Route Origin Authorization

$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/0/3230342e31352e37322e302f32312d3234203d3e203335393136.roa
File:                     3230342e31352e37322e302f32312d3234203d3e203335393136.roa (raw, json)
Hash identifier:          AAahpM0tAXKO7BwijVRjP6NZUAruwZBO0X18Cc3tdKE=
Subject key identifier:   10:B7:BA:68:02:EA:13:20:60:97:AD:91:96:CC:38:B6:13:4B:F0:ED
Certificate issuer:       /CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Certificate serial:       7572BAA0C47585A57EF3BEFBF01E8F22CA24E63E
Authority key identifier: DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject info access:      rsync://rpki.multacom.com/repo/MCOMCA/0/3230342e31352e37322e302f32312d3234203d3e203335393136.roa
Signing time:             Sun 30 Jul 2023 02:00:01 +0000
ROA not before:           Sun 30 Jul 2023 01:55:01 +0000
ROA not after:            Tue 30 Jul 2024 02:00:01 +0000
asID:                     35916
IP address blocks:        204.15.72.0/21 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:72:ba:a0:c4:75:85:a5:7e:f3:be:fb:f0:1e:8f:22:ca:24:e6:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
        Validity
            Not Before: Jul 30 01:55:01 2023 GMT
            Not After : Jul 30 02:00:01 2024 GMT
        Subject: CN=3082010A0282010100C9A9E9449D372A29958CACAE91F2755427915556D1B9B6E86AEF79F22A8F087DD0EA228FB8E4CE7EB6B4C3E9432D5C126E3AF341AEDB944C1E565A96D44982ECE02E73663664C4B235EA0729C72A14D8D7022FE1B8727499DC4F2DAF5B15EC77C69112204C4EDA728FC75930BBE26797790814C77C4F867B2F7FAD7256CE93A890C11113C50F8C37C67C8AF6042C406DA4482588798069B69CBE94DF59DE67FF14F246BB7871C85232FD606AC7720046F0BAD2F4268396BE3200BF964D0758AF7C2585FB58DBC61DDE4567EE466BFF8B1177D0A0250F58563F6EB13DC551A10E6E4DA7845AE261359077D2D3196C28B54E4D08556C8D0FEB80B15E48F18D3E310203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:a9:e9:44:9d:37:2a:29:95:8c:ac:ae:91:f2:
                    75:54:27:91:55:56:d1:b9:b6:e8:6a:ef:79:f2:2a:
                    8f:08:7d:d0:ea:22:8f:b8:e4:ce:7e:b6:b4:c3:e9:
                    43:2d:5c:12:6e:3a:f3:41:ae:db:94:4c:1e:56:5a:
                    96:d4:49:82:ec:e0:2e:73:66:36:64:c4:b2:35:ea:
                    07:29:c7:2a:14:d8:d7:02:2f:e1:b8:72:74:99:dc:
                    4f:2d:af:5b:15:ec:77:c6:91:12:20:4c:4e:da:72:
                    8f:c7:59:30:bb:e2:67:97:79:08:14:c7:7c:4f:86:
                    7b:2f:7f:ad:72:56:ce:93:a8:90:c1:11:13:c5:0f:
                    8c:37:c6:7c:8a:f6:04:2c:40:6d:a4:48:25:88:79:
                    80:69:b6:9c:be:94:df:59:de:67:ff:14:f2:46:bb:
                    78:71:c8:52:32:fd:60:6a:c7:72:00:46:f0:ba:d2:
                    f4:26:83:96:be:32:00:bf:96:4d:07:58:af:7c:25:
                    85:fb:58:db:c6:1d:de:45:67:ee:46:6b:ff:8b:11:
                    77:d0:a0:25:0f:58:56:3f:6e:b1:3d:c5:51:a1:0e:
                    6e:4d:a7:84:5a:e2:61:35:90:77:d2:d3:19:6c:28:
                    b5:4e:4d:08:55:6c:8d:0f:eb:80:b1:5e:48:f1:8d:
                    3e:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:B7:BA:68:02:EA:13:20:60:97:AD:91:96:CC:38:B6:13:4B:F0:ED
            X509v3 Authority Key Identifier:
                keyid:DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.multacom.com/repo/MCOMCA/0/DC62768830B1B1201716518D5E6A6525B023593A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/0/3230342e31352e37322e302f32312d3234203d3e203335393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  204.15.72.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2f:e7:0c:f0:0d:c1:19:f5:0b:df:9c:04:5f:0d:f2:f2:82:9e:
