Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/302111be-b954-4c5e-ac9b-4f85c3c11fe2/03ce17dd-e1a3-399c-a4e8-49e400849d17.roa
File:                     03ce17dd-e1a3-399c-a4e8-49e400849d17.roa (raw, json)
Hash identifier:          edSgsb7H/VuQuejxeBRIbv9M43zBMNJ3/+9Jf53hfYI=
Subject key identifier:   92:21:71:57:AC:AA:7D:D2:08:0C:95:D0:24:A2:D5:15:C7:A1:CC:00
Certificate issuer:       /CN=302111be-b954-4c5e-ac9b-4f85c3c11fe2
Certificate serial:       010D0C9F4328583BCC101EB8A6C71A7C7639F580
Authority key identifier: C8:52:80:DE:48:F1:3F:44:A9:6E:56:69:6B:13:6B:04:12:53:9A:AC
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/302111be-b954-4c5e-ac9b-4f85c3c11fe2.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/302111be-b954-4c5e-ac9b-4f85c3c11fe2/03ce17dd-e1a3-399c-a4e8-49e400849d17.roa
Signing time:             Tue 02 Nov 2021 04:00:00 +0000
ROA not before:           Tue 02 Nov 2021 04:00:00 +0000
ROA not after:            Sun 04 Feb 2024 05:00:00 +0000
asID:                     36040
IP address blocks:        136.117.0.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3b:cc:10:1e:b8:a6:c7:1a:7c:76:39:f5:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=302111be-b954-4c5e-ac9b-4f85c3c11fe2
        Validity
            Not Before: Nov  2 04:00:00 2021 GMT
            Not After : Feb  4 05:00:00 2024 GMT
        Subject: CN=28c5b0cf-9254-4619-96c9-29db17c3ce36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:7d:87:a7:2e:fe:45:28:03:b3:65:09:9e:24:
                    89:17:ca:9c:6a:c8:67:2f:4d:82:cf:94:b6:1c:45:
                    c2:0f:3b:ad:6b:1c:de:44:5c:7b:e0:31:46:7d:84:
                    02:9d:48:a2:cd:84:0b:b4:9b:b3:19:0e:93:f2:be:
                    b6:37:a1:b5:13:16:e8:ff:8c:83:ee:e6:64:7e:58:
                    ab:64:88:30:62:0f:e1:11:08:61:06:d5:ea:87:45:
                    31:f1:56:2e:4d:e5:e0:7a:0c:32:f9:2c:9b:e2:68:
                    f4:5d:00:0f:05:01:d2:bf:a7:a0:1d:1f:1d:8e:10:
                    e2:c3:87:ec:d7:44:4d:df:7d:83:ac:73:d3:f6:9a:
                    11:84:16:ca:7c:e3:13:bf:a9:49:0c:1b:35:0b:29:
                    28:f5:54:1f:15:b8:b0:bb:5a:41:86:c4:21:53:b2:
                    18:38:49:6a:5c:2c:f0:9e:20:de:7a:6e:68:57:50:
                    9e:74:26:5a:cf:52:c7:f6:21:2e:54:b1:72:88:27:
                    e7:dd:00:58:a8:26:b9:23:9d:fb:ca:5a:d7:22:e9:
                    09:4d:3d:8c:88:42:79:0d:4e:3e:1e:9b:c8:fa:f3:
                    fa:bc:39:3c:96:be:ab:70:10:f1:b2:67:e6:68:40:
                    c5:3b:94:d4:6d:07:1a:f8:cf:96:8d:83:17:ba:16:
                    d2:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:21:71:57:AC:AA:7D:D2:08:0C:95:D0:24:A2:D5:15:C7:A1:CC:00
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/302111be-b954-4c5e-ac9b-4f85c3c11fe2/03ce17dd-e1a3-399c-a4e8-49e400849d17.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/302111be-b954-4c5e-ac9b-4f85c3c11fe2/302111be-b954-4c5e-ac9b-4f85c3c11fe2.crl

            X509v3 Authority Key Identifier:
