Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/cfcdb453-afdf-3704-be59-21932db5c0c8.roa
File:                     cfcdb453-afdf-3704-be59-21932db5c0c8.roa (raw, json)
Hash identifier:          1UO3lkBixWANSgny/v0LmBGZPbB68EAoxR/Hd592QvQ=
Subject key identifier:   97:5E:42:9B:A0:7F:46:9D:A3:3F:D7:16:33:A9:B8:FC:CB:54:72:2F
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583D085FE84B0B98D870586D1D00
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/cfcdb453-afdf-3704-be59-21932db5c0c8.roa
Signing time:             Thu 24 Feb 2022 05:00:00 +0000
ROA not before:           Thu 24 Feb 2022 05:00:00 +0000
ROA not after:            Fri 24 Feb 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        165.140.105.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3d:08:5f:e8:4b:0b:98:d8:70:58:6d:1d:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Feb 24 05:00:00 2022 GMT
            Not After : Feb 24 05:00:00 2023 GMT
        Subject: CN=7870cf3a-ed91-44ce-8c48-1289d2065d0d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c7:21:f7:d0:2a:3e:8f:e9:ae:cb:c9:f5:fb:
                    cf:54:24:c3:15:a8:ec:9a:6b:a5:9f:0a:8d:c7:e0:
                    87:77:a9:0d:78:a9:a4:56:82:e7:55:60:34:08:21:
                    9b:7a:09:3b:7b:21:74:40:45:e4:fa:7d:5f:1b:cd:
                    6a:a9:a3:c8:5a:6d:6c:09:7c:bd:72:58:d5:cc:54:
                    8f:e5:06:49:04:24:91:d1:ac:b5:57:22:b3:28:e5:
                    6b:33:8b:99:91:d0:19:bc:d2:ed:6a:fd:2e:70:4d:
                    ba:b7:f2:56:9c:8c:ca:4a:c8:cd:d8:74:77:e3:e6:
                    42:b1:9b:b5:96:48:9c:bd:94:c8:96:bb:1f:88:77:
                    dc:14:07:df:16:eb:45:e2:18:cb:23:46:6b:bc:77:
                    cf:16:f9:1b:c6:4f:f0:9d:a3:ab:24:d6:33:ec:ce:
                    69:58:8b:fb:ad:56:cd:e3:02:dd:36:2e:0c:67:49:
                    dc:29:df:39:65:51:00:51:89:ea:6f:da:af:c3:70:
                    f5:ab:9f:2f:42:cb:e9:01:ab:40:72:9e:2c:6c:83:
                    00:86:ef:ff:3c:31:dc:ed:30:b8:73:17:c9:25:c9:
                    36:a4:26:c2:0f:4b:8b:65:3e:47:34:1f:6d:c7:91:
                    e4:5e:bf:8d:f1:81:65:e2:51:8c:f0:0a:22:7f:ba:
                    dd:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:5E:42:9B:A0:7F:46:9D:A3:3F:D7:16:33:A9:B8:FC:CB:54:72:2F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/cfcdb453-afdf-3704-be59-21932db5c0c8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.105.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         13:b7:87:b4:24:68:38:1b:2b:52:c5:ad:f2:2e:11:4b:e9:80:
         22:96:02:aa:01:9f:1e:e1:96:22:e0:41:66:df:c7:6f:a2:1a:
         08:28:04:33:dc:52:55:5f:9b:74:b7:dc:31:1a:62:70:3b:80:
         9f:6f:bb:46:68:e4:07:73:f0:75:88:7a:1f:93:60:94:10:bd:
         cf:ce:75:eb:ad:e0:6a:e2:93:28:0a:dd:9a:74:9b:d3:c3:c8:
         dc:83:8e:09:1d:03:74:c3:e2:a8:5a:b3:dc:c9:2b:93:ba:14:
         a0:0e:f3:28:5b:b2:3b:f2:b4:49:63:95:3e:5e:a5:9e:fb:a8:
         d8:60:1b:2e:9a:fe:03:99:46:aa:bb:1d:7b:80:79:12:e1:ca:
         dd:80:b2:7b:e3:78:cc:1a:4a:49:fe:2a:48:95:a8:f2:40:b4:
         99:18:83:b9:e9:ee:ca:28:5e:f5:2f:14:47:28:62:60:32:22:
         ab:a5:88:d4:89:6d:82:f3:77:29:5e:03:fa:61:47:10:f7:c7:
         33:61:59:55:fe:6c:dc:2e:3d:60:a2:6c:b6:36:6a:51:b4:53:
         da:1b:fc:b3:2f:e8:58:e3:d9:95:06:f2:89:ff:18:28:f4:19:
         1a:40:15:f6:6c:79:ce:5f:80:c1:31:48:0b:6e:be:04:be:71:
         cd:50:79:fd
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWD0IX+hLC5jYcFhtHQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMDIyNDA1MDAwMFoXDTIzMDIyNDA1MDAwMFowLzEtMCsGA1UEAxMk
Nzg3MGNmM2EtZWQ5MS00NGNlLThjNDgtMTI4OWQyMDY1ZDBkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8ch99AqPo/prsvJ9fvPVCTDFajsmmulnwqN
x+CHd6kNeKmkVoLnVWA0CCGbegk7eyF0QEXk+n1fG81qqaPIWm1sCXy9cljVzFSP
5QZJBCSR0ay1VyKzKOVrM4uZkdAZvNLtav0ucE26t/JWnIzKSsjN2HR34+ZCsZu1
lkicvZTIlrsfiHfcFAffFutF4hjLI0ZrvHfPFvkbxk/wnaOrJNYz7M5pWIv7rVbN
4wLdNi4MZ0ncKd85ZVEAUYnqb9qvw3D1q58vQsvpAatAcp4sbIMAhu//PDHc7TC4
cxfJJck2pCbCD0uLZT5HNB9tx5HkXr+N8YFl4lGM8Aoif7rdfQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJdeQpugf0adoz/XFjOpuPzLVHIvMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvY2ZjZGI0NTMtYWZkZi0z
NzA0LWJlNTktMjE5MzJkYjVjMGM4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApYxpMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBABO3h7QkaDgbK1LFrfIuEUvpgCKWAqoBnx7hliLgQWbfx2+iGggoBDPc
UlVfm3S33DEaYnA7gJ9vu0Zo5Adz8HWIeh+TYJQQvc/Odeut4GrikygK3Zp0m9PD
yNyDjgkdA3TD4qhas9zJK5O6FKAO8yhbsjvytEljlT5epZ77qNhgGy6a/gOZRqq7
HXuAeRLhyt2AsnvjeMwaSkn+KkiVqPJAtJkYg7np7sooXvUvFEcoYmAyIquliNSJ
bYLzdyleA/phRxD3xzNhWVX+bNwuPWCibLY2alG0U9ob/LMv6Fjj2ZUG8on/GCj0
GRpAFfZsec5fgMExSAtuvgS+cc1Qef0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:13 2024 by rpki-client on console-fra.rpki-client.org