Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/56353ee7-79e2-33a6-bb87-11d331f250c0.roa
File:                     56353ee7-79e2-33a6-bb87-11d331f250c0.roa (raw, json)
Hash identifier:          9jRx+JdTXtFLavqrISUrZ7BkrR2+o9nZCtl2SwD0uhw=
Subject key identifier:   F3:25:2A:D3:3F:E2:03:F4:F2:DC:DE:81:FB:C6:8E:3A:2E:B9:64:9F
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533317389EAE698FE6D15B40
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/56353ee7-79e2-33a6-bb87-11d331f250c0.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        199.183.0.0/20 maxlen: 20

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:17:38:9e:ae:69:8f:e6:d1:5b:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=bc5f3111-bab9-48f8-9182-7ff2f16580a6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:ad:c1:3a:3a:76:7c:52:23:28:0b:a0:46:52:
                    b1:1c:38:6e:43:66:40:af:8f:c8:55:0e:d5:34:37:
                    3a:0e:83:9b:b5:47:00:2a:96:a4:78:49:14:be:45:
                    65:fb:77:19:7e:9f:8e:43:ec:a7:23:c1:24:55:11:
                    35:90:22:f8:23:cd:0f:28:57:09:c1:31:31:46:bd:
                    b0:bf:0b:40:f1:ae:77:dd:1a:48:01:a0:f9:35:92:
                    25:f4:be:e9:60:c5:ba:21:8c:4f:15:f8:42:89:ff:
                    e2:4f:c5:14:b9:56:fe:ec:23:73:d0:30:5d:e0:c5:
                    7c:f7:1e:e0:41:11:ed:f6:7c:fc:cf:bb:16:58:67:
                    2a:11:15:71:ca:53:bb:fd:df:31:7b:a1:a8:de:83:
                    5a:63:ea:60:49:93:cc:b9:64:21:d5:09:b3:96:77:
                    83:d1:94:40:2a:77:c8:ef:e3:e6:46:ad:65:d5:90:
                    81:8d:f2:b7:0d:6d:14:b7:52:6b:b1:3b:fd:14:95:
                    a5:e8:dd:73:f0:20:fb:99:d8:9e:49:ef:2a:f0:29:
                    78:0f:6d:57:16:b9:36:48:11:58:d9:fd:ef:b9:ea:
                    1b:9e:59:67:78:b8:7b:57:81:45:8c:e7:ef:69:cb:
                    b6:ef:d1:47:75:22:60:8a:9e:8e:f6:a8:67:01:d3:
                    5c:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:25:2A:D3:3F:E2:03:F4:F2:DC:DE:81:FB:C6:8E:3A:2E:B9:64:9F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/56353ee7-79e2-33a6-bb87-11d331f250c0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.183.0.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         24:3c:1d:eb:f4:0e:6b:8d:0d:17:1a:85:1d:cf:54:ef:60:b3:
         58:d9:77:b1:25:7f:2c:76:f3:ea:67:fa:b7:d3:80:0c:03:a9:
         0b:39:1b:f0:0b:c2:a4:9a:1e:75:6d:ee:52:fa:26:cd:70:46:
         41:74:88:6b:c2:9e:f1:d0:04:99:84:9f:76:b9:57:40:91:a9:
         37:ec:ae:5d:bb:b0:6c:e1:40:b7:71:88:19:7f:e1:20:7b:31:
         32:cd:11:6e:2c:d8:a1:b2:3f:fb:7a:e7:24:ac:94:de:ab:f0:
         b8:85:63:01:fa:e7:15:75:ef:2b:e5:c0:c1:ad:1a:30:a6:f8:
         f1:6c:20:94:63:da:23:33:5f:2b:99:69:91:ea:1e:62:66:2c:
         c5:cc:c6:40:03:d1:df:63:dc:dc:b8:59:7d:6b:94:bc:be:ca:
         1e:63:a3:21:da:60:01:8f:87:71:92:9d:63:51:fc:97:cf:ad:
         e0:61:3f:6b:09:e2:24:fd:a9:a0:08:dc:de:d6:d8:32:71:ca:
         73:ef:6f:4f:0f:93:51:d0:bd:c3:ba:79:47:1f:82:8f:2a:c7:
         e3:dd:87:e8:08:a6:fc:07:dd:1b:0d:87:7f:07:81:5f:f8:89:
         7b:d2:a6:50:23:43:21:05:be:0a:65:a3:7c:57:97:ec:c5:63:
         35:ee:e7:fc
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMxc4nq5pj+bRW0AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
YmM1ZjMxMTEtYmFiOS00OGY4LTkxODItN2ZmMmYxNjU4MGE2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj63BOjp2fFIjKAugRlKxHDhuQ2ZAr4/IVQ7V
NDc6DoObtUcAKpakeEkUvkVl+3cZfp+OQ+ynI8EkVRE1kCL4I80PKFcJwTExRr2w
vwtA8a533RpIAaD5NZIl9L7pYMW6IYxPFfhCif/iT8UUuVb+7CNz0DBd4MV89x7g
QRHt9nz8z7sWWGcqERVxylO7/d8xe6Go3oNaY+pgSZPMuWQh1QmzlneD0ZRAKnfI
7+PmRq1l1ZCBjfK3DW0Ut1JrsTv9FJWl6N1z8CD7mdieSe8q8Cl4D21XFrk2SBFY
2f3vueobnllneLh7V4FFjOfvacu279FHdSJgip6O9qhnAdNcPwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFPMlKtM/4gP08tzegfvGjjouuWSfMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNTYzNTNlZTctNzllMi0z
M2E2LWJiODctMTFkMzMxZjI1MGMwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEx7cAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACQ8Hev0DmuNDRcahR3PVO9gs1jZd7Elfyx28+pn+rfTgAwDqQs5G/AL
wqSaHnVt7lL6Js1wRkF0iGvCnvHQBJmEn3a5V0CRqTfsrl27sGzhQLdxiBl/4SB7
MTLNEW4s2KGyP/t65ySslN6r8LiFYwH65xV17yvlwMGtGjCm+PFsIJRj2iMzXyuZ
aZHqHmJmLMXMxkAD0d9j3Ny4WX1rlLy+yh5joyHaYAGPh3GSnWNR/JfPreBhP2sJ
4iT9qaAI3N7W2DJxynPvb08Pk1HQvcO6eUcfgo8qx+Pdh+gIpvwH3RsNh38HgV/4
iXvSplAjQyEFvgplo3xXl+zFYzXu5/w=
-----END CERTIFICATE-----
Generated at Tue Mar 26 17:45:15 2024 by rpki-client on console-fra.rpki-client.org