Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/8001295d-cfaa-3fc1-8256-110195961a8b.roa
File:                     8001295d-cfaa-3fc1-8256-110195961a8b.roa (raw, json)
Hash identifier:          LdMse+CB2A2NKd8wJEOSTAwdkTv+tJbv0MjDbpuw8Ao=
Subject key identifier:   89:4F:56:B0:90:65:FF:47:32:47:A4:09:6E:54:92:FA:5B:A6:66:A5
Certificate issuer:       /CN=47e2bda9-427c-40c6-8b4d-1c85bd42d18a
Certificate serial:       010D0C9F43285841F3280647466159ADF8784780
Authority key identifier: 35:29:D5:B9:E4:8A:DB:14:90:BA:15:B9:67:50:F0:F8:50:C7:19:AA
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/8001295d-cfaa-3fc1-8256-110195961a8b.roa
Signing time:             Sun 21 May 2023 01:00:16 +0000
ROA not before:           Sun 21 May 2023 01:00:16 +0000
ROA not after:            Sat 19 Aug 2023 01:00:16 +0000
asID:                     16509
IP address blocks:        159.140.140.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:41:f3:28:06:47:46:61:59:ad:f8:78:47:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47e2bda9-427c-40c6-8b4d-1c85bd42d18a
        Validity
            Not Before: May 21 01:00:16 2023 GMT
            Not After : Aug 19 01:00:16 2023 GMT
        Subject: CN=78b57627-7f43-4014-9bcb-212e1b1c796c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:7f:6d:9f:4c:52:d7:08:bf:59:46:e3:2e:34:
                    fb:ad:0f:29:f9:73:10:6f:c9:59:ef:ac:d3:14:ca:
                    89:c4:ca:01:99:fe:ad:bf:39:f4:59:0c:51:86:c9:
                    0b:87:e6:1b:33:d8:02:03:68:52:5e:9f:4a:1d:81:
                    65:4f:3e:d0:7a:3d:74:93:43:b5:bd:f3:b4:05:6a:
                    8f:da:89:41:45:82:f4:64:bd:0a:66:5f:d5:18:f4:
                    52:44:b5:84:e0:94:4d:28:27:4b:90:4f:fe:fb:2e:
                    4e:f6:2e:64:14:19:10:86:ed:8f:21:f3:17:54:9b:
                    5a:b2:d9:c0:06:32:bc:a0:5c:17:47:b7:8e:e2:76:
                    c2:2d:3e:85:55:ac:4d:48:9f:a4:f0:6c:98:3b:ac:
                    87:61:00:e9:fa:4e:19:34:bb:5f:8f:79:d1:35:e7:
                    2e:54:81:1a:60:fc:4d:f8:67:e7:19:4a:b4:c2:c9:
                    ac:02:de:49:cd:82:61:ff:69:63:32:88:5f:15:47:
                    0b:87:17:cc:0f:10:41:54:38:75:d7:15:4f:f1:6e:
                    6e:88:ec:77:2b:5f:3b:69:74:ab:9e:8f:f2:d9:ee:
                    38:7f:7d:a1:72:aa:4a:b1:65:b3:89:c1:c5:75:ea:
                    7f:8c:dd:07:74:4b:5d:13:6c:81:24:47:d7:a4:1d:
                    c7:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:4F:56:B0:90:65:FF:47:32:47:A4:09:6E:54:92:FA:5B:A6:66:A5
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/8001295d-cfaa-3fc1-8256-110195961a8b.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a/47e2bda9-427c-40c6-8b4d-1c85bd42d18a.crl

            X509v3 Authority Key Identifier:
