Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/8231077d-0559-4e7a-9cdf-fe00a512ab5c/17c2c297-8940-3dbe-9e7f-c1baf9e45458.roa
File:                     17c2c297-8940-3dbe-9e7f-c1baf9e45458.roa (raw, json)
Hash identifier:          qXB5Iz0Dcc8PgTuzz+SmTOs9g4Efw7ihJhyn4mu0UlM=
Subject key identifier:   BD:60:B8:1E:A9:94:FB:26:2B:BD:F3:53:FD:32:ED:8B:DB:FC:40:B1
Certificate issuer:       /CN=8231077d-0559-4e7a-9cdf-fe00a512ab5c
Certificate serial:       010D0C9F4328584312B4862547732CC6AAC1B100
Authority key identifier: 27:57:42:AE:CA:A8:23:ED:C1:20:5C:9F:F0:23:65:5D:05:65:FB:76
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/8231077d-0559-4e7a-9cdf-fe00a512ab5c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/8231077d-0559-4e7a-9cdf-fe00a512ab5c/17c2c297-8940-3dbe-9e7f-c1baf9e45458.roa
Signing time:             Fri 01 Sep 2023 01:00:22 +0000
ROA not before:           Fri 01 Sep 2023 01:00:22 +0000
ROA not after:            Thu 30 Nov 2023 02:00:22 +0000
asID:                     36136
IP address blocks:        199.61.12.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:12:b4:86:25:47:73:2c:c6:aa:c1:b1:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8231077d-0559-4e7a-9cdf-fe00a512ab5c
        Validity
            Not Before: Sep  1 01:00:22 2023 GMT
            Not After : Nov 30 02:00:22 2023 GMT
        Subject: CN=8f7d397e-df7f-4fad-a77c-1fbd785d8e0c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8c:20:50:d7:6e:11:48:fd:ce:a0:7a:d5:ed:51:
                    0d:b6:f7:f7:3e:c9:f3:39:e6:2f:a1:1c:a9:d5:0e:
                    73:58:77:f2:a5:8f:25:8b:b7:25:9a:b8:32:a6:7f:
                    c1:f5:97:a1:df:6e:85:6c:15:21:f8:38:66:5c:1e:
                    ad:4c:82:5e:82:1c:8d:11:96:91:e9:30:f5:bf:67:
                    6e:5c:c3:7b:62:65:1d:fb:03:2f:98:32:b9:3f:fc:
                    af:0d:52:92:d6:44:7b:dc:21:a1:91:23:c8:79:c8:
                    dc:df:d4:60:9c:01:65:a1:25:8e:6f:48:5a:11:8f:
                    6e:a8:99:55:66:d3:af:00:1e:6e:48:93:7e:74:bd:
                    6f:43:47:4d:72:5b:80:0f:8a:ed:8c:17:47:f7:b4:
                    6e:af:95:41:88:b6:02:2e:65:ae:0f:cd:aa:3f:0d:
                    98:64:b5:bd:c8:0c:f5:58:20:b9:53:96:81:4b:c7:
                    9e:f5:4b:ea:44:c7:50:b5:ec:dc:cb:d9:5a:f3:99:
                    16:ea:00:bb:9f:36:7e:3f:0e:db:6f:a8:28:c9:d2:
                    66:35:04:9f:e0:72:a8:c4:78:b4:62:82:48:11:48:
                    fb:bf:43:14:81:b9:c6:6b:c6:eb:0f:33:50:a3:eb:
                    3b:b2:1f:cb:d6:f0:08:dc:e2:62:f0:a7:fe:7d:b1:
                    85:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:60:B8:1E:A9:94:FB:26:2B:BD:F3:53:FD:32:ED:8B:DB:FC:40:B1
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/8231077d-0559-4e7a-9cdf-fe00a512ab5c/17c2c297-8940-3dbe-9e7f-c1baf9e45458.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/8231077d-0559-4e7a-9cdf-fe00a512ab5c/8231077d-0559-4e7a-9cdf-fe00a512ab5c.crl

            X509v3 Authority Key Identifier:
