Route Origin Authorization 

$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/9da5489c-943d-495a-995a-ee1d16049d29/356dfaa4-101c-3d25-8eee-3d42e5a377d3.roa
File:                     356dfaa4-101c-3d25-8eee-3d42e5a377d3.roa (raw, json)
Hash identifier:          MSu+/Zco8SoG3THDZrFP5sstux3RyTP7I9+ehgEdfJI=
Subject key identifier:   A3:36:58:F8:1B:EC:D5:A2:F6:EF:76:0E:25:72:20:C3:AE:76:52:BE
Certificate issuer:       /CN=9da5489c-943d-495a-995a-ee1d16049d29
Certificate serial:       010D0C9F43285844448424307218770876D944C0
Authority key identifier: 68:7B:4F:F2:2B:2F:2C:0D:D0:D6:C9:89:FF:00:5C:A1:A5:50:B9:5B
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/9da5489c-943d-495a-995a-ee1d16049d29.cer
Subject info access:      rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/9da5489c-943d-495a-995a-ee1d16049d29/356dfaa4-101c-3d25-8eee-3d42e5a377d3.roa
Signing time:             Tue 19 Dec 2023 14:00:20 +0000
ROA not before:           Tue 19 Dec 2023 14:00:20 +0000
ROA not after:            Mon 18 Mar 2024 13:00:20 +0000
asID:                     16509
IP address blocks:        204.75.187.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:0d:0c:9f:43:28:58:44:44:84:24:30:72:18:77:08:76:d9:44:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9da5489c-943d-495a-995a-ee1d16049d29
        Validity
            Not Before: Dec 19 14:00:20 2023 GMT
            Not After : Mar 18 13:00:20 2024 GMT
        Subject: CN=eea9af8f-1c72-4731-94a1-b9c671318ac3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f6:76:0f:05:2a:bc:f2:39:d8:df:ce:58:a0:
                    f7:fa:12:86:a4:48:ce:94:a6:a3:bb:36:14:4d:c3:
                    a6:66:9a:e1:1c:7c:f8:52:6f:aa:40:28:09:28:77:
                    57:00:cc:87:10:bc:28:d8:69:4e:e6:25:33:4f:27:
                    2f:ac:55:96:d7:0c:e1:87:c9:7a:fb:ff:09:30:31:
                    52:ac:86:13:a0:88:89:1c:eb:a3:32:de:9b:67:18:
                    f5:e7:f2:67:4a:a9:e4:20:c5:44:78:0c:a0:72:f1:
                    b6:0f:b4:80:59:68:ee:9e:a0:f9:c0:a5:22:38:6f:
                    1f:67:b5:91:f3:b6:88:7a:74:52:1d:12:3d:db:bd:
                    64:57:8b:61:11:2b:34:85:fe:85:3e:2c:7a:e3:1d:
                    75:9b:30:b2:c9:61:cc:1e:b3:9c:c7:f6:ca:3b:af:
                    32:ef:2f:ca:e4:90:38:14:58:54:65:d1:45:ea:1a:
                    eb:21:ad:22:0c:4a:61:34:0e:10:38:56:f4:df:ef:
                    9e:e7:e7:00:24:4d:e9:87:30:ae:8a:86:35:83:d8:
                    61:37:76:b8:b2:bf:db:f2:b5:f0:85:1c:05:d3:0d:
                    0b:9e:44:5a:c3:34:c4:fa:5e:06:6a:59:91:79:a1:
                    f1:29:8f:79:40:a3:7b:77:12:4d:4e:f7:b2:eb:aa:
                    f2:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:36:58:F8:1B:EC:D5:A2:F6:EF:76:0E:25:72:20:C3:AE:76:52:BE
            Subject Information Access:
                Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/9da5489c-943d-495a-995a-ee1d16049d29/356dfaa4-101c-3d25-8eee-3d42e5a377d3.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/9da5489c-943d-495a-995a-ee1d16049d29/9da5489c-943d-495a-995a-ee1d16049d29.crl

            X509v3 Authority Key Identifier:
                keyid:68:7B:4F:F2:2B:2F:2C:0D:D0:D6:C9:89:FF:00:5C:A1:A5:50:B9:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/9da5489c-943d-495a-995a-ee1d16049d29.cer

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.75.187.0/24

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.arin.net/resources/rpki/cps.html

