Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/816e4df4-1580-385a-8866-7026cf432eb6.roa
File:                     816e4df4-1580-385a-8866-7026cf432eb6.roa (raw, json)
Hash identifier:          +7sscSKcdoTAv2uWakk1SG8Ng4WfX8bM2m46uvF3HWA=
Subject key identifier:   11:6E:44:A8:45:F5:77:9D:6E:32:5D:97:6A:A7:A1:C4:8F:7E:04:B0
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583FC1EA7B8A1E5071B2C979FAE0
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/816e4df4-1580-385a-8866-7026cf432eb6.roa
Signing time:             Mon 31 Oct 2022 12:00:00 +0000
ROA not before:           Mon 31 Oct 2022 12:00:00 +0000
ROA not after:            Wed 01 Nov 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:c1:ea:7b:8a:1e:50:71:b2:c9:79:fa:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Oct 31 12:00:00 2022 GMT
            Not After : Nov  1 04:00:00 2023 GMT
        Subject: CN=642b7635-31a9-488e-8cb0-14896748b52f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:55:50:bd:40:5c:58:b2:60:b6:f9:c9:da:17:
                    6f:bc:f5:ab:b4:90:6f:cb:fd:35:97:d5:e5:9b:66:
                    f6:6f:2e:62:4c:6f:4a:62:35:0b:3a:8c:bf:20:ca:
                    b0:e8:98:44:eb:ac:a4:b5:26:5f:32:4e:e4:b3:75:
                    fe:94:42:7c:c3:65:b2:ef:2c:6a:35:15:9b:61:2e:
                    f2:22:c6:59:21:f0:29:a4:dc:37:2f:f1:37:e0:59:
                    44:32:51:ad:41:b0:b9:a1:1a:91:f2:c0:61:b4:e4:
                    8a:70:de:37:78:55:61:07:c3:69:aa:f2:de:ab:71:
                    9f:2b:91:ee:66:a2:9d:08:b3:a2:23:46:b2:0c:01:
                    b4:46:9a:17:b0:74:3f:56:c8:5c:5d:78:11:0a:7a:
                    0e:f9:e3:d4:03:d8:1c:00:43:01:70:7c:e5:eb:4e:
                    b0:51:7a:a7:8a:16:ae:83:d6:19:76:51:9a:3a:fb:
                    7a:ef:db:1b:29:ef:cb:d2:bf:c7:bc:c5:89:a5:6c:
                    44:58:13:cf:5c:a6:cf:25:6e:e8:06:2b:34:c2:21:
                    69:fb:00:d4:8d:ac:36:1d:2b:f1:81:d0:b7:28:bc:
                    be:4f:04:79:76:98:81:bc:cb:c9:39:ff:18:c1:33:
                    53:a7:4f:c9:f5:64:89:38:5e:2b:63:15:4f:94:4b:
                    f2:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:6E:44:A8:45:F5:77:9D:6E:32:5D:97:6A:A7:A1:C4:8F:7E:04:B0
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/816e4df4-1580-385a-8866-7026cf432eb6.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         3e:98:0b:e5:0e:a2:8d:73:97:ce:f4:a9:e2:d4:88:4b:cd:96:
         51:f2:2c:02:d8:aa:3c:3a:81:d8:33:e7:3e:23:47:d6:66:e1:
         97:a1:26:fc:27:00:fa:93:c8:46:c6:d6:c0:71:c3:0c:64:84:
         06:0e:42:a9:aa:c4:80:25:c5:4d:4a:2a:ae:5f:b8:fe:2c:22:
         af:0e:d6:a7:95:ec:d9:49:43:26:fb:28:22:01:35:cd:1b:97:
         ee:3f:ff:72:ea:2f:37:21:aa:74:bd:42:b3:52:44:26:2c:fa:
         d4:49:76:e1:69:d1:c5:06:a9:75:70:3b:bf:4a:f0:1d:76:96:
         7c:f5:3e:5f:36:29:b1:3c:ce:34:ff:12:b6:02:2d:31:7d:fc:
         9e:15:b1:83:0b:e2:43:c7:c2:5a:93:ae:a2:dc:40:bb:42:cd:
         3d:18:d6:b8:cc:84:c7:f0:9e:46:fe:ef:de:c3:49:36:4e:77:
         23:c7:fa:19:dc:0d:f4:35:dd:a4:87:65:66:b9:9c:51:66:4c:
         1e:26:3b:86:8e:73:3c:fd:cd:42:78:ba:28:6a:24:b2:3f:94:
         fd:da:78:4b:04:84:71:75:1c:f0:4e:4a:bb:5a:fa:d9:54:62:
         97:8b:65:fb:8f:10:da:6e:71:bc:90:f9:ce:8b:5a:59:f7:62:
         00:34:88:67
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWD/B6nuKHlBxssl5+uAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTAzMTEyMDAwMFoXDTIzMTEwMTA0MDAwMFowLzEtMCsGA1UEAxMk
NjQyYjc2MzUtMzFhOS00ODhlLThjYjAtMTQ4OTY3NDhiNTJmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFVQvUBcWLJgtvnJ2hdvvPWrtJBvy/01l9Xl
m2b2by5iTG9KYjULOoy/IMqw6JhE66yktSZfMk7ks3X+lEJ8w2Wy7yxqNRWbYS7y
IsZZIfAppNw3L/E34FlEMlGtQbC5oRqR8sBhtOSKcN43eFVhB8NpqvLeq3GfK5Hu
ZqKdCLOiI0ayDAG0RpoXsHQ/VshcXXgRCnoO+ePUA9gcAEMBcHzl606wUXqnihau
g9YZdlGaOvt679sbKe/L0r/HvMWJpWxEWBPPXKbPJW7oBis0wiFp+wDUjaw2HSvx
gdC3KLy+TwR5dpiBvMvJOf8YwTNTp0/J9WSJOF4rYxVPlEvy+QIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFBFuRKhF9XedbjJdl2qnocSPfgSwMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvODE2ZTRkZjQtMTU4MC0z
ODVhLTg4NjYtNzAyNmNmNDMyZWI2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAD6YC+UOoo1zl870qeLUiEvNllHyLALYqjw6gdgz5z4jR9Zm4Zeh
JvwnAPqTyEbG1sBxwwxkhAYOQqmqxIAlxU1KKq5fuP4sIq8O1qeV7NlJQyb7KCIB
Nc0bl+4//3LqLzchqnS9QrNSRCYs+tRJduFp0cUGqXVwO79K8B12lnz1Pl82KbE8
zjT/ErYCLTF9/J4VsYML4kPHwlqTrqLcQLtCzT0Y1rjMhMfwnkb+797DSTZOdyPH
+hncDfQ13aSHZWa5nFFmTB4mO4aOczz9zUJ4uihqJLI/lP3aeEsEhHF1HPBOSrta
+tlUYpeLZfuPENpucbyQ+c6LWln3YgA0iGc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:41:53 2024 by rpki-client on console-ams.rpki-client.org