Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/bc294f1f-0fee-31d8-a364-8377e8fb711b.roa
File:                     bc294f1f-0fee-31d8-a364-8377e8fb711b.roa (raw, json)
Hash identifier:          T5Zy2LEArD4zU+Ll0Rt08ZITB3NJ5Ohq7BMBMT6P8L4=
Subject key identifier:   92:93:13:93:CE:5F:76:C0:8D:91:4B:F2:DE:C3:12:E9:D1:64:31:6E
Certificate issuer:       /CN=74b24643-d6d5-4d2a-b885-83160dec7103
Certificate serial:       010D0C9F43285842C323FE8368B51EAE3EFC3380
Authority key identifier: 32:48:2C:26:74:5B:59:00:E4:D0:78:12:7E:F4:AA:AE:8A:4E:57:19
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/bc294f1f-0fee-31d8-a364-8377e8fb711b.roa
Signing time:             Thu 03 Aug 2023 13:00:19 +0000
ROA not before:           Thu 03 Aug 2023 13:00:19 +0000
ROA not after:            Wed 01 Nov 2023 13:00:19 +0000
asID:                     715
IP address blocks:        216.21.2.0/23 maxlen: 23

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:42:c3:23:fe:83:68:b5:1e:ae:3e:fc:33:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=74b24643-d6d5-4d2a-b885-83160dec7103
        Validity
            Not Before: Aug  3 13:00:19 2023 GMT
            Not After : Nov  1 13:00:19 2023 GMT
        Subject: CN=85c2e218-a884-4ee2-b534-fdf652de9c8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:91:24:51:01:9c:5f:6a:40:d4:58:4c:77:2f:fd:
                    e1:bb:cd:67:41:40:bc:77:80:02:0f:aa:b5:3b:55:
                    79:26:16:b1:e3:ff:4b:8e:83:81:98:7f:d4:b0:32:
                    50:59:0a:c0:43:61:f1:ef:ac:9b:e1:5c:f5:26:4e:
                    40:6f:d6:b9:d6:b4:5d:0c:72:df:73:1d:db:d7:53:
                    0d:7b:d0:6c:56:f4:13:80:b8:bb:d6:c0:5a:21:3a:
                    2e:0d:e5:2a:6c:67:d2:f2:85:ca:5c:b6:09:85:d1:
                    b9:b5:af:36:ce:9c:67:a6:df:bb:95:d5:cd:a0:8c:
                    ff:4b:ed:6f:3a:45:5f:70:6e:64:22:1f:e0:f0:84:
                    f8:c5:6c:87:69:3a:44:5d:60:69:fc:63:55:60:11:
                    98:93:75:40:fd:92:b5:a0:12:5d:af:10:1d:82:01:
                    99:4c:8b:19:cb:f4:43:fe:f1:c1:1a:30:8e:1b:d7:
                    62:28:7c:fb:11:c7:8d:ed:33:a4:6d:4c:6d:8d:7a:
                    c8:75:86:28:5a:74:b9:c2:5e:0b:32:0a:92:78:c9:
                    46:c2:e3:5b:df:e6:d9:08:0b:27:f3:50:6e:4e:fd:
                    9e:53:1e:25:b4:de:05:30:2a:79:ce:49:07:a7:75:
                    5b:22:fa:a5:37:96:63:23:eb:a2:8f:6f:8e:f1:e4:
                    81:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:93:13:93:CE:5F:76:C0:8D:91:4B:F2:DE:C3:12:E9:D1:64:31:6E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/bc294f1f-0fee-31d8-a364-8377e8fb711b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103/74b24643-d6d5-4d2a-b885-83160dec7103.crl

            X509v3 Authority Key Identifier:
                keyid:32:48:2C:26:74:5B:59:00:E4:D0:78:12:7E:F4:AA:AE:8A:4E:57:19

