Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/302db643-6e5a-32d7-9d6a-965b1a767616.roa
File:                     302db643-6e5a-32d7-9d6a-965b1a767616.roa (raw, json)
Hash identifier:          s+mzIjDUa/v4Nd5Rif9qZfryZq5apyktJfw/t4uqflg=
Subject key identifier:   9B:04:E3:39:D0:E8:53:9A:7C:A5:F3:B9:D9:4D:BF:D6:1A:B0:AA:0E
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583D678D7314160BDDD86CDD26C0
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/302db643-6e5a-32d7-9d6a-965b1a767616.roa
Signing time:             Wed 30 Mar 2022 04:00:00 +0000
ROA not before:           Wed 30 Mar 2022 04:00:00 +0000
ROA not after:            Thu 30 Mar 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:67:8d:73:14:16:0b:dd:d8:6c:dd:26:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Mar 30 04:00:00 2022 GMT
            Not After : Mar 30 04:00:00 2023 GMT
        Subject: CN=be2c566b-25d1-4d01-a26a-ba14e0234cf1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:dd:ed:5e:15:ce:58:38:a7:44:8a:fd:f6:7a:
                    9b:89:1d:e3:9f:d6:32:e7:ae:e3:92:58:1f:5f:19:
                    02:aa:1c:63:cf:64:9a:96:dd:0e:bb:f9:89:56:3c:
                    dd:0b:45:1c:d8:f3:7c:66:02:36:3d:fd:da:2e:bf:
                    f8:51:00:4c:7a:da:39:16:5d:e4:d3:23:78:5e:43:
                    76:f1:cf:49:00:05:44:ec:7f:42:ed:85:37:96:af:
                    ea:fa:0a:02:87:76:96:cb:ce:e1:19:ac:16:c3:c7:
                    ab:6f:95:af:2b:e0:6e:17:c3:4d:76:3b:54:55:e6:
                    3c:5e:2c:e3:e8:e8:91:6c:73:1d:af:8a:60:42:09:
                    fe:ac:b2:cc:5e:3b:88:c3:a8:4b:45:ca:bb:b1:c2:
                    e7:ed:98:70:f1:22:6e:e3:1d:65:8e:e2:57:7f:81:
                    4b:c4:c0:e5:ba:9a:12:a7:c1:89:8b:57:24:8c:f3:
                    58:84:51:7e:48:27:f8:ee:4e:e1:b8:41:3b:ad:3e:
                    eb:26:af:8f:ff:68:ee:de:c8:88:4c:1c:51:f1:16:
                    f1:aa:4d:c8:2f:56:d4:40:f2:c9:12:4e:72:8e:09:
                    d8:c7:3b:71:d9:19:89:9e:25:ce:50:8e:81:d5:fa:
                    34:d5:9b:eb:32:52:33:eb:1f:5f:dc:24:aa:a8:01:
                    9b:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:04:E3:39:D0:E8:53:9A:7C:A5:F3:B9:D9:4D:BF:D6:1A:B0:AA:0E
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/302db643-6e5a-32d7-9d6a-965b1a767616.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4d:a9:89:32:84:51:c1:7f:da:80:48:6e:96:92:ed:07:ff:e6:
         2a:07:ae:69:c4:43:e3:a5:d0:e9:b1:59:7a:d7:f1:f4:d6:b5:
         1c:2c:7c:53:a9:a6:b5:a1:f1:bd:f4:77:ad:b3:f1:c6:b5:b0:
         99:22:28:26:67:f6:53:e8:88:78:d8:ba:f4:17:35:91:c1:7e:
         ea:e8:af:e4:b3:89:4d:b1:8f:2e:d3:96:29:aa:f8:77:42:bd:
         7d:37:6b:31:9b:26:c5:83:47:fe:bc:ba:8a:6c:24:38:84:3b:
         1e:21:c8:e8:87:2c:fb:05:f1:ca:6d:f3:22:57:09:dc:38:83:
         ec:13:d1:07:3b:68:f2:e9:38:57:c3:37:ae:36:06:99:f1:23:
         81:b6:ff:d7:0a:1d:f4:76:71:7a:90:6b:20:26:ee:15:cf:9c:
         e7:bd:0a:55:1c:14:95:e6:34:5a:60:dc:f3:84:86:a9:23:a4:
         d5:fd:95:2c:5f:97:fc:09:b3:6a:f0:86:d8:53:86:1c:27:19:
         f3:51:ab:c2:f2:db:bd:27:f1:fc:95:91:a2:fe:61:1f:a4:66:
         e1:8f:c7:77:5d:e9:c8:df:11:c9:cc:67:68:88:e6:2e:7a:49:
         fe:35:ce:cc:b7:c6:16:2c:3f:7c:4e:8d:e7:73:19:3b:4c:a8:
         be:5a:a1:c6
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWD1njXMUFgvd2GzdJsAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMDMzMDA0MDAwMFoXDTIzMDMzMDA0MDAwMFowLzEtMCsGA1UEAxMk
YmUyYzU2NmItMjVkMS00ZDAxLWEyNmEtYmExNGUwMjM0Y2YxMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAud3tXhXOWDinRIr99nqbiR3jn9Yy567jklgf
XxkCqhxjz2Salt0Ou/mJVjzdC0Uc2PN8ZgI2Pf3aLr/4UQBMeto5Fl3k0yN4XkN2
8c9JAAVE7H9C7YU3lq/q+goCh3aWy87hGawWw8erb5WvK+BuF8NNdjtUVeY8Xizj
6OiRbHMdr4pgQgn+rLLMXjuIw6hLRcq7scLn7Zhw8SJu4x1ljuJXf4FLxMDlupoS
p8GJi1ckjPNYhFF+SCf47k7huEE7rT7rJq+P/2ju3siITBxR8Rbxqk3IL1bUQPLJ
Ek5yjgnYxztx2RmJniXOUI6B1fo01ZvrMlIz6x9f3CSqqAGbnwIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFJsE4znQ6FOafKXzudlNv9YasKoOMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvMzAyZGI2NDMtNmU1YS0z
MmQ3LTlkNmEtOTY1YjFhNzY3NjE2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAE2piTKEUcF/2oBIbpaS7Qf/5ioHrmnEQ+Ol0OmxWXrX8fTWtRws
fFOpprWh8b30d62z8ca1sJkiKCZn9lPoiHjYuvQXNZHBfuror+SziU2xjy7Tlimq
+HdCvX03azGbJsWDR/68uopsJDiEOx4hyOiHLPsF8cpt8yJXCdw4g+wT0Qc7aPLp
OFfDN642BpnxI4G2/9cKHfR2cXqQayAm7hXPnOe9ClUcFJXmNFpg3POEhqkjpNX9
lSxfl/wJs2rwhthThhwnGfNRq8Ly270n8fyVkaL+YR+kZuGPx3dd6cjfEcnMZ2iI
5i56Sf41zsy3xhYsP3xOjedzGTtMqL5aocY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:49 2023 by rpki-client on console-fra.rpki-client.org