         a0:c5:2a:88:7e:59:19:f1:8e:2f:20:1b:20:e8:a8:7c:9d:15:
         17:9c:14:30:76:26:be:83:66:e8:73:c2:82:c7:9c:90:2d:79:
         57:5a:b5:69:0e:eb:d8:ea:d6:cd:3d:61:04:1a:7c:dd:12:dc:
         01:ff:24:cd:d8:4c:b4:97:51:5e:93:56:0e:f1:0b:e5:82:c4:
         50:d2:78:a3:f8:64:9e:2f:2a:56:58:21:9e:72:3a:da:ec:c3:
         42:df:e8:af:5c:92:18:be:8b:d1:92:4d:56:c4:90:aa:be:ec:
         93:ed:8c:e9:be:e3:4a:f2:fb:6d:2d:22:dd:0d:15:98:3c:dc:
         67:4f:20:ce:7a:d5:0c:fc:e0:8a:50:4b:71:25:46:bf:4c:8f:
         f8:17:ee:2f:9e:04:b6:78:1e:51:ff:4d:67:97:96:8e:10:4d:
         bf:5f:60:fb:8c:cc:51:bb:49:0b:80:99:9d:84:1c:e0:e8:1c:
         ff:b8:23:5c:87:51:5b:49:35:21:f1:bd:a8:a8:82:f3:50:c9:
         6a:fb:45:45:bc:b1:96:a8:e5:6a:98:9e:62:2b:88:c2:30:24:
         69:3d:95:85:8f:58:06:ad:90:79:6f:06:39:7b:db:c4:52:38:
         63:d5:a7:2c
-----BEGIN CERTIFICATE-----
MIIHZjCCBk6gAwIBAgIUdXK6oMR1haV+87778B6PIsok5j4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODkwMTk0MDU5N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIx
ZjFmMjBhZGU2ODU2OGU1YjEwHhcNMjMwNzMwMDE1NTAxWhcNMjQwNzMwMDIwMDAx
WjCCAi0xggIpMIICJQYDVQQDE4ICHDMwODIwMTBBMDI4MjAxMDEwMEM5QTlFOTQ0
OUQzNzJBMjk5NThDQUNBRTkxRjI3NTU0Mjc5MTU1NTZEMUI5QjZFODZBRUY3OUYy
MkE4RjA4N0REMEVBMjI4RkI4RTRDRTdFQjZCNEMzRTk0MzJENUMxMjZFM0FGMzQx
QUVEQjk0NEMxRTU2NUE5NkQ0NDk4MkVDRTAyRTczNjYzNjY0QzRCMjM1RUEwNzI5
QzcyQTE0RDhENzAyMkZFMUI4NzI3NDk5REM0RjJEQUY1QjE1RUM3N0M2OTExMjIw
NEM0RURBNzI4RkM3NTkzMEJCRTI2Nzk3NzkwODE0Qzc3QzRGODY3QjJGN0ZBRDcy
NTZDRTkzQTg5MEMxMTExM0M1MEY4QzM3QzY3QzhBRjYwNDJDNDA2REE0NDgyNTg4
Nzk4MDY5QjY5Q0JFOTRERjU5REU2N0ZGMTRGMjQ2QkI3ODcxQzg1MjMyRkQ2MDZB
Qzc3MjAwNDZGMEJBRDJGNDI2ODM5NkJFMzIwMEJGOTY0RDA3NThBRjdDMjU4NUZC
NThEQkM2MURERTQ1NjdFRTQ2NkJGRjhCMTE3N0QwQTAyNTBGNTg1NjNGNkVCMTNE
QzU1MUExMEU2RTREQTc4NDVBRTI2MTM1OTA3N0QyRDMxOTZDMjhCNTRFNEQwODU1
NkM4RDBGRUI4MEIxNUU0OEYxOEQzRTMxMDIwMzAxMDAwMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMmp6USdNyoplYysrpHydVQnkVVW0bm26GrvefIq
jwh90Ooij7jkzn62tMPpQy1cEm4680Gu25RMHlZaltRJguzgLnNmNmTEsjXqBynH
KhTY1wIv4bhydJncTy2vWxXsd8aREiBMTtpyj8dZMLviZ5d5CBTHfE+Gey9/rXJW
zpOokMERE8UPjDfGfIr2BCxAbaRIJYh5gGm2nL6U31neZ/8U8ka7eHHIUjL9YGrH
cgBG8LrS9CaDlr4yAL+WTQdYr3wlhftY28Yd3kVn7kZr/4sRd9CgJQ9YVj9usT3F
UaEObk2nhFriYTWQd9LTGWwotU5NCFVsjQ/rgLFeSPGNPjECAwEAAaOCAmowggJm
MB0GA1UdDgQWBBQQt7poAuoTIGCXrZGWzDi2E0vw7TAfBgNVHSMEGDAWgBTcYnaI
MLGxIBcWUY1eamUlsCNZOjAOBgNVHQ8BAf8EBAMCB4AwZQYDVR0fBF4wXDBaoFig
VoZUcnN5bmM6Ly9ycGtpLm11bHRhY29tLmNvbS9yZXBvL01DT01DQS8wL0RDNjI3
Njg4MzBCMUIxMjAxNzE2NTE4RDVFNkE2NTI1QjAyMzU5M0EuY3JsMIHzBggrBgEF
BQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlh
OC80ZGMwN2JhNi1kMzYwLTRjYTUtYTg2MC02MmU0ZTU0NzZmODQvODkwMTk0MDU5
N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIxZjFmMjBhZGU2ODU2OGU1YjEuY2VyMHwG
CCsGAQUFBwELBHAwbjBsBggrBgEFBQcwC4ZgcnN5bmM6Ly9ycGtpLm11bHRhY29t
LmNvbS9yZXBvL01DT01DQS8wLzMyMzAzNDJlMzEzNTJlMzczMjJlMzAyZjMyMzEy
ZDMyMzQyMDNkM2UyMDMzMzUzOTMxMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAPMD0gwDQYJKoZIhvcN
AQELBQADggEBAC/nDPANwRn1C9+cBF8N8vKCnqDFKoh+WRnxji8gGyDoqHydFRec
FDB2Jr6DZuhzwoLHnJAteVdatWkO69jq1s09YQQafN0S3AH/JM3YTLSXUV6TVg7x
C+WCxFDSeKP4ZJ4vKlZYIZ5yOtrsw0Lf6K9ckhi+i9GSTVbEkKq+7JPtjOm+40ry
+20tIt0NFZg83GdPIM561Qz84IpQS3ElRr9Mj/gX7i+eBLZ4HlH/TWeXlo4QTb9f
YPuMzFG7SQuAmZ2EHODoHP+4I1yHUVtJNSHxvaiogvNQyWr7RUW8sZao5WqYnmIr
iMIwJGk9lYWPWAatkHlvBjl728RSOGPVpyw=
-----END CERTIFICATE-----
Generated at Wed Aug 9 22:55:20 2023 by rpki-client on console-fra.rpki-client.org