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/74b24643-d6d5-4d2a-b885-83160dec7103.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.21.2.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         3d:26:45:ff:3a:81:4a:9e:c4:6d:65:b4:8d:34:6e:fc:3b:50:
         d2:61:b5:f3:cc:1c:87:3b:0f:b3:7d:63:76:54:d6:6f:8c:80:
         d6:b1:43:a5:39:29:17:cb:a5:f4:10:2a:fc:20:17:7f:09:e3:
         38:0a:3c:66:25:68:06:9d:2d:99:75:ce:63:41:97:bc:ec:98:
         85:0e:5e:2a:7d:ab:23:84:e1:c4:25:e2:11:e2:bb:0b:7c:d4:
         e2:76:89:a4:05:8c:19:48:6d:ff:aa:71:fa:69:1f:ed:9a:86:
         82:9a:fc:87:ca:9c:e4:81:24:7a:e2:5c:9b:90:90:3a:52:92:
         38:cd:9f:67:a9:41:75:06:21:4c:51:2d:01:69:d6:a1:f9:f9:
         df:0a:a3:e0:79:5d:e8:6f:37:57:49:80:c3:f0:92:7e:e7:d8:
         c3:17:67:c9:a6:67:12:2a:d0:f8:3d:16:9d:fa:f4:62:9a:d8:
         c5:75:19:3c:27:04:c4:8c:7e:b7:d9:e6:fe:27:e0:dc:54:df:
         c7:18:d6:ca:58:32:b6:65:70:45:b4:06:af:ef:22:22:7b:f3:
         e6:dc:23:80:cb:be:80:f6:85:ab:20:af:ff:93:96:e1:4e:30:
         24:a4:60:6b:83:2b:34:a1:d9:3a:1e:4c:a1:37:fc:c1:1a:71:
         ae:dc:9b:38
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWELDI/6DaLUerj78M4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzRiMjQ2NDMtZDZkNS00ZDJhLWI4ODUtODMxNjBkZWM3
MTAzMB4XDTIzMDgwMzEzMDAxOVoXDTIzMTEwMTEzMDAxOVowLzEtMCsGA1UEAxMk
ODVjMmUyMTgtYTg4NC00ZWUyLWI1MzQtZmRmNjUyZGU5YzhlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSRRAZxfakDUWEx3L/3hu81nQUC8d4ACD6q1
O1V5Jhax4/9LjoOBmH/UsDJQWQrAQ2Hx76yb4Vz1Jk5Ab9a51rRdDHLfcx3b11MN
e9BsVvQTgLi71sBaITouDeUqbGfS8oXKXLYJhdG5ta82zpxnpt+7ldXNoIz/S+1v
OkVfcG5kIh/g8IT4xWyHaTpEXWBp/GNVYBGYk3VA/ZK1oBJdrxAdggGZTIsZy/RD
/vHBGjCOG9diKHz7EceN7TOkbUxtjXrIdYYoWnS5wl4LMgqSeMlGwuNb3+bZCAsn
81BuTv2eUx4ltN4FMCp5zkkHp3VbIvqlN5ZjI+uij2+O8eSBPQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJKTE5POX3bAjZFL8t7DEunRZDFuMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi83NGIy
NDY0My1kNmQ1LTRkMmEtYjg4NS04MzE2MGRlYzcxMDMvYmMyOTRmMWYtMGZlZS0z
MWQ4LWEzNjQtODM3N2U4ZmI3MTFiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0y
ZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvNzRiMjQ2NDMtZDZkNS00ZDJhLWI4
ODUtODMxNjBkZWM3MTAzLzc0YjI0NjQzLWQ2ZDUtNGQyYS1iODg1LTgzMTYwZGVj
NzEwMy5jcmwwHwYDVR0jBBgwFoAUMkgsJnRbWQDk0HgSfvSqropOVxkwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzJhMjQ2OTQ3LTJkNjItNGE2
Yy1iYTA1LTg3MTg3ZjAwOTliMi83NGIyNDY0My1kNmQ1LTRkMmEtYjg4NS04MzE2
MGRlYzcxMDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2BUCMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAD0mRf86gUqexG1ltI00bvw7UNJhtfPMHIc7D7N9Y3ZU1m+MgNaxQ6U5
KRfLpfQQKvwgF38J4zgKPGYlaAadLZl1zmNBl7zsmIUOXip9qyOE4cQl4hHiuwt8
1OJ2iaQFjBlIbf+qcfppH+2ahoKa/IfKnOSBJHriXJuQkDpSkjjNn2epQXUGIUxR
LQFp1qH5+d8Ko+B5XehvN1dJgMPwkn7n2MMXZ8mmZxIq0Pg9Fp369GKa2MV1GTwn
BMSMfrfZ5v4n4NxU38cY1spYMrZlcEW0Bq/vIiJ78+bcI4DLvoD2hasgr/+TluFO
MCSkYGuDKzSh2ToeTKE3/MEaca7cmzg=
-----END CERTIFICATE-----
Generated at Fri Oct 13 16:54:08 2023 by rpki-client on console-ams.rpki-client.org