Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/N9j_U0oIURmGXBs1sKahNrNV_A4.roa
File:                     N9j_U0oIURmGXBs1sKahNrNV_A4.roa (raw, json)
Hash identifier:          RiSurH4oQsjR40sO+tHaFQ8yvv1QqjSBBErQNBan7DA=
Subject key identifier:   37:D8:FF:53:4A:08:51:19:86:5C:1B:35:B0:A6:A1:36:B3:55:FC:0E
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       01859F13963C374A5526B4F3167AE6A2F0B7
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/N9j_U0oIURmGXBs1sKahNrNV_A4.roa
Signing time:             Wed 11 Jan 2023 04:25:39 +0000
ROA not before:           Wed 11 Jan 2023 04:25:39 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     34665
IP address blocks:        46.161.14.0/23 maxlen: 23
                          46.161.12.0/23 maxlen: 23
                          46.161.20.0/22 maxlen: 22
                          46.161.24.0/23 maxlen: 23
                          5.188.10.0/23 maxlen: 23
                          5.188.9.0/24 maxlen: 24
                          95.215.0.0/22 maxlen: 24
                          95.215.2.0/23 maxlen: 23
                          95.215.0.0/23 maxlen: 23
                          46.161.26.0/24 maxlen: 24
                          95.215.0.0/24 maxlen: 24
                          95.215.3.0/24 maxlen: 24
                          46.161.30.0/24 maxlen: 24
                          46.161.28.0/24 maxlen: 24
                          95.215.1.0/24 maxlen: 24
                          46.161.29.0/24 maxlen: 24
                          95.215.2.0/24 maxlen: 24
                          46.161.32.0/22 maxlen: 22
                          46.161.42.0/24 maxlen: 24
                          46.161.41.0/24 maxlen: 24
                          46.161.48.0/22 maxlen: 22
                          46.161.48.0/23 maxlen: 23
                          46.161.50.0/23 maxlen: 23
                          46.161.48.0/24 maxlen: 24
                          46.161.51.0/24 maxlen: 24
                          46.161.49.0/24 maxlen: 24
                          46.161.50.0/24 maxlen: 24
                          5.188.44.0/22 maxlen: 22
                          5.188.44.0/23 maxlen: 23
                          5.188.44.0/24 maxlen: 24
                          5.188.46.0/23 maxlen: 23
                          5.188.49.0/24 maxlen: 24
                          5.188.47.0/24 maxlen: 24
                          5.188.48.0/24 maxlen: 24
                          5.188.46.0/24 maxlen: 24
                          5.188.45.0/24 maxlen: 24
                          46.161.1.0/24 maxlen: 24
                          46.161.2.0/23 maxlen: 24
                          46.161.11.0/24 maxlen: 24
                          46.161.10.0/24 maxlen: 24
                          46.161.8.0/24 maxlen: 24
                          5.101.4.0/24 maxlen: 24
                          5.101.2.0/24 maxlen: 24
                          5.101.3.0/24 maxlen: 24
                          5.101.0.0/24 maxlen: 24
                          5.101.1.0/24 maxlen: 24
                          5.101.2.0/23 maxlen: 23
                          5.101.4.0/22 maxlen: 22
                          5.101.4.0/23 maxlen: 23
                          5.101.0.0/22 maxlen: 22
                          5.101.0.0/23 maxlen: 23
                          5.101.7.0/24 maxlen: 24
                          5.101.5.0/24 maxlen: 24
                          5.101.6.0/24 maxlen: 24
                          5.101.6.0/23 maxlen: 23
                          5.188.62.0/24 maxlen: 24
                          5.188.60.0/23 maxlen: 23
                          37.139.51.0/24 maxlen: 24
                          37.139.49.0/24 maxlen: 24
                          37.139.58.0/24 maxlen: 24
                          37.139.57.0/24 maxlen: 24
                          37.139.56.0/24 maxlen: 24
                          37.139.53.0/24 maxlen: 24
                          37.139.58.0/23 maxlen: 23
                          37.139.56.0/23 maxlen: 23
                          37.139.56.0/22 maxlen: 22
                          37.139.54.0/23 maxlen: 23
                          37.139.59.0/24 maxlen: 24
                          31.44.184.0/24 maxlen: 24
                          31.44.188.0/22 maxlen: 32
                          146.185.244.0/23 maxlen: 23
                          146.185.224.0/21 maxlen: 21
                          146.185.223.0/24 maxlen: 24
                          185.238.152.0/22 maxlen: 22
                          31.184.192.0/24 maxlen: 24
                          31.184.192.0/23 maxlen: 23
                          31.184.192.0/22 maxlen: 22
                          31.184.193.0/24 maxlen: 24
                          31.184.196.0/24 maxlen: 24
                          31.184.195.0/24 maxlen: 24
                          31.184.196.0/22 maxlen: 22
                          31.184.196.0/23 maxlen: 23
                          31.184.194.0/23 maxlen: 23
                          31.184.194.0/24 maxlen: 24
                          31.184.199.0/24 maxlen: 24
                          31.184.198.0/23 maxlen: 23
                          31.184.197.0/24 maxlen: 24
                          31.184.198.0/24 maxlen: 24
                          195.2.240.0/23 maxlen: 24
                          31.184.231.0/24 maxlen: 24
                          31.184.232.0/22 maxlen: 24
                          31.184.228.0/23 maxlen: 23
                          31.184.238.0/23 maxlen: 23
                          31.184.243.0/24 maxlen: 24
