Route Origin Authorization

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/65419565-1d73-4edf-be97-60704f8ad687/210e339b-c0f6-331d-81e6-c866b73d921e.roa
File:                     210e339b-c0f6-331d-81e6-c866b73d921e.roa (raw, json)
Hash identifier:          /sqSvVAztmOkmEkp8UKekY2X5hbxyeP0Hl9wcen/U8E=
Subject key identifier:   0D:18:96:46:DE:4F:00:41:CA:B3:B0:5F:62:22:56:16:66:DD:47:77
Certificate issuer:       /CN=65419565-1d73-4edf-be97-60704f8ad687
Certificate serial:       010D0C9F4328583F38290EA02EE2D68A973CB900
Authority key identifier: 5C:67:54:78:C5:92:3D:85:2B:FF:B5:DF:E5:A4:EF:88:FE:1D:45:89
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/65419565-1d73-4edf-be97-60704f8ad687.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/65419565-1d73-4edf-be97-60704f8ad687/210e339b-c0f6-331d-81e6-c866b73d921e.roa
Signing time:             Wed 14 Sep 2022 12:00:00 +0000
ROA not before:           Wed 14 Sep 2022 12:00:00 +0000
ROA not after:            Wed 15 Mar 2023 04:00:00 +0000
asID:                     1239
IP address blocks:        144.142.48.0/20 maxlen: 20
                          144.142.0.0/20 maxlen: 20
                          144.142.16.0/20 maxlen: 20
                          144.142.32.0/20 maxlen: 20
                          144.142.64.0/20 maxlen: 20
                          144.142.80.0/20 maxlen: 20
                          144.142.96.0/20 maxlen: 20
                          144.142.112.0/20 maxlen: 20
                          144.142.128.0/20 maxlen: 20
                          144.142.144.0/20 maxlen: 20
                          144.142.160.0/20 maxlen: 20
                          144.142.176.0/20 maxlen: 20
                          144.142.192.0/20 maxlen: 20
                          144.142.208.0/20 maxlen: 20
                          144.142.224.0/20 maxlen: 20
                          144.142.240.0/20 maxlen: 20

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:3f:38:29:0e:a0:2e:e2:d6:8a:97:3c:b9:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=65419565-1d73-4edf-be97-60704f8ad687
        Validity
            Not Before: Sep 14 12:00:00 2022 GMT
            Not After : Mar 15 04:00:00 2023 GMT
        Subject: CN=e5df9360-6a72-4694-8e45-00f5053620ec
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:4c:13:28:09:3d:c0:09:f2:d7:2f:e8:65:73:
                    65:e8:9f:5d:dd:91:d4:0d:35:22:cd:a5:6c:f8:d1:
                    ac:6c:95:f6:19:7f:bf:d3:79:89:52:db:b8:8b:dc:
                    70:37:2f:41:53:ae:a2:34:8c:8a:54:cc:41:de:b2:
                    66:6d:18:a5:dd:f9:e4:b3:6c:ac:bc:0e:53:2f:5a:
                    fb:f6:ec:23:59:c6:f4:6c:43:af:ba:e2:bc:0f:d4:
                    d0:61:f0:da:21:f9:1b:de:f5:30:28:43:21:30:a9:
                    51:0e:89:d7:86:3f:2f:95:8e:6f:fb:41:14:24:47:
                    b5:0b:aa:fc:31:33:b2:d7:8d:14:61:b1:37:b6:1b:
                    ef:2a:d1:9a:a0:8b:b4:34:c6:5e:2d:4b:c5:24:da:
                    0a:05:bc:cf:1e:12:d5:c6:62:d6:f6:d1:8a:39:a6:
                    55:92:ec:de:9d:04:07:e2:eb:37:e1:99:b3:f8:20:
                    5e:21:cf:c4:75:06:60:88:7f:20:24:65:72:cb:cf:
                    a5:e1:7c:a5:05:80:01:54:fe:21:b6:11:ba:59:ff:
                    bc:20:17:24:99:a3:61:cd:e1:b1:49:59:19:00:1a:
                    cc:f4:2f:24:9f:19:37:5e:57:06:ee:5b:6f:9a:48:
                    05:c9:93:43:27:93:fa:a5:ac:4f:85:67:50:85:7a:
                    d1:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:18:96:46:DE:4F:00:41:CA:B3:B0:5F:62:22:56:16:66:DD:47:77
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/65419565-1d73-4edf-be97-60704f8ad687/210e339b-c0f6-331d-81e6-c866b73d921e.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/65419565-1d73-4edf-be97-60704f8ad687/65419565-1d73-4edf-be97-60704f8ad687.crl

            X509v3 Authority Key Identifier:
                keyid:5C:67:54:78:C5:92:3D:85:2B:FF:B5:DF:E5:A4:EF:88:FE:1D:45:89

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/65419565-1d73-4edf-be97-60704f8ad687.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.142.0.0/16

