT
            Not After : Oct 10 04:00:00 2027 GMT
        Subject: CN=8adac280-1eff-41cc-baa8-ddd24410320d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:32:52:2d:80:18:44:6b:ea:74:2b:be:2a:e2:
                    64:e6:f5:4a:5c:e3:f1:74:c8:c1:3f:df:b5:7d:1e:
                    58:0d:c0:0d:84:ce:21:e7:4a:e4:3f:b6:65:c8:9c:
                    aa:db:34:6a:84:ef:d6:c3:cf:00:da:d1:ac:57:13:
                    23:b2:5d:fc:ad:8f:fe:68:3f:01:99:cb:20:03:07:
                    ee:08:00:15:a0:a5:7c:bd:bd:a1:15:58:36:7a:cb:
                    b7:28:c9:90:50:2e:c6:f7:87:e9:f3:8c:e2:10:a4:
                    73:bb:18:f8:1e:35:97:17:f5:02:c6:ff:ee:6d:ad:
                    31:48:b4:fd:04:5f:bf:26:0a:58:d1:68:b3:7c:66:
                    b4:a6:15:d6:c9:b8:c0:a0:4d:ff:92:c9:55:a3:89:
                    af:d3:f3:75:63:dd:55:74:d1:18:8d:d2:70:75:76:
                    ad:f6:7a:58:d8:00:cc:3b:a7:81:aa:e1:c2:aa:cd:
                    71:aa:ad:1e:c4:7f:99:74:be:01:75:5e:6b:97:0d:
                    aa:8e:7b:41:26:a9:f2:68:29:a2:28:e0:a8:ef:96:
                    f0:31:74:e4:1d:5f:55:9a:e2:2f:13:0b:9b:db:93:
                    b9:3d:c7:a9:49:4c:78:0b:ce:1e:ec:14:a2:c6:40:
                    b7:a5:4a:20:d7:74:e0:e1:74:7a:c6:2d:fb:fd:a3:
                    34:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:42:14:F7:65:CE:42:60:70:02:05:4E:B9:8A:87:60:A1:D5:BA:16
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3af35cfc-2385-44c7-b33c-0a6ce0409bfb/353afeba-9192-3284-9883-d8f0ae49f2db.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3af35cfc-2385-44c7-b33c-0a6ce0409bfb/3af35cfc-2385-44c7-b33c-0a6ce0409bfb.crl

            X509v3 Authority Key Identifier:
                keyid:B1:EA:79:8F:FD:1C:16:05:9B:A3:5B:AF:B2:83:6C:18:20:D7:51:8F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/3af35cfc-2385-44c7-b33c-0a6ce0409bfb.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.201.105.0/24
                  72.29.4.0/24
                  74.127.40.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         65:79:e4:64:27:64:7f:e9:0f:26:a0:ef:b3:f9:7f:78:05:16:
         6e:08:cc:83:5a:24:62:29:f5:ab:c1:4d:1b:94:12:06:09:c6:
         0c:6a:1f:80:d0:14:1f:81:ae:93:d3:a7:0e:57:25:77:3b:c6:
         ff:2c:fe:b0:26:e6:98:40:bc:06:62:8a:bb:6d:57:6a:c3:5f:
         db:3d:7a:d0:e8:df:ec:d1:89:38:c3:97:64:b1:16:8b:96:c5:
         81:b0:4b:45:55:77:fa:78:6f:ba:bf:b8:00:96:72:a3:41:94:
         26:f1:d6:e3:1b:9d:d4:1d:74:c4:82:e2:01:46:08:39:20:0d:
