Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/78840f5a-619f-4ff3-95b9-5b73beb3d2d9/726fd443-f3e3-354b-82c9-7c0b2dbb44dd.roa
File:                     726fd443-f3e3-354b-82c9-7c0b2dbb44dd.roa (raw, json)
Hash identifier:          3Lsq1tSsw4dkjfdQhW52hm6fNP8Le0xyfVE0e1z0NUQ=
Subject key identifier:   40:82:13:47:2A:78:CB:8F:D1:58:3B:9A:44:57:08:0F:2D:5F:2A:03
Certificate issuer:       /CN=78840f5a-619f-4ff3-95b9-5b73beb3d2d9
Certificate serial:       010D0C9F432858439CE5570E0087C62155350B10
Authority key identifier: 7C:7D:CC:1D:64:7F:31:F4:73:BC:44:F5:73:56:2B:02:4E:30:4B:E0
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/78840f5a-619f-4ff3-95b9-5b73beb3d2d9.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/78840f5a-619f-4ff3-95b9-5b73beb3d2d9/726fd443-f3e3-354b-82c9-7c0b2dbb44dd.roa
Signing time:             Fri 20 Oct 2023 13:00:20 +0000
ROA not before:           Fri 20 Oct 2023 13:00:20 +0000
ROA not after:            Thu 18 Jan 2024 14:00:20 +0000
asID:                     208398
IP address blocks:        199.36.240.0/22 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:43:9c:e5:57:0e:00:87:c6:21:55:35:0b:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=78840f5a-619f-4ff3-95b9-5b73beb3d2d9
        Validity
            Not Before: Oct 20 13:00:20 2023 GMT
            Not After : Jan 18 14:00:20 2024 GMT
        Subject: CN=a1bc4c8d-0797-4503-8706-a045fd30202f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:89:ba:4b:a6:89:c2:79:f8:c5:ab:a9:3a:d7:25:
                    30:f0:02:7b:f1:5a:99:e5:27:83:23:e5:7e:77:92:
                    61:c9:45:7c:cd:f0:ad:44:67:d6:47:2b:c7:b4:c0:
                    94:2f:c5:af:55:a4:03:f9:f3:a6:93:53:ac:28:b7:
                    6b:e8:f0:35:29:d1:68:76:87:57:83:30:ee:1a:42:
                    15:9e:3c:95:c0:47:5d:33:56:ec:c2:52:1c:a1:82:
                    c5:d6:a5:3e:3f:37:78:e6:b0:ae:84:7b:10:ae:f5:
                    0b:d9:33:f4:08:56:25:21:2b:5d:f7:9d:69:d0:7c:
                    5b:a1:94:cc:c0:2d:7f:68:ff:48:ee:3e:bc:ea:c7:
                    df:9c:a8:3d:da:c9:64:56:f3:ff:d0:59:4c:c6:eb:
                    fe:c0:eb:a4:75:c5:ec:68:5d:21:5a:9f:7d:c9:2e:
                    6c:7e:57:88:3b:b0:60:3e:b6:93:b0:77:6f:c7:00:
                    8c:fb:9c:20:5b:f2:28:f7:51:10:25:4c:5c:7f:c0:
                    ff:fd:0f:d9:b3:e2:34:13:a7:55:cb:ac:3f:4f:ae:
                    ad:fd:8d:81:55:b2:5f:1d:55:0e:67:a7:88:cf:8e:
                    59:32:20:29:92:eb:ac:07:f7:98:c2:66:35:90:da:
                    a5:f4:89:22:f5:a5:d4:4b:4f:5c:0e:e8:e5:db:2e:
                    75:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:82:13:47:2A:78:CB:8F:D1:58:3B:9A:44:57:08:0F:2D:5F:2A:03
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/78840f5a-619f-4ff3-95b9-5b73beb3d2d9/726fd443-f3e3-354b-82c9-7c0b2dbb44dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/78840f5a-619f-4ff3-95b9-5b73beb3d2d9/78840f5a-619f-4ff3-95b9-5b73beb3d2d9.crl

            X509v3 Authority Key Identifier:
                keyid:7C:7D:CC:1D:64:7F:31:F4:73:BC:44:F5:73:56:2B:02:4E:30:4B:E0

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/78840f5a-619f-4ff3-95b9-5b73beb3d2d9.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  199.36.240.0/22

