Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/16f012fc-6517-3286-ad2e-80eac13ef2c5.roa
File:                     16f012fc-6517-3286-ad2e-80eac13ef2c5.roa (raw, json)
Hash identifier:          M9JLLb7M+v053vUpBEpY+u+afUti5Je1eYtqnO1l/AM=
Subject key identifier:   93:7C:FE:2A:E6:9C:F2:6A:5F:D1:10:16:80:0C:61:5F:9A:C3:F3:0A
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328584551CD6A34A88A27DFABD65E80
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/16f012fc-6517-3286-ad2e-80eac13ef2c5.roa
Signing time:             Mon 25 Mar 2024 01:00:25 +0000
ROA not before:           Mon 25 Mar 2024 01:00:25 +0000
ROA not after:            Sun 23 Jun 2024 01:00:25 +0000
asID:                     10557
IP address blocks:        23.27.56.0/21 maxlen: 21

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:51:cd:6a:34:a8:8a:27:df:ab:d6:5e:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar 25 01:00:25 2024 GMT
            Not After : Jun 23 01:00:25 2024 GMT
        Subject: CN=678a4a94-cd2d-4479-9497-eacfc98cd628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:83:6a:0e:56:1b:0a:71:1b:83:74:da:2b:18:
                    03:04:8f:78:7e:cf:b6:93:28:cc:c6:b7:cf:9b:9f:
                    69:e2:c2:54:c6:8c:ee:f6:3d:b2:10:10:51:f1:aa:
                    c2:ec:f5:09:66:f1:4d:00:51:66:54:0e:87:f9:34:
                    1c:f3:dd:91:06:43:b0:50:bf:a3:52:1f:55:cb:dd:
                    a9:6b:03:31:94:c0:1f:3f:2e:25:e4:dc:99:72:07:
                    96:28:e7:ce:77:a0:cb:f8:09:c5:d5:74:0c:9b:ba:
                    16:e6:4e:2d:15:be:bd:9a:12:9b:54:3e:9c:4c:f7:
                    73:fa:1e:95:e0:6c:9e:24:a5:17:33:4d:8b:d9:66:
                    3a:c2:67:9c:52:9e:30:80:8d:b4:21:bf:f3:28:1a:
                    b9:2e:98:7c:38:e9:b3:62:79:1d:a5:d5:b1:6c:84:
                    6b:1c:f2:a7:3c:f5:c0:50:6d:bd:87:70:0d:58:c8:
                    e1:3b:f1:6e:e7:35:0a:c2:f5:f5:17:d5:9f:84:f2:
                    de:5f:73:38:3c:9d:7d:e7:19:08:d4:ce:2f:15:3f:
                    63:a3:74:27:8e:d7:e1:c2:02:0c:3f:7a:f2:59:2b:
                    6a:b6:b1:b6:a4:37:55:7c:96:a7:93:71:3c:6e:09:
                    18:ff:87:ac:a6:1f:60:4a:5b:23:fb:a9:7e:98:ff:
                    c1:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:7C:FE:2A:E6:9C:F2:6A:5F:D1:10:16:80:0C:61:5F:9A:C3:F3:0A
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/16f012fc-6517-3286-ad2e-80eac13ef2c5.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.56.0/21

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         04:63:cb:9f:12:b0:fe:f7:9f:8d:16:18:ec:75:ee:22:f1:5c:
         d7:64:d6:ce:81:1c:56:70:e5:fe:21:e9:a1:31:d0:a8:19:25:
         1b:a9:ca:6f:73:62:35:24:92:db:d6:83:55:81:30:3a:c9:e8:
         83:8f:56:53:1a:a6:70:d5:00:d9:87:84:cb:5d:ec:42:b5:00:
         3c:cc:f5:79:5f:8c:01:b3:26:69:f0:0e:ae:cb:a5:eb:82:6a:
         a1:24:77:a5:c0:15:e4:e2:33:2f:9f:59:19:aa:5f:0e:ee:36:
         58:c7:c8:90:3e:ea:33:6a:cd:52:8f:3a:7f:e1:fb:52:cb:1b:
         fe:b0:15:8c:42:58:b0:70:5f:f8:60:d9:75:62:ee:ec:25:2c:
         9b:0f:5f:c2:fc:76:c4:0a:a6:c9:4c:15:5d:28:65:f7:38:3a:
         84:92:bc:79:71:6e:d9:af:07:54:a6:56:ef:85:85:32:15:4b:
         77:67:e4:4f:96:40:70:80:c7:c5:62:cc:fe:90:a9:30:7b:77:
         81:4e:72:41:ab:9d:e4:1b:53:87:92:f5:f6:e8:b9:6c:ed:c6:
         aa:81:e2:c3:d2:5b:69:f7:25:74:6f:82:3d:15:a1:04:77:37:
         24:c8:eb:c6:1a:e4:2b:4c:04:19:ae:a5:b6:b3:e8:3c:39:ed:
         48:76:51:35
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVRzWo0qIon36vWXoAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMyNTAxMDAyNVoXDTI0MDYyMzAxMDAyNVowLzEtMCsGA1UEAxMk
Njc4YTRhOTQtY2QyZC00NDc5LTk0OTctZWFjZmM5OGNkNjI4MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoNqDlYbCnEbg3TaKxgDBI94fs+2kyjMxrfP
m59p4sJUxozu9j2yEBBR8arC7PUJZvFNAFFmVA6H+TQc892RBkOwUL+jUh9Vy92p
awMxlMAfPy4l5NyZcgeWKOfOd6DL+AnF1XQMm7oW5k4tFb69mhKbVD6cTPdz+h6V
4GyeJKUXM02L2WY6wmecUp4wgI20Ib/zKBq5Lph8OOmzYnkdpdWxbIRrHPKnPPXA
UG29h3ANWMjhO/Fu5zUKwvX1F9WfhPLeX3M4PJ195xkI1M4vFT9jo3QnjtfhwgIM
P3ryWStqtrG2pDdVfJank3E8bgkY/4esph9gSlsj+6l+mP/BYwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJN8/irmnPJqX9EQFoAMYV+aw/MKMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvMTZmMDEyZmMtNjUxNy0z
Mjg2LWFkMmUtODBlYWMxM2VmMmM1LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDFxs4MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAARjy58SsP73n40WGOx17iLxXNdk1s6BHFZw5f4h6aEx0KgZJRupym9z
YjUkktvWg1WBMDrJ6IOPVlMapnDVANmHhMtd7EK1ADzM9XlfjAGzJmnwDq7LpeuC
aqEkd6XAFeTiMy+fWRmqXw7uNljHyJA+6jNqzVKPOn/h+1LLG/6wFYxCWLBwX/hg
2XVi7uwlLJsPX8L8dsQKpslMFV0oZfc4OoSSvHlxbtmvB1SmVu+FhTIVS3dn5E+W
QHCAx8VizP6QqTB7d4FOckGrneQbU4eS9fbouWztxqqB4sPSW2n3JXRvgj0VoQR3
NyTI68Ya5CtMBBmupbaz6Dw57Uh2UTU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:03 2024 by rpki-client on console-ams.rpki-client.org