Route Origin Authorization

$ rpki-client -vvf rpki.multacom.com/repo/MCOMCA/0/3231362e3132372e3136302e302f31392d3234203d3e203335393136.roa
File:                     3231362e3132372e3136302e302f31392d3234203d3e203335393136.roa (raw, json)
Hash identifier:          xwwgO2HgfknQmKC3e1O3AVPD1imwmWuxXEBf9nK/a+s=
Subject key identifier:   5A:33:01:CD:49:39:05:9B:83:4F:4C:06:EF:F2:1C:3D:97:EB:15:78
Certificate issuer:       /CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
Certificate serial:       5100E5447F463A5BEE4DE624F18E2AF6CF1C3526
Authority key identifier: DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer
Subject info access:      rsync://rpki.multacom.com/repo/MCOMCA/0/3231362e3132372e3136302e302f31392d3234203d3e203335393136.roa
Signing time:             Sun 30 Jul 2023 01:00:00 +0000
ROA not before:           Sun 30 Jul 2023 00:55:00 +0000
ROA not after:            Tue 30 Jul 2024 01:00:00 +0000
asID:                     35916
IP address blocks:        216.127.160.0/19 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:00:e5:44:7f:46:3a:5b:ee:4d:e6:24:f1:8e:2a:f6:cf:1c:35:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1
        Validity
            Not Before: Jul 30 00:55:00 2023 GMT
            Not After : Jul 30 01:00:00 2024 GMT
        Subject: CN=3082010A0282010100C57353256245D0576F9DC9A73BB580EE2B9B9822AD9C6589FBD05D8DE1B5445709105657448A56A3DA4855015C0F339580F58A9B479B21DE542B49CE53225A8FD20FB06B275141882E1C4421824D1678D939A32253E93B5A93ABE0CFC1DEA98611EF6E17E48F9EF8D52FA2220E02680FFC915A21B068F476578C4A381137A66753564B3D68F8D0AE22543DD8803C65EC26B2A4B05B0994C9DF2C39FCD04A3D80F21C51560D20EF462AB249AC8531A6654422B44270B1BB84CF16735E5315A3EC045B790CEA3ED2747399B135B78ED33C5D021FAA3D6D3508165269F443554C8E22FBC2ABDBD591905356EB08C4331AAB5CA14C5036AC761B04D660640BCB14570203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:73:53:25:62:45:d0:57:6f:9d:c9:a7:3b:b5:
                    80:ee:2b:9b:98:22:ad:9c:65:89:fb:d0:5d:8d:e1:
                    b5:44:57:09:10:56:57:44:8a:56:a3:da:48:55:01:
                    5c:0f:33:95:80:f5:8a:9b:47:9b:21:de:54:2b:49:
                    ce:53:22:5a:8f:d2:0f:b0:6b:27:51:41:88:2e:1c:
                    44:21:82:4d:16:78:d9:39:a3:22:53:e9:3b:5a:93:
                    ab:e0:cf:c1:de:a9:86:11:ef:6e:17:e4:8f:9e:f8:
                    d5:2f:a2:22:0e:02:68:0f:fc:91:5a:21:b0:68:f4:
                    76:57:8c:4a:38:11:37:a6:67:53:56:4b:3d:68:f8:
                    d0:ae:22:54:3d:d8:80:3c:65:ec:26:b2:a4:b0:5b:
                    09:94:c9:df:2c:39:fc:d0:4a:3d:80:f2:1c:51:56:
                    0d:20:ef:46:2a:b2:49:ac:85:31:a6:65:44:22:b4:
                    42:70:b1:bb:84:cf:16:73:5e:53:15:a3:ec:04:5b:
                    79:0c:ea:3e:d2:74:73:99:b1:35:b7:8e:d3:3c:5d:
                    02:1f:aa:3d:6d:35:08:16:52:69:f4:43:55:4c:8e:
                    22:fb:c2:ab:db:d5:91:90:53:56:eb:08:c4:33:1a:
                    ab:5c:a1:4c:50:36:ac:76:1b:04:d6:60:64:0b:cb:
                    14:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:33:01:CD:49:39:05:9B:83:4F:4C:06:EF:F2:1C:3D:97:EB:15:78
            X509v3 Authority Key Identifier:
                keyid:DC:62:76:88:30:B1:B1:20:17:16:51:8D:5E:6A:65:25:B0:23:59:3A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.multacom.com/repo/MCOMCA/0/DC62768830B1B1201716518D5E6A6525B023593A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/4dc07ba6-d360-4ca5-a860-62e4e5476f84/8901940597c48f785a91d7212b9ca71b1f1f20ade68568e5b1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.multacom.com/repo/MCOMCA/0/3231362e3132372e3136302e302f31392d3234203d3e203335393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  216.127.160.0/19

    Signature Algorithm: sha256WithRSAEncryption
         7d:a2:a0:27:99:0c:62:0e:a0:4d:70:aa:db:e1:c5:2a:f9:1f:
         87:dd:9c:b5:1b:e0:80:32:af:94:db:75:c9:7f:42:1b:32:73:
         ee:e5:fe:2a:b1:28:fe:bd:12:4a:90:71:a5:66:2c:05:d7:9e:
         23:1a:35:0c:ad:f4:44:07:f4:e5:eb:5c:fe:03:5d:75:0d:70:
         6f:e6:e5:a3:4f:a8:f9:7f:5c:76:b6:61:5f:94:9d:8c:19:55:
         ae:61:3b:27:36:b1:44:7d:fd:71:35:67:6f:1a:77:fa:49:6f:
         97:8e:28:1b:86:dc:96:a6:07:21:bc:ee:a2:c8:9c:a8:71:af:
         66:5d:40:14:0d:d6:35:98:0f:fb:ac:1b:b8:8a:eb:31:94:9a:
         e2:a6:64:90:09:94:c9:ab:1c:99:1c:d4:bb:b9:60:c8:de:50:
         1c:a1:51:9b:3d:b9:9d:ef:9f:f9:6a:26:bd:b0:f1:5c:42:62:
         63:f0:1c:ba:54:39:cd:0c:af:fd:aa:17:94:62:4b:9f:24:07:
         2c:2f:06:c0:f2:43:b1:2a:2c:21:e6:d1:a5:07:d2:09:5a:77:
         55:5c:b4:2d:fa:d7:20:6d:e0:2d:0c:7c:a4:b4:26:39:57:11:
         f1:60:c0:bc:8c:92:e5:b6:b8:50:0c:0e:38:bc:c8:04:49:1b:
         13:30:b5:d4
-----BEGIN CERTIFICATE-----
MIIHazCCBlOgAwIBAgIUUQDlRH9GOlvuTeYk8Y4q9s8cNSYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyODkwMTk0MDU5N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIx
ZjFmMjBhZGU2ODU2OGU1YjEwHhcNMjMwNzMwMDA1NTAwWhcNMjQwNzMwMDEwMDAw
