Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4db89693-772f-39f1-8931-31a432073985.roa
File:                     4db89693-772f-39f1-8931-31a432073985.roa (raw, json)
Hash identifier:          x9W7xe0/UmkSfxQBT9j5Qhz+WPOxNr1v2hJ6ugo7PwU=
Subject key identifier:   D8:A1:EA:71:42:0F:F1:95:29:82:D5:50:3D:E3:96:D3:5A:92:5A:4E
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533317F773E44D959AEF6800
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4db89693-772f-39f1-8931-31a432073985.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        204.31.80.0/20 maxlen: 20

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:17:f7:73:e4:4d:95:9a:ef:68:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=3dc3efaa-7f43-47ff-85f6-206e07ea53a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:03:f1:6d:fb:95:f5:c2:46:38:c0:65:55:8a:
                    ef:5d:a3:0b:b8:a4:9f:45:28:27:48:07:37:13:29:
                    2a:7b:d5:0d:70:88:50:a2:f0:7e:9d:62:46:be:5f:
                    74:e2:ff:9a:bb:c2:78:44:47:46:b9:30:7a:65:61:
                    30:34:c5:8f:7d:4b:f6:8a:65:d7:27:01:6a:1b:58:
                    fa:a0:7a:60:95:f9:25:dd:e0:26:79:94:f5:28:21:
                    a7:5c:01:d5:2a:4f:ac:24:dd:8f:5b:eb:ab:b1:cf:
                    1c:1c:e9:0d:fc:df:db:cb:aa:75:16:2e:28:b3:4b:
                    f8:0c:19:0f:b2:6a:0a:65:d5:9c:13:ad:d2:76:c8:
                    d8:a6:84:1c:82:05:ae:f8:a1:bd:88:e4:d4:6f:c4:
                    82:19:9a:a8:6f:71:da:31:2c:51:fd:43:74:a9:84:
                    e0:d2:60:4c:7a:8b:ea:d5:68:49:71:5b:db:c9:8b:
                    d4:17:15:fc:4a:80:88:01:c4:1b:37:e2:49:a6:e1:
                    28:a2:7a:54:ac:bd:91:b5:12:8e:68:38:22:48:98:
                    bc:98:fe:17:59:aa:61:e9:69:14:91:36:f1:42:4e:
                    d6:7c:17:4c:31:67:75:8b:6d:29:7b:ab:56:64:8c:
                    d7:bb:92:a8:d2:e5:62:16:d6:ea:76:26:9e:12:22:
                    c0:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:A1:EA:71:42:0F:F1:95:29:82:D5:50:3D:E3:96:D3:5A:92:5A:4E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/4db89693-772f-39f1-8931-31a432073985.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.31.80.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         12:6f:a7:bb:b7:2e:cd:e1:38:d0:b9:0a:42:c1:c2:40:50:5c:
         61:d5:fb:01:81:7c:37:90:7d:66:1b:13:e6:e8:76:9e:11:60:
         18:b8:aa:c6:68:74:d2:cf:7a:a4:a3:6c:e6:92:9a:36:3a:8e:
         0d:3b:11:df:64:dd:c6:49:71:25:f6:bf:07:25:05:0c:76:61:
         d8:1a:c1:10:38:d5:c5:a2:74:e1:26:d3:b8:98:ec:ee:b1:38:
         19:1d:c0:d1:c0:14:85:d6:dc:56:9c:f6:2d:ea:33:d9:6f:a1:
         50:9e:d5:ae:69:e2:0a:f6:28:44:84:14:c9:3f:2b:7e:f3:8d:
         10:dd:6e:be:57:8e:4f:67:91:24:05:b6:5c:71:63:82:78:a5:
         ee:bd:b9:fe:d5:12:b1:cc:5c:16:2b:48:65:41:1c:9d:2a:f2:
         0e:8a:49:8f:41:39:01:60:9a:3f:80:26:78:bc:fe:dc:32:f3:
         d6:6c:76:40:46:03:f0:e3:31:d2:55:4b:f3:83:56:8c:8f:ba:
         64:7f:e7:de:9e:76:a2:cb:be:a0:c7:8a:b6:a3:22:f5:87:39:
         03:d4:70:e9:20:4c:d9:0e:f5:63:2a:90:1a:48:e7:7a:a1:2e:
         bc:d7:9b:33:ba:e9:85:e7:9a:04:67:e6:4e:29:e6:19:cd:0f:
         90:02:ac:0f
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMxf3c+RNlZrvaAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
M2RjM2VmYWEtN2Y0My00N2ZmLTg1ZjYtMjA2ZTA3ZWE1M2E2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwPxbfuV9cJGOMBlVYrvXaMLuKSfRSgnSAc3
Eykqe9UNcIhQovB+nWJGvl904v+au8J4REdGuTB6ZWEwNMWPfUv2imXXJwFqG1j6
oHpglfkl3eAmeZT1KCGnXAHVKk+sJN2PW+ursc8cHOkN/N/by6p1Fi4os0v4DBkP
smoKZdWcE63SdsjYpoQcggWu+KG9iOTUb8SCGZqob3HaMSxR/UN0qYTg0mBMeovq
1WhJcVvbyYvUFxX8SoCIAcQbN+JJpuEoonpUrL2RtRKOaDgiSJi8mP4XWaph6WkU
kTbxQk7WfBdMMWd1i20pe6tWZIzXu5Ko0uViFtbqdiaeEiLAOQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNih6nFCD/GVKYLVUD3jltNaklpOMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNGRiODk2OTMtNzcyZi0z
OWYxLTg5MzEtMzFhNDMyMDczOTg1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEzB9QMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABJvp7u3Ls3hONC5CkLBwkBQXGHV+wGBfDeQfWYbE+bodp4RYBi4qsZo
dNLPeqSjbOaSmjY6jg07Ed9k3cZJcSX2vwclBQx2YdgawRA41cWidOEm07iY7O6x
OBkdwNHAFIXW3Fac9i3qM9lvoVCe1a5p4gr2KESEFMk/K37zjRDdbr5Xjk9nkSQF
tlxxY4J4pe69uf7VErHMXBYrSGVBHJ0q8g6KSY9BOQFgmj+AJni8/twy89ZsdkBG
A/DjMdJVS/ODVoyPumR/596edqLLvqDHirajIvWHOQPUcOkgTNkO9WMqkBpI53qh
LrzXmzO66YXnmgRn5k4p5hnND5ACrA8=
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:15 2024 by rpki-client on console-fra.rpki-client.org