Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/52e39aa5-a155-3a41-9880-a5a24af1284c.roa
File:                     52e39aa5-a155-3a41-9880-a5a24af1284c.roa (raw, json)
Hash identifier:          fSJPzHeA+w8xFXqNJFZgWm6pEiGCx9QCij5BdYz62pk=
Subject key identifier:   29:9C:1C:77:B8:CC:44:46:C1:15:EA:DF:19:84:93:B3:E4:18:7D:1C
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583E5C9583E4C50DEE045AC3AF80
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/52e39aa5-a155-3a41-9880-a5a24af1284c.roa
Signing time:             Sat 25 Jun 2022 12:00:00 +0000
ROA not before:           Sat 25 Jun 2022 12:00:00 +0000
ROA not after:            Mon 26 Jun 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        165.140.105.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3e:5c:95:83:e4:c5:0d:ee:04:5a:c3:af:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Jun 25 12:00:00 2022 GMT
            Not After : Jun 26 04:00:00 2023 GMT
        Subject: CN=e63d2f79-301d-4f51-a2ab-b8e2e166e64d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:94:94:c6:f1:30:64:f7:c4:20:f3:9b:a4:4a:
                    c6:c0:6a:21:23:2d:8c:14:b4:bb:2e:2b:e8:d2:3a:
                    d5:17:8b:44:a4:fb:92:b7:2f:5b:dd:69:58:16:00:
                    17:1f:48:1d:1b:e6:7d:68:24:71:60:9c:6c:25:9c:
                    f2:62:3e:8c:92:b2:96:d0:2b:2a:39:17:1b:b5:19:
                    08:76:47:32:a8:35:47:bd:43:59:d2:85:09:52:35:
                    9e:4e:c4:2e:12:29:1a:4a:32:7c:71:24:af:23:11:
                    f9:99:a4:fc:31:fb:08:08:78:1b:29:b3:0b:be:65:
                    49:9a:33:b3:cd:8e:06:f6:16:bf:95:5b:9a:0f:00:
                    92:04:b4:15:f3:10:75:bb:4c:23:c9:6a:b9:c0:c9:
                    f9:a1:24:b6:37:d5:cf:1b:24:55:c3:48:00:29:41:
                    ae:47:88:91:fe:46:ae:b1:b2:f6:8a:5d:d6:b8:e2:
                    79:27:0d:66:db:58:26:94:bc:b1:d5:bb:b3:ad:15:
                    c9:bc:94:52:26:26:6f:b8:d0:ca:b6:5f:9a:c5:be:
                    04:d1:12:8b:e0:88:14:d2:35:c0:1b:3c:44:3a:b5:
                    6e:cd:b5:d0:a9:e6:0e:39:68:ce:61:69:a8:02:d5:
                    6f:b6:10:13:3c:a6:78:61:fe:36:f8:60:ba:c8:52:
                    a2:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:9C:1C:77:B8:CC:44:46:C1:15:EA:DF:19:84:93:B3:E4:18:7D:1C
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/52e39aa5-a155-3a41-9880-a5a24af1284c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.105.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         0c:1a:7e:03:72:6a:17:92:fe:82:b6:c7:bd:35:c6:d8:58:c9:
         ab:9c:a4:30:94:b2:15:a6:79:e0:7e:1a:55:15:60:05:b8:31:
         3e:73:08:c9:4f:8c:2e:27:5e:72:8b:22:57:05:29:c8:35:21:
         18:e0:d8:dd:f3:ed:a3:c6:79:10:40:c2:3d:e2:6e:50:99:11:
         66:c7:1f:c1:f9:e2:16:36:33:98:71:73:95:c8:8c:e0:66:80:
         00:bb:1c:27:bc:fe:54:5b:9e:46:ae:4b:7a:e8:b9:00:04:ca:
         c0:73:97:b9:5a:13:03:4f:2d:9b:d7:4b:5a:59:ec:56:c8:cc:
         94:fd:3e:54:da:aa:ed:3f:e8:8f:5b:54:d6:f2:a5:0b:e8:10:
         46:ee:6e:25:89:de:9c:87:99:fd:9e:af:80:28:3b:a9:98:4e:
         da:44:1c:0c:ca:b5:3d:f0:1c:e3:bb:e3:26:69:63:9f:e3:e4:
         e8:93:91:16:53:17:37:39:b2:00:90:a3:04:14:1b:33:16:85:
         eb:df:2d:12:c2:f6:e2:f9:d8:d5:3c:21:c2:12:be:52:e0:1b:
         09:7f:79:a3:56:1d:5a:d1:b2:75:13:df:22:0a:ac:3c:83:34:
         3b:f0:0e:90:0a:13:a3:2f:59:ca:7c:b6:01:a8:81:68:68:74:
         62:44:15:d9
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD5clYPkxQ3uBFrDr4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMDYyNTEyMDAwMFoXDTIzMDYyNjA0MDAwMFowLzEtMCsGA1UEAxMk
ZTYzZDJmNzktMzAxZC00ZjUxLWEyYWItYjhlMmUxNjZlNjRkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJSUxvEwZPfEIPObpErGwGohIy2MFLS7Livo
0jrVF4tEpPuSty9b3WlYFgAXH0gdG+Z9aCRxYJxsJZzyYj6MkrKW0CsqORcbtRkI
dkcyqDVHvUNZ0oUJUjWeTsQuEikaSjJ8cSSvIxH5maT8MfsICHgbKbMLvmVJmjOz
zY4G9ha/lVuaDwCSBLQV8xB1u0wjyWq5wMn5oSS2N9XPGyRVw0gAKUGuR4iR/kau
sbL2il3WuOJ5Jw1m21gmlLyx1buzrRXJvJRSJiZvuNDKtl+axb4E0RKL4IgU0jXA
GzxEOrVuzbXQqeYOOWjOYWmoAtVvthATPKZ4Yf42+GC6yFKiOQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFCmcHHe4zERGwRXq3xmEk7PkGH0cMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvNTJlMzlhYTUtYTE1NS0z
YTQxLTk4ODAtYTVhMjRhZjEyODRjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApYxpMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAAwafgNyaheS/oK2x701xthYyaucpDCUshWmeeB+GlUVYAW4MT5zCMlP
jC4nXnKLIlcFKcg1IRjg2N3z7aPGeRBAwj3iblCZEWbHH8H54hY2M5hxc5XIjOBm
gAC7HCe8/lRbnkauS3rouQAEysBzl7laEwNPLZvXS1pZ7FbIzJT9PlTaqu0/6I9b
VNbypQvoEEbubiWJ3pyHmf2er4AoO6mYTtpEHAzKtT3wHOO74yZpY5/j5OiTkRZT
Fzc5sgCQowQUGzMWhevfLRLC9uL52NU8IcISvlLgGwl/eaNWHVrRsnUT3yIKrDyD
NDvwDpAKE6MvWcp8tgGogWhodGJEFdk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:07 2024 by rpki-client on console-fra.rpki-client.org