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         50:b1:cb:3a:93:db:01:fb:19:08:1f:3a:59:f6:79:04:5b:51:
         11:0c:f4:cb:56:60:68:83:36:80:35:b2:f1:8d:94:c4:6c:41:
         98:a0:30:fe:23:7d:4c:db:56:d8:14:44:38:36:8f:37:ab:74:
         5e:f4:6c:16:48:1c:99:1b:d2:eb:5e:57:a7:d0:4a:5e:ad:9e:
         a2:33:dd:10:11:c5:41:30:7e:43:7c:b7:27:21:6f:50:f0:11:
         87:60:48:96:de:8c:a3:d8:48:f9:9b:9f:35:9e:79:0c:b3:2e:
         62:50:5c:f3:ec:28:d2:1a:b5:8c:1f:4d:4d:59:f1:18:52:42:
         59:47:ab:43:55:93:74:63:15:ef:08:cd:58:67:f5:c5:99:7c:
         44:7f:2a:a0:e8:d6:bb:e2:86:62:2a:c8:19:9f:4d:47:d1:d9:
         df:4d:16:9a:0b:c9:4c:ed:94:06:cb:67:d9:d0:7a:70:34:3c:
         10:4b:89:0c:3f:f8:dd:2e:f8:ff:ca:4d:4f:ea:7c:67:fe:46:
         01:6a:b7:6a:f2:47:57:1c:fe:2c:da:87:da:57:9b:8d:e5:5d:
         87:da:be:32:5d:ee:ad:1e:60:1f:2d:ca:f1:2f:d7:44:09:04:
         76:c5:9d:2f:4f:19:32:cb:e3:2f:2d:ec:77:3a:9c:e8:9d:cf:
         b1:d2:9c:6f
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgIUAQ0Mn0MoWD84KQ6gLuLWipc8uQAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNjU0MTk1NjUtMWQ3My00ZWRmLWJlOTctNjA3MDRmOGFk
Njg3MB4XDTIyMDkxNDEyMDAwMFoXDTIzMDMxNTA0MDAwMFowLzEtMCsGA1UEAxMk
ZTVkZjkzNjAtNmE3Mi00Njk0LThlNDUtMDBmNTA1MzYyMGVjMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEwTKAk9wAny1y/oZXNl6J9d3ZHUDTUizaVs
+NGsbJX2GX+/03mJUtu4i9xwNy9BU66iNIyKVMxB3rJmbRil3fnks2ysvA5TL1r7
9uwjWcb0bEOvuuK8D9TQYfDaIfkb3vUwKEMhMKlRDonXhj8vlY5v+0EUJEe1C6r8
MTOy140UYbE3thvvKtGaoIu0NMZeLUvFJNoKBbzPHhLVxmLW9tGKOaZVkuzenQQH
4us34Zmz+CBeIc/EdQZgiH8gJGVyy8+l4XylBYABVP4hthG6Wf+8IBckmaNhzeGx
SVkZABrM9C8knxk3XlcG7ltvmkgFyZNDJ5P6paxPhWdQhXrRJwIDAQABo4IDVDCC
A1AwHQYDVR0OBBYEFA0YlkbeTwBByrOwX2IiVhZm3Ud3MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS82NTQx
OTU2NS0xZDczLTRlZGYtYmU5Ny02MDcwNGY4YWQ2ODcvMjEwZTMzOWItYzBmNi0z
MzFkLTgxZTYtYzg2NmI3M2Q5MjFlLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvNjU0MTk1NjUtMWQ3My00ZWRmLWJl
OTctNjA3MDRmOGFkNjg3LzY1NDE5NTY1LTFkNzMtNGVkZi1iZTk3LTYwNzA0Zjhh
ZDY4Ny5jcmwwHwYDVR0jBBgwFoAUXGdUeMWSPYUr/7Xf5aTviP4dRYkwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS82NTQxOTU2NS0xZDczLTRlZGYtYmU5Ny02MDcw
NGY4YWQ2ODcuY2VyMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkI4wVAYD
VR0gAQH/BEowSDBGBggrBgEFBQcOAjA6MDgGCCsGAQUFBwIBFixodHRwczovL3d3
dy5hcmluLm5ldC9yZXNvdXJjZXMvcnBraS9jcHMuaHRtbDANBgkqhkiG9w0BAQsF
AAOCAQEAULHLOpPbAfsZCB86WfZ5BFtREQz0y1ZgaIM2gDWy8Y2UxGxBmKAw/iN9
TNtW2BREODaPN6t0XvRsFkgcmRvS615Xp9BKXq2eojPdEBHFQTB+Q3y3JyFvUPAR
h2BIlt6Mo9hI+ZufNZ55DLMuYlBc8+wo0hq1jB9NTVnxGFJCWUerQ1WTdGMV7wjN
WGf1xZl8RH8qoOjWu+KGYirIGZ9NR9HZ300WmgvJTO2UBstn2dB6cDQ8EEuJDD/4
3S74/8pNT+p8Z/5GAWq3avJHVxz+LNqH2lebjeVdh9q+Ml3urR5gHy3K8S/XRAkE
dsWdL08ZMsvjLy3sdzqc6J3PsdKcbw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:39:35 2023 by rpki-client on console-fra.rpki-client.org