Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/9d678a8e-96b0-31e8-9c71-ec591c76a9d9.roa
File:                     9d678a8e-96b0-31e8-9c71-ec591c76a9d9.roa (raw, json)
Hash identifier:          uV1gVkGtgF+XmB8bxKcwqcq6HUdYc9VZTctNh+QTh6E=
Subject key identifier:   29:4A:F1:D3:AC:2B:72:71:D3:B3:85:F4:F7:54:A2:46:74:8A:F5:86
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583F7717DD527826FA74A4CFE100
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/9d678a8e-96b0-31e8-9c71-ec591c76a9d9.roa
Signing time:             Tue 04 Oct 2022 12:00:00 +0000
ROA not before:           Tue 04 Oct 2022 12:00:00 +0000
ROA not after:            Thu 05 Oct 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:77:17:dd:52:78:26:fa:74:a4:cf:e1:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Oct  4 12:00:00 2022 GMT
            Not After : Oct  5 04:00:00 2023 GMT
        Subject: CN=00ff4bcc-a782-49e6-ab42-d0c942c08126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:10:0c:17:cd:83:d5:68:d3:f4:73:5f:41:36:
                    09:4e:37:38:94:b2:d4:16:14:fe:ef:6c:87:74:07:
                    8c:48:2d:88:f8:cb:27:81:27:b3:6f:ed:62:a9:db:
                    af:fc:45:2f:f6:a6:83:ca:70:d9:2f:54:34:b1:ff:
                    56:5d:17:bd:a0:df:f4:1d:9b:7b:bc:c1:eb:e1:26:
                    97:1a:fc:13:3b:67:d1:d7:16:04:f4:cb:78:e5:ec:
                    dd:40:8a:3f:4b:da:80:b3:e3:0d:74:cf:89:56:53:
                    19:ec:fa:4c:be:ac:0c:f0:4d:e5:75:85:6a:a5:0c:
                    f9:7d:3c:cf:22:d8:fa:a7:6a:61:c7:b4:30:3f:47:
                    b1:49:1b:d6:7b:aa:13:e3:ae:0a:92:3d:dd:ad:cd:
                    97:3d:3d:84:62:76:ea:89:a3:ce:42:05:5a:29:90:
                    fc:ed:03:a7:1a:55:4a:52:59:0b:c6:1e:8c:c3:6a:
                    69:60:46:ef:5a:60:74:bb:50:3e:d5:f8:f9:04:be:
                    84:f8:a3:f1:b9:19:92:5e:1d:b7:b7:48:db:4b:39:
                    1e:2f:7e:1b:be:db:24:9e:fc:f5:60:90:67:f4:e4:
                    71:b5:a5:46:5a:6b:ac:53:3d:fb:16:37:61:49:0f:
                    71:c0:ce:68:11:60:3d:5e:09:4a:6e:3a:9c:d0:e0:
                    28:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:4A:F1:D3:AC:2B:72:71:D3:B3:85:F4:F7:54:A2:46:74:8A:F5:86
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/9d678a8e-96b0-31e8-9c71-ec591c76a9d9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         1b:33:2f:1c:b2:ae:b1:b4:ae:67:72:52:33:11:3e:c8:6c:7c:
         e7:67:90:d2:3b:40:cf:f8:98:a8:47:c5:2d:50:6a:ca:11:50:
         bf:b3:ee:4e:db:42:af:10:1e:9f:13:92:0c:24:da:35:08:ec:
         37:fc:9a:93:95:a0:2b:b5:f0:cc:87:e1:8a:fa:8e:65:4f:d7:
         43:30:a7:3f:51:02:b9:d7:c8:bd:f4:4c:1b:ae:be:ee:98:ae:
         dc:56:eb:f1:49:0e:ce:a5:cd:4f:3b:7e:d9:89:f1:4d:2f:4f:
         b4:38:91:e4:a3:14:e6:af:e7:f6:09:f2:76:05:a9:34:3a:9e:
         d1:22:6f:56:36:f7:f3:dc:a5:45:16:b5:ac:48:1c:54:8a:f9:
         b4:29:d2:aa:6e:cd:fd:20:2e:bf:35:9d:7d:f0:b0:50:d3:a5:
         4d:62:9b:2c:45:14:83:77:14:67:4a:ab:4d:3d:a2:f3:48:97:
         62:27:08:66:91:31:29:32:a7:1c:02:31:dd:3a:42:86:d0:3a:
         58:e6:8c:bc:20:ea:3e:50:4d:74:2c:e7:8a:6b:6d:85:36:ba:
         04:f1:7f:0b:4d:2a:49:b2:e3:2f:0b:c2:99:6a:ab:b9:77:d7:
         9f:91:d4:ad:15:68:36:4a:d6:0a:0f:44:8c:da:9f:da:50:55:
         e3:61:79:54
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWD93F91SeCb6dKTP4QAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTAwNDEyMDAwMFoXDTIzMTAwNTA0MDAwMFowLzEtMCsGA1UEAxMk
MDBmZjRiY2MtYTc4Mi00OWU2LWFiNDItZDBjOTQyYzA4MTI2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRAMF82D1WjT9HNfQTYJTjc4lLLUFhT+72yH
dAeMSC2I+MsngSezb+1iqduv/EUv9qaDynDZL1Q0sf9WXRe9oN/0HZt7vMHr4SaX
GvwTO2fR1xYE9Mt45ezdQIo/S9qAs+MNdM+JVlMZ7PpMvqwM8E3ldYVqpQz5fTzP
Itj6p2phx7QwP0exSRvWe6oT464Kkj3drc2XPT2EYnbqiaPOQgVaKZD87QOnGlVK
UlkLxh6Mw2ppYEbvWmB0u1A+1fj5BL6E+KPxuRmSXh23t0jbSzkeL34bvtsknvz1
YJBn9ORxtaVGWmusUz37FjdhSQ9xwM5oEWA9XglKbjqc0OAo5wIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFClK8dOsK3Jx07OF9PdUokZ0ivWGMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvOWQ2NzhhOGUtOTZiMC0z
MWU4LTljNzEtZWM1OTFjNzZhOWQ5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBABszLxyyrrG0rmdyUjMRPshsfOdnkNI7QM/4mKhHxS1QasoRUL+z
7k7bQq8QHp8Tkgwk2jUI7Df8mpOVoCu18MyH4Yr6jmVP10Mwpz9RArnXyL30TBuu
vu6YrtxW6/FJDs6lzU87ftmJ8U0vT7Q4keSjFOav5/YJ8nYFqTQ6ntEib1Y29/Pc
pUUWtaxIHFSK+bQp0qpuzf0gLr81nX3wsFDTpU1imyxFFIN3FGdKq009ovNIl2In
CGaRMSkypxwCMd06QobQOljmjLwg6j5QTXQs54prbYU2ugTxfwtNKkmy4y8Lwplq
q7l315+R1K0VaDZK1goPRIzan9pQVeNheVQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:44 2023 by rpki-client on console-ams.rpki-client.org