Route Origin Authorization

$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/0/3137332e38322e3133372e302f32342d3234203d3e20333933393239.roa
File:                     3137332e38322e3133372e302f32342d3234203d3e20333933393239.roa (raw, json)
Hash identifier:          XSlU5g237EaymvI0WZsbl/fWETJSrg4bHArSZa0w1H4=
Subject key identifier:   45:B2:53:FC:87:B6:EE:C6:1A:01:7B:C7:FD:01:8D:9B:56:C8:E3:A6
Certificate issuer:       /CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Certificate serial:       7E788D11F5B379EAF4299869D45FB69C1FF430C3
Authority key identifier: DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject info access:      rsync://rpki.multacom.com/repo/MCOMCA/0/3137332e38322e3133372e302f32342d3234203d3e20333933393239.roa
Signing time:             Sat 29 Jul 2023 23:00:00 +0000
ROA not before:           Sat 29 Jul 2023 22:55:00 +0000
ROA not after:            Mon 29 Jul 2024 23:00:00 +0000
asID:                     393929
IP address blocks:        173.82.137.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:78:8d:11:f5:b3:79:ea:f4:29:98:69:d4:5f:b6:9c:1f:f4:30:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
        Validity
            Not Before: Jul 29 22:55:00 2023 GMT
            Not After : Jul 29 23:00:00 2024 GMT
        Subject: CN=3082010A0282010100C6629EFCA4F1C617ED3C0570F276E39C25C283301EEADF49976B5F6702369694BBD33529A3747FA5A676758998EA544084680D649187DCC1DF2128A6C5156F97EA7BF5EC1F0ECFF4DCBC97AF38A1A2A60E40E9552C6DC45795ACAAF5567DBAA117EBFD6AEA3CBD14E09CF1EE50B879908F328FECF612145D3B55019B3DBCEA5D228737E32680FDC0165F6812FB65E66DD7857462C0087170AE91218E8798C49D74A02F3EC23EA83E6AC7229B12B22DA78C8AD1EADD35C592E0FBDADDA7A8243791E2A78D0ABC34A14DFD103C96D88C20C515B797FB4C57B3E6D7450B57ACCC8AD8E8807CF708DE657E2FB45258E18D9FF5CDB0C0E5455DEAFE0538A53E67ED710203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:62:9e:fc:a4:f1:c6:17:ed:3c:05:70:f2:76:
                    e3:9c:25:c2:83:30:1e:ea:df:49:97:6b:5f:67:02:
                    36:96:94:bb:d3:35:29:a3:74:7f:a5:a6:76:75:89:
                    98:ea:54:40:84:68:0d:64:91:87:dc:c1:df:21:28:
                    a6:c5:15:6f:97:ea:7b:f5:ec:1f:0e:cf:f4:dc:bc:
                    97:af:38:a1:a2:a6:0e:40:e9:55:2c:6d:c4:57:95:
                    ac:aa:f5:56:7d:ba:a1:17:eb:fd:6a:ea:3c:bd:14:
                    e0:9c:f1:ee:50:b8:79:90:8f:32:8f:ec:f6:12:14:
                    5d:3b:55:01:9b:3d:bc:ea:5d:22:87:37:e3:26:80:
                    fd:c0:16:5f:68:12:fb:65:e6:6d:d7:85:74:62:c0:
                    08:71:70:ae:91:21:8e:87:98:c4:9d:74:a0:2f:3e:
                    c2:3e:a8:3e:6a:c7:22:9b:12:b2:2d:a7:8c:8a:d1:
                    ea:dd:35:c5:92:e0:fb:da:dd:a7:a8:24:37:91:e2:
                    a7:8d:0a:bc:34:a1:4d:fd:10:3c:96:d8:8c:20:c5:
                    15:b7:97:fb:4c:57:b3:e6:d7:45:0b:57:ac:cc:8a:
                    d8:e8:80:7c:f7:08:de:65:7e:2f:b4:52:58:e1:8d:
                    9f:f5:cd:b0:c0:e5:45:5d:ea:fe:05:38:a5:3e:67:
                    ed:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:B2:53:FC:87:B6:EE:C6:1A:01:7B:C7:FD:01:8D:9B:56:C8:E3:A6
            X509v3 Authority Key Identifier:
                keyid:DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.multacom.com/repo/MCOMCA/0/DC62768830B1B1201716518D5E6A6525B023593A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/0/3137332e38322e3133372e302f32342d3234203d3e20333933393239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  173.82.137.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:7e:92:b5:12:14:d7:bd:db:ef:6b:1e:cc:1d:db:6e:60:ac:
         3d:f6:07:99:08:3e:bd:a0:32:ce:79:77:d4:9b:50:17:c7:ed:
         90:2a:be:cf:e1:6f:e3:f8:3b:16:10:32:23:5c:8a:2e:4a:a1:
         b2:06:37:a1:27:d7:b8:b4:79:b1:7d:0f:54:88:a9:ac:6b:17:
         b9:90:18:f9:22:ec:f2:38:8c:34:d5:0b:a0:7b:3a:90:16:7e:
         85:f4:64:59:a1:dc:51:5c:ce:77:90:4c:61:1a:65:a2:1e:82:
         49:a5:3b:4f:08:59:7d:0d:2a:c5:bc:ad:52:25:04:ef:6f:47:
         78:b9:0b:b9:54:b6:b9:58:8c:9f:4b:5e:ca:b4:43:90:4a:75:
         72:73:80:64:0c:09:1c:b9:b7:db:ae:2f:bc:a2:e5:38:7e:4b:
         b4:24:07:d4:0d:35:4a:3e:54:35:05:8c:23:76:8d:cd:26:4b:
         2f:3b:75:30:68:e9:44:9e:dc:e1:23:6f:17:34:19:d4:35:2f:
         a3:ad:df:86:f7:7a:0d:bb:5d:f4:85:3f:11:ef:7e:23:ee:bc:
         32:9b:3a:9c:95:fd:b1:88:4f:d2:64:b6:3a:c1:93:08:92:1e:
         d3:ab:de:d1:40:7f:2b:d8:f8:8c:0b:33:2b:68:bd:a0:ad:c5:
         25:d5:80:41
-----BEGIN CERTIFICATE-----
MIIHazCCBlOgAwIBAgIUfniNEfWzeer0KZhp1F+2nB/0MMMwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODkwMTk0MDU5N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIx
ZjFmMjBhZGU2ODU2OGU1YjEwHhcNMjMwNzI5MjI1NTAwWhcNMjQwNzI5MjMwMDAw
