Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z7lIdkzPRpRpcdU8DMFBrJVMF_s.roa
File:                     Z7lIdkzPRpRpcdU8DMFBrJVMF_s.roa (raw, json)
Hash identifier:          SrZUihCjKJXoQ0KM6KXg6YsxlOLMfQQQNOgi1aeeaNw=
Subject key identifier:   67:B9:48:76:4C:CF:46:94:69:71:D5:3C:0C:C1:41:AC:95:4C:17:FB
Certificate issuer:       /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial:       01883BB34730B5E66248F14955D1F01DD908
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z7lIdkzPRpRpcdU8DMFBrJVMF_s.roa
Signing time:             Sun 21 May 2023 00:26:24 +0000
ROA not before:           Sun 21 May 2023 00:26:24 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34224
IP address blocks:        212.73.131.0/24 maxlen: 24
                          212.73.128.0/23 maxlen: 24
                          212.73.132.0/24 maxlen: 24
                          212.73.130.0/23 maxlen: 24
                          212.73.136.0/24 maxlen: 24
                          87.120.176.0/24 maxlen: 24
                          212.73.133.0/24 maxlen: 24
                          212.73.138.0/23 maxlen: 24
                          212.73.138.0/24 maxlen: 24
                          212.73.134.0/24 maxlen: 24
                          212.73.143.0/24 maxlen: 24
                          212.73.140.0/24 maxlen: 24
                          212.73.144.0/24 maxlen: 24
                          212.73.141.0/24 maxlen: 24
                          212.73.145.0/24 maxlen: 24
                          212.73.142.0/24 maxlen: 24
                          212.73.147.0/24 maxlen: 24
                          212.73.148.0/24 maxlen: 24
                          212.73.146.0/24 maxlen: 24
                          212.73.155.0/24 maxlen: 24
                          212.73.157.0/24 maxlen: 24
                          87.120.195.0/24 maxlen: 24
                          87.120.199.0/24 maxlen: 24
                          87.120.206.0/24 maxlen: 24
                          87.120.206.0/23 maxlen: 24
                          87.120.201.0/24 maxlen: 24
                          87.120.200.0/24 maxlen: 24
                          87.120.207.0/24 maxlen: 24
                          87.120.109.0/24 maxlen: 24
                          87.120.128.0/23 maxlen: 24
                          87.120.132.0/24 maxlen: 24
                          87.120.134.0/24 maxlen: 24
                          87.120.133.0/24 maxlen: 24
                          87.120.135.0/24 maxlen: 24
                          37.60.138.0/24 maxlen: 24
                          87.121.42.0/24 maxlen: 24
                          37.60.139.0/24 maxlen: 24
                          92.249.49.0/24 maxlen: 24
                          87.121.52.0/24 maxlen: 24
                          87.121.64.0/24 maxlen: 24
                          87.120.217.0/24 maxlen: 24
                          87.120.223.0/24 maxlen: 24
                          87.120.36.100/32 maxlen: 32
                          87.120.253.0/24 maxlen: 24
                          87.120.255.0/24 maxlen: 24
                          87.121.0.0/23 maxlen: 24
                          87.121.0.0/24 maxlen: 24
                          87.121.1.0/24 maxlen: 24
                          87.121.2.0/24 maxlen: 24
                          87.120.254.0/24 maxlen: 24
                          87.121.6.0/23 maxlen: 24
                          91.92.219.0/24 maxlen: 24
                          91.92.230.0/24 maxlen: 24
                          91.92.198.0/23 maxlen: 24
                          91.92.197.0/24 maxlen: 24
                          87.120.61.0/24 maxlen: 24
                          87.120.104.0/24 maxlen: 24
                          87.120.6.0/23 maxlen: 24
                          87.120.6.0/24 maxlen: 24
                          87.120.8.0/24 maxlen: 24
                          87.120.13.0/24 maxlen: 24
                          87.120.37.0/24 maxlen: 24