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         87:7b:e4:85:33:09:d2:a4:0b:65:87:ad:85:c7:40:80:5a:41:
         d5:a9:c5:3f:f0:8b:fc:8c:16:74:e0:7e:9f:bb:5d:8b:0d:00:
         e9:7a:16:b9:2b:02:c4:1f:14:35:7f:42:27:46:44:bb:b9:de:
         83:e1:de:95:93:ce:fd:41:b7:7b:17:b2:7e:68:a3:50:0f:53:
         20:f9:82:f7:cc:8b:a6:11:25:1a:bc:a6:c9:fb:6e:21:6a:d4:
         f7:ad:5b:e5:5b:a1:8a:35:63:22:a3:49:05:31:21:6c:b2:f7:
         30:48:88:5b:1e:da:25:eb:64:b2:3c:05:78:16:3f:a5:11:c3:
         30:23:90:00:50:72:df:91:e1:48:17:d7:a2:95:6c:23:5f:eb:
         0d:26:fe:c8:75:71:be:2c:dc:a1:88:81:87:43:1c:08:d3:74:
         7b:2b:83:a8:ab:77:a0:10:3d:4c:46:0c:a5:68:88:eb:6f:a7:
         77:57:48:dd:ed:76:8e:10:66:c9:fc:10:c7:d4:c1:39:1b:07:
         f5:c5:48:69:8e:43:d1:2b:7a:e7:83:2f:c0:e9:58:d0:f6:73:
         29:23:3a:ff:02:5d:b0:0d:98:94:61:11:78:75:37:cd:15:4d:
         78:3f:81:d2:1e:04:f4:c0:ca:c0:e5:02:83:12:ed:cb:ef:0a:
         30:7b:26:8c
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEOc5VcOAIfGIVU1CxAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkNzg4NDBmNWEtNjE5Zi00ZmYzLTk1YjktNWI3M2JlYjNk
MmQ5MB4XDTIzMTAyMDEzMDAyMFoXDTI0MDExODE0MDAyMFowLzEtMCsGA1UEAxMk
YTFiYzRjOGQtMDc5Ny00NTAzLTg3MDYtYTA0NWZkMzAyMDJmMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibpLponCefjFq6k61yUw8AJ78VqZ5SeDI+V+
d5JhyUV8zfCtRGfWRyvHtMCUL8WvVaQD+fOmk1OsKLdr6PA1KdFododXgzDuGkIV
njyVwEddM1bswlIcoYLF1qU+Pzd45rCuhHsQrvUL2TP0CFYlIStd951p0HxboZTM
wC1/aP9I7j686sffnKg92slkVvP/0FlMxuv+wOukdcXsaF0hWp99yS5sfleIO7Bg
PraTsHdvxwCM+5wgW/Io91EQJUxcf8D//Q/Zs+I0E6dVy6w/T66t/Y2BVbJfHVUO
Z6eIz45ZMiApkuusB/eYwmY1kNql9Iki9aXUS09cDujl2y51cQIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFECCE0cqeMuP0Vg7mkRXCA8tXyoDMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS83ODg0
MGY1YS02MTlmLTRmZjMtOTViOS01YjczYmViM2QyZDkvNzI2ZmQ0NDMtZjNlMy0z
NTRiLTgyYzktN2MwYjJkYmI0NGRkLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvNzg4NDBmNWEtNjE5Zi00ZmYzLTk1
YjktNWI3M2JlYjNkMmQ5Lzc4ODQwZjVhLTYxOWYtNGZmMy05NWI5LTViNzNiZWIz
ZDJkOS5jcmwwHwYDVR0jBBgwFoAUfH3MHWR/MfRzvET1c1YrAk4wS+AwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS83ODg0MGY1YS02MTlmLTRmZjMtOTViOS01Yjcz
YmViM2QyZDkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCxyTwMFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAId75IUzCdKkC2WHrYXHQIBaQdWpxT/wi/yMFnTgfp+7XYsNAOl6Frkr
AsQfFDV/QidGRLu53oPh3pWTzv1Bt3sXsn5oo1APUyD5gvfMi6YRJRq8psn7biFq
1PetW+VboYo1YyKjSQUxIWyy9zBIiFse2iXrZLI8BXgWP6URwzAjkABQct+R4UgX
16KVbCNf6w0m/sh1cb4s3KGIgYdDHAjTdHsrg6ird6AQPUxGDKVoiOtvp3dXSN3t
do4QZsn8EMfUwTkbB/XFSGmOQ9EreueDL8DpWND2cykjOv8CXbANmJRhEXh1N80V
TXg/gdIeBPTAysDlAoMS7cvvCjB7Jow=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:47:40 2024 by rpki-client on console-ams.rpki-client.org