                keyid:35:29:D5:B9:E4:8A:DB:14:90:BA:15:B9:67:50:F0:F8:50:C7:19:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/47e2bda9-427c-40c6-8b4d-1c85bd42d18a.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  159.140.140.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         26:00:3b:c4:ed:18:58:c4:68:e6:f9:ef:a8:4e:e1:b5:91:4d:
         67:af:eb:41:10:23:d5:25:99:61:cb:93:7b:b9:48:e5:e4:64:
         d2:2c:15:df:2d:c7:d5:5f:2b:63:e0:2c:5a:3d:e9:30:d3:20:
         b4:77:73:e2:89:7b:39:fa:ac:26:1e:d8:33:9f:b5:fd:d1:a3:
         74:ad:29:67:ab:ed:b6:94:f4:93:08:ad:9b:26:32:6e:bf:bf:
         f8:80:38:b7:cc:33:ca:e8:13:ad:db:1d:60:ff:2b:5e:31:77:
         aa:a3:08:48:ea:b3:13:8a:c5:45:09:7a:f3:55:9b:79:9d:b5:
         24:b1:07:f5:c9:d3:aa:87:04:87:50:75:18:d3:5d:51:a1:df:
         90:51:32:63:41:30:35:43:48:24:13:17:6a:0c:08:34:b8:58:
         dd:02:cc:11:8a:c4:0f:df:06:17:e6:b8:d5:e7:ac:23:1a:09:
         d0:0f:02:34:78:fe:5a:c9:af:d7:01:f4:ff:49:fc:9a:a0:8b:
         ee:db:d0:59:d5:cc:16:b4:4f:28:ec:02:90:c7:0d:d8:37:23:
         51:bf:e4:ad:4f:6f:f8:83:97:41:0c:10:92:44:54:8e:77:bb:
         fc:b1:d3:31:7b:bf:70:0d:0b:b5:6f:e0:62:a7:a8:13:44:e0:
         1c:19:76:8e
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEHzKAZHRmFZrfh4R4AwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNDdlMmJkYTktNDI3Yy00MGM2LThiNGQtMWM4NWJkNDJk
MThhMB4XDTIzMDUyMTAxMDAxNloXDTIzMDgxOTAxMDAxNlowLzEtMCsGA1UEAxMk
NzhiNTc2MjctN2Y0My00MDE0LTliY2ItMjEyZTFiMWM3OTZjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoX9tn0xS1wi/WUbjLjT7rQ8p+XMQb8lZ76zT
FMqJxMoBmf6tvzn0WQxRhskLh+YbM9gCA2hSXp9KHYFlTz7Qej10k0O1vfO0BWqP
2olBRYL0ZL0KZl/VGPRSRLWE4JRNKCdLkE/++y5O9i5kFBkQhu2PIfMXVJtastnA
BjK8oFwXR7eO4nbCLT6FVaxNSJ+k8GyYO6yHYQDp+k4ZNLtfj3nRNecuVIEaYPxN
+GfnGUq0wsmsAt5JzYJh/2ljMohfFUcLhxfMDxBBVDh11xVP8W5uiOx3K187aXSr
no/y2e44f32hcqpKsWWzicHFdep/jN0HdEtdE2yBJEfXpB3HFQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFIlPVrCQZf9HMkekCW5UkvpbpmalMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC80N2Uy
YmRhOS00MjdjLTQwYzYtOGI0ZC0xYzg1YmQ0MmQxOGEvODAwMTI5NWQtY2ZhYS0z
ZmMxLTgyNTYtMTEwMTk1OTYxYThiLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvNDdlMmJkYTktNDI3Yy00MGM2LThi
NGQtMWM4NWJkNDJkMThhLzQ3ZTJiZGE5LTQyN2MtNDBjNi04YjRkLTFjODViZDQy
ZDE4YS5jcmwwHwYDVR0jBBgwFoAUNSnVueSK2xSQuhW5Z1Dw+FDHGaowDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC80N2UyYmRhOS00MjdjLTQwYzYtOGI0ZC0xYzg1
YmQ0MmQxOGEuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAn4yMMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBACYAO8TtGFjEaOb576hO4bWRTWev60EQI9UlmWHLk3u5SOXkZNIsFd8t
x9VfK2PgLFo96TDTILR3c+KJezn6rCYe2DOftf3Ro3StKWer7baU9JMIrZsmMm6/
v/iAOLfMM8roE63bHWD/K14xd6qjCEjqsxOKxUUJevNVm3mdtSSxB/XJ06qHBIdQ
dRjTXVGh35BRMmNBMDVDSCQTF2oMCDS4WN0CzBGKxA/fBhfmuNXnrCMaCdAPAjR4
/lrJr9cB9P9J/Jqgi+7b0FnVzBa0TyjsApDHDdg3I1G/5K1Pb/iDl0EMEJJEVI53
u/yx0zF7v3ANC7Vv4GKnqBNE4BwZdo4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:10:47 2024 by rpki-client on console-fra.rpki-client.org