Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/875f5953-15f6-3ef4-a91f-7e781f2f87b8.roa
File:                     875f5953-15f6-3ef4-a91f-7e781f2f87b8.roa (raw, json)
Hash identifier:          2SumtuRHfuci+TonXR4+3DTISbVs6SyCejOvBMpXS48=
Subject key identifier:   9C:AA:73:51:56:F6:64:23:18:76:3A:76:C3:E6:75:97:B1:4C:F6:35
Certificate issuer:       /CN=8a13f263-84fb-4a2b-b136-d447ecc21508
Certificate serial:       010D0C9F432858401A3D3789C21F57A616AF07B6
Authority key identifier: C8:37:D2:6F:C6:51:9C:EF:BC:41:B2:83:91:2E:73:69:A3:B3:BE:A3
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/875f5953-15f6-3ef4-a91f-7e781f2f87b8.roa
Signing time:             Thu 01 Dec 2022 12:00:00 +0000
ROA not before:           Thu 01 Dec 2022 12:00:00 +0000
ROA not after:            Fri 06 Jun 2025 04:00:00 +0000
asID:                     21734
IP address blocks:        64.95.191.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:40:1a:3d:37:89:c2:1f:57:a6:16:af:07:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8a13f263-84fb-4a2b-b136-d447ecc21508
        Validity
            Not Before: Dec  1 12:00:00 2022 GMT
            Not After : Jun  6 04:00:00 2025 GMT
        Subject: CN=b9f83ca5-5eba-4116-b25b-7b6c29d44770
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:81:56:9f:e5:a0:37:e0:c3:a2:63:ed:8b:2f:
                    f5:fb:34:82:62:69:d5:d8:75:94:a2:39:4e:c2:8a:
                    81:16:17:7a:4c:cb:97:c1:08:0f:67:e1:2c:b7:bc:
                    14:09:3a:d2:76:48:33:53:11:f3:40:e8:5d:f7:90:
                    0f:98:4c:d0:f3:64:24:a8:a2:49:27:2c:1a:f9:24:
                    5b:d0:01:b6:93:cc:ba:89:81:7f:4d:20:9a:a9:85:
                    8a:e5:eb:3d:f9:37:09:0a:8a:65:0b:2b:3f:90:72:
                    cd:2a:39:0d:63:72:14:86:c9:05:c9:0b:5c:2e:8a:
                    ba:22:66:f6:0a:38:63:03:b2:f7:66:29:30:a9:4e:
                    f7:29:16:36:c1:09:c8:0e:0e:bf:60:d3:80:94:f0:
                    83:1a:f2:0f:b5:d9:a4:7b:dc:9a:80:b2:7d:96:c0:
                    93:28:72:ba:e8:d3:93:d5:10:49:df:47:67:fd:fe:
                    10:b4:25:e1:0b:89:ef:73:6a:dd:a4:f3:21:f6:8d:
                    75:1f:03:35:ad:70:a7:af:46:6e:34:43:02:9c:24:
                    ec:bc:94:46:3c:34:d0:24:34:f3:94:f6:e0:be:4b:
                    a7:5e:93:08:cb:1e:80:6a:d4:95:32:6d:21:b4:2f:
                    8b:49:dd:38:dc:16:05:b4:8b:de:d1:ce:d3:e1:4d:
                    60:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:AA:73:51:56:F6:64:23:18:76:3A:76:C3:E6:75:97:B1:4C:F6:35
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/875f5953-15f6-3ef4-a91f-7e781f2f87b8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508/8a13f263-84fb-4a2b-b136-d447ecc21508.crl

            X509v3 Authority Key Identifier:
                keyid:C8:37:D2:6F:C6:51:9C:EF:BC:41:B2:83:91:2E:73:69:A3:B3:BE:A3

