Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/e9595f47-4bd9-3548-bbd5-a492e303446f.roa
File:                     e9595f47-4bd9-3548-bbd5-a492e303446f.roa (raw, json)
Hash identifier:          NVEQrk5GrbJlJchS/pbwkUOU2noGnORQElDnrnn39mM=
Subject key identifier:   87:73:2E:51:DF:D5:1A:A5:FD:42:0A:8F:8C:4B:DF:49:36:DF:17:89
Certificate issuer:       /CN=f240d902-7ba3-4aec-b663-471f0fabfe37
Certificate serial:       010D0C9F4328576D51CC73C042CFC158BE6B0870
Authority key identifier: E4:57:D5:28:0C:09:9C:2A:7E:A8:A5:80:B1:6F:F6:B0:BA:4C:F1:1E
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/e9595f47-4bd9-3548-bbd5-a492e303446f.roa
Signing time:             Fri 02 Dec 2016 07:23:55 +0000
ROA not before:           Thu 01 Dec 2016 05:00:00 +0000
ROA not after:            Tue 01 Dec 2026 05:00:00 +0000
asID:                     27735
IP address blocks:        216.72.171.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:57:6d:51:cc:73:c0:42:cf:c1:58:be:6b:08:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f240d902-7ba3-4aec-b663-471f0fabfe37
        Validity
            Not Before: Dec  1 05:00:00 2016 GMT
            Not After : Dec  1 05:00:00 2026 GMT
        Subject: CN=9bdd1772-4f4f-49ea-b58b-d1ea3d7032e9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:c8:0e:75:56:c4:6b:a4:f7:aa:db:79:36:a3:
                    1d:1f:03:5e:c9:ee:75:7a:52:c0:3a:c5:a5:95:72:
                    c0:1b:45:a6:f4:08:4b:92:2f:b1:61:03:5b:6a:50:
                    90:c5:32:db:a2:f2:a1:5f:9a:58:69:03:5b:76:d2:
                    05:19:2c:fa:7e:91:cf:7d:9f:75:0c:b2:07:6a:6a:
                    9c:eb:f3:8e:e3:65:96:f4:33:2d:14:14:af:52:4d:
                    3e:3c:19:75:b9:64:42:41:e3:64:c0:9d:da:1c:81:
                    ee:2b:87:fa:8b:7d:87:0d:d9:3c:09:5a:32:78:10:
                    f1:4a:20:58:22:b8:d9:30:68:0e:20:f2:01:30:9f:
                    8e:4a:eb:e9:da:b1:3b:2c:fb:95:77:a9:ab:64:f7:
                    34:26:72:0e:23:08:7b:a0:2c:a4:3e:a7:9d:7e:d9:
                    69:74:0c:c0:63:04:41:31:e2:b1:83:91:6e:d0:78:
                    7d:23:79:1d:99:c9:3e:a3:c1:07:7b:c1:85:99:ac:
                    17:a5:18:6d:f6:ed:c0:b1:28:fa:17:ec:5a:1d:1b:
                    b9:78:64:3f:81:9b:13:fa:d5:50:c7:aa:0d:14:37:
                    ed:2a:73:53:31:a5:d9:40:e4:6c:51:4a:52:c5:71:
                    38:13:a3:a0:60:2a:a7:9c:7a:19:70:0c:0a:7e:af:
                    30:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:73:2E:51:DF:D5:1A:A5:FD:42:0A:8F:8C:4B:DF:49:36:DF:17:89
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/e9595f47-4bd9-3548-bbd5-a492e303446f.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37/f240d902-7ba3-4aec-b663-471f0fabfe37.crl

            X509v3 Authority Key Identifier:
                keyid:E4:57:D5:28:0C:09:9C:2A:7E:A8:A5:80:B1:6F:F6:B0:BA:4C:F1:1E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/f240d902-7ba3-4aec-b663-471f0fabfe37.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.72.171.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6f:1a:b2:0e:7e:81:0a:28:aa:84:54:4c:81:17:2c:7e:c2:99:
         7f:b8:d5:09:7a:39:78:9c:15:81:48:54:6c:b4:66:24:aa:19:
         a7:da:39:0d:17:62:5c:bf:3b:81:ad:95:df:d6:1c:7e:01:44:
