Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/3df729f9-9720-3069-84a1-d0ad1c8db95c.roa
File:                     3df729f9-9720-3069-84a1-d0ad1c8db95c.roa (raw, json)
Hash identifier:          VSYubTs8QdJPDdPp04e2xXy8/zPo4ktaC0bHr/YgiS4=
Subject key identifier:   6E:61:23:B9:CE:EB:04:6D:F7:84:A7:84:01:54:4A:BE:7E:32:48:E9
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F432858401BBD2F0E64C8EB680BB44320
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/3df729f9-9720-3069-84a1-d0ad1c8db95c.roa
Signing time:             Fri 02 Dec 2022 12:00:00 +0000
ROA not before:           Fri 02 Dec 2022 12:00:00 +0000
ROA not after:            Sun 03 Dec 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:1b:bd:2f:0e:64:c8:eb:68:0b:b4:43:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Dec  2 12:00:00 2022 GMT
            Not After : Dec  3 05:00:00 2023 GMT
        Subject: CN=8ffd7534-94ed-4f3d-8a0c-ba87357c1d5c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:01:92:7d:b2:0d:58:41:7a:57:70:43:01:d1:
                    6e:2d:e9:40:69:fc:c8:43:d8:3f:fb:f2:83:fb:a2:
                    fa:04:39:be:31:9c:5e:65:91:bf:47:be:53:df:49:
                    d3:c6:d2:a3:c9:0e:3e:5b:84:e9:ab:38:9b:2f:24:
                    02:45:c1:99:2e:e8:a2:a8:da:63:07:20:71:dd:97:
                    d7:c7:28:10:f7:f6:86:93:fd:27:75:fd:12:59:dd:
                    b8:68:81:ad:ac:0b:28:da:47:22:d2:21:0c:e1:d7:
                    c8:33:3e:ee:7b:3f:22:9b:1c:6a:13:58:1f:d6:e3:
                    44:c1:8b:3a:f0:78:7e:f6:56:01:48:3e:a3:66:8b:
                    d4:ed:74:9d:03:a0:9f:96:c4:90:be:03:55:3d:b4:
                    15:8b:66:e6:c2:03:6d:d0:06:70:67:10:21:33:d3:
                    c9:3f:ba:5c:db:4e:85:8a:b5:02:81:79:2f:35:4c:
                    8a:85:41:92:a7:d4:c8:51:64:7e:ca:f1:2b:52:4f:
                    ff:21:08:26:2e:c6:9f:d8:c2:4d:8a:94:fa:e8:cf:
                    72:7b:eb:01:74:0d:bf:7b:d6:eb:ec:de:8d:e8:04:
                    0c:42:b0:e7:eb:eb:90:b4:1a:01:b7:ce:02:46:9d:
                    40:41:42:39:6b:98:86:41:c0:fa:32:4a:a0:04:d2:
                    af:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:61:23:B9:CE:EB:04:6D:F7:84:A7:84:01:54:4A:BE:7E:32:48:E9
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/3df729f9-9720-3069-84a1-d0ad1c8db95c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         10:6d:af:8e:f3:ee:d6:31:d3:8c:c8:fe:42:f6:75:eb:56:1d:
         69:a9:3e:4f:45:ab:52:54:95:3d:f1:38:72:4d:df:b5:ac:aa:
         f6:eb:05:ae:d5:e7:69:36:72:2a:08:e5:e6:d4:82:88:8d:ef:
         87:76:c4:65:39:2b:05:9b:ff:58:22:60:90:75:35:e9:19:45:
         ae:77:e2:7c:de:2f:28:23:dd:be:06:26:88:49:37:2a:7f:cf:
         c5:8d:fc:1a:fe:5c:d1:19:fb:dc:b4:11:52:9e:4f:70:92:75:
         46:7f:86:19:ee:68:07:62:b9:2a:f0:c3:e9:e1:b1:5a:37:85:
         03:62:07:aa:eb:0f:40:3a:b6:84:a0:71:48:b3:fa:51:d4:a0:
         c9:81:1a:c6:0d:28:70:d1:4e:78:0c:b2:7b:e6:d9:e3:ab:11:
         5c:de:ca:8a:9a:83:1d:49:9a:5e:d5:9e:4c:1d:c1:e5:ce:fa:
         c3:82:61:48:01:32:1c:84:3b:48:e9:b0:4b:18:87:50:54:43:
         c8:ca:78:58:9f:e9:a5:e4:78:27:6e:2d:31:8f:00:42:71:61:
         a7:cd:03:4c:5e:9d:52:1c:bb:1b:ba:c8:d7:ea:21:0b:48:f2:
         95:18:62:83:b7:f5:23:5a:05:21:62:52:17:9c:07:8c:28:4f:
         88:d8:7a:ef
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWEAbvS8OZMjraAu0QyAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTIwMjEyMDAwMFoXDTIzMTIwMzA1MDAwMFowLzEtMCsGA1UEAxMk
OGZmZDc1MzQtOTRlZC00ZjNkLThhMGMtYmE4NzM1N2MxZDVjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQGSfbINWEF6V3BDAdFuLelAafzIQ9g/+/KD
+6L6BDm+MZxeZZG/R75T30nTxtKjyQ4+W4TpqzibLyQCRcGZLuiiqNpjByBx3ZfX
xygQ9/aGk/0ndf0SWd24aIGtrAso2kci0iEM4dfIMz7uez8imxxqE1gf1uNEwYs6
8Hh+9lYBSD6jZovU7XSdA6CflsSQvgNVPbQVi2bmwgNt0AZwZxAhM9PJP7pc206F
irUCgXkvNUyKhUGSp9TIUWR+yvErUk//IQgmLsaf2MJNipT66M9ye+sBdA2/e9br
7N6N6AQMQrDn6+uQtBoBt84CRp1AQUI5a5iGQcD6MkqgBNKvvwIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFG5hI7nO6wRt94SnhAFUSr5+MkjpMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvM2RmNzI5ZjktOTcyMC0z
MDY5LTg0YTEtZDBhZDFjOGRiOTVjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBABBtr47z7tYx04zI/kL2detWHWmpPk9Fq1JUlT3xOHJN37Wsqvbr
Ba7V52k2cioI5ebUgoiN74d2xGU5KwWb/1giYJB1NekZRa534nzeLygj3b4GJohJ
Nyp/z8WN/Br+XNEZ+9y0EVKeT3CSdUZ/hhnuaAdiuSrww+nhsVo3hQNiB6rrD0A6
toSgcUiz+lHUoMmBGsYNKHDRTngMsnvm2eOrEVzeyoqagx1Jml7VnkwdweXO+sOC
YUgBMhyEO0jpsEsYh1BUQ8jKeFif6aXkeCduLTGPAEJxYafNA0xenVIcuxu6yNfq
IQtI8pUYYoO39SNaBSFiUhecB4woT4jYeu8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:07 2024 by rpki-client on console-fra.rpki-client.org