Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ef47929c-ee9f-3a52-ab6e-5f6724e1d0f9.roa
File:                     ef47929c-ee9f-3a52-ab6e-5f6724e1d0f9.roa (raw, json)
Hash identifier:          Qcqz2y4T0XgOw5oDus2sWSW6j8LiR2HPq0snUN2IPcM=
Subject key identifier:   47:E7:36:40:3A:A0:CC:5A:95:50:C9:8B:ED:0D:C4:CF:F4:E5:97:08
Certificate issuer:       /CN=18800324-5150-4981-a144-bdb80e6bcb7c
Certificate serial:       010D0C9F4328584521646BC2B7557AFCCF8A5080
Authority key identifier: 11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ef47929c-ee9f-3a52-ab6e-5f6724e1d0f9.roa
Signing time:             Thu 07 Mar 2024 16:50:05 +0000
ROA not before:           Thu 07 Mar 2024 16:50:05 +0000
ROA not after:            Wed 05 Jun 2024 15:50:05 +0000
asID:                     149440
IP address blocks:        23.27.202.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:45:21:64:6b:c2:b7:55:7a:fc:cf:8a:50:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18800324-5150-4981-a144-bdb80e6bcb7c
        Validity
            Not Before: Mar  7 16:50:05 2024 GMT
            Not After : Jun  5 15:50:05 2024 GMT
        Subject: CN=cdf7b306-62db-4d8d-ad5d-357c581d8940
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:d1:d6:92:3c:a2:29:e0:ae:16:a7:f5:5e:07:
                    0a:13:3b:e2:91:2d:eb:20:dc:cd:47:01:66:30:50:
                    d6:9c:98:51:b0:2e:83:61:25:7e:7b:6e:a9:07:19:
                    ea:b2:3e:cb:8f:71:47:fe:a6:9e:e1:f1:7f:9c:e2:
                    6a:34:9d:11:36:27:79:b8:a9:0e:e8:fc:2e:39:36:
                    11:86:40:2c:5e:86:91:4b:0b:91:0e:4f:7f:d1:1a:
                    fa:06:6f:63:18:1d:da:2c:e2:c1:42:6a:03:78:01:
                    22:98:41:18:4c:1d:d5:7b:e8:34:23:eb:ff:7a:f9:
                    a6:50:7e:ec:3c:d2:b9:00:18:09:ed:43:ac:fa:01:
                    fe:71:6c:21:ef:1c:9c:89:d5:c5:3d:11:49:50:73:
                    39:7d:d8:91:85:da:79:a4:7e:50:04:52:32:ee:6a:
                    bc:05:2a:6f:a7:60:f9:99:d6:51:ff:e1:eb:6d:76:
                    69:e5:3a:47:b0:3d:a2:32:42:e1:8c:69:87:59:4d:
                    1a:94:a8:3b:c0:fd:8c:eb:39:de:e8:98:6e:48:c2:
                    59:66:a1:1c:02:2f:22:bd:e1:64:4d:cd:f4:3f:88:
                    3e:77:fb:4b:51:fc:32:3d:e4:73:75:c1:9d:1d:60:
                    ab:e4:28:f7:03:dc:7a:47:9b:39:af:2c:2a:ab:7b:
                    e0:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:E7:36:40:3A:A0:CC:5A:95:50:C9:8B:ED:0D:C4:CF:F4:E5:97:08
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/ef47929c-ee9f-3a52-ab6e-5f6724e1d0f9.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c/18800324-5150-4981-a144-bdb80e6bcb7c.crl

            X509v3 Authority Key Identifier:
                keyid:11:6B:47:33:36:D9:E8:9D:B5:96:1B:5E:EF:A3:40:22:AE:DE:69:B6