                keyid:C8:52:80:DE:48:F1:3F:44:A9:6E:56:69:6B:13:6B:04:12:53:9A:AC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/302111be-b954-4c5e-ac9b-4f85c3c11fe2.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  136.117.0.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         68:b8:91:90:93:74:bd:c3:37:24:bd:2e:ad:be:68:40:7f:12:
         6d:46:b9:63:9f:6e:15:84:71:90:c2:b2:ab:8a:65:ff:e5:f8:
         d4:05:c8:cb:e9:88:34:e5:55:0c:d2:dc:cc:5e:69:b8:29:34:
         2d:cf:fb:c5:04:7d:08:99:4b:5b:9f:a2:63:4e:01:37:12:46:
         30:88:7f:50:05:5c:84:c5:18:60:fd:24:a1:6d:d4:20:d9:23:
         fe:19:fa:16:9e:46:5f:b9:0e:be:e9:79:9a:17:80:21:01:85:
         fd:14:96:87:89:5e:8f:90:a9:02:4c:32:35:8f:8b:e3:a4:ae:
         ae:52:0b:b8:b0:9e:3d:06:d6:33:71:55:3d:b7:52:6e:91:31:
         ec:b6:9b:31:22:4b:b0:ec:79:48:dd:24:5c:9b:f1:17:fb:9d:
         7d:91:b9:0d:45:31:da:8c:3d:4c:f5:87:ba:d2:cc:90:fc:70:
         cb:11:b1:f9:62:9f:2d:6c:18:9d:e7:06:8d:dd:9c:e0:1d:08:
         91:6e:3b:b9:56:fb:77:6b:72:9d:87:9c:a7:bb:26:e8:c9:93:
         b0:ea:cc:5f:46:92:5a:ed:1a:2b:9e:24:d7:93:9a:9b:f4:97:
         3f:73:46:ce:ba:bb:b8:e4:f4:00:20:57:4b:95:8d:b3:0b:14:
         0b:b6:df:33
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWDvMEB64pscafHY59YAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkMzAyMTExYmUtYjk1NC00YzVlLWFjOWItNGY4NWMzYzEx
ZmUyMB4XDTIxMTEwMjA0MDAwMFoXDTI0MDIwNDA1MDAwMFowLzEtMCsGA1UEAxMk
MjhjNWIwY2YtOTI1NC00NjE5LTk2YzktMjlkYjE3YzNjZTM2MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl32Hpy7+RSgDs2UJniSJF8qcashnL02Cz5S2
HEXCDzutaxzeRFx74DFGfYQCnUiizYQLtJuzGQ6T8r62N6G1Exbo/4yD7uZkflir
ZIgwYg/hEQhhBtXqh0Ux8VYuTeXgegwy+Syb4mj0XQAPBQHSv6egHR8djhDiw4fs
10RN332DrHPT9poRhBbKfOMTv6lJDBs1Cyko9VQfFbiwu1pBhsQhU7IYOElqXCzw
niDeem5oV1CedCZaz1LH9iEuVLFyiCfn3QBYqCa5I537ylrXIukJTT2MiEJ5DU4+
HpvI+vP6vDk8lr6rcBDxsmfmaEDFO5TUbQca+M+WjYMXuhbSRwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJIhcVesqn3SCAyV0CSi1RXHocwAMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC8zMDIx
MTFiZS1iOTU0LTRjNWUtYWM5Yi00Zjg1YzNjMTFmZTIvMDNjZTE3ZGQtZTFhMy0z
OTljLWE0ZTgtNDllNDAwODQ5ZDE3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvMzAyMTExYmUtYjk1NC00YzVlLWFj
OWItNGY4NWMzYzExZmUyLzMwMjExMWJlLWI5NTQtNGM1ZS1hYzliLTRmODVjM2Mx
MWZlMi5jcmwwHwYDVR0jBBgwFoAUyFKA3kjxP0SpblZpaxNrBBJTmqwwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC8zMDIxMTFiZS1iOTU0LTRjNWUtYWM5Yi00Zjg1
YzNjMTFmZTIuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAiHUAMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAGi4kZCTdL3DNyS9Lq2+aEB/Em1GuWOfbhWEcZDCsquKZf/l+NQFyMvp
iDTlVQzS3MxeabgpNC3P+8UEfQiZS1ufomNOATcSRjCIf1AFXITFGGD9JKFt1CDZ
I/4Z+haeRl+5Dr7peZoXgCEBhf0UloeJXo+QqQJMMjWPi+Okrq5SC7iwnj0G1jNx
VT23Um6RMey2mzEiS7DseUjdJFyb8Rf7nX2RuQ1FMdqMPUz1h7rSzJD8cMsRsfli
ny1sGJ3nBo3dnOAdCJFuO7lW+3drcp2HnKe7JujJk7DqzF9GklrtGiueJNeTmpv0
lz9zRs66u7jk9AAgV0uVjbMLFAu23zM=
-----END CERTIFICATE-----
Generated at Fri Feb 2 17:51:01 2024 by rpki-client on console-ams.rpki-client.org