Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/c43953a9-735f-3024-abaa-feab079248e5.roa
File:                     c43953a9-735f-3024-abaa-feab079248e5.roa (raw, json)
Hash identifier:          wFsPITTtzirmBMKJ0+3PSXEbJp4wtoEsCCs9t3r08oQ=
Subject key identifier:   D3:CB:2F:D6:77:23:94:AB:3A:AC:AF:B8:34:4E:7E:07:22:DD:28:10
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583D1607578E24F7E3F5553D1700
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/c43953a9-735f-3024-abaa-feab079248e5.roa
Signing time:             Tue 01 Mar 2022 05:00:00 +0000
ROA not before:           Tue 01 Mar 2022 05:00:00 +0000
ROA not after:            Wed 01 Mar 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        165.140.105.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:16:07:57:8e:24:f7:e3:f5:55:3d:17:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Mar  1 05:00:00 2022 GMT
            Not After : Mar  1 05:00:00 2023 GMT
        Subject: CN=007309ba-693d-4259-bf0f-8f389adfe875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:3e:e2:db:5f:af:f6:55:9a:3d:f3:10:a8:9d:
                    3c:6b:7a:84:01:fd:d5:70:c8:51:7c:9e:b3:a3:9c:
                    6b:b7:02:39:ed:eb:fa:59:41:e2:c4:e2:c3:67:89:
                    ce:bb:74:94:bd:24:1a:d7:75:06:f5:66:d0:f9:85:
                    57:77:65:ec:e2:47:85:f0:bf:a8:80:36:3c:00:3b:
                    57:5c:8c:46:cb:59:1e:ec:b2:5a:3f:ac:49:36:3f:
                    7c:0d:ac:f8:d3:9e:e3:8e:c8:81:ba:71:70:f3:36:
                    4c:8a:7d:cc:3f:d2:e5:3c:9d:88:8e:7c:5e:3d:c0:
                    e1:11:a7:d6:e1:d5:08:df:b7:a1:8d:2a:da:ba:cb:
                    54:fb:20:32:30:39:78:c4:d4:4c:5b:69:ae:ec:ac:
                    98:f9:79:4a:d7:e2:0d:e8:97:09:b4:2e:79:f6:68:
                    b3:4f:44:26:e2:bd:87:14:cb:17:e4:28:3e:e1:a4:
                    e2:83:f6:54:f8:0b:5b:87:2e:b6:e6:7e:d7:7f:6e:
                    d4:14:23:37:b5:24:39:4e:73:ab:3b:45:c2:f5:7e:
                    8a:c9:3a:29:b1:b3:b8:e7:86:bb:37:08:f1:04:2c:
                    a3:61:a6:44:71:c6:f7:b9:00:70:76:98:1c:f7:46:
                    fb:10:82:4e:e0:7f:a5:8c:be:20:81:7b:30:09:d7:
                    a6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:CB:2F:D6:77:23:94:AB:3A:AC:AF:B8:34:4E:7E:07:22:DD:28:10
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/c43953a9-735f-3024-abaa-feab079248e5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.105.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         32:f5:dc:c8:79:47:49:95:48:7b:1e:6a:ce:91:be:4c:a0:69:
         5a:c5:ec:c5:a7:b7:e3:d9:e5:32:5d:be:00:3a:86:2b:6b:e5:
         49:73:3a:4a:dc:ba:76:ea:f6:bd:44:d8:32:1c:2f:ed:c1:e8:
         6a:82:02:86:56:c3:61:e5:30:e1:f2:43:c9:6d:38:9a:77:c1:
         b3:a5:c1:a6:8c:06:d1:19:36:c9:6a:8e:f6:3d:18:75:8e:5e:
         e2:f1:78:37:cb:88:9f:f7:1d:60:ae:2c:35:17:40:5f:fc:58:
         c5:9c:ef:ef:84:6f:0a:ec:91:8a:4d:3d:aa:32:af:9a:1a:8e:
         b3:05:31:59:ba:3e:2d:8e:9e:ef:64:c7:0d:d0:cb:3e:f5:38:
         5d:e7:40:70:97:78:59:29:ed:0b:31:91:21:4b:7a:06:bf:1f:
         e3:81:af:cf:e4:31:1f:33:ed:00:7a:80:66:87:13:20:58:46:
         d3:75:c3:c8:8d:fa:4f:22:8c:d5:bf:93:54:ee:17:40:10:93:
         d8:5e:39:00:d2:19:52:a1:9d:ef:d0:c9:59:c5:79:7a:fd:f3:
         5e:5b:10:e1:d1:01:76:69:a5:6c:df:e0:04:2a:09:11:7e:1e:
         12:52:5c:01:09:a4:de:5d:17:2e:86:af:be:bb:bf:db:ff:36:
         f1:ac:ff:c0
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0WB1eOJPfj9VU9FwAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMDMwMTA1MDAwMFoXDTIzMDMwMTA1MDAwMFowLzEtMCsGA1UEAxMk
MDA3MzA5YmEtNjkzZC00MjU5LWJmMGYtOGYzODlhZGZlODc1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT7i21+v9lWaPfMQqJ08a3qEAf3VcMhRfJ6z
o5xrtwI57ev6WUHixOLDZ4nOu3SUvSQa13UG9WbQ+YVXd2Xs4keF8L+ogDY8ADtX
XIxGy1ke7LJaP6xJNj98Daz4057jjsiBunFw8zZMin3MP9LlPJ2IjnxePcDhEafW
4dUI37ehjSraustU+yAyMDl4xNRMW2mu7KyY+XlK1+IN6JcJtC559mizT0Qm4r2H
FMsX5Cg+4aTig/ZU+Atbhy625n7Xf27UFCM3tSQ5TnOrO0XC9X6KyTopsbO454a7
NwjxBCyjYaZEccb3uQBwdpgc90b7EIJO4H+ljL4ggXswCdemmwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNPLL9Z3I5SrOqyvuDROfgci3SgQMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvYzQzOTUzYTktNzM1Zi0z
MDI0LWFiYWEtZmVhYjA3OTI0OGU1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApYxpMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBADL13Mh5R0mVSHseas6RvkygaVrF7MWnt+PZ5TJdvgA6hitr5UlzOkrc
unbq9r1E2DIcL+3B6GqCAoZWw2HlMOHyQ8ltOJp3wbOlwaaMBtEZNslqjvY9GHWO
XuLxeDfLiJ/3HWCuLDUXQF/8WMWc7++EbwrskYpNPaoyr5oajrMFMVm6Pi2Onu9k
xw3Qyz71OF3nQHCXeFkp7QsxkSFLega/H+OBr8/kMR8z7QB6gGaHEyBYRtN1w8iN
+k8ijNW/k1TuF0AQk9heOQDSGVKhne/QyVnFeXr9815bEOHRAXZppWzf4AQqCRF+
HhJSXAEJpN5dFy6Gr767v9v/NvGs/8A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:13 2024 by rpki-client on console-fra.rpki-client.org