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/18800324-5150-4981-a144-bdb80e6bcb7c.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.27.202.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         8d:9e:75:27:9a:99:43:40:48:e4:02:d2:76:37:a4:4a:27:98:
         eb:45:d7:89:38:85:57:0f:75:52:ea:f5:74:ff:48:23:02:09:
         3f:25:d3:f9:de:f2:73:6c:44:77:b4:22:25:62:0f:c2:db:d8:
         ac:1d:ba:bf:24:b9:56:e0:e3:cf:75:30:de:0d:a3:74:ef:6d:
         18:08:d5:88:66:be:48:dc:f0:13:ac:ed:de:be:4f:07:b9:87:
         19:19:25:b0:ff:a0:f6:73:44:61:38:48:1e:d8:59:27:ec:aa:
         a7:d4:d0:e8:07:d4:41:20:43:6e:c7:21:07:9d:81:48:bd:a3:
         a9:93:77:50:ac:d0:3d:d8:8e:38:21:5f:d9:d5:23:eb:d2:cc:
         1b:7d:ef:52:44:3a:7b:f5:72:2d:06:19:dd:45:4f:26:87:0a:
         38:01:8a:0d:b5:5f:4a:c8:f8:43:ac:03:5a:1f:1c:fb:cd:c7:
         50:b0:f8:fc:e0:b8:8f:c7:09:14:6b:24:12:45:dc:0d:4f:78:
         77:e0:d2:b7:9f:f8:6e:81:7e:16:3a:85:b0:66:42:3b:e3:18:
         67:61:26:92:ff:35:c1:d1:13:73:0c:19:ee:c3:2e:49:37:82:
         71:62:86:4a:c8:a2:8a:c7:6e:a2:49:d3:bb:f9:28:e2:d4:dd:
         3b:92:86:e5
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEUhZGvCt1V6/M+KUIAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMTg4MDAzMjQtNTE1MC00OTgxLWExNDQtYmRiODBlNmJj
YjdjMB4XDTI0MDMwNzE2NTAwNVoXDTI0MDYwNTE1NTAwNVowLzEtMCsGA1UEAxMk
Y2RmN2IzMDYtNjJkYi00ZDhkLWFkNWQtMzU3YzU4MWQ4OTQwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnNHWkjyiKeCuFqf1XgcKEzvikS3rINzNRwFm
MFDWnJhRsC6DYSV+e26pBxnqsj7Lj3FH/qae4fF/nOJqNJ0RNid5uKkO6PwuOTYR
hkAsXoaRSwuRDk9/0Rr6Bm9jGB3aLOLBQmoDeAEimEEYTB3Ve+g0I+v/evmmUH7s
PNK5ABgJ7UOs+gH+cWwh7xycidXFPRFJUHM5fdiRhdp5pH5QBFIy7mq8BSpvp2D5
mdZR/+HrbXZp5TpHsD2iMkLhjGmHWU0alKg7wP2M6zne6JhuSMJZZqEcAi8iveFk
Tc30P4g+d/tLUfwyPeRzdcGdHWCr5Cj3A9x6R5s5rywqq3vggQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFEfnNkA6oMxalVDJi+0NxM/05ZcIMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8xODgw
MDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4MGU2YmNiN2MvZWY0NzkyOWMtZWU5Zi0z
YTUyLWFiNmUtNWY2NzI0ZTFkMGY5LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMTg4MDAzMjQtNTE1MC00OTgxLWEx
NDQtYmRiODBlNmJjYjdjLzE4ODAwMzI0LTUxNTAtNDk4MS1hMTQ0LWJkYjgwZTZi
Y2I3Yy5jcmwwHwYDVR0jBBgwFoAUEWtHMzbZ6J21lhte76NAIq7eabYwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8xODgwMDMyNC01MTUwLTQ5ODEtYTE0NC1iZGI4
MGU2YmNiN2MuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAFxvKMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAI2edSeamUNASOQC0nY3pEonmOtF14k4hVcPdVLq9XT/SCMCCT8l0/ne
8nNsRHe0IiViD8Lb2Kwdur8kuVbg4891MN4No3TvbRgI1Yhmvkjc8BOs7d6+Twe5
hxkZJbD/oPZzRGE4SB7YWSfsqqfU0OgH1EEgQ27HIQedgUi9o6mTd1Cs0D3Yjjgh
X9nVI+vSzBt971JEOnv1ci0GGd1FTyaHCjgBig21X0rI+EOsA1ofHPvNx1Cw+Pzg
uI/HCRRrJBJF3A1PeHfg0ref+G6BfhY6hbBmQjvjGGdhJpL/NcHRE3MMGe7DLkk3
gnFihkrIoorHbqJJ07v5KOLU3TuShuU=
-----END CERTIFICATE-----
Generated at Fri Apr 12 19:21:38 2024 by rpki-client on console-fra.rpki-client.org