Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/621053bd-3fa2-33d5-ae31-9db81266bf72.roa
File:                     621053bd-3fa2-33d5-ae31-9db81266bf72.roa (raw, json)
Hash identifier:          63xjFkS+L5hNPFCunQyTZDGdtEIINyZnJ/gp2e/3loY=
Subject key identifier:   7F:CE:FC:6D:9B:AC:2F:59:17:5A:01:B3:BA:A6:90:F3:78:F5:25:B2
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533322DFCF675CDC09060A80
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/621053bd-3fa2-33d5-ae31-9db81266bf72.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        209.92.58.0/23 maxlen: 23

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:22:df:cf:67:5c:dc:09:06:0a:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=4a0e2457-c786-4f17-af15-8e699b9d9d97
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:73:13:62:30:61:69:9c:0c:2a:e1:00:fd:1b:
                    66:d6:9e:10:4e:62:a5:0e:de:b7:b8:e7:26:ff:37:
                    70:cf:39:7c:70:b8:fd:a4:47:45:40:5a:cc:06:83:
                    da:79:30:e0:49:84:9b:5e:41:3a:64:3c:47:d8:f1:
                    2c:38:75:40:cb:f2:0d:97:b4:e9:7e:72:4c:b7:86:
                    28:01:e8:f9:69:2b:91:33:3f:b9:4e:82:e0:04:bf:
                    31:34:9a:92:de:22:58:e0:2f:15:6d:7e:22:48:98:
                    5f:bd:f5:cc:94:72:3b:ef:ba:2f:99:90:32:f2:7b:
                    39:b6:52:5c:4c:0e:47:c0:c8:70:ec:b0:98:49:5d:
                    69:aa:0d:44:9f:13:28:de:6f:84:9d:e3:69:23:03:
                    e4:c9:5a:3a:aa:a2:bf:98:5f:9d:de:d0:e9:da:1d:
                    4c:e5:3b:93:1b:7f:1e:c7:74:c3:81:90:5d:c2:9a:
                    63:e1:71:71:80:fd:33:7e:8f:a7:4c:cb:e8:91:a1:
                    8d:cb:1a:93:19:4e:ff:1a:b4:ab:bd:03:12:82:2b:
                    88:86:c7:2c:61:60:e2:04:f9:07:28:86:ec:9b:be:
                    58:85:3d:96:95:e9:cd:75:8f:9f:23:f3:51:c7:f3:
                    24:d7:eb:c3:64:df:52:75:4a:8f:31:ae:da:f4:79:
                    57:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7F:CE:FC:6D:9B:AC:2F:59:17:5A:01:B3:BA:A6:90:F3:78:F5:25:B2
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/621053bd-3fa2-33d5-ae31-9db81266bf72.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.92.58.0/23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         74:e4:03:70:73:2c:52:dd:bd:c3:2c:46:bf:c8:c5:ad:41:b0:
         9e:66:dd:db:e8:df:60:73:d6:32:24:a7:72:d6:19:7d:aa:61:
         10:5c:2b:35:3d:4a:f8:58:53:5b:f8:94:3e:af:80:c2:aa:80:
         f8:65:d2:c0:47:d0:ec:c4:dd:cf:1d:8a:7e:dd:19:38:46:6b:
         30:12:2c:aa:dc:92:e0:ae:e6:ff:d6:46:8a:c0:64:dc:d9:4d:
         70:de:cb:e5:be:29:97:1d:0d:c9:59:dc:0e:52:99:03:63:fb:
         a6:c8:10:3e:55:ca:cd:b2:8e:f0:10:81:2c:08:30:93:53:34:
         27:2a:09:da:6c:23:9b:60:b5:ed:d2:2c:ba:b1:d5:5a:7a:b7:
         dc:08:20:5c:2d:6d:bf:02:8a:cf:3f:3c:6e:00:fd:c6:60:59:
         42:86:76:d2:8c:b0:23:dc:af:16:7b:5f:a6:a8:ad:4b:d6:61:
         93:3e:c7:a0:17:60:59:10:62:2c:62:52:dd:cf:67:75:92:e3:
         a5:6b:58:d0:4b:97:04:7f:4f:41:c8:37:c6:86:0a:30:ee:4a:
         97:eb:b2:62:36:90:df:9f:c0:83:e5:cf:72:e0:cb:37:ab:40:
         e3:52:27:b7:56:b3:d2:9b:45:b4:f3:3b:f1:57:86:d8:1c:4c:
         67:95:f0:1e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMyLfz2dc3AkGCoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
NGEwZTI0NTctYzc4Ni00ZjE3LWFmMTUtOGU2OTliOWQ5ZDk3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3MTYjBhaZwMKuEA/Rtm1p4QTmKlDt63uOcm
/zdwzzl8cLj9pEdFQFrMBoPaeTDgSYSbXkE6ZDxH2PEsOHVAy/INl7TpfnJMt4Yo
Aej5aSuRMz+5ToLgBL8xNJqS3iJY4C8VbX4iSJhfvfXMlHI777ovmZAy8ns5tlJc
TA5HwMhw7LCYSV1pqg1EnxMo3m+EneNpIwPkyVo6qqK/mF+d3tDp2h1M5TuTG38e
x3TDgZBdwppj4XFxgP0zfo+nTMvokaGNyxqTGU7/GrSrvQMSgiuIhscsYWDiBPkH
KIbsm75YhT2WlenNdY+fI/NRx/Mk1+vDZN9SdUqPMa7a9HlXowIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFH/O/G2brC9ZF1oBs7qmkPN49SWyMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvNjIxMDUzYmQtM2ZhMi0z
M2Q1LWFlMzEtOWRiODEyNjZiZjcyLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB0Vw6MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAHTkA3BzLFLdvcMsRr/Ixa1BsJ5m3dvo32Bz1jIkp3LWGX2qYRBcKzU9
SvhYU1v4lD6vgMKqgPhl0sBH0OzE3c8din7dGThGazASLKrckuCu5v/WRorAZNzZ
TXDey+W+KZcdDclZ3A5SmQNj+6bIED5Vys2yjvAQgSwIMJNTNCcqCdpsI5tgte3S
LLqx1Vp6t9wIIFwtbb8Cis8/PG4A/cZgWUKGdtKMsCPcrxZ7X6aorUvWYZM+x6AX
YFkQYixiUt3PZ3WS46VrWNBLlwR/T0HIN8aGCjDuSpfrsmI2kN+fwIPlz3Lgyzer
QONSJ7dWs9KbRbTzO/FXhtgcTGeV8B4=
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:00:22 2024 by rpki-client on console-ams.rpki-client.org