Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/f321db06-8b03-3250-bbcd-28389abd0ddb.roa
File:                     f321db06-8b03-3250-bbcd-28389abd0ddb.roa (raw, json)
Hash identifier:          nPgavUjyTpcxFZ6X5joXCc217pVbThzmWIc097ZYqGI=
Subject key identifier:   CF:4B:15:2B:73:C7:9B:7C:6A:C7:A4:0A:54:B9:9B:0E:B8:EA:57:6A
Certificate issuer:       /CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
Certificate serial:       010D0C9F43285845533324A1B8AD31CD3866C570
Authority key identifier: 77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/f321db06-8b03-3250-bbcd-28389abd0ddb.roa
Signing time:             Mon 25 Mar 2024 13:00:33 +0000
ROA not before:           Mon 25 Mar 2024 13:00:33 +0000
ROA not after:            Sun 23 Jun 2024 13:00:33 +0000
asID:                     7029
IP address blocks:        209.108.112.0/20 maxlen: 20

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:53:33:24:a1:b8:ad:31:cd:38:66:c5:70
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49bd506e-447c-48e7-9d44-4b373b35b2d3
        Validity
            Not Before: Mar 25 13:00:33 2024 GMT
            Not After : Jun 23 13:00:33 2024 GMT
        Subject: CN=6de2e292-3a96-435f-9580-6307deb2bb89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:d5:20:ca:e9:82:07:4f:b0:55:0c:27:1b:f0:
                    4e:96:b5:46:95:1e:40:db:a5:68:63:04:52:b8:8f:
                    df:b3:83:a0:25:e6:3e:0b:a5:36:1b:fe:4f:ac:fb:
                    0d:c9:9b:d4:d0:a2:4f:37:cb:87:89:54:2f:d2:ed:
                    b1:96:f3:60:8a:4a:44:d2:cb:fa:b3:52:7c:03:5c:
                    44:2f:60:2c:2f:b8:04:69:72:74:03:8d:1c:74:85:
                    7a:8a:19:55:0b:63:48:b2:1e:b7:4d:c2:5e:0f:d4:
                    a0:ff:13:46:5d:fe:be:ca:83:7f:6a:d4:fc:62:55:
                    92:06:23:19:8f:5a:24:f8:20:be:d1:c4:4d:e7:1e:
                    b6:66:21:5a:e1:1d:35:11:d1:ae:1d:72:80:47:e2:
                    b4:ee:bb:fe:23:2c:d3:71:3c:3e:f1:ef:a4:11:b2:
                    54:71:80:37:ea:ad:bc:d7:3f:4d:d8:ce:a2:af:13:
                    5f:20:63:8b:07:4b:7b:f0:11:90:01:e3:77:6e:db:
                    7f:eb:8c:ff:a3:0a:43:bc:9c:0f:9d:31:e7:a7:68:
                    b6:4e:d0:45:77:e5:0a:9d:91:80:7d:91:2f:df:79:
                    0e:c9:88:9a:74:0e:09:11:e7:26:a7:93:19:75:2d:
                    53:5a:80:2f:e0:81:81:6d:24:d0:5d:ec:1a:94:ef:
                    7d:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:4B:15:2B:73:C7:9B:7C:6A:C7:A4:0A:54:B9:9B:0E:B8:EA:57:6A
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/f321db06-8b03-3250-bbcd-28389abd0ddb.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3/49bd506e-447c-48e7-9d44-4b373b35b2d3.crl

            X509v3 Authority Key Identifier:
                keyid:77:03:89:3B:86:32:63:FF:78:2E:87:84:0D:12:3F:C5:E7:13:68:E4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/49bd506e-447c-48e7-9d44-4b373b35b2d3.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  209.108.112.0/20

