Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ace42a58-7444-38ec-8596-fca666cc5406.roa
File:                     ace42a58-7444-38ec-8596-fca666cc5406.roa (raw, json)
Hash identifier:          Ew2WA4lWqmXJ9BgEsh20umklzOAf15VCDsHl8b2eXA4=
Subject key identifier:   18:9D:40:47:4A:C2:16:6B:40:A3:86:75:E5:F7:99:4F:BB:F5:09:B0
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328584556121033279A503AD60211C0
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ace42a58-7444-38ec-8596-fca666cc5406.roa
Signing time:             Tue 26 Mar 2024 13:41:59 +0000
ROA not before:           Tue 26 Mar 2024 13:41:59 +0000
ROA not after:            Mon 24 Jun 2024 13:41:59 +0000
asID:                     400402
IP address blocks:        23.27.203.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:56:12:10:33:27:9a:50:3a:d6:02:11:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar 26 13:41:59 2024 GMT
            Not After : Jun 24 13:41:59 2024 GMT
        Subject: CN=7d06e86a-ef38-4563-85a7-c051c3f92ec5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:59:e5:d1:23:9b:6c:82:e8:7a:ce:4a:1a:21:
                    71:97:9d:c5:03:b7:4f:d0:0c:8a:10:a9:68:31:a3:
                    8b:fb:42:51:0d:13:3c:97:11:6f:05:bc:5a:db:c3:
                    46:4f:ff:10:c4:b8:dd:da:07:27:36:14:e8:fb:2f:
                    dc:b7:25:28:90:79:3f:65:69:f0:ea:28:c0:03:ce:
                    22:0c:8e:f6:95:83:11:01:35:6b:8b:89:6d:5a:a1:
                    18:0e:4f:b9:2a:ac:e4:db:05:25:ac:89:09:ff:37:
                    80:b5:21:ca:63:d5:c7:3a:ba:82:00:60:5a:2b:86:
                    4f:ef:ca:48:c9:5c:a8:e0:c8:3c:a3:38:9c:0e:98:
                    7f:06:e3:1f:c1:bd:7b:74:8c:21:e2:b7:ee:e6:33:
                    2d:8e:37:ae:35:eb:87:52:d9:2b:36:e3:3d:c1:a5:
                    be:51:c5:ba:41:1b:45:28:03:ff:91:f6:51:70:b4:
                    05:2b:86:68:64:f7:40:ea:ba:3f:04:6c:e9:94:2e:
                    77:d3:be:ea:1a:79:07:f0:69:40:74:12:fe:e4:a7:
                    02:cb:f1:4e:6c:5b:65:b6:a5:d6:51:07:cf:e1:a1:
                    67:e4:e7:3b:13:1d:69:89:33:6d:2b:e9:42:24:57:
                    04:61:2e:25:d6:57:d5:e1:4a:46:10:df:e5:ab:c6:
                    f4:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:9D:40:47:4A:C2:16:6B:40:A3:86:75:E5:F7:99:4F:BB:F5:09:B0
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ace42a58-7444-38ec-8596-fca666cc5406.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.203.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4f:b4:73:e3:7a:ef:95:6a:ff:f0:a1:8c:97:4e:8d:cf:ce:ae:
         b6:b9:18:57:5a:34:52:5d:da:ed:d6:f9:bf:88:2f:79:2b:88:
         8f:85:6f:55:e0:fb:39:db:cd:d7:3e:12:03:d5:cd:14:b0:5e:
         b0:51:55:7c:6a:e0:a7:48:df:eb:18:a9:c2:8c:44:30:e0:5f:
         55:0f:b2:a0:6a:ce:d6:d3:19:86:6e:a3:0c:b3:32:08:49:c6:
         1b:a0:5a:e9:2f:88:68:82:34:79:60:9d:d9:a0:99:1b:3b:e8:
         02:9a:7c:07:7f:28:b6:3d:f7:aa:49:86:12:cc:55:eb:98:6b:
         a5:7b:11:06:76:11:4e:9d:40:d8:b1:74:4e:a3:85:66:6c:ff:
         59:04:5f:b4:9e:05:6c:04:3b:a2:33:f9:6d:ff:c2:49:2a:c6:
         c9:d3:c5:67:69:65:8e:5c:1f:59:64:ba:fc:ba:d9:c2:79:ef:
         03:36:ee:c9:62:77:c7:65:6d:c6:7d:5b:b4:f1:62:b5:be:41:
         96:7f:de:21:97:d0:be:82:b4:2c:d2:d9:87:6f:6f:37:29:e1:
         78:bf:1d:2a:bf:ef:7e:84:a7:10:2b:a9:5f:2b:61:f5:f2:00:
         33:02:60:39:0f:2a:d7:4f:cc:d8:78:ad:f7:87:8d:83:31:1c:
         2e:3e:9e:d1
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEVWEhAzJ5pQOtYCEcAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMyNjEzNDE1OVoXDTI0MDYyNDEzNDE1OVowLzEtMCsGA1UEAxMk
N2QwNmU4NmEtZWYzOC00NTYzLTg1YTctYzA1MWMzZjkyZWM1MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1nl0SObbILoes5KGiFxl53FA7dP0AyKEKlo
MaOL+0JRDRM8lxFvBbxa28NGT/8QxLjd2gcnNhTo+y/ctyUokHk/ZWnw6ijAA84i
DI72lYMRATVri4ltWqEYDk+5Kqzk2wUlrIkJ/zeAtSHKY9XHOrqCAGBaK4ZP78pI
yVyo4Mg8ozicDph/BuMfwb17dIwh4rfu5jMtjjeuNeuHUtkrNuM9waW+UcW6QRtF
KAP/kfZRcLQFK4ZoZPdA6ro/BGzplC53077qGnkH8GlAdBL+5KcCy/FObFtltqXW
UQfP4aFn5Oc7Ex1piTNtK+lCJFcEYS4l1lfV4UpGEN/lq8b0cwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFBidQEdKwhZrQKOGdeX3mU+79QmwMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvYWNlNDJhNTgtNzQ0NC0z
OGVjLTg1OTYtZmNhNjY2Y2M1NDA2LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFxvLMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAE+0c+N675Vq//ChjJdOjc/Orra5GFdaNFJd2u3W+b+IL3kriI+Fb1Xg
+znbzdc+EgPVzRSwXrBRVXxq4KdI3+sYqcKMRDDgX1UPsqBqztbTGYZuowyzMghJ
xhugWukviGiCNHlgndmgmRs76AKafAd/KLY996pJhhLMVeuYa6V7EQZ2EU6dQNix
dE6jhWZs/1kEX7SeBWwEO6Iz+W3/wkkqxsnTxWdpZY5cH1lkuvy62cJ57wM27sli
d8dlbcZ9W7TxYrW+QZZ/3iGX0L6CtCzS2Ydvbzcp4Xi/HSq/736EpxArqV8rYfXy
ADMCYDkPKtdPzNh4rfeHjYMxHC4+ntE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:42:10 2024 by rpki-client on console-ams.rpki-client.org