                          188.143.232.0/24 maxlen: 24
                          188.143.233.0/24 maxlen: 24
                          188.143.232.0/23 maxlen: 23
                          188.143.232.0/22 maxlen: 22
                          37.9.48.0/24 maxlen: 24
                          188.143.235.0/24 maxlen: 24
                          91.243.93.0/24 maxlen: 24
                          5.8.52.0/23 maxlen: 23
                          5.8.54.0/23 maxlen: 23
                          5.8.52.0/22 maxlen: 22
                          5.8.56.0/24 maxlen: 24
                          5.8.57.0/24 maxlen: 24
                          5.8.54.0/24 maxlen: 24
                          5.8.55.0/24 maxlen: 24
                          5.8.53.0/24 maxlen: 24
                          5.8.52.0/24 maxlen: 24
                          5.8.60.0/23 maxlen: 23
                          5.8.59.0/24 maxlen: 24
                          5.8.65.0/24 maxlen: 24
                          5.8.8.0/24 maxlen: 24
                          5.8.10.0/23 maxlen: 23
                          5.8.8.0/23 maxlen: 23
                          5.8.8.0/22 maxlen: 22
                          5.8.11.0/24 maxlen: 24
                          5.8.9.0/24 maxlen: 24
                          5.8.10.0/24 maxlen: 24
                          5.8.12.0/22 maxlen: 22
                          5.189.248.0/22 maxlen: 22
                          5.8.48.0/23 maxlen: 23
                          5.8.48.0/22 maxlen: 22
                          5.8.50.0/23 maxlen: 23
                          5.8.49.0/24 maxlen: 24
                          5.8.50.0/24 maxlen: 24
                          5.8.48.0/24 maxlen: 24
                          5.8.51.0/24 maxlen: 24
                          5.101.66.0/23 maxlen: 23
                          5.101.66.0/24 maxlen: 24
                          5.101.67.0/24 maxlen: 24
                          5.101.65.0/24 maxlen: 24
                          5.188.220.0/23 maxlen: 24
                          5.188.223.0/24 maxlen: 24
                          5.188.222.0/24 maxlen: 24
                          5.101.80.0/22 maxlen: 22
                          5.188.233.0/24 maxlen: 24
                          5.101.84.0/22 maxlen: 22
                          5.188.234.0/23 maxlen: 23
                          5.101.90.0/23 maxlen: 23
                          5.188.166.0/24 maxlen: 24
                          5.188.164.0/24 maxlen: 24
                          5.188.165.0/24 maxlen: 24
                          5.101.32.0/22 maxlen: 24
                          5.188.204.0/23 maxlen: 23
                          5.101.64.0/22 maxlen: 22
                          5.101.64.0/23 maxlen: 23
                          5.188.211.0/24 maxlen: 24
                          5.188.210.0/24 maxlen: 24
                          5.188.207.0/24 maxlen: 24
                          5.101.64.0/24 maxlen: 24
                          5.188.208.0/23 maxlen: 23
                          91.243.44.0/22 maxlen: 22
                          91.243.48.0/22 maxlen: 22
                          91.243.48.0/23 maxlen: 23
                          91.243.50.0/23 maxlen: 23
                          91.243.51.0/24 maxlen: 24
                          91.243.50.0/24 maxlen: 24
                          91.243.48.0/24 maxlen: 24
                          91.243.49.0/24 maxlen: 24
                          91.243.56.0/22 maxlen: 22
                          91.243.52.0/22 maxlen: 22
                          91.243.62.0/23 maxlen: 23
                          91.243.60.0/24 maxlen: 24
                          91.243.61.0/24 maxlen: 24
                          91.243.91.0/24 maxlen: 24
                          91.243.90.0/24 maxlen: 24
                          91.243.32.0/22 maxlen: 22
                          2a00:1d78:100:1c0::/58 maxlen: 58

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:9f:13:96:3c:37:4a:55:26:b4:f3:16:7a:e6:a2:f0:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jan 11 04:25:39 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=37d8ff534a085119865c1b35b0a6a136b355fc0e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:a5:4b:15:cd:71:47:2f:79:81:65:d7:2a:25:
                    10:15:b6:05:1a:bc:b9:a6:b4:a8:c3:e6:f5:be:b1:
                    d4:42:66:b8:4e:26:e6:65:7f:aa:9c:7e:c1:80:90:
                    82:21:14:fb:92:2f:31:56:4b:da:b7:94:2a:fc:8d:
                    75:73:32:5a:bb:55:d3:2f:2b:08:3b:7f:22:d4:57:
                    52:bc:2e:03:be:81:9a:6c:ad:df:86:49:a7:5b:f5:
                    05:ac:8d:53:de:33:ee:39:f9:0f:22:3d:d8:21:5e:
                    8a:f7:8b:f2:71:e6:18:6f:49:30:7f:58:ae:a8:6b:
                    4f:ee:d9:33:7a:1e:96:19:cd:f6:e8:58:7d:f6:27:
                    6a:c1:3d:59:f3:c3:b3:74:72:40:0f:66:3a:d8:dd:
                    e2:63:88:07:04:d7:4c:c7:a9:e6:d8:2f:9c:1a:28:
                    e4:85:d3:be:d2:ed:32:da:71:2e:a0:ca:b7:7b:16:
                    2f:d2:95:24:f4:f6:5a:03:fc:a1:e4:0c:8e:8e:71:
                    dc:bb:c6:8c:2a:c8:27:03:5a:ba:bb:14:f6:4a:6f:
                    4a:df:1e:0f:1a:3d:38:cd:4f:7e:7a:47:46:03:71:
                    a7:fb:ad:a3:b6:06:5f:56:98:13:b0:9d:a6:2f:7d:
                    43:1e:ad:d2:4f:26:9c:e5:8e:b9:0e:5b:88:74:d8:
                    d4:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:D8:FF:53:4A:08:51:19:86:5C:1B:35:B0:A6:A1:36:B3:55:FC:0E
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/N9j_U0oIURmGