Route Origin Authorization

$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/0/3130382e3136362e3139322e302f31392d3234203d3e203335393136.roa
File:                     3130382e3136362e3139322e302f31392d3234203d3e203335393136.roa (raw, json)
Hash identifier:          WQIpNWP6OuhTjxPtRz8lKetzQqQv9G5utmFNCgNnsPY=
Subject key identifier:   9A:1F:B0:0E:C0:46:E1:BB:FE:DA:29:89:04:E0:A7:EC:F9:BC:1E:1C
Certificate issuer:       /CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Certificate serial:       5CCBDD0ABFA05BEC073288BE5B0F2134FE4273EA
Authority key identifier: DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject info access:      rsync://rpki.multacom.com/repo/MCOMCA/0/3130382e3136362e3139322e302f31392d3234203d3e203335393136.roa
Signing time:             Sun 30 Jul 2023 02:00:00 +0000
ROA not before:           Sun 30 Jul 2023 01:55:00 +0000
ROA not after:            Tue 30 Jul 2024 02:00:00 +0000
asID:                     35916
IP address blocks:        108.166.192.0/19 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:cb:dd:0a:bf:a0:5b:ec:07:32:88:be:5b:0f:21:34:fe:42:73:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
        Validity
            Not Before: Jul 30 01:55:00 2023 GMT
            Not After : Jul 30 02:00:00 2024 GMT
        Subject: CN=3082010A0282010100C73FDEF7FDB42527536B39264B94BC86589622A571FD78E469EED5981155DF7A321A5CE54620F2E17747779A50671DC39E8AACEAC0BF8C89D7FDE70B9827AB20ED5FCC46FF81C066169C85E595419D38AD4A1FD764BA643B9D854EF9A19AB4039A9CFAB086F497176720E51BC13498056D86802DCBD5B01D36F5521A7DC4E626831A5853420FD6FBBA4E18D18235F913C19B7330C35129F846FA2C5F7DBB904E7931C0F5145D945C02ACF6E1F89C23F88A46826E5E768B63739A106B398FA3D3C1BC1ECCB5EE8C3193AF93619EF19A9BEC202705F1EBF5CD82C056A3B4093B30A4E9B73306EAF6EF19F4D13C4FED067A42C40EE0683958AFA823F868C10758010203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:3f:de:f7:fd:b4:25:27:53:6b:39:26:4b:94:
                    bc:86:58:96:22:a5:71:fd:78:e4:69:ee:d5:98:11:
                    55:df:7a:32:1a:5c:e5:46:20:f2:e1:77:47:77:9a:
                    50:67:1d:c3:9e:8a:ac:ea:c0:bf:8c:89:d7:fd:e7:
                    0b:98:27:ab:20:ed:5f:cc:46:ff:81:c0:66:16:9c:
                    85:e5:95:41:9d:38:ad:4a:1f:d7:64:ba:64:3b:9d:
                    85:4e:f9:a1:9a:b4:03:9a:9c:fa:b0:86:f4:97:17:
                    67:20:e5:1b:c1:34:98:05:6d:86:80:2d:cb:d5:b0:
                    1d:36:f5:52:1a:7d:c4:e6:26:83:1a:58:53:42:0f:
                    d6:fb:ba:4e:18:d1:82:35:f9:13:c1:9b:73:30:c3:
                    51:29:f8:46:fa:2c:5f:7d:bb:90:4e:79:31:c0:f5:
                    14:5d:94:5c:02:ac:f6:e1:f8:9c:23:f8:8a:46:82:
                    6e:5e:76:8b:63:73:9a:10:6b:39:8f:a3:d3:c1:bc:
                    1e:cc:b5:ee:8c:31:93:af:93:61:9e:f1:9a:9b:ec:
                    20:27:05:f1:eb:f5:cd:82:c0:56:a3:b4:09:3b:30:
                    a4:e9:b7:33:06:ea:f6:ef:19:f4:d1:3c:4f:ed:06:
                    7a:42:c4:0e:e0:68:39:58:af:a8:23:f8:68:c1:07:
                    58:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:1F:B0:0E:C0:46:E1:BB:FE:DA:29:89:04:E0:A7:EC:F9:BC:1E:1C
            X509v3 Authority Key Identifier:
                keyid:DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.multacom.com/repo/MCOMCA/0/DC62768830B1B1201716518D5E6A6525B023593A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/0/3130382e3136362e3139322e302f31392d3234203d3e203335393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  108.166.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         9b:93:aa:5b:c8:a3:60:ef:e2:30:5d:f6:69:5a:24:d7:99:2a:
         9e:c3:b5:6f:b7:b9:f3:d9:fb:70:8b:66:8a:cb:98:15:54:62:
         3d:24:c0:10:8a:9f:3c:c9:79:5f:dc:89:fa:bc:97:37:58:de:
         64:62:a6:27:85:37:85:9b:7f:93:f5:41:37:30:e9:94:34:3a:
         2c:01:b8:bf:35:a7:ba:42:43:bf:d2:89:12:5f:83:2e:d7:85:
         52:43:4a:c3:74:66:b2:e2:03:ce:86:d6:cd:30:fa:7e:28:73:
         df:43:07:b1:b0:1e:93:f9:98:d2:cb:97:c9:ec:c8:73:73:96:
         0f:ee:be:5d:f0:7a:67:fd:65:1a:3d:6c:52:51:62:59:f4:c5:
         df:0b:3f:ab:2d:fe:33:e9:9b:a6:8b:14:ec:76:3f:fb:b6:4d:
         7b:ed:4c:6c:fe:b5:2e:30:6f:ee:24:81:6e:c2:3b:2e:12:f6:
         ca:d9:6f:29:0f:cf:7a:94:c9:95:e1:98:cb:60:f4:f6:b4:40:
         7d:f5:1b:c6:a6:64:79:ad:5d:a3:25:c6:95:88:ea:f1:cd:7f:
         99:9f:9e:d5:dd:74:dc:26:52:db:0a:03:c9:ab:c3:96:bc:a4:
         fa:7c:ef:a6:83:8f:c6:d3:a1:5e:61:99:0d:fe:0f:01:64:53:
         85:c2:a4:9a
-----BEGIN CERTIFICATE-----
MIIHazCCBlOgAwIBAgIUXMvdCr+gW+wHMoi+Ww8hNP5Cc+owDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODkwMTk0MDU5N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIx
ZjFmMjBhZGU2ODU2OGU1YjEwHhcNMjMwNzMwMDE1NTAwWhcNMjQwNzMwMDIwMDAw
WjCCAi0xggIpMIICJQYDVQQDE4ICHDMwODIwMTBBMDI4MjAxMDEwMEM3M0ZERUY3
RkRCNDI1Mjc1MzZCMzkyNjRCOTRCQzg2NTg5NjIyQTU3MUZENzhFNDY5RUVENTk4
MTE1NURGN0EzMjFBNUNFNTQ2MjBGMkUxNzc0Nzc3OUE1MDY3MURDMzlFOEFBQ0VB
QzBCRjhDODlEN0ZERTcwQjk4MjdBQjIwRUQ1RkNDNDZGRjgxQzA2NjE2OUM4NUU1
OTU0MTlEMzhBRDRBMUZENzY0QkE2NDNCOUQ4NTRFRjlBMTlBQjQwMzlBOUNGQUIw
ODZGNDk3MTc2NzIwRTUxQkMxMzQ5ODA1NkQ4NjgwMkRDQkQ1QjAxRDM2RjU1MjFB
N0RDNEU2MjY4MzFBNTg1MzQyMEZENkZCQkE0RTE4RDE4MjM1RjkxM0MxOUI3MzMw
QzM1MTI5Rjg0NkZBMkM1RjdEQkI5MDRFNzkzMUMwRjUxNDVEOTQ1QzAyQUNGNkUx
Rjg5QzIzRjg4QTQ2ODI2RTVFNzY4QjYzNzM5QTEwNkIzOThGQTNEM0MxQkMxRUND
QjVFRThDMzE5M0FGOTM2MTlFRjE5QTlCRUMyMDI3MDVGMUVCRjVDRDgyQzA1NkEz
QjQwOTNCMzBBNEU5QjczMzA2RUFGNkVGMTlGNEQxM0M0RkVEMDY3QTQyQzQwRUUw
NjgzOTU4QUZBODIzRjg2OEMxMDc1ODAxMDIwMzAxMDAwMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMc/3vf9tCUnU2s5JkuUvIZYliKlcf145Gnu1ZgR
Vd96Mhpc5UYg8uF3R3eaUGcdw56KrOrAv4yJ1/3nC5gnqyDtX8xG/4HAZhacheWV
QZ04rUof12S6ZDudhU75oZq0A5qc+rCG9JcXZyDlG8E0mAVthoAty9WwHTb1Uhp9
xOYmgxpYU0IP1vu6ThjRgjX5E8GbczDDUSn4RvosX327kE55McD1FF2UXAKs9uH4
nCP4ikaCbl52i2NzmhBrOY+j08G8Hsy17owxk6+TYZ7xmpvsICcF8ev1zYLAVqO0
CTswpOm3Mwbq9u8Z9NE8T+0GekLEDuBoOVivqCP4aMEHWAECAwEAAaOCAm8wggJr
MB0GA1UdDgQWBBSaH7AOwEbhu/7aKYkE4Kfs+bweHDAfBgNVHSMEGDAWgBTcYnaI
MLGxIBcWUY1eamUlsCNZOjAOBgNVHQ8BAf8EBAMCB4AwZQYDVR0fBF4wXDBaoFig
VoZUcnN5bmM6Ly9ycGtpLm11bHRhY29tLmNvbS9yZXBvL01DT01DQS8wL0RDNjI3
Njg4MzBCMUIxMjAxNzE2NTE4RDVFNkE2NTI1QjAyMzU5M0EuY3JsMIHzBggrBgEF
BQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlh
OC80ZGMwN2JhNi1kMzYwLTRjYTUtYTg2MC02MmU0ZTU0NzZmODQvODkwMTk0MDU5
N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIxZjFmMjBhZGU2ODU2OGU1YjEuY2VyMIGA
BggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5jOi8vcnBraS5tdWx0YWNv
bS5jb20vcmVwby9NQ09NQ0EvMC8zMTMwMzgyZTMxMzYzNjJlMzEzOTMyMmUzMDJm
MzEzOTJkMzIzNDIwM2QzZTIwMzMzNTM5MzEzNi5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBWymwDANBgkq
hkiG9w0BAQsFAAOCAQEAm5OqW8ijYO/iMF32aVok15kqnsO1b7e589n7cItmisuY
FVRiPSTAEIqfPMl5X9yJ+ryXN1jeZGKmJ4U3hZt/k/VBNzDplDQ6LAG4vzWnukJD
v9KJEl+DLteFUkNKw3RmsuIDzobWzTD6fihz30MHsbAek/mY0suXyezIc3OWD+6+
XfB6Z/1lGj1sUlFiWfTF3ws/qy3+M+mbposU7HY/+7ZNe+1MbP61LjBv7iSBbsI7
LhL2ytlvKQ/PepTJleGYy2D09rRAffUbxqZkea1doyXGlYjq8c1/mZ+e1d103CZS
2woDyavDlryk+nzvpoOPxtOhXmGZDf4PAWRThcKkmg==
-----END CERTIFICATE-----
Generated at Wed Aug 9 22:55:20 2023 by rpki-client on console-fra.rpki-client.org