Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/d0a7aca4-616e-328f-b734-d86a8d95262c.roa
File:                     d0a7aca4-616e-328f-b734-d86a8d95262c.roa (raw, json)
Hash identifier:          NJ1DjBpg25I2WsbqrcTskdMeCIOYsKpglUBLtxle3WY=
Subject key identifier:   DC:99:01:34:5E:54:15:60:71:74:9F:95:8D:32:B4:34:B7:92:24:B2
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328583F9AFB2CD0A63C88BC2949F920
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/d0a7aca4-616e-328f-b734-d86a8d95262c.roa
Signing time:             Mon 17 Oct 2022 12:00:00 +0000
ROA not before:           Mon 17 Oct 2022 12:00:00 +0000
ROA not after:            Wed 18 Oct 2023 04:00:00 +0000
asID:                     3970
IP address blocks:        2620:9e:6001::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:9a:fb:2c:d0:a6:3c:88:bc:29:49:f9:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Oct 17 12:00:00 2022 GMT
            Not After : Oct 18 04:00:00 2023 GMT
        Subject: CN=d809cb42-5aef-4e9a-ba09-2b198d63bccb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f1:68:41:4c:3b:19:20:a7:81:f3:76:fc:ac:
                    b2:87:c1:66:db:99:b7:89:bb:30:a5:78:77:59:89:
                    11:35:10:90:ad:f2:9a:04:ab:34:b0:0e:b0:87:b7:
                    a7:c1:a9:2c:7e:b6:d0:2b:77:34:cc:dd:10:e7:5b:
                    66:3b:54:54:df:b4:56:41:e1:ca:64:fe:64:65:63:
                    4b:7d:10:4e:f2:31:02:d4:6f:d8:ea:b1:77:d4:15:
                    df:0d:34:0a:2a:f7:25:4c:1a:29:3a:46:6a:5c:77:
                    ff:90:b4:80:25:a4:2c:67:b8:02:e5:d7:e3:bb:45:
                    91:c9:b2:2b:1f:44:f2:29:1c:a5:ef:c0:64:fb:ee:
                    17:49:4e:da:fa:44:fd:3c:60:c9:76:75:4b:1b:cc:
                    14:08:f8:a4:65:d0:92:3c:34:65:ad:97:70:7f:5e:
                    34:42:82:ad:c6:b6:0b:c9:34:15:3c:60:d4:04:3e:
                    71:6f:a5:7f:71:77:d0:ad:9d:88:1d:e4:3f:18:66:
                    dd:78:71:bd:22:36:2f:01:8a:f5:c2:89:04:13:d2:
                    78:06:1e:09:ca:ea:17:1b:9e:7c:ef:f3:3e:1e:22:
                    ae:81:ce:c3:bb:86:ec:ef:64:26:4a:99:54:2d:b7:
                    1f:91:25:79:59:fb:a1:b2:b6:f6:a7:6f:39:95:29:
                    08:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:99:01:34:5E:54:15:60:71:74:9F:95:8D:32:B4:34:B7:92:24:B2
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/d0a7aca4-616e-328f-b734-d86a8d95262c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv6:
                  2620:9e:6001::/48

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         6b:e0:3b:ab:6a:89:90:8f:96:a6:8b:39:26:46:76:8f:c9:ef:
         25:be:73:f0:c0:0e:a5:98:3e:48:f5:7a:38:30:97:04:cb:ae:
         9c:68:f0:01:b0:cd:cb:9d:13:d9:68:c8:41:30:af:26:50:6b:
         34:4c:23:04:60:07:c5:88:fd:b9:e1:2e:69:bc:ae:87:60:a9:
         03:cf:8f:d5:a1:75:05:f4:f5:9d:34:44:f2:2b:ac:39:49:81:
         3d:93:a2:28:0c:73:95:47:6c:c3:49:9a:59:af:46:10:90:11:
         13:6d:f4:0a:fb:58:bf:6d:d1:9d:bf:93:ad:e6:a5:5a:f9:67:
         8a:12:4d:d0:9f:76:c9:83:97:8b:bb:b4:42:e9:38:91:70:be:
         2b:89:90:b3:32:79:80:9e:ad:8f:73:fc:05:86:e1:dd:31:be:
         ee:45:ff:51:f7:7a:d1:b6:fa:f8:56:10:16:15:a6:10:be:15:
         ea:83:f8:87:f2:89:c2:23:9c:ca:ab:78:01:d4:ba:8f:f3:65:
         39:95:52:09:46:90:12:8d:ff:69:f7:34:aa:6b:78:21:4d:90:
         86:66:e3:9a:4a:4a:7e:e5:6e:c1:87:8f:c9:79:43:4e:fa:0d:
         48:46:04:28:6d:9e:53:5f:23:90:3c:6a:38:9d:ca:68:26:0a:
         36:37:0f:3e
-----BEGIN CERTIFICATE-----
MIIGRjCCBS6gAwIBAgIUAQ0Mn0MoWD+a+yzQpjyIvClJ+SAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTAxNzEyMDAwMFoXDTIzMTAxODA0MDAwMFowLzEtMCsGA1UEAxMk
ZDgwOWNiNDItNWFlZi00ZTlhLWJhMDktMmIxOThkNjNiY2NiMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvFoQUw7GSCngfN2/Kyyh8Fm25m3ibswpXh3
WYkRNRCQrfKaBKs0sA6wh7enwaksfrbQK3c0zN0Q51tmO1RU37RWQeHKZP5kZWNL
fRBO8jEC1G/Y6rF31BXfDTQKKvclTBopOkZqXHf/kLSAJaQsZ7gC5dfju0WRybIr
H0TyKRyl78Bk++4XSU7a+kT9PGDJdnVLG8wUCPikZdCSPDRlrZdwf140QoKtxrYL
yTQVPGDUBD5xb6V/cXfQrZ2IHeQ/GGbdeHG9IjYvAYr1wokEE9J4Bh4JyuoXG558
7/M+HiKugc7Du4bs72QmSplULbcfkSV5Wfuhsrb2p285lSkI2QIDAQABo4IDWDCC
A1QwHQYDVR0OBBYEFNyZATReVBVgcXSflY0ytDS3kiSyMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvZDBhN2FjYTQtNjE2ZS0z
MjhmLWI3MzQtZDg2YThkOTUyNjJjLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJiAAnmAB
MFQGA1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6
Ly93d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcN
AQELBQADggEBAGvgO6tqiZCPlqaLOSZGdo/J7yW+c/DADqWYPkj1ejgwlwTLrpxo
8AGwzcudE9loyEEwryZQazRMIwRgB8WI/bnhLmm8rodgqQPPj9WhdQX09Z00RPIr
rDlJgT2ToigMc5VHbMNJmlmvRhCQERNt9Ar7WL9t0Z2/k63mpVr5Z4oSTdCfdsmD
l4u7tELpOJFwviuJkLMyeYCerY9z/AWG4d0xvu5F/1H3etG2+vhWEBYVphC+FeqD
+IfyicIjnMqreAHUuo/zZTmVUglGkBKN/2n3NKpreCFNkIZm45pKSn7lbsGHj8l5
Q076DUhGBChtnlNfI5A8ajidymgmCjY3Dz4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:52 2023 by rpki-client on console-fra.rpki-client.org