Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/e5a111f7-8c1d-34b0-8588-da7685549f6d.roa
File:                     e5a111f7-8c1d-34b0-8588-da7685549f6d.roa (raw, json)
Hash identifier:          c2hnsnAa66nKPHyLfG3tJhUnzsw4vMfCdqhxV2UqXD8=
Subject key identifier:   19:42:5F:B7:A1:7E:38:CE:C1:34:02:42:B0:59:E7:EC:7F:4A:E6:AD
Certificate issuer:       /CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
Certificate serial:       010D0C9F4328584021036238DDB4F4F79188D100
Authority key identifier: 45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/e5a111f7-8c1d-34b0-8588-da7685549f6d.roa
Signing time:             Sun 04 Dec 2022 12:00:00 +0000
ROA not before:           Sun 04 Dec 2022 12:00:00 +0000
ROA not after:            Tue 05 Dec 2023 05:00:00 +0000
asID:                     3970
IP address blocks:        165.140.105.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:21:03:62:38:dd:b4:f4:f7:91:88:d1:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f5a8e327-ebf4-4f4b-9073-90acd61797cc
        Validity
            Not Before: Dec  4 12:00:00 2022 GMT
            Not After : Dec  5 05:00:00 2023 GMT
        Subject: CN=a12e5e57-4ad4-4055-ac10-7da07ef37b8d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:37:96:0c:1c:30:1e:98:6f:f6:46:fd:a2:28:
                    2e:ff:f1:7d:60:d0:a4:d4:96:be:ef:0b:a8:56:b7:
                    3d:31:1c:e9:1c:52:5d:04:ee:5b:07:22:23:08:10:
                    14:53:40:1d:b7:6f:1f:ab:02:81:ea:b9:6b:85:b3:
                    01:67:ed:17:ae:00:ec:24:af:24:56:af:38:9a:b2:
                    11:fa:8b:d0:72:e4:69:82:72:0b:45:4a:74:80:99:
                    6b:ca:ae:1a:78:4f:b6:c4:6d:8e:52:73:9a:cb:0b:
                    63:24:46:f9:b5:ab:64:24:70:fe:1e:40:87:16:9a:
                    87:0a:2e:fd:46:0f:c3:46:fc:4f:d0:0c:d1:b4:01:
                    c4:ab:38:25:d5:b7:38:cc:39:2c:22:8d:82:b6:57:
                    33:7f:55:8a:6b:d0:a0:79:0d:cd:fe:fb:66:a0:3a:
                    e9:15:b9:a6:00:bb:75:14:d8:bc:85:ce:89:70:36:
                    14:1b:9d:f5:89:ef:94:a5:9f:b6:f8:cb:1e:2f:79:
                    9a:22:4b:56:98:54:14:a1:d5:d4:33:57:29:ea:08:
                    a1:78:94:c3:77:e7:87:7a:e8:d4:1d:15:ee:68:72:
                    fa:da:6b:57:e4:26:23:78:b1:89:10:99:1d:f5:b4:
                    e5:bb:02:f9:ac:3a:6f:0f:32:87:4f:6c:cc:27:3e:
                    24:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:42:5F:B7:A1:7E:38:CE:C1:34:02:42:B0:59:E7:EC:7F:4A:E6:AD
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/e5a111f7-8c1d-34b0-8588-da7685549f6d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc/f5a8e327-ebf4-4f4b-9073-90acd61797cc.crl

            X509v3 Authority Key Identifier:
                keyid:45:86:65:E2:AF:1E:64:89:10:4A:3B:83:E3:D8:7F:48:93:B5:7B:93