                          87.120.43.0/24 maxlen: 24
                          87.120.39.0/24 maxlen: 24
                          91.92.0.0/24 maxlen: 24
                          91.92.2.0/24 maxlen: 24
                          91.92.1.0/24 maxlen: 24
                          91.92.109.0/24 maxlen: 24
                          91.92.139.0/24 maxlen: 24
                          91.92.69.0/24 maxlen: 24
                          91.92.65.0/24 maxlen: 24
                          91.92.66.0/24 maxlen: 24
                          91.92.68.0/24 maxlen: 24
                          91.92.105.0/24 maxlen: 24
                          94.156.216.0/21 maxlen: 24
                          94.156.233.0/24 maxlen: 24
                          94.156.227.0/24 maxlen: 24
                          94.156.232.0/22 maxlen: 22
                          94.156.232.0/24 maxlen: 24
                          93.123.64.0/24 maxlen: 24
                          94.156.249.0/24 maxlen: 24
                          94.156.251.0/24 maxlen: 24
                          94.156.252.0/24 maxlen: 24
                          94.156.172.0/23 maxlen: 24
                          93.123.8.0/24 maxlen: 24
                          94.156.185.0/24 maxlen: 24
                          94.156.188.0/24 maxlen: 24
                          94.156.190.0/24 maxlen: 24
                          93.123.12.0/24 maxlen: 24
                          93.123.18.0/24 maxlen: 24
                          93.123.28.0/23 maxlen: 24
                          93.123.37.0/24 maxlen: 24
                          93.123.36.0/24 maxlen: 24
                          93.123.32.0/22 maxlen: 24
                          94.156.8.0/24 maxlen: 24
                          94.156.15.0/24 maxlen: 24
                          94.156.12.0/24 maxlen: 24
                          94.156.44.0/24 maxlen: 24
                          94.156.42.0/24 maxlen: 24
                          94.156.106.0/24 maxlen: 24
                          94.156.130.0/24 maxlen: 24
                          94.156.129.0/24 maxlen: 24
                          94.156.159.0/24 maxlen: 24
                          94.156.158.0/24 maxlen: 24
                          94.156.153.0/24 maxlen: 24
                          94.156.77.0/24 maxlen: 24
                          94.156.98.0/24 maxlen: 24
                          94.156.94.0/24 maxlen: 24
                          94.156.100.0/24 maxlen: 24
                          31.13.195.0/24 maxlen: 24
                          31.13.197.0/24 maxlen: 24
                          87.121.150.0/23 maxlen: 24
                          31.13.217.0/24 maxlen: 24
                          87.121.161.0/24 maxlen: 24
                          31.13.216.0/21 maxlen: 24
                          31.13.223.0/24 maxlen: 24
                          31.13.221.0/24 maxlen: 24
                          87.121.79.0/24 maxlen: 24
                          87.121.83.0/24 maxlen: 24
                          87.121.82.0/24 maxlen: 24
                          87.121.90.0/23 maxlen: 24
                          87.121.112.0/24 maxlen: 24
                          87.121.111.0/24 maxlen: 24
                          87.121.118.0/24 maxlen: 24
                          87.121.113.0/24 maxlen: 24
                          31.13.230.0/23 maxlen: 24
                          31.13.236.0/22 maxlen: 24
                          31.13.245.0/24 maxlen: 24
                          31.13.241.0/24 maxlen: 24
                          2a00:1728:35::/48 maxlen: 48
                          2a00:1728:27::/48 maxlen: 48
                          2a00:1728:21::/48 maxlen: 48
                          2a00:1728:0:d::/64 maxlen: 64
                          2a00:1728:1b::/48 maxlen: 48
                          2a00:1728:34::/48 maxlen: 48
                          2a00:1728:23::/48 maxlen: 48
                          2a00:1728:31::/48 maxlen: 48
                          2a00:1728:25::/48 maxlen: 48