WjCCAi0xggIpMIICJQYDVQQDE4ICHDMwODIwMTBBMDI4MjAxMDEwMEM2NjI5RUZD
QTRGMUM2MTdFRDNDMDU3MEYyNzZFMzlDMjVDMjgzMzAxRUVBREY0OTk3NkI1RjY3
MDIzNjk2OTRCQkQzMzUyOUEzNzQ3RkE1QTY3Njc1ODk5OEVBNTQ0MDg0NjgwRDY0
OTE4N0RDQzFERjIxMjhBNkM1MTU2Rjk3RUE3QkY1RUMxRjBFQ0ZGNERDQkM5N0FG
MzhBMUEyQTYwRTQwRTk1NTJDNkRDNDU3OTVBQ0FBRjU1NjdEQkFBMTE3RUJGRDZB
RUEzQ0JEMTRFMDlDRjFFRTUwQjg3OTkwOEYzMjhGRUNGNjEyMTQ1RDNCNTUwMTlC
M0RCQ0VBNUQyMjg3MzdFMzI2ODBGREMwMTY1RjY4MTJGQjY1RTY2REQ3ODU3NDYy
QzAwODcxNzBBRTkxMjE4RTg3OThDNDlENzRBMDJGM0VDMjNFQTgzRTZBQzcyMjlC
MTJCMjJEQTc4QzhBRDFFQUREMzVDNTkyRTBGQkRBRERBN0E4MjQzNzkxRTJBNzhE
MEFCQzM0QTE0REZEMTAzQzk2RDg4QzIwQzUxNUI3OTdGQjRDNTdCM0U2RDc0NTBC
NTdBQ0NDOEFEOEU4ODA3Q0Y3MDhERTY1N0UyRkI0NTI1OEUxOEQ5RkY1Q0RCMEMw
RTU0NTVERUFGRTA1MzhBNTNFNjdFRDcxMDIwMzAxMDAwMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMZinvyk8cYX7TwFcPJ245wlwoMwHurfSZdrX2cC
NpaUu9M1KaN0f6WmdnWJmOpUQIRoDWSRh9zB3yEopsUVb5fqe/XsHw7P9Ny8l684
oaKmDkDpVSxtxFeVrKr1Vn26oRfr/WrqPL0U4Jzx7lC4eZCPMo/s9hIUXTtVAZs9
vOpdIoc34yaA/cAWX2gS+2XmbdeFdGLACHFwrpEhjoeYxJ10oC8+wj6oPmrHIpsS
si2njIrR6t01xZLg+9rdp6gkN5Hip40KvDShTf0QPJbYjCDFFbeX+0xXs+bXRQtX
rMyK2OiAfPcI3mV+L7RSWOGNn/XNsMDlRV3q/gU4pT5n7XECAwEAAaOCAm8wggJr
MB0GA1UdDgQWBBRFslP8h7buxhoBe8f9AY2bVsjjpjAfBgNVHSMEGDAWgBTcYnaI
MLGxIBcWUY1eamUlsCNZOjAOBgNVHQ8BAf8EBAMCB4AwZQYDVR0fBF4wXDBaoFig
VoZUcnN5bmM6Ly9ycGtpLm11bHRhY29tLmNvbS9yZXBvL01DT01DQS8wL0RDNjI3
Njg4MzBCMUIxMjAxNzE2NTE4RDVFNkE2NTI1QjAyMzU5M0EuY3JsMIHzBggrBgEF
BQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlh
OC80ZGMwN2JhNi1kMzYwLTRjYTUtYTg2MC02MmU0ZTU0NzZmODQvODkwMTk0MDU5
N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIxZjFmMjBhZGU2ODU2OGU1YjEuY2VyMIGA
BggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5jOi8vcnBraS5tdWx0YWNv
bS5jb20vcmVwby9NQ09NQ0EvMC8zMTM3MzMyZTM4MzIyZTMxMzMzNzJlMzAyZjMy
MzQyZDMyMzQyMDNkM2UyMDMzMzkzMzM5MzIzOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAK1SiTANBgkq
hkiG9w0BAQsFAAOCAQEAMH6StRIU173b72sezB3bbmCsPfYHmQg+vaAyznl31JtQ
F8ftkCq+z+Fv4/g7FhAyI1yKLkqhsgY3oSfXuLR5sX0PVIiprGsXuZAY+SLs8jiM
NNULoHs6kBZ+hfRkWaHcUVzOd5BMYRploh6CSaU7TwhZfQ0qxbytUiUE729HeLkL
uVS2uViMn0teyrRDkEp1cnOAZAwJHLm3264vvKLlOH5LtCQH1A01Sj5UNQWMI3aN
zSZLLzt1MGjpRJ7c4SNvFzQZ1DUvo63fhvd6Dbtd9IU/Ee9+I+68Mps6nJX9sYhP
0mS2OsGTCJIe06ve0UB/K9j4jAszK2i9oK3FJdWAQQ==
-----END CERTIFICATE-----
Generated at Wed Aug 9 22:59:11 2023 by rpki-client on console-ams.rpki-client.org