         f1:2b:d8:40:4b:9c:55:d1:24:40:a4:d4:23:55:a6:81:fd:2b:
         94:d4:a2:fa:f7:31:f8:cf:54:49:1a:70:b1:5f:a5:d7:4b:d6:
         71:16:40:54:1d:0b:3c:7d:ff:6b:96:33:b7:15:8a:02:1a:26:
         3d:f9:22:ee:bf:81:af:ca:8b:be:d6:dd:05:b5:86:44:1b:6c:
         d5:c1:dc:94:2e:66:e5:40:fd:29:a5:0e:bd:86:2e:c0:1f:03:
         22:bd:d8:a3:c6:34:72:f8:ab:4e:a4:d4:9a:92:c0:f3:cb:3b:
         3f:09:8c:c3:41:4c:62:a1:f3:a4:9a:02:b3:83:95:5c:50:b8:
         81:b9:60:51:30:28:20:21:55:19:55:61:76:2a:36:7c:f1:66:
         b1:b0:88:f4:eb:c3:c4:92:54:8a:4d:40:9e:18:79:60:93:67:
         19:87:43:3e:77:ce:a2:12:3f:99:89:d7:d8:c3:c1:12:b0:a6:
         b3:aa:11:d9:02:a9:67:84:f0:f4:f3:a4:cd:df:8c:8d:1d:a0:
         f8:90:10:3d
-----BEGIN CERTIFICATE-----
MIIGPzCCBSmgAwIBAgIUAQ0Mn0MoV21RzHPAQs/BWL5rCHAwCwYJKoZIhvcNAQEL
MC8xLTArBgNVBAMTJGYyNDBkOTAyLTdiYTMtNGFlYy1iNjYzLTQ3MWYwZmFiZmUz
NzAeFw0xNjEyMDEwNTAwMDBaFw0yNjEyMDEwNTAwMDBaMC8xLTArBgNVBAMTJDli
ZGQxNzcyLTRmNGYtNDllYS1iNThiLWQxZWEzZDcwMzJlOTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBANfIDnVWxGuk96rbeTajHR8DXsnudXpSwDrFpZVy
wBtFpvQIS5IvsWEDW2pQkMUy26LyoV+aWGkDW3bSBRks+n6Rz32fdQyyB2pqnOvz
juNllvQzLRQUr1JNPjwZdblkQkHjZMCd2hyB7iuH+ot9hw3ZPAlaMngQ8UogWCK4
2TBoDiDyATCfjkrr6dqxOyz7lXepq2T3NCZyDiMIe6AspD6nnX7ZaXQMwGMEQTHi
sYORbtB4fSN5HZnJPqPBB3vBhZmsF6UYbfbtwLEo+hfsWh0buXhkP4GbE/rVUMeq
DRQ37SpzUzGl2UDkbFFKUsVxOBOjoGAqp5x6GXAMCn6vMH8CAwEAAaOCA1UwggNR
MB0GA1UdDgQWBBSHcy5R39Uapf1CCo+MS99JNt8XiTCB5QYIKwYBBQUHAQsEgdgw
gdUwgdIGCCsGAQUFBzALhoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRv
cnkvYXJpbi1ycGtpLXRhLzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIx
NTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMtYmEwNS04NzE4N2YwMDk5YjIvZjI0MGQ5
MDItN2JhMy00YWVjLWI2NjMtNDcxZjBmYWJmZTM3L2U5NTk1ZjQ3LTRiZDktMzU0
OC1iYmQ1LWE0OTJlMzAzNDQ2Zi5yb2EwgdwGA1UdHwSB1DCB0TCBzqCBy6CByIaB
xXJzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81
ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvMmEyNDY5NDctMmQ2
Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyL2YyNDBkOTAyLTdiYTMtNGFlYy1iNjYz
LTQ3MWYwZmFiZmUzNy9mMjQwZDkwMi03YmEzLTRhZWMtYjY2My00NzFmMGZhYmZl
MzcuY3JsMB8GA1UdIwQYMBaAFORX1SgMCZwqfqilgLFv9rC6TPEeMA4GA1UdDwEB
/wQEAwIHgDCBwAYIKwYBBQUHAQEEgbMwgbAwga0GCCsGAQUFBzAChoGgcnN5bmM6
Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRhLzVlNGEyM2Vh
LWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy8yYTI0Njk0Ny0yZDYyLTRhNmMt
YmEwNS04NzE4N2YwMDk5YjIvZjI0MGQ5MDItN2JhMy00YWVjLWI2NjMtNDcxZjBm
YWJmZTM3LmNlcjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEANhIqzBUBgNV
HSABAf8ESjBIMEYGCCsGAQUFBw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3
LmFyaW4ubmV0L3Jlc291cmNlcy9ycGtpL2Nwcy5odG1sMAsGCSqGSIb3DQEBCwOC
AQEAbxqyDn6BCiiqhFRMgRcsfsKZf7jVCXo5eJwVgUhUbLRmJKoZp9o5DRdiXL87
ga2V39YcfgFE8SvYQEucVdEkQKTUI1Wmgf0rlNSi+vcx+M9USRpwsV+l10vWcRZA
VB0LPH3/a5YztxWKAhomPfki7r+Br8qLvtbdBbWGRBts1cHclC5m5UD9KaUOvYYu
wB8DIr3Yo8Y0cvirTqTUmpLA88s7PwmMw0FMYqHzpJoCs4OVXFC4gblgUTAoICFV
GVVhdio2fPFmsbCI9OvDxJJUik1Anhh5YJNnGYdDPnfOohI/mYnX2MPBErCms6oR
2QKpZ4Tw9POkzd+MjR2g+JAQPQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:30 2023 by rpki-client on console-ams.rpki-client.org