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4b:10:26:d2:9d:fa:a6:04:65:b6:55:8c:98:73:a2:f4:4f:0b:
         1e:a3:3e:2f:3a:79:21:04:51:ea:63:4b:aa:77:04:59:03:08:
         39:4f:e0:fc:99:9f:3e:84:70:b2:95:8c:2b:6a:eb:7e:de:42:
         04:66:bf:a8:13:c7:ce:a1:52:f7:8d:51:b8:81:25:30:00:96:
         3b:1b:7e:d7:1f:f7:1c:79:24:9b:5f:d2:73:60:e1:6e:8b:44:
         96:b4:f9:37:07:53:e2:1b:8f:ab:b5:b9:df:52:d7:5f:de:4f:
         aa:c1:3c:91:ae:6a:dc:6a:cd:ec:01:0e:e3:8c:a4:36:2c:c1:
         38:aa:74:58:f0:10:d3:ff:06:fb:ea:fb:42:fb:39:76:2e:59:
         3b:23:8a:f0:a9:7e:54:70:eb:df:07:69:1c:47:ea:80:7c:ea:
         0f:dc:fe:44:56:00:73:16:be:d7:be:64:3c:2c:39:73:62:57:
         bc:af:20:20:11:73:00:1c:79:b3:cb:11:d2:cd:b8:a1:02:46:
         57:14:4f:39:92:7b:36:1f:ad:dc:87:fd:13:15:89:b6:a3:a3:
         2e:cf:12:cc:3e:0b:12:46:59:5f:26:e3:93:f8:d2:bf:57:bd:
         a1:0c:d2:6a:19:ce:fe:e9:75:c9:fd:4e:63:1d:4e:74:3d:81:
         b6:2a:35:de
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVTMyShuK0xzThmxXAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDliZDUwNmUtNDQ3Yy00OGU3LTlkNDQtNGIzNzNiMzVi
MmQzMB4XDTI0MDMyNTEzMDAzM1oXDTI0MDYyMzEzMDAzM1owLzEtMCsGA1UEAxMk
NmRlMmUyOTItM2E5Ni00MzVmLTk1ODAtNjMwN2RlYjJiYjg5MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttUgyumCB0+wVQwnG/BOlrVGlR5A26VoYwRS
uI/fs4OgJeY+C6U2G/5PrPsNyZvU0KJPN8uHiVQv0u2xlvNgikpE0sv6s1J8A1xE
L2AsL7gEaXJ0A40cdIV6ihlVC2NIsh63TcJeD9Sg/xNGXf6+yoN/atT8YlWSBiMZ
j1ok+CC+0cRN5x62ZiFa4R01EdGuHXKAR+K07rv+IyzTcTw+8e+kEbJUcYA36q28
1z9N2M6irxNfIGOLB0t78BGQAeN3btt/64z/owpDvJwPnTHnp2i2TtBFd+UKnZGA
fZEv33kOyYiadA4JEecmp5MZdS1TWoAv4IGBbSTQXewalO99QwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFM9LFStzx5t8asekClS5mw646ldqMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy80OWJk
NTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3M2IzNWIyZDMvZjMyMWRiMDYtOGIwMy0z
MjUwLWJiY2QtMjgzODlhYmQwZGRiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvNDliZDUwNmUtNDQ3Yy00OGU3LTlk
NDQtNGIzNzNiMzViMmQzLzQ5YmQ1MDZlLTQ0N2MtNDhlNy05ZDQ0LTRiMzczYjM1
YjJkMy5jcmwwHwYDVR0jBBgwFoAUdwOJO4YyY/94LoeEDRI/xecTaOQwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy80OWJkNTA2ZS00NDdjLTQ4ZTctOWQ0NC00YjM3
M2IzNWIyZDMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE0WxwMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEsQJtKd+qYEZbZVjJhzovRPCx6jPi86eSEEUepjS6p3BFkDCDlP4PyZ
nz6EcLKVjCtq637eQgRmv6gTx86hUveNUbiBJTAAljsbftcf9xx5JJtf0nNg4W6L
RJa0+TcHU+Ibj6u1ud9S11/eT6rBPJGuatxqzewBDuOMpDYswTiqdFjwENP/Bvvq
+0L7OXYuWTsjivCpflRw698HaRxH6oB86g/c/kRWAHMWvte+ZDwsOXNiV7yvICAR
cwAcebPLEdLNuKECRlcUTzmSezYfrdyH/RMVibajoy7PEsw+CxJGWV8m45P40r9X
vaEM0moZzv7pdcn9TmMdTnQ9gbYqNd4=
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:00:24 2024 by rpki-client on console-ams.rpki-client.org