Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/23d69ca7-2d0d-3c75-8a6a-ee716b6deef0.roa
File:                     23d69ca7-2d0d-3c75-8a6a-ee716b6deef0.roa (raw, json)
Hash identifier:          gu8UfinRaHArBI1qH8iJGJcsi5JHBforTpJxwtVfiFc=
Subject key identifier:   8E:4E:A2:30:69:D1:64:CB:B1:A1:8C:F3:CF:CD:6F:05:4D:87:AD:16
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F43285840056E3A2A988BA39EA4E3B280
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/23d69ca7-2d0d-3c75-8a6a-ee716b6deef0.roa
Signing time:             Thu 24 Nov 2022 12:00:00 +0000
ROA not before:           Thu 24 Nov 2022 12:00:00 +0000
ROA not after:            Sat 25 Nov 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:05:6e:3a:2a:98:8b:a3:9e:a4:e3:b2:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Nov 24 12:00:00 2022 GMT
            Not After : Nov 25 05:00:00 2023 GMT
        Subject: CN=8dde42b2-6df4-4ddb-92e7-8629d5adff0f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:d7:8a:f5:2c:72:4a:18:23:5a:f7:fb:a4:7b:
                    f7:d6:3e:ff:da:ac:86:30:38:86:38:72:b6:86:0e:
                    88:c5:4c:11:e3:ef:b3:fe:6b:d6:15:4e:6a:75:88:
                    ec:be:d5:e8:73:35:56:2e:90:b3:9b:a9:3a:ff:4b:
                    e1:8d:c3:91:d6:73:d9:ae:8a:ad:cb:9e:ff:7d:31:
                    38:77:61:62:39:fe:26:18:b5:d4:0f:03:fc:d3:59:
                    4e:09:36:05:2b:fc:43:cd:64:a2:d7:60:e3:74:4f:
                    41:24:e8:67:6e:ff:bf:c7:8a:c3:c2:f3:45:85:22:
                    59:6f:80:20:14:d3:9e:90:67:e9:20:4b:22:83:e3:
                    c8:38:fc:99:78:02:65:dc:d2:55:24:b6:87:f0:49:
                    5d:9b:39:6a:98:0b:35:97:9a:e6:bf:e0:4d:90:fd:
                    1f:87:d5:50:a2:83:1b:b1:78:0c:c8:c1:6f:03:69:
                    72:fd:be:ce:d3:6e:49:9e:f0:92:bc:96:15:a3:97:
                    c6:ac:68:a6:77:fb:59:df:6e:32:21:dc:f5:54:cb:
                    bc:37:ec:44:bf:21:53:f2:ae:28:29:8d:c6:57:81:
                    16:63:1f:47:de:44:74:4b:94:8f:a1:54:6f:b4:db:
                    9d:f3:d2:8f:c0:a8:81:d2:d6:36:df:b8:e9:5d:ba:
                    d8:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:4E:A2:30:69:D1:64:CB:B1:A1:8C:F3:CF:CD:6F:05:4D:87:AD:16
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/23d69ca7-2d0d-3c75-8a6a-ee716b6deef0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         68:6b:23:48:e1:68:a5:6a:43:81:f0:eb:d0:50:bb:8d:4a:1d:
         bc:a4:49:72:07:85:9f:ce:9e:39:f1:51:2f:cc:88:de:bf:40:
         e1:56:c5:55:5c:a1:f9:90:15:3d:ee:1c:16:e4:5c:f3:1f:03:
         b0:2b:70:69:25:6d:6a:1f:df:45:d3:ef:2e:8b:17:8c:f1:0d:
         1f:57:b6:21:be:dc:4f:c1:87:9c:4d:9f:cb:4d:b8:4d:2f:12:
         0c:31:53:86:a3:5d:87:91:64:1a:3f:45:05:2c:49:25:ce:da:
         b1:1b:29:c0:db:8b:be:51:8c:23:ee:e1:27:a9:2b:f9:d9:9c:
         cf:c6:6c:1c:a4:e2:0d:16:b9:c0:e7:02:de:7d:e0:db:1e:8e:
         51:d3:ca:62:ba:75:cb:e6:28:59:16:b5:31:56:e1:c2:df:b7:
         64:48:e3:63:d1:70:51:a8:e5:cb:42:f9:45:a3:8e:00:fb:bc:
         e7:34:5a:0f:61:6c:07:71:28:61:9c:aa:4b:db:2f:e7:e1:b6:
         45:09:eb:75:41:e7:44:1f:ea:16:1b:61:c5:6c:11:44:17:34:
         38:4d:bf:6d:21:ba:0d:99:60:ca:3c:4b:b0:fe:1d:b4:7a:98:
         9c:7c:9f:78:68:8b:cf:b8:0e:c1:85:e2:77:01:bb:83:03:ff:
         59:3c:1d:bd
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEAFbjoqmIujnqTjsoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTEyNDEyMDAwMFoXDTIzMTEyNTA1MDAwMFowLzEtMCsGA1UEAxMk
OGRkZTQyYjItNmRmNC00ZGRiLTkyZTctODYyOWQ1YWRmZjBmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoteK9SxyShgjWvf7pHv31j7/2qyGMDiGOHK2
hg6IxUwR4++z/mvWFU5qdYjsvtXoczVWLpCzm6k6/0vhjcOR1nPZroqty57/fTE4
d2FiOf4mGLXUDwP801lOCTYFK/xDzWSi12DjdE9BJOhnbv+/x4rDwvNFhSJZb4Ag
FNOekGfpIEsig+PIOPyZeAJl3NJVJLaH8EldmzlqmAs1l5rmv+BNkP0fh9VQooMb
sXgMyMFvA2ly/b7O025JnvCSvJYVo5fGrGimd/tZ324yIdz1VMu8N+xEvyFT8q4o
KY3GV4EWYx9H3kR0S5SPoVRvtNud89KPwKiB0tY237jpXbrY1QIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFI5OojBp0WTLsaGM88/NbwVNh60WMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvMjNkNjljYTctMmQwZC0z
Yzc1LThhNmEtZWU3MTZiNmRlZWYwLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAGhrI0jhaKVqQ4Hw69BQu41KHbykSXIHhZ/OnjnxUS/MiN6/QOFW
xVVcofmQFT3uHBbkXPMfA7ArcGklbWof30XT7y6LF4zxDR9XtiG+3E/Bh5xNn8tN
uE0vEgwxU4ajXYeRZBo/RQUsSSXO2rEbKcDbi75RjCPu4SepK/nZnM/GbByk4g0W
ucDnAt594NsejlHTymK6dcvmKFkWtTFW4cLft2RI42PRcFGo5ctC+UWjjgD7vOc0
Wg9hbAdxKGGcqkvbL+fhtkUJ63VB50Qf6hYbYcVsEUQXNDhNv20hug2ZYMo8S7D+
HbR6mJx8n3hoi8+4DsGF4ncBu4MD/1k8Hb0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:06 2024 by rpki-client on console-fra.rpki-client.org