    Signature Algorithm: sha256WithRSAEncryption
         4e:bf:93:c9:4a:03:47:c3:84:ed:d4:e7:36:40:42:1e:d3:12:
         c3:04:17:d3:fa:09:1f:5b:e0:b7:eb:90:74:a6:22:98:ab:3b:
         79:46:89:dc:dc:07:6c:85:4f:41:90:c6:26:16:4f:a7:93:c9:
         04:f0:59:9f:8c:e7:0f:a1:a7:e7:68:40:6f:7f:fd:3b:9c:d8:
         37:de:0e:3f:04:64:6b:86:2b:00:46:37:ac:28:88:08:be:a5:
         5d:b1:f8:54:56:45:8f:f7:a3:e5:a3:70:e8:44:01:12:63:a5:
         4e:19:6e:1a:cf:29:7d:c2:f2:0e:a2:98:5b:60:41:7f:a8:87:
         d9:6a:84:e7:f0:a1:0c:c0:ac:97:21:e8:fd:28:1a:af:af:64:
         30:0e:07:ae:76:f7:cd:95:99:88:47:a1:d6:f7:96:84:e5:e1:
         e9:a9:8e:b4:c8:87:e9:09:9e:e4:28:70:94:97:23:3b:5b:d2:
         86:df:aa:39:d2:3d:3c:b4:48:67:84:26:8c:42:e7:66:01:c9:
         3c:b8:8c:59:7e:30:83:3d:4f:e4:ec:34:c1:4a:4e:77:eb:2e:
         d1:fc:b8:21:0e:7a:2e:3d:6a:b7:bc:79:ba:ad:14:86:ed:26:
         0c:76:40:6d:8d:09:e6:b9:95:c6:bd:79:f7:70:ce:ad:d4:5c:
         67:51:50:ef
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgIUAQ0Mn0MoWEREhCQwchh3CHbZRMAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkOWRhNTQ4OWMtOTQzZC00OTVhLTk5NWEtZWUxZDE2MDQ5
ZDI5MB4XDTIzMTIxOTE0MDAyMFoXDTI0MDMxODEzMDAyMFowLzEtMCsGA1UEAxMk
ZWVhOWFmOGYtMWM3Mi00NzMxLTk0YTEtYjljNjcxMzE4YWMzMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7vZ2DwUqvPI52N/OWKD3+hKGpEjOlKajuzYU
TcOmZprhHHz4Um+qQCgJKHdXAMyHELwo2GlO5iUzTycvrFWW1wzhh8l6+/8JMDFS
rIYToIiJHOujMt6bZxj15/JnSqnkIMVEeAygcvG2D7SAWWjunqD5wKUiOG8fZ7WR
87aIenRSHRI9271kV4thESs0hf6FPix64x11mzCyyWHMHrOcx/bKO68y7y/K5JA4
FFhUZdFF6hrrIa0iDEphNA4QOFb03++e5+cAJE3phzCuioY1g9hhN3a4sr/b8rXw
hRwF0w0LnkRawzTE+l4GalmReaHxKY95QKN7dxJNTvey66ryKwIDAQABo4IDVTCC
A1EwHQYDVR0OBBYEFKM2WPgb7NWi9u92DiVyIMOudlK+MIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMzOS1hMmYzLTYyOTlhM2IwMmUyOS85ZGE1
NDg5Yy05NDNkLTQ5NWEtOTk1YS1lZTFkMTYwNDlkMjkvMzU2ZGZhYTQtMTAxYy0z
ZDI1LThlZWUtM2Q0MmU1YTM3N2QzLnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy9mNjBjOWYzMi1h
ODdjLTQzMzktYTJmMy02Mjk5YTNiMDJlMjkvOWRhNTQ4OWMtOTQzZC00OTVhLTk5
NWEtZWUxZDE2MDQ5ZDI5LzlkYTU0ODljLTk0M2QtNDk1YS05OTVhLWVlMWQxNjA0
OWQyOS5jcmwwHwYDVR0jBBgwFoAUaHtP8isvLA3Q1smJ/wBcoaVQuVswDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzL2Y2MGM5ZjMyLWE4N2MtNDMz
OS1hMmYzLTYyOTlhM2IwMmUyOS85ZGE1NDg5Yy05NDNkLTQ5NWEtOTk1YS1lZTFk
MTYwNDlkMjkuY2VyMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAzEu7MFQG
A1UdIAEB/wRKMEgwRgYIKwYBBQUHDgIwOjA4BggrBgEFBQcCARYsaHR0cHM6Ly93
d3cuYXJpbi5uZXQvcmVzb3VyY2VzL3Jwa2kvY3BzLmh0bWwwDQYJKoZIhvcNAQEL
BQADggEBAE6/k8lKA0fDhO3U5zZAQh7TEsMEF9P6CR9b4LfrkHSmIpirO3lGidzc
B2yFT0GQxiYWT6eTyQTwWZ+M5w+hp+doQG9//Tuc2DfeDj8EZGuGKwBGN6woiAi+
pV2x+FRWRY/3o+WjcOhEARJjpU4ZbhrPKX3C8g6imFtgQX+oh9lqhOfwoQzArJch
6P0oGq+vZDAOB652982VmYhHodb3loTl4empjrTIh+kJnuQocJSXIztb0obfqjnS
PTy0SGeEJoxC52YByTy4jFl+MIM9T+TsNMFKTnfrLtH8uCEOei49are8ebqtFIbt
Jgx2QG2NCea5lca9efdwzq3UXGdRUO8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:47:41 2024 by rpki-client on console-ams.rpki-client.org