                          2a00:1728:3::/48 maxlen: 48
                          2a00:1728:1f::/48 maxlen: 48
                          2a00:1728::/32 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:3b:b3:47:30:b5:e6:62:48:f1:49:55:d1:f0:1d:d9:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
        Validity
            Not Before: May 21 00:26:24 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=67b948764ccf46946971d53c0cc141ac954c17fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:68:98:c9:55:c7:dc:38:f4:96:88:15:eb:8d:
                    5a:ad:02:21:4d:74:0b:d9:4f:ee:ec:ba:c0:ea:d8:
                    7b:5b:e9:c1:21:7a:03:52:65:1d:35:09:ae:10:18:
                    4c:59:33:1a:94:91:67:57:d1:3e:38:1d:3e:d0:ae:
                    7d:ea:fc:15:21:bc:3b:17:c9:01:55:2c:2e:e2:3f:
                    c0:eb:92:48:9b:ad:88:6f:44:a0:4e:b3:90:2a:1d:
                    6c:3d:2e:9c:d5:c7:cb:b6:b2:0d:6a:67:b9:76:b1:
                    1a:ca:e7:10:30:2a:4a:39:8f:ad:40:f4:80:b8:bc:
                    7f:d8:fa:89:14:87:6d:bc:bb:90:e8:e0:e5:4a:48:
                    26:e4:03:42:e0:a5:e9:35:05:c0:dc:8f:3c:a0:95:
                    70:5e:ee:da:8a:c2:65:56:22:fd:e9:0f:8b:51:9c:
                    ce:fb:b5:93:a1:fd:31:88:a6:95:92:ed:99:58:47:
                    15:56:b4:4c:5f:e0:9e:fa:c2:84:fe:2d:7c:28:08:
                    10:2a:a7:eb:8e:25:d4:2f:c3:e0:40:5b:c8:6a:05:
                    c6:37:12:0f:fc:7c:a5:67:2e:7e:73:7c:5e:43:a1:
                    7e:37:5c:2b:53:eb:c1:8c:71:a4:d1:49:23:d5:1f:
                    48:a9:42:23:3c:1f:74:0a:b4:0d:26:ca:2c:b0:83:
                    fb:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:B9:48:76:4C:CF:46:94:69:71:D5:3C:0C:C1:41:AC:95:4C:17:FB
            X509v3 Authority Key Identifier:
                keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Z7lIdkzPRpRpcdU8DMFBrJVMF_s.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.13.195.0/24
                  31.13.197.0/24
                  31.13.216.0/21
                  31.13.230.0/23
                  31.13.236.0/22
                  31.13.241.0/24
                  31.13.245.0/24
                  37.60.138.0/23
                  87.120.6.0-87.120.8.255
                  87.120.13.0/24
                  87.120.36.100/32
                  87.120.37.0/24
                  87.120.39.0/24
                  87.120.43.0/24
                  87.120.61.0/24
                  87.120.104.0/24
                  87.120.109.0/24
                  87.120.128.0/23
                  87.120.132.0/22
                  87.120.176.0/24
                  87.120.195.0/24
                  87.120.199.0-87.120.201.255
                  87.120.206.0/23
                  87.120.217.0/24
                  87.120.223.0/24
                  87.120.253.0-87.121.2.255
                  87.121.6.0/23
                  87.121.42.0/24
                  87.121.52.0/24
                  87.121.64.0/24
                  87.121.79.0/24
                  87.121.82.0/23
                  87.121.90.0/23
                  87.121.111.0-87.121.113.255
                  87.121.118.0/24
                  87.121.150.0/23
                  87.121.161.0/24
                  91.92.0.0-91.92.2.255
                  91.92.65.0-91.92.66.255
                  91.92.68.0/23
                  91.92.105.0/24
                  91.92.109.0/24
                  91.92.139.0/24
                  91.92.197.0-91.92.199.255
                  91.92.219.0/24
                  91.92.230.0/24
                  92.249.49.0/24
                  93.123.8.0/24
                  93.123.12.0/24
                  93.123.18.0/24
                  93.123.28.0/23
                  93.123.32.0-93.123.37.255
                  93.123.64.0/24
                  94.156.8.0/24
                  94.156.12.0/24
                  94.156.15.0/24
                  94.156.42.0/24
                  94.156.44.0/24