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f5a8e327-ebf4-4f4b-9073-90acd61797cc.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.140.105.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         8d:e9:90:bd:4d:43:a0:7b:0b:15:33:15:31:9a:a4:21:dd:91:
         a0:4b:8f:05:ee:7c:10:ee:b9:09:90:ae:74:db:1e:03:a9:db:
         3e:44:2c:90:90:28:ff:26:43:23:2e:ba:75:cf:b3:3b:83:f7:
         9f:da:b2:ee:6d:5f:64:1a:6d:88:02:36:00:e6:ea:42:28:d9:
         dc:83:6e:1d:b6:35:d4:26:64:1d:f2:b9:bc:89:a3:97:34:a8:
         a0:8c:5f:9e:cd:2b:77:fd:54:61:7c:cf:fa:d4:c7:fc:2f:a1:
         41:0c:a3:f2:7c:a1:3e:fa:31:7c:8c:e8:fb:01:8f:26:ab:fd:
         27:6f:16:97:4c:58:25:33:f7:68:bb:11:c5:ee:06:14:f3:f4:
         54:ec:09:98:b2:e2:da:01:12:84:30:b2:02:54:c2:b8:1f:6c:
         7a:21:d4:7a:ae:56:32:1f:b6:93:85:a5:8f:ef:d1:51:de:e2:
         a7:d9:06:f5:db:55:9c:b4:85:26:3b:f4:3e:51:b0:ca:80:4d:
         ac:d0:c5:26:5b:a5:7e:c6:fc:05:fd:55:76:a7:f1:28:8f:f4:
         6f:52:19:20:ed:10:9d:a5:e7:48:44:e8:1c:45:4b:7c:17:c5:
         4a:73:8c:5f:fb:98:3d:84:e1:d8:71:e8:d9:3e:ab:e4:c1:69:
         0c:b9:a6:73
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEAhA2I43bT095GI0QAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkZjVhOGUzMjctZWJmNC00ZjRiLTkwNzMtOTBhY2Q2MTc5
N2NjMB4XDTIyMTIwNDEyMDAwMFoXDTIzMTIwNTA1MDAwMFowLzEtMCsGA1UEAxMk
YTEyZTVlNTctNGFkNC00MDU1LWFjMTAtN2RhMDdlZjM3YjhkMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDeWDBwwHphv9kb9oigu//F9YNCk1Ja+7wuo
Vrc9MRzpHFJdBO5bByIjCBAUU0Adt28fqwKB6rlrhbMBZ+0XrgDsJK8kVq84mrIR
+ovQcuRpgnILRUp0gJlryq4aeE+2xG2OUnOaywtjJEb5tatkJHD+HkCHFpqHCi79
Rg/DRvxP0AzRtAHEqzgl1bc4zDksIo2Ctlczf1WKa9CgeQ3N/vtmoDrpFbmmALt1
FNi8hc6JcDYUG531ie+UpZ+2+MseL3maIktWmFQUodXUM1cp6giheJTDd+eHeujU
HRXuaHL62mtX5CYjeLGJEJkd9bTluwL5rDpvDzKHT2zMJz4kdwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBlCX7ehfjjOwTQCQrBZ5+x/SuatMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4
ZTMyNy1lYmY0LTRmNGItOTA3My05MGFjZDYxNzk3Y2MvZTVhMTExZjctOGMxZC0z
NGIwLTg1ODgtZGE3Njg1NTQ5ZjZkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy81MjFlYjMzZi05
NjcyLTRjZDktYWNjZS0xMzcyMjdlOTcxYWMvZjVhOGUzMjctZWJmNC00ZjRiLTkw
NzMtOTBhY2Q2MTc5N2NjL2Y1YThlMzI3LWViZjQtNGY0Yi05MDczLTkwYWNkNjE3
OTdjYy5jcmwwHwYDVR0jBBgwFoAURYZl4q8eZIkQSjuD49h/SJO1e5MwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzUyMWViMzNmLTk2NzItNGNk
OS1hY2NlLTEzNzIyN2U5NzFhYy9mNWE4ZTMyNy1lYmY0LTRmNGItOTA3My05MGFj
ZDYxNzk3Y2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApYxpMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAI3pkL1NQ6B7CxUzFTGapCHdkaBLjwXufBDuuQmQrnTbHgOp2z5ELJCQ
KP8mQyMuunXPszuD95/asu5tX2QabYgCNgDm6kIo2dyDbh22NdQmZB3yubyJo5c0
qKCMX57NK3f9VGF8z/rUx/wvoUEMo/J8oT76MXyM6PsBjyar/SdvFpdMWCUz92i7
EcXuBhTz9FTsCZiy4toBEoQwsgJUwrgfbHoh1HquVjIftpOFpY/v0VHe4qfZBvXb
VZy0hSY79D5RsMqATazQxSZbpX7G/AX9VXan8SiP9G9SGSDtEJ2l50hE6BxFS3wX
xUpzjF/7mD2E4dhx6Nk+q+TBaQy5pnM=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:38:52 2023 by rpki-client on console-fra.rpki-client.org