Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/LON-Hx_yPWvACZuIKZ2ULFalw-M.roa
File:                     LON-Hx_yPWvACZuIKZ2ULFalw-M.roa (raw, json)
Hash identifier:          FGGr7NEsbHCzUTrXjc6yB1mIFS2QQTGQuZGN/ubQce0=
Subject key identifier:   2C:E3:7E:1F:1F:F2:3D:6B:C0:09:9B:88:29:9D:94:2C:56:A5:C3:E3
Certificate issuer:       /CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
Certificate serial:       029AC22B
Authority key identifier: 30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/LON-Hx_yPWvACZuIKZ2ULFalw-M.roa
Signing time:             Sat 01 Jan 2022 12:54:05 +0000
ROA not before:           Sat 01 Jan 2022 12:54:05 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     58128
IP address blocks:        185.155.205.0/24 maxlen: 24
                          185.155.204.0/24 maxlen: 24
                          185.155.206.0/24 maxlen: 24
                          2.57.226.0/24 maxlen: 24
                          2.57.225.0/24 maxlen: 24
                          2.57.224.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43696683 (0x29ac22b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=306d618355bd8937f75bb4650bb5c1af70f9a12e
        Validity
            Not Before: Jan  1 12:54:05 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=2ce37e1f1ff23d6bc0099b88299d942c56a5c3e3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:67:04:54:03:2d:de:23:f7:6e:f4:67:f7:a6:
                    9f:55:d0:bf:c3:b0:c1:11:b8:51:f6:61:a8:62:b2:
                    26:cc:6d:f9:1f:91:2c:37:a9:3f:87:4c:12:2a:3a:
                    aa:ab:da:b9:83:d9:dd:51:86:64:a3:2e:b1:9d:fd:
                    97:b5:e5:c5:4c:1b:2e:13:a8:c3:de:f3:28:c3:e1:
                    a1:c9:8b:50:de:bc:69:97:44:08:66:f2:11:77:84:
                    e0:31:53:2b:3c:a3:56:55:65:b5:c5:fb:cb:94:c7:
                    c4:06:f3:88:ba:e5:87:19:1e:48:8d:24:66:a0:e0:
                    eb:06:3d:ab:a4:19:e7:d0:b5:de:41:0d:28:29:75:
                    b3:87:7f:ab:9f:31:58:3b:01:5a:a7:93:48:bb:74:
                    b1:48:76:db:21:c3:d0:e1:52:e2:5b:68:3e:9f:b4:
                    65:df:b2:20:7a:95:e2:24:cb:30:7c:4c:f1:b0:64:
                    97:82:e6:7a:9c:cd:03:52:31:07:29:5e:a9:16:2b:
                    1c:77:a5:7a:bd:a6:09:a9:30:f2:6e:a1:bb:a1:0a:
                    b0:de:dd:ad:f3:e8:d2:85:15:5e:4a:8c:3e:dd:19:
                    03:da:05:90:3f:1f:10:04:ae:fe:f9:cc:d0:48:80:
                    b5:be:b6:5a:18:76:d1:6b:d4:b3:af:ef:a6:8e:55:
                    bf:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:E3:7E:1F:1F:F2:3D:6B:C0:09:9B:88:29:9D:94:2C:56:A5:C3:E3
            X509v3 Authority Key Identifier:
                keyid:30:6D:61:83:55:BD:89:37:F7:5B:B4:65:0B:B5:C1:AF:70:F9:A1:2E

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MG1hg1W9iTf3W7RlC7XBr3D5oS4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/LON-Hx_yPWvACZuIKZ2ULFalw-M.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/02/3cde9b-3705-4dc3-8d7e-516ffd87376c/1/MG1hg1W9iTf3W7RlC7XBr3D5oS4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.224.0-2.57.226.255