                  94.156.77.0/24
                  94.156.94.0/24
                  94.156.98.0/24
                  94.156.100.0/24
                  94.156.106.0/24
                  94.156.129.0-94.156.130.255
                  94.156.153.0/24
                  94.156.158.0/23
                  94.156.172.0/23
                  94.156.185.0/24
                  94.156.188.0/24
                  94.156.190.0/24
                  94.156.216.0/21
                  94.156.227.0/24
                  94.156.232.0/22
                  94.156.249.0/24
                  94.156.251.0-94.156.252.255
                  212.73.128.0-212.73.134.255
                  212.73.136.0/24
                  212.73.138.0-212.73.148.255
                  212.73.155.0/24
                  212.73.157.0/24
                IPv6:
                  2a00:1728::/32

    Signature Algorithm: sha256WithRSAEncryption
         1b:e5:e5:84:97:15:15:05:df:2f:42:6f:8c:73:cd:c9:73:dd:
         dc:37:72:f9:8c:ce:97:ab:a7:4b:77:ce:f9:29:fd:1c:ac:31:
         e9:d5:43:48:38:1d:7f:af:07:26:52:02:cd:53:e0:36:0e:bc:
         33:64:e2:f3:d9:e7:7b:20:05:f0:df:7b:ca:de:e6:ed:51:1b:
         39:1c:b2:fc:6a:8e:6b:fa:94:72:a3:a2:23:0a:ad:e2:ab:36:
         0b:32:49:4c:be:a5:10:a7:fb:61:3d:3a:2a:12:04:40:89:47:
         5e:e2:68:58:06:d0:76:91:53:a3:f8:17:35:17:3e:66:ef:0d:
         0d:a4:72:ed:60:66:cf:e7:cd:1d:af:ba:46:1a:84:5f:92:4f:
         72:72:6d:ba:40:31:81:d5:fe:f6:0d:3a:70:5b:3b:06:d5:ce:
         8b:ab:1b:5b:0a:91:44:e2:11:0d:2e:6c:da:29:17:85:18:1d:
         f9:d8:fb:77:3d:05:e1:bb:c8:7c:12:e3:58:e6:13:2f:72:85:
         8c:59:b0:95:3a:67:f6:5c:35:91:4a:ad:4b:3e:b6:79:23:1b:
         d2:43:7b:5d:e3:1d:b8:09:d3:cd:78:d7:ec:19:98:5d:e9:97:
         3d:e4:bf:f6:5e:4e:f5:4f:1a:5b:25:ee:b4:63:a2:2c:59:ae:
         3f:98:91:d0
-----BEGIN CERTIFICATE-----
MIIHUDCCBjigAwIBAgISAYg7s0cwteZiSPFJVdHwHdkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTIxMDAyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2I5NDg3NjRjY2Y0Njk0Njk3MWQ1M2MwY2MxNDFhYzk1NGMxN2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2iYyVXH3Dj0logV641arQIhTXQL
2U/u7LrA6th7W+nBIXoDUmUdNQmuEBhMWTMalJFnV9E+OB0+0K596vwVIbw7F8kB
VSwu4j/A65JIm62Ib0SgTrOQKh1sPS6c1cfLtrIName5drEayucQMCpKOY+tQPSA
uLx/2PqJFIdtvLuQ6ODlSkgm5ANC4KXpNQXA3I88oJVwXu7aisJlViL96Q+LUZzO
+7WTof0xiKaVku2ZWEcVVrRMX+Ce+sKE/i18KAgQKqfrjiXUL8PgQFvIagXGNxIP
/HylZy5+c3xeQ6F+N1wrU+vBjHGk0Ukj1R9IqUIjPB90CrQNJsossIP7YQIDAQAB
o4IEXDCCBFgwHQYDVR0OBBYEFGe5SHZMz0aUaXHVPAzBQayVTBf7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWjdsSWRrelBScFJwY2RVOERNRkJySlZNRl9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICcAYIKwYBBQUHAQcBAf8EggJfMIICWzCCAkgEAgABMIIC
QAMEAB8NwwMEAB8NxQMEAx8N2AMEAR8N5gMEAh8N7AMEAB8N8QMEAB8N9QMEASU8
ijAMAwQBV3gGAwQAV3gIAwQAV3gNAwUAV3gkZAMEAFd4JQMEAFd4JwMEAFd4KwME
AFd4PQMEAFd4aAMEAFd4bQMEAVd4gAMEAld4hAMEAFd4sAMEAFd4wzAMAwQAV3jH
AwQBV3jIAwQBV3jOAwQAV3jZAwQAV3jfMAwDBABXeP0DBABXeQIDBAFXeQYDBABX
eSoDBABXeTQDBABXeUADBABXeU8DBAFXeVIDBAFXeVowDAMEAFd5bwMEAVd5cAME
AFd5dgMEAVd5lgMEAFd5oTALAwMCW1wDBABbXAIwDAMEAFtcQQMEAFtcQgMEAVtc
RAMEAFtcaQMEAFtcbQMEAFtcizAMAwQAW1zFAwQDW1zAAwQAW1zbAwQAW1zmAwQA
XPkxAwQAXXsIAwQAXXsMAwQAXXsSAwQBXXscMAwDBAVdeyADBAFdeyQDBABde0AD
BABenAgDBABenAwDBABenA8DBABenCoDBABenCwDBABenE0DBABenF4DBABenGID
BABenGQDBABenGowDAMEAF6cgQMEAF6cggMEAF6cmQMEAV6cngMEAV6crAMEAF6c
uQMEAF6cvAMEAF6cvgMEA16c2AMEAF6c4wMEAl6c6AMEAF6c+TAMAwQAXpz7AwQA
Xpz8MAwDBAfUSYADBADUSYYDBADUSYgwDAMEAdRJigMEANRJlAMEANRJmwMEANRJ
nTANBAIAAjAHAwUAKgAXKDANBgkqhkiG9w0BAQsFAAOCAQEAG+XlhJcVFQXfL0Jv
jHPNyXPd3Ddy+YzOl6unS3fO+Sn9HKwx6dVDSDgdf68HJlICzVPgNg68M2Ti89nn
eyAF8N97yt7m7VEbORyy/GqOa/qUcqOiIwqt4qs2CzJJTL6lEKf7YT06KhIEQIlH
XuJoWAbQdpFTo/gXNRc+Zu8NDaRy7WBmz+fNHa+6RhqEX5JPcnJtukAxgdX+9g06
cFs7BtXOi6sbWwqRROIRDS5s2ikXhRgd+dj7dz0F4bvIfBLjWOYTL3KFjFmwlTpn
9lw1kUqtSz62eSMb0kN7XeMduAnTzXjX7BmYXemXPeS/9l5O9U8aWyXutGOiLFmu
P5iR0A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:36 2024 by rpki-client on console-ams.rpki-client.org