Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/2acfe4c8-8023-337a-afb5-86ca74cec59e.roa
File:                     2acfe4c8-8023-337a-afb5-86ca74cec59e.roa (raw, json)
Hash identifier:          60a3GbvFTuvAgPmn/ZejCdoC5CoTP7nZGyRuPGOJCo0=
Subject key identifier:   FA:F3:33:92:DF:4D:FB:4D:E6:90:1C:E5:29:96:02:6B:BA:D4:4F:6F
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533329083983B6F8694EAB40
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/2acfe4c8-8023-337a-afb5-86ca74cec59e.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        216.80.128.0/17 maxlen: 17

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:29:08:39:83:b6:f8:69:4e:ab:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=d42b6a71-53c6-4952-a389-6105595960d0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:26:83:26:56:b3:f8:30:de:29:11:df:1b:02:
                    30:d5:d9:d6:67:95:0b:16:59:a1:1b:93:87:82:3b:
                    2f:1c:3b:db:1b:a6:c9:e3:e6:24:5c:f9:64:55:3b:
                    e2:a6:14:d4:3c:02:19:fd:e6:e5:b7:db:60:77:13:
                    5f:0f:8f:d8:a3:a5:bb:7b:ed:00:83:50:34:91:84:
                    6f:fb:cd:16:d9:0a:90:7a:33:7f:59:f2:e7:12:ab:
                    85:e7:c1:a9:ed:45:58:30:b9:9a:f8:41:e5:95:3c:
                    17:00:ad:3d:e6:95:bc:41:d1:4b:b7:65:82:e6:37:
                    7f:1a:6f:9d:c2:f8:8d:14:10:ee:66:33:23:cb:d4:
                    1c:bd:e9:fc:94:b7:7d:e6:e7:2b:8b:61:5c:c6:c4:
                    8a:6f:c4:cd:2c:db:40:10:cb:9e:9b:fb:32:13:1d:
                    8d:1c:f5:c2:3b:58:32:79:a1:61:ca:0d:20:14:18:
                    78:77:46:4c:b9:12:58:21:a9:d5:76:ce:b8:f1:bf:
                    49:32:ee:93:ab:5f:db:96:81:02:0f:e4:c4:6a:7f:
                    b7:11:8e:cd:20:d5:f9:0e:05:c0:fd:b7:15:20:07:
                    0f:63:29:61:2d:c0:b0:53:b5:af:4a:e4:43:d3:be:
                    24:b4:d1:b7:5c:07:08:cc:d8:eb:ca:07:31:19:83:
                    7e:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:F3:33:92:DF:4D:FB:4D:E6:90:1C:E5:29:96:02:6B:BA:D4:4F:6F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/2acfe4c8-8023-337a-afb5-86ca74cec59e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.80.128.0/17

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         7f:d9:f1:2f:93:dd:af:14:66:31:3f:77:b3:68:25:b1:29:96:
         16:f6:72:8c:36:70:1b:46:31:8c:84:dd:05:d2:19:fd:f3:07:
         f4:03:c4:f2:92:8a:0a:4f:d1:14:ab:2b:09:d6:3e:a5:8f:b7:
         44:ea:00:28:24:a8:58:80:ff:13:24:c4:5f:5b:27:77:23:b0:
         73:da:39:19:35:19:22:37:30:a4:6f:12:79:74:f5:8c:2a:1e:
         83:b9:20:b9:44:4f:2d:32:4b:8d:69:d5:02:a7:9f:38:82:0e:
         50:5e:17:4e:9c:7a:f6:cf:4b:27:36:4e:b6:ab:8a:cd:c4:99:
         85:3c:d7:5f:c4:1e:c5:23:25:e6:91:2f:e4:69:c0:fc:6e:86:
         be:0a:f0:e9:17:d2:8c:46:1f:52:ef:71:b9:eb:5e:3f:ee:04:
         6f:9f:bb:10:29:29:c6:39:6b:1a:e3:51:56:18:d8:1d:22:cc:
         74:75:f4:e5:44:af:66:8f:dd:13:af:24:86:84:cd:5f:7b:78:
         da:95:5f:ab:ad:8b:85:bd:a1:1a:d6:52:1c:23:01:b4:b9:71:
         de:b4:a1:21:3d:8e:e7:a7:14:35:1c:b5:73:70:3d:14:12:6f:
         7d:2c:06:ba:5b:43:37:6d:bc:87:2f:7a:a6:55:27:1b:2e:ef:
         0e:5c:f0:55
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMykIOYO2+GlOq0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
ZDQyYjZhNzEtNTNjNi00OTUyLWEzODktNjEwNTU5NTk2MGQwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSaDJlaz+DDeKRHfGwIw1dnWZ5ULFlmhG5OH
gjsvHDvbG6bJ4+YkXPlkVTviphTUPAIZ/eblt9tgdxNfD4/Yo6W7e+0Ag1A0kYRv
+80W2QqQejN/WfLnEquF58Gp7UVYMLma+EHllTwXAK095pW8QdFLt2WC5jd/Gm+d
wviNFBDuZjMjy9Qcven8lLd95ucri2FcxsSKb8TNLNtAEMuem/syEx2NHPXCO1gy
eaFhyg0gFBh4d0ZMuRJYIanVds648b9JMu6Tq1/bloECD+TEan+3EY7NINX5DgXA
/bcVIAcPYylhLcCwU7WvSuRD074ktNG3XAcIzNjrygcxGYN+4QIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFPrzM5LfTftN5pAc5SmWAmu61E9vMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvMmFjZmU0YzgtODAyMy0z
MzdhLWFmYjUtODZjYTc0Y2VjNTllLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQH2FCAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAH/Z8S+T3a8UZjE/d7NoJbEplhb2cow2cBtGMYyE3QXSGf3zB/QDxPKS
igpP0RSrKwnWPqWPt0TqACgkqFiA/xMkxF9bJ3cjsHPaORk1GSI3MKRvEnl09Ywq
HoO5ILlETy0yS41p1QKnnziCDlBeF06cevbPSyc2Traris3EmYU811/EHsUjJeaR
L+RpwPxuhr4K8OkX0oxGH1LvcbnrXj/uBG+fuxApKcY5axrjUVYY2B0izHR19OVE
r2aP3ROvJIaEzV97eNqVX6uti4W9oRrWUhwjAbS5cd60oSE9juenFDUctXNwPRQS
b30sBrpbQzdtvIcveqZVJxsu7w5c8FU=
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:14 2024 by rpki-client on console-fra.rpki-client.org