         b4:d4:7b:c1:f6:68:43:3d:12:b1:16:95:f9:8a:02:4c:9d:af:
         11:7c:24:13:86:fd:44:60:c9:4a:99:4a:8a:ed:b4:2c:d2:e9:
         62:7a:e4:9e:53:bf:f4:5a:ca:53:b8:2d:1b:7a:c5:31:11:73:
         62:cb:05:21:45:11:5e:56:07:42:70:0b:78:f5:35:84:be:6d:
         25:87:3f:79:8c:e6:11:f2:51:02:25:34:49:05:d0:f4:0b:17:
         ba:ad:54:91:32:73:3d:9c:a7:0d:11:ca:35:b2:21:3c:61:10:
         d3:be:27:6b:25:08:6c:51:18:1d:91:bf:02:eb:6a:84:2a:55:
         74:39:92:a7
-----BEGIN CERTIFICATE-----
MIIGSzCCBTWgAwIBAgIUAQ0Mn0MoV21RzHPAQs/BbeJXZy8wCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJDNhZjM1Y2ZjLTIzODUtNDRjNy1iMzNjLTBhNmNlMDQwOWJm
YjAeFw0xNzEwMTAwNDAwMDBaFw0yNzEwMTAwNDAwMDBaMC8xLTArBgNVBAMTJDhh
ZGFjMjgwLTFlZmYtNDFjYy1iYWE4LWRkZDI0NDEwMzIwZDCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALAyUi2AGERr6nQrviriZOb1Slzj8XTIwT/ftX0e
WA3ADYTOIedK5D+2Zcicqts0aoTv1sPPANrRrFcTI7Jd/K2P/mg/AZnLIAMH7ggA
FaClfL29oRVYNnrLtyjJkFAuxveH6fOM4hCkc7sY+B41lxf1Asb/7m2tMUi0/QRf
vyYKWNFos3xmtKYV1sm4wKBN/5LJVaOJr9PzdWPdVXTRGI3ScHV2rfZ6WNgAzDun
garhwqrNcaqtHsR/mXS+AXVea5cNqo57QSap8mgpoijgqO+W8DF05B1fVZriLxML
m9uTuT3HqUlMeAvOHuwUosZAt6VKINd04OF0esYt+/2jNHcCAwEAAaOCA2EwggNd
MB0GA1UdDgQWBBTOQhT3Zc5CYHACBU65iodgodW6FjCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvM2FmMzVj
ZmMtMjM4NS00NGM3LWIzM2MtMGE2Y2UwNDA5YmZiLzM1M2FmZWJhLTkxOTItMzI4
NC05ODgzLWQ4ZjBhZTQ5ZjJkYi5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEyNDY5NDctMmQ2
Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzNhZjM1Y2ZjLTIzODUtNDRjNy1iMzNj
LTBhNmNlMDQwOWJmYi8zYWYzNWNmYy0yMzg1LTQ0YzctYjMzYy0wYTZjZTA0MDli
ZmIuY3JsMB8GA1UdIwQYMBaAFLHqeY/9HBYFm6Nbr7KDbBgg11GPMA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMt
YmEwNS04NzE4N2YwMDk5YjIvM2FmMzVjZmMtMjM4NS00NGM3LWIzM2MtMGE2Y2Uw
NDA5YmZiLmNlcjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAELJaQMEAEgd
BAMEAEp/KDBUBgNVHSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEW
LGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsG
CSqGSIb3DQEBCwOCAQEAZXnkZCdkf+kPJqDvs/l/eAUWbgjMg1okYin1q8FNG5QS
BgnGDGofgNAUH4Guk9OnDlcldzvG/yz+sCbmmEC8BmKKu21XasNf2z160Ojf7NGJ
OMOXZLEWi5bFgbBLRVV3+nhvur+4AJZyo0GUJvHW4xud1B10xILiAUYIOSANtNR7
wfZoQz0SsRaV+YoCTJ2vEXwkE4b9RGDJSplKiu20LNLpYnrknlO/9FrKU7gtG3rF
MRFzYssFIUURXlYHQnALePU1hL5tJYc/eYzmEfJRAiU0SQXQ9AsXuq1UkTJzPZyn
DRHKNbIhPGEQ074nayUIbFEYHZG/AutqhCpVdDmSpw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:37:04 2023 by rpki-client on console-fra.rpki-client.org