WjCCAi0xggIpMIICJQYDVQQDE4ICHDMwODIwMTBBMDI4MjAxMDEwMEM1NzM1MzI1
NjI0NUQwNTc2RjlEQzlBNzNCQjU4MEVFMkI5Qjk4MjJBRDlDNjU4OUZCRDA1RDhE
RTFCNTQ0NTcwOTEwNTY1NzQ0OEE1NkEzREE0ODU1MDE1QzBGMzM5NTgwRjU4QTlC
NDc5QjIxREU1NDJCNDlDRTUzMjI1QThGRDIwRkIwNkIyNzUxNDE4ODJFMUM0NDIx
ODI0RDE2NzhEOTM5QTMyMjUzRTkzQjVBOTNBQkUwQ0ZDMURFQTk4NjExRUY2RTE3
RTQ4RjlFRjhENTJGQTIyMjBFMDI2ODBGRkM5MTVBMjFCMDY4RjQ3NjU3OEM0QTM4
MTEzN0E2Njc1MzU2NEIzRDY4RjhEMEFFMjI1NDNERDg4MDNDNjVFQzI2QjJBNEIw
NUIwOTk0QzlERjJDMzlGQ0QwNEEzRDgwRjIxQzUxNTYwRDIwRUY0NjJBQjI0OUFD
ODUzMUE2NjU0NDIyQjQ0MjcwQjFCQjg0Q0YxNjczNUU1MzE1QTNFQzA0NUI3OTBD
RUEzRUQyNzQ3Mzk5QjEzNUI3OEVEMzNDNUQwMjFGQUEzRDZEMzUwODE2NTI2OUY0
NDM1NTRDOEUyMkZCQzJBQkRCRDU5MTkwNTM1NkVCMDhDNDMzMUFBQjVDQTE0QzUw
MzZBQzc2MUIwNEQ2NjA2NDBCQ0IxNDU3MDIwMzAxMDAwMTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBAMVzUyViRdBXb53Jpzu1gO4rm5girZxlifvQXY3h
tURXCRBWV0SKVqPaSFUBXA8zlYD1iptHmyHeVCtJzlMiWo/SD7BrJ1FBiC4cRCGC
TRZ42TmjIlPpO1qTq+DPwd6phhHvbhfkj5741S+iIg4CaA/8kVohsGj0dleMSjgR
N6ZnU1ZLPWj40K4iVD3YgDxl7CaypLBbCZTJ3yw5/NBKPYDyHFFWDSDvRiqySayF
MaZlRCK0QnCxu4TPFnNeUxWj7ARbeQzqPtJ0c5mxNbeO0zxdAh+qPW01CBZSafRD
VUyOIvvCq9vVkZBTVusIxDMaq1yhTFA2rHYbBNZgZAvLFFcCAwEAAaOCAm8wggJr
MB0GA1UdDgQWBBRaMwHNSTkFm4NPTAbv8hw9l+sVeDAfBgNVHSMEGDAWgBTcYnaI
MLGxIBcWUY1eamUlsCNZOjAOBgNVHQ8BAf8EBAMCB4AwZQYDVR0fBF4wXDBaoFig
VoZUcnN5bmM6Ly9ycGtpLm11bHRhY29tLmNvbS9yZXBvL01DT01DQS8wL0RDNjI3
Njg4MzBCMUIxMjAxNzE2NTE4RDVFNkE2NTI1QjAyMzU5M0EuY3JsMIHzBggrBgEF
BQcBAQSB5jCB4zCB4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQv
cmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMt
MjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlh
OC80ZGMwN2JhNi1kMzYwLTRjYTUtYTg2MC02MmU0ZTU0NzZmODQvODkwMTk0MDU5
N2M0OGY3ODVhOTFkNzIxMmI5Y2E3MWIxZjFmMjBhZGU2ODU2OGU1YjEuY2VyMIGA
BggrBgEFBQcBCwR0MHIwcAYIKwYBBQUHMAuGZHJzeW5jOi8vcnBraS5tdWx0YWNv
bS5jb20vcmVwby9NQ09NQ0EvMC8zMjMxMzYyZTMxMzIzNzJlMzEzNjMwMmUzMDJm
MzEzOTJkMzIzNDIwM2QzZTIwMzMzNTM5MzEzNi5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBdh/oDANBgkq
hkiG9w0BAQsFAAOCAQEAfaKgJ5kMYg6gTXCq2+HFKvkfh92ctRvggDKvlNt1yX9C
GzJz7uX+KrEo/r0SSpBxpWYsBdeeIxo1DK30RAf05etc/gNddQ1wb+blo0+o+X9c
drZhX5SdjBlVrmE7JzaxRH39cTVnbxp3+klvl44oG4bclqYHIbzuosicqHGvZl1A
FA3WNZgP+6wbuIrrMZSa4qZkkAmUyascmRzUu7lgyN5QHKFRmz25ne+f+WomvbDx
XEJiY/AculQ5zQyv/aoXlGJLnyQHLC8GwPJDsSosIebRpQfSCVp3VVy0LfrXIG3g
LQx8pLQmOVcR8WDAvIyS5ba4UAwOOLzIBEkbEzC11A==
-----END CERTIFICATE-----
Generated at Wed Aug 9 22:59:11 2023 by rpki-client on console-ams.rpki-client.org