                  185.155.204.0-185.155.206.255

    Signature Algorithm: sha256WithRSAEncryption
         44:83:2d:41:a9:a6:a6:07:d1:5e:5e:08:cc:16:36:29:12:a2:
         f1:69:4d:c2:cb:bd:47:ae:10:c3:8c:b9:89:5f:0f:e9:df:4f:
         e9:5f:bd:10:d2:47:f1:56:81:ff:37:f9:0c:be:c9:33:12:1b:
         69:b1:7d:c0:c2:3d:df:a5:e5:64:c8:87:cf:a2:0a:e8:ae:63:
         b5:f3:6e:d7:7d:4f:32:4c:b0:e9:64:16:51:78:e5:c4:c3:73:
         8e:99:19:28:f0:37:db:66:7e:0f:c7:02:fe:e0:39:c3:d9:f6:
         57:15:1f:07:bf:2c:f6:67:05:58:b7:ff:ff:86:7c:12:99:f9:
         95:95:d3:a8:08:65:92:0f:05:27:21:5a:37:1e:db:06:92:46:
         14:f2:a2:bb:b0:33:88:dc:0f:75:b8:57:b7:85:42:bf:bb:b7:
         ab:d3:76:78:99:ef:e9:f3:db:06:fa:cd:2b:5f:bd:4b:5b:6f:
         2a:5e:9a:d5:8c:19:92:8c:dc:4f:40:7e:05:08:d7:77:92:4c:
         29:2f:34:52:d9:07:4e:f2:f1:27:b0:34:e2:a2:93:b9:10:45:
         58:d5:6a:2f:09:f9:c4:ca:1a:7e:4b:31:c3:c9:86:ba:1b:f0:
         61:aa:50:4a:1d:82:b7:1e:02:94:37:cb:a2:0e:13:76:83:83:
         6a:c3:95:ed
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEAprCKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDZkNjE4MzU1YmQ4OTM3Zjc1YmI0NjUwYmI1YzFhZjcwZjlhMTJlMB4XDTIyMDEw
MTEyNTQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNlMzdlMWYxZmYy
M2Q2YmMwMDk5Yjg4Mjk5ZDk0MmM1NmE1YzNlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdnBFQDLd4j9270Z/emn1XQv8OwwRG4UfZhqGKyJsxt+R+R
LDepP4dMEio6qqvauYPZ3VGGZKMusZ39l7XlxUwbLhOow97zKMPhocmLUN68aZdE
CGbyEXeE4DFTKzyjVlVltcX7y5THxAbziLrlhxkeSI0kZqDg6wY9q6QZ59C13kEN
KCl1s4d/q58xWDsBWqeTSLt0sUh22yHD0OFS4ltoPp+0Zd+yIHqV4iTLMHxM8bBk
l4LmepzNA1IxByleqRYrHHeler2mCakw8m6hu6EKsN7drfPo0oUVXkqMPt0ZA9oF
kD8fEASu/vnM0EiAtb62Whh20WvUs6/vpo5Vv+cCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBQs434fH/I9a8AJm4gpnZQsVqXD4zAfBgNVHSMEGDAWgBQwbWGDVb2JN/db
tGULtcGvcPmhLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01HMWhnMVc5aVRmM1c3UmxDN1hCcjNENW9TNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDIvM2NkZTliLTM3MDUtNGRjMy04ZDdlLTUxNmZmZDg3Mzc2Yy8x
L0xPTi1IeF95UFd2QUNadUlLWjJVTEZhbHctTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDIv
M2NkZTliLTM3MDUtNGRjMy04ZDdlLTUxNmZmZDg3Mzc2Yy8xL01HMWhnMVc5aVRm
M1c3UmxDN1hCcjNENW9TNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHDAMAwQFAjngAwQAAjniMAwDBAK5m8wD
BAC5m84wDQYJKoZIhvcNAQELBQADggEBAESDLUGppqYH0V5eCMwWNikSovFpTcLL
vUeuEMOMuYlfD+nfT+lfvRDSR/FWgf83+Qy+yTMSG2mxfcDCPd+l5WTIh8+iCuiu
Y7Xzbtd9TzJMsOlkFlF45cTDc46ZGSjwN9tmfg/HAv7gOcPZ9lcVHwe/LPZnBVi3
//+GfBKZ+ZWV06gIZZIPBSchWjce2waSRhTyoruwM4jcD3W4V7eFQr+7t6vTdniZ
7+nz2wb6zStfvUtbbypemtWMGZKM3E9AfgUI13eSTCkvNFLZB07y8SewNOKik7kQ
RVjVai8J+cTKGn5LMcPJhrob8GGqUEodgrceApQ3y6IOE3aDg2rDle0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:43 2024 by rpki-client on console-fra.rpki-client.org