Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/3bd8fe96-1e7f-39c9-a148-2681f4ee4d9d.roa
File:                     3bd8fe96-1e7f-39c9-a148-2681f4ee4d9d.roa (raw, json)
Hash identifier:          CO4IlF8beMa3aAEVTpm3VpG+C9xZ8ThJgVT21reVEqo=
Subject key identifier:   D5:9C:DE:47:13:98:24:FD:86:0C:74:E6:7E:FB:64:71:56:46:3C:3F
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F43285844C0BFA0DC9CCB896682AEA780
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/3bd8fe96-1e7f-39c9-a148-2681f4ee4d9d.roa
Signing time:             Fri 02 Feb 2024 02:00:26 +0000
ROA not before:           Fri 02 Feb 2024 02:00:26 +0000
ROA not after:            Thu 02 May 2024 01:00:26 +0000
asID:                     397630
IP address blocks:        23.27.131.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:44:c0:bf:a0:dc:9c:cb:89:66:82:ae:a7:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Feb  2 02:00:26 2024 GMT
            Not After : May  2 01:00:26 2024 GMT
        Subject: CN=41a222bb-5924-46d2-8466-3c174bc814ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d5:a4:06:66:21:09:38:3b:55:c1:c0:9a:cb:
                    c6:d7:01:75:2d:98:13:c0:5d:5d:c3:de:ba:46:f4:
                    d5:a5:0d:ac:80:99:c0:bf:e3:09:e0:78:f8:bd:e7:
                    91:be:6a:ee:a4:d9:a6:1c:c1:76:1c:c6:05:0a:04:
                    b1:ec:d7:9f:4c:0a:16:95:4e:60:54:00:69:a3:03:
                    84:23:5d:e8:16:b1:c9:4b:02:e7:6d:b7:27:a2:29:
                    74:be:01:95:28:11:32:09:f5:49:ea:86:62:f5:ed:
                    fc:65:d9:73:40:e4:75:3f:81:86:08:25:27:1f:63:
                    54:42:80:87:c4:f0:16:76:b0:d8:42:8c:b4:30:e1:
                    8d:f2:42:a2:6f:b4:c9:4f:f5:b9:8d:c9:ef:39:cc:
                    53:be:84:64:ae:7b:67:8a:eb:9b:e0:11:e8:9d:3f:
                    2b:cc:80:85:7b:8e:9f:ab:c9:f9:f9:e7:22:72:82:
                    28:94:eb:41:21:80:ce:ba:5b:29:f2:c1:bf:6e:3a:
                    64:13:fa:7d:13:69:8c:4a:9b:46:a1:fc:dd:b6:aa:
                    f4:d0:84:5d:ac:53:dc:d0:66:da:ab:46:e1:e2:2e:
                    70:24:30:28:a5:31:ef:f5:ca:0b:4d:42:f0:31:03:
                    b0:80:61:99:52:f7:88:aa:16:0e:08:8b:ca:45:39:
                    60:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:9C:DE:47:13:98:24:FD:86:0C:74:E6:7E:FB:64:71:56:46:3C:3F
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/3bd8fe96-1e7f-39c9-a148-2681f4ee4d9d.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.131.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         29:a0:d0:1a:3a:2b:f7:28:11:76:07:7f:21:f8:df:d3:c9:39:
         15:d6:cc:d2:9b:4e:28:10:4c:3a:2d:65:82:15:d2:b6:00:5f:
         2a:2d:e8:c5:83:6e:d8:34:cb:b3:cd:ad:f7:aa:95:3a:ea:2c:
         92:72:f7:6c:20:a7:39:05:da:97:96:74:8f:5f:01:f1:af:48:
         8a:a2:e9:0a:a9:2f:c4:dc:48:68:3f:21:82:81:55:91:e6:9b:
         26:20:a1:82:35:4c:d7:b0:39:a5:64:55:ea:16:87:88:b0:b7:
         c8:d0:72:39:c2:cc:da:6d:e8:55:54:bb:81:81:88:86:77:52:
         33:52:2d:26:42:ac:10:f8:ed:01:3d:a7:05:be:40:e5:8e:b0:
         29:30:ec:1f:78:c8:66:7f:69:c4:69:26:d2:40:d1:1a:9a:0f:
         7f:00:19:7f:85:f5:65:2e:04:de:b0:fb:63:2c:66:78:3b:de:
         b7:0d:da:33:0c:dd:51:df:4c:48:65:b8:65:8b:e2:1d:17:fc:
         f5:d4:6f:35:47:c8:cc:8b:72:0f:3a:21:a5:33:a1:0a:5e:30:
         3a:c3:79:0c:1e:e2:1f:e3:9c:fd:89:69:fe:87:23:0d:9d:46:
         ee:2d:37:c7:41:91:e3:3c:16:c0:78:9b:ff:50:c4:17:ec:29:
         73:32:a4:33
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWETAv6DcnMuJZoKup4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDIwMjAyMDAyNloXDTI0MDUwMjAxMDAyNlowLzEtMCsGA1UEAxMk
NDFhMjIyYmItNTkyNC00NmQyLTg0NjYtM2MxNzRiYzgxNGFlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdWkBmYhCTg7VcHAmsvG1wF1LZgTwF1dw966
RvTVpQ2sgJnAv+MJ4Hj4veeRvmrupNmmHMF2HMYFCgSx7NefTAoWlU5gVABpowOE
I13oFrHJSwLnbbcnoil0vgGVKBEyCfVJ6oZi9e38ZdlzQOR1P4GGCCUnH2NUQoCH
xPAWdrDYQoy0MOGN8kKib7TJT/W5jcnvOcxTvoRkrntniuub4BHonT8rzICFe46f
q8n5+ecicoIolOtBIYDOulsp8sG/bjpkE/p9E2mMSptGofzdtqr00IRdrFPc0Gba
q0bh4i5wJDAopTHv9coLTULwMQOwgGGZUveIqhYOCIvKRTlgFwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFNWc3kcTmCT9hgx05n77ZHFWRjw/MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvM2JkOGZlOTYtMWU3Zi0z
OWM5LWExNDgtMjY4MWY0ZWU0ZDlkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFxuDMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACmg0Bo6K/coEXYHfyH439PJORXWzNKbTigQTDotZYIV0rYAXyot6MWD
btg0y7PNrfeqlTrqLJJy92wgpzkF2peWdI9fAfGvSIqi6QqpL8TcSGg/IYKBVZHm
myYgoYI1TNewOaVkVeoWh4iwt8jQcjnCzNpt6FVUu4GBiIZ3UjNSLSZCrBD47QE9
pwW+QOWOsCkw7B94yGZ/acRpJtJA0RqaD38AGX+F9WUuBN6w+2MsZng73rcN2jMM
3VHfTEhluGWL4h0X/PXUbzVHyMyLcg86IaUzoQpeMDrDeQwe4h/jnP2Jaf6HIw2d
Ru4tN8dBkeM8FsB4m/9QxBfsKXMypDM=
-----END CERTIFICATE-----
Generated at Fri Apr 12 19:21:38 2024 by rpki-client on console-fra.rpki-client.org