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/76fe11d4-d352-4994-8f6c-d6c91b0b8415/8a13f263-84fb-4a2b-b136-d447ecc21508.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  64.95.191.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         93:73:95:70:38:41:a4:74:a4:75:00:24:98:10:fc:a7:56:d7:
         44:26:ea:ab:e8:2a:83:ea:75:25:9f:9a:7c:6c:59:64:90:f9:
         51:84:5d:7e:e1:5a:9a:7d:ff:c5:2e:96:49:17:d0:2d:bb:db:
         db:b4:85:16:be:a7:6a:12:5d:7d:52:64:0e:88:02:e5:4d:2b:
         e5:50:cd:4f:6f:89:5c:99:eb:30:3a:e4:f9:a2:35:0e:81:82:
         e9:c4:e1:a9:8f:c2:c8:47:84:68:76:8b:e0:40:0f:3c:8a:74:
         b0:5e:d7:35:ed:0f:0c:b2:f8:15:4f:9e:62:55:fc:e7:76:8d:
         29:64:2b:1f:7b:2f:96:69:4c:b9:f0:62:85:bf:1a:41:93:af:
         8b:88:46:2e:be:a2:1d:3a:dd:78:4c:b0:00:db:c1:58:4c:9f:
         7b:0b:76:1e:48:7d:76:a9:08:c5:65:ba:d0:92:7f:cd:02:1d:
         ca:45:df:c1:7c:eb:c2:d2:c1:8f:a2:de:bd:d2:ab:45:53:75:
         44:ed:97:42:1c:45:68:66:aa:42:d0:02:c3:da:c0:0f:8d:60:
         cc:d2:2e:b3:b7:84:f5:59:4e:24:6f:a4:04:3f:f0:07:99:b9:
         85:e3:b1:01:c1:4e:e7:d2:f9:2f:8a:b6:7c:bb:c7:e4:25:c2:
         8e:9c:78:cd
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEAaPTeJwh9XphavB7YwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOGExM2YyNjMtODRmYi00YTJiLWIxMzYtZDQ0N2VjYzIx
NTA4MB4XDTIyMTIwMTEyMDAwMFoXDTI1MDYwNjA0MDAwMFowLzEtMCsGA1UEAxMk
YjlmODNjYTUtNWViYS00MTE2LWIyNWItN2I2YzI5ZDQ0NzcwMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4FWn+WgN+DDomPtiy/1+zSCYmnV2HWUojlO
woqBFhd6TMuXwQgPZ+Est7wUCTrSdkgzUxHzQOhd95APmEzQ82QkqKJJJywa+SRb
0AG2k8y6iYF/TSCaqYWK5es9+TcJCoplCys/kHLNKjkNY3IUhskFyQtcLoq6Imb2
CjhjA7L3ZikwqU73KRY2wQnIDg6/YNOAlPCDGvIPtdmke9yagLJ9lsCTKHK66NOT
1RBJ30dn/f4QtCXhC4nvc2rdpPMh9o11HwM1rXCnr0ZuNEMCnCTsvJRGPDTQJDTz
lPbgvkunXpMIyx6AatSVMm0htC+LSd043BYFtIve0c7T4U1gLQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFJyqc1FW9mQjGHY6dsPmdZexTPY1MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5NC04ZjZjLWQ2YzkxYjBiODQxNS84YTEz
ZjI2My04NGZiLTRhMmItYjEzNi1kNDQ3ZWNjMjE1MDgvODc1ZjU5NTMtMTVmNi0z
ZWY0LWE5MWYtN2U3ODFmMmY4N2I4LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NmZlMTFkNC1k
MzUyLTQ5OTQtOGY2Yy1kNmM5MWIwYjg0MTUvOGExM2YyNjMtODRmYi00YTJiLWIx
MzYtZDQ0N2VjYzIxNTA4LzhhMTNmMjYzLTg0ZmItNGEyYi1iMTM2LWQ0NDdlY2My
MTUwOC5jcmwwHwYDVR0jBBgwFoAUyDfSb8ZRnO+8QbKDkS5zaaOzvqMwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc2ZmUxMWQ0LWQzNTItNDk5
NC04ZjZjLWQ2YzkxYjBiODQxNS84YTEzZjI2My04NGZiLTRhMmItYjEzNi1kNDQ3
ZWNjMjE1MDguY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQF+/MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAJNzlXA4QaR0pHUAJJgQ/KdW10Qm6qvoKoPqdSWfmnxsWWSQ+VGEXX7h
Wpp9/8UulkkX0C2729u0hRa+p2oSXX1SZA6IAuVNK+VQzU9viVyZ6zA65PmiNQ6B
gunE4amPwshHhGh2i+BADzyKdLBe1zXtDwyy+BVPnmJV/Od2jSlkKx97L5ZpTLnw
YoW/GkGTr4uIRi6+oh063XhMsADbwVhMn3sLdh5IfXapCMVlutCSf80CHcpF38F8
68LSwY+i3r3Sq0VTdUTtl0IcRWhmqkLQAsPawA+NYMzSLrO3hPVZTiRvpAQ/8AeZ
uYXjsQHBTufS+S+Ktny7x+Qlwo6ceM0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:39:41 2023 by rpki-client on console-fra.rpki-client.org