                keyid:27:57:42:AE:CA:A8:23:ED:C1:20:5C:9F:F0:23:65:5D:05:65:FB:76

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/8231077d-0559-4e7a-9cdf-fe00a512ab5c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.61.12.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         40:6d:40:9f:d3:27:fb:47:75:e1:18:e8:a9:a7:a9:38:4e:cd:
         8e:70:28:0b:dd:e7:4e:f8:5e:72:62:4b:50:63:8a:e9:23:c0:
         4d:2d:65:3c:ce:d9:b9:0b:6e:c3:c5:8f:2a:cd:ad:91:52:3e:
         63:1a:b4:6f:81:4d:c4:b8:cb:b9:83:ad:d6:40:d8:03:b9:02:
         d7:0f:24:72:14:04:c7:ae:fb:f3:29:e6:f4:d3:9d:b7:b8:9a:
         48:a5:af:c1:ee:47:61:89:18:30:d7:d2:0a:e9:c9:6b:e8:0f:
         f2:70:2f:11:a1:3a:44:4e:4f:d2:cd:76:f6:5e:a7:dc:f4:bc:
         dc:84:ea:c0:fa:96:4c:30:e5:f0:e9:fa:1f:bc:62:02:53:5a:
         2d:13:1f:7f:1d:f4:9f:11:8b:82:6f:71:08:aa:1e:63:a5:cd:
         68:a2:7d:a0:9c:3b:48:4d:f9:e3:a3:0f:e9:d6:95:1a:f0:f1:
         8b:8d:bb:fc:c0:a6:3c:92:87:7f:03:8e:f0:61:17:b8:ee:1c:
         96:ae:ae:a4:5a:42:a7:fa:1a:91:1a:b0:b2:33:6d:7f:ba:de:
         1a:6b:3e:d6:c0:cd:f3:7d:43:7c:9e:dc:cf:51:87:22:79:c9:
         6c:0c:48:63:32:9d:ab:c3:e7:78:0d:c8:1b:97:3b:b9:9e:40:
         fe:cf:84:59
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEMStIYlR3MsxqrBsQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkODIzMTA3N2QtMDU1OS00ZTdhLTljZGYtZmUwMGE1MTJh
YjVjMB4XDTIzMDkwMTAxMDAyMloXDTIzMTEzMDAyMDAyMlowLzEtMCsGA1UEAxMk
OGY3ZDM5N2UtZGY3Zi00ZmFkLWE3N2MtMWZiZDc4NWQ4ZTBjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCBQ124RSP3OoHrV7VENtvf3PsnzOeYvoRyp
1Q5zWHfypY8li7clmrgypn/B9Zeh326FbBUh+DhmXB6tTIJeghyNEZaR6TD1v2du
XMN7YmUd+wMvmDK5P/yvDVKS1kR73CGhkSPIecjc39RgnAFloSWOb0haEY9uqJlV
ZtOvAB5uSJN+dL1vQ0dNcluAD4rtjBdH97Rur5VBiLYCLmWuD82qPw2YZLW9yAz1
WCC5U5aBS8ee9UvqRMdQtezcy9la85kW6gC7nzZ+Pw7bb6goydJmNQSf4HKoxHi0
YoJIEUj7v0MUgbnGa8brDzNQo+s7sh/L1vAI3OJi8Kf+fbGFRQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFL1guB6plPsmK73zU/0y7Yvb/ECxMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy84MjMx
MDc3ZC0wNTU5LTRlN2EtOWNkZi1mZTAwYTUxMmFiNWMvMTdjMmMyOTctODk0MC0z
ZGJlLTllN2YtYzFiYWY5ZTQ1NDU4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvODIzMTA3N2QtMDU1OS00ZTdhLTlj
ZGYtZmUwMGE1MTJhYjVjLzgyMzEwNzdkLTA1NTktNGU3YS05Y2RmLWZlMDBhNTEy
YWI1Yy5jcmwwHwYDVR0jBBgwFoAUJ1dCrsqoI+3BIFyf8CNlXQVl+3YwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy84MjMxMDc3ZC0wNTU5LTRlN2EtOWNkZi1mZTAw
YTUxMmFiNWMuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAxz0MMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAEBtQJ/TJ/tHdeEY6KmnqThOzY5wKAvd5074XnJiS1BjiukjwE0tZTzO
2bkLbsPFjyrNrZFSPmMatG+BTcS4y7mDrdZA2AO5AtcPJHIUBMeu+/Mp5vTTnbe4
mkilr8HuR2GJGDDX0grpyWvoD/JwLxGhOkROT9LNdvZep9z0vNyE6sD6lkww5fDp
+h+8YgJTWi0TH38d9J8Ri4JvcQiqHmOlzWiifaCcO0hN+eOjD+nWlRrw8YuNu/zA
pjySh38DjvBhF7juHJaurqRaQqf6GpEasLIzbX+63hprPtbAzfN9Q3ye3M9RhyJ5
yWwMSGMynavD53gNyBuXO7meQP7PhFk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:01 2024 by rpki-client on console-fra.rpki-client.org