Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/b7084af4-ac32-39af-80b1-df8727bb4643.roa
File:                     b7084af4-ac32-39af-80b1-df8727bb4643.roa (raw, json)
Hash identifier:          4sC56Xf2sf6koUvBmkvnqQEBDKESyHbh7xo4XsV2LrY=
Subject key identifier:   E6:7E:2D:F8:30:65:A6:E2:3C:F2:88:DC:A3:C0:46:F2:ED:F7:63:14
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F432858451B8FE9741D8503298FFB2C00
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/b7084af4-ac32-39af-80b1-df8727bb4643.roa
Signing time:             Tue 05 Mar 2024 14:42:52 +0000
ROA not before:           Tue 05 Mar 2024 14:42:52 +0000
ROA not after:            Mon 03 Jun 2024 13:42:52 +0000
asID:                     149440
IP address blocks:        23.27.11.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:1b:8f:e9:74:1d:85:03:29:8f:fb:2c:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar  5 14:42:52 2024 GMT
            Not After : Jun  3 13:42:52 2024 GMT
        Subject: CN=3b55cd52-d5c7-42fa-9d3d-9daa3a110a17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:0f:2b:73:be:73:4f:83:cb:06:88:4b:85:97:
                    4e:4c:10:7b:7f:f7:fa:77:64:ab:ee:9e:d2:f9:8b:
                    65:7f:47:54:5b:58:39:0d:40:84:50:4e:53:28:92:
                    bf:78:7b:6a:76:10:b3:ac:ef:46:e7:68:40:00:49:
                    a5:fb:9f:ce:4d:54:a7:36:43:aa:50:ad:bf:5e:d7:
                    b9:9c:f5:cc:cf:29:21:f9:5d:0d:3a:ec:f5:b5:41:
                    a0:0d:2d:fd:4c:55:a0:9e:3c:2e:d8:94:94:89:82:
                    4b:8d:27:68:3d:42:d6:ad:3f:8f:e4:a2:01:1b:32:
                    4f:55:f0:1a:80:58:66:e4:91:2e:d5:44:2c:c7:1a:
                    ac:0b:80:8c:e4:0a:47:9d:c9:50:c5:9b:9f:8e:c6:
                    66:e0:e8:8a:ff:33:4a:46:6d:c7:a6:29:67:b7:72:
                    31:a0:2b:34:47:09:cd:10:cf:16:16:c9:6e:ba:fe:
                    cb:c8:44:7b:b0:07:d6:a1:1a:d0:0c:3c:10:c1:f9:
                    6f:54:14:2c:0f:bd:1a:ed:e2:56:1a:65:76:15:54:
                    33:65:21:51:dc:4b:cc:fc:42:0e:18:e2:1c:c2:79:
                    f6:3b:1c:1e:7d:ed:a1:b7:3a:08:1d:03:8e:8d:48:
                    a6:05:f8:f3:40:28:93:0f:21:f4:1a:9b:58:a9:99:
                    e7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:7E:2D:F8:30:65:A6:E2:3C:F2:88:DC:A3:C0:46:F2:ED:F7:63:14
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/b7084af4-ac32-39af-80b1-df8727bb4643.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.11.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         22:46:b3:ef:80:04:bc:7c:8d:fe:58:17:b1:05:fe:4f:9f:e2:
         8c:99:39:1c:1c:e9:d8:e9:e3:1d:df:e5:3e:ad:11:fb:df:f0:
         9b:b7:98:18:a1:68:31:8a:d1:4a:a9:83:a0:43:80:c0:ab:8b:
         a9:13:2b:60:ff:01:13:b3:e5:a0:31:22:bf:3f:70:94:6f:82:
         e3:14:21:9f:25:36:3f:cb:a1:be:c7:a2:78:3d:2a:bf:2c:e1:
         42:da:62:54:31:02:ac:88:4f:0c:cd:6f:c1:b1:7c:95:a2:2c:
         40:c2:8e:da:97:b0:55:ce:98:8a:a8:04:dd:9a:e3:12:d7:ad:
         7a:0c:0a:f6:89:5a:79:28:cf:e0:a1:66:78:82:e2:61:93:1e:
         0c:71:c4:b0:8f:9d:5c:97:87:c1:d7:09:f3:43:d4:59:70:a0:
         fc:b3:ed:7c:51:fe:0e:c1:e3:02:9a:17:6f:ae:1c:17:eb:38:
         db:41:40:01:5a:da:80:ef:a9:71:94:77:86:47:89:5b:00:2a:
         f3:2b:ad:c4:54:a4:67:ed:02:e3:0c:eb:72:8b:84:68:7b:89:
         ad:b0:f1:4c:55:10:10:8b:42:fc:e6:bf:47:b9:9d:98:2d:3c:
         49:ad:45:59:27:07:1c:53:52:7f:b1:6a:42:a2:60:d3:0b:c0:
         1a:25:9a:b7
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEUbj+l0HYUDKY/7LAAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMwNTE0NDI1MloXDTI0MDYwMzEzNDI1MlowLzEtMCsGA1UEAxMk
M2I1NWNkNTItZDVjNy00MmZhLTlkM2QtOWRhYTNhMTEwYTE3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlA8rc75zT4PLBohLhZdOTBB7f/f6d2Sr7p7S
+Ytlf0dUW1g5DUCEUE5TKJK/eHtqdhCzrO9G52hAAEml+5/OTVSnNkOqUK2/Xte5
nPXMzykh+V0NOuz1tUGgDS39TFWgnjwu2JSUiYJLjSdoPULWrT+P5KIBGzJPVfAa
gFhm5JEu1UQsxxqsC4CM5ApHnclQxZufjsZm4OiK/zNKRm3Hpilnt3IxoCs0RwnN
EM8WFsluuv7LyER7sAfWoRrQDDwQwflvVBQsD70a7eJWGmV2FVQzZSFR3EvM/EIO
GOIcwnn2Oxwefe2htzoIHQOOjUimBfjzQCiTDyH0GptYqZnnwQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFOZ+LfgwZabiPPKI3KPARvLt92MUMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvYjcwODRhZjQtYWMzMi0z
OWFmLTgwYjEtZGY4NzI3YmI0NjQzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFxsLMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACJGs++ABLx8jf5YF7EF/k+f4oyZORwc6djp4x3f5T6tEfvf8Ju3mBih
aDGK0Uqpg6BDgMCri6kTK2D/AROz5aAxIr8/cJRvguMUIZ8lNj/Lob7Hong9Kr8s
4ULaYlQxAqyITwzNb8GxfJWiLEDCjtqXsFXOmIqoBN2a4xLXrXoMCvaJWnkoz+Ch
ZniC4mGTHgxxxLCPnVyXh8HXCfND1FlwoPyz7XxR/g7B4wKaF2+uHBfrONtBQAFa
2oDvqXGUd4ZHiVsAKvMrrcRUpGftAuMM63KLhGh7ia2w8UxVEBCLQvzmv0e5nZgt
PEmtRVknBxxTUn+xakKiYNMLwBolmrc=
-----END CERTIFICATE-----
Generated at Fri Apr 12 19:21:38 2024 by rpki-client on console-fra.rpki-client.org