Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/aa395773-4258-36f3-bd4c-acd4357b0186.roa
File:                     aa395773-4258-36f3-bd4c-acd4357b0186.roa (raw, json)
Hash identifier:          bqWJYiR6rsjsYlC5o8nhMRS0xNA3lGBZZwaHazIZpN0=
Subject key identifier:   75:43:07:D6:BD:26:93:F4:33:E9:E2:2E:18:7E:67:A5:A1:DD:66:61
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583FD606ED3B97177C63892F6780
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/aa395773-4258-36f3-bd4c-acd4357b0186.roa
Signing time:             Mon 07 Nov 2022 12:00:00 +0000
ROA not before:           Mon 07 Nov 2022 12:00:00 +0000
ROA not after:            Wed 08 Nov 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        165.140.105.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:d6:06:ed:3b:97:17:7c:63:89:2f:67:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Nov  7 12:00:00 2022 GMT
            Not After : Nov  8 05:00:00 2023 GMT
        Subject: CN=03473a8b-9df7-4800-b5f4-061387309ff0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:3d:2f:48:ee:fe:08:4e:59:1d:85:ed:fc:c1:
                    ea:90:11:28:d0:a1:9a:b0:9e:20:19:ff:d7:f9:f4:
                    a1:9d:55:f5:6f:8e:84:c9:2e:21:34:a5:c1:df:ae:
                    ab:65:04:fd:18:65:9d:5d:e0:50:d3:40:02:61:7e:
                    35:b4:85:ee:39:a3:2a:94:46:db:25:95:4e:eb:8f:
                    59:9f:b5:a9:62:a6:d0:77:83:77:d3:0b:ce:6e:bd:
                    6e:7c:43:eb:1f:46:1f:77:09:e5:2a:7e:b1:e7:23:
                    ad:37:e3:d5:15:0e:27:25:71:da:05:60:b5:b5:29:
                    7f:a6:a5:24:fb:7c:17:2b:7a:9a:1a:9f:06:a8:59:
                    b1:69:c1:6a:fd:f9:f0:8a:bf:9a:01:27:4c:ac:83:
                    ec:db:2b:47:d5:8b:76:e9:a3:02:30:c6:7f:58:16:
                    96:34:fb:79:78:77:b1:99:4a:2a:e4:42:46:49:13:
                    fb:5d:54:7b:43:cd:0f:b7:ce:ba:1d:62:34:ec:a2:
                    29:72:a5:65:23:2a:26:ba:0d:1a:62:8d:7c:f7:3f:
                    62:34:08:0c:ea:3b:0d:e4:f2:25:3f:29:4d:86:8f:
                    1e:3c:46:4d:92:ef:8c:cd:b6:b0:c2:b8:60:20:1b:
                    1d:a1:9b:48:06:4d:68:ea:7f:ef:04:fc:d7:e2:f3:
                    5c:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                75:43:07:D6:BD:26:93:F4:33:E9:E2:2E:18:7E:67:A5:A1:DD:66:61
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/aa395773-4258-36f3-bd4c-acd4357b0186.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.105.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         38:fa:24:9e:78:9d:a3:cf:18:c3:67:8c:54:24:90:69:17:7a:
         2e:31:cb:f2:5b:cc:fc:83:81:2f:e8:b2:0b:dc:92:93:50:22:
         52:a3:fa:bf:83:81:7e:a9:88:3c:66:af:59:42:91:24:07:f4:
         bc:77:8b:8b:f6:d3:1a:38:74:f2:03:9c:bc:6f:9b:89:8f:dc:
         9b:90:42:67:fd:eb:2c:59:7b:f2:9b:75:cd:2a:cc:02:c9:52:
         af:e4:dc:17:12:a8:aa:19:6f:47:31:2c:68:82:e9:8f:4c:6f:
         cf:a0:69:67:b4:9f:d2:86:04:e6:18:d5:8f:2e:62:bc:ba:be:
         40:99:42:ee:aa:3d:25:d5:cd:30:a8:57:0a:8c:2d:4c:79:e1:
         68:80:00:ea:36:dc:0c:0b:61:c7:f9:11:07:b9:d1:75:b2:5b:
         4b:41:5c:98:87:91:8c:be:da:26:a3:ee:a8:a5:22:4a:6e:ea:
         e4:e3:bb:64:46:15:55:e3:1e:1c:38:51:9f:ac:17:7a:5b:4a:
         c5:f0:90:cc:3a:cd:d3:3c:f7:74:6e:1d:fc:7b:3b:cd:e2:58:
         6e:00:42:ad:96:3a:7d:75:46:eb:a0:3b:bb:7f:94:b3:ac:8f:
         1e:7c:6f:0f:40:4e:5e:17:78:e0:26:e7:88:54:b9:cc:c7:60:
         cd:38:ad:74
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD/WBu07lxd8Y4kvZ4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTEwNzEyMDAwMFoXDTIzMTEwODA1MDAwMFowLzEtMCsGA1UEAxMk
MDM0NzNhOGItOWRmNy00ODAwLWI1ZjQtMDYxMzg3MzA5ZmYwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD0vSO7+CE5ZHYXt/MHqkBEo0KGasJ4gGf/X
+fShnVX1b46EyS4hNKXB366rZQT9GGWdXeBQ00ACYX41tIXuOaMqlEbbJZVO649Z
n7WpYqbQd4N30wvObr1ufEPrH0YfdwnlKn6x5yOtN+PVFQ4nJXHaBWC1tSl/pqUk
+3wXK3qaGp8GqFmxacFq/fnwir+aASdMrIPs2ytH1Yt26aMCMMZ/WBaWNPt5eHex
mUoq5EJGSRP7XVR7Q80Pt866HWI07KIpcqVlIyomug0aYo189z9iNAgM6jsN5PIl
PylNho8ePEZNku+MzbawwrhgIBsdoZtIBk1o6n/vBPzX4vNcswIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFHVDB9a9JpP0M+niLhh+Z6Wh3WZhMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvYWEzOTU3NzMtNDI1OC0z
NmYzLWJkNGMtYWNkNDM1N2IwMTg2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApYxpMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADj6JJ54naPPGMNnjFQkkGkXei4xy/JbzPyDgS/osgvckpNQIlKj+r+D
gX6piDxmr1lCkSQH9Lx3i4v20xo4dPIDnLxvm4mP3JuQQmf96yxZe/Kbdc0qzALJ
Uq/k3BcSqKoZb0cxLGiC6Y9Mb8+gaWe0n9KGBOYY1Y8uYry6vkCZQu6qPSXVzTCo
VwqMLUx54WiAAOo23AwLYcf5EQe50XWyW0tBXJiHkYy+2iaj7qilIkpu6uTju2RG
FVXjHhw4UZ+sF3pbSsXwkMw6zdM893RuHfx7O83iWG4AQq2WOn11RuugO7t/lLOs
jx58bw9ATl4XeOAm54hUuczHYM04rXQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:13 2024 by rpki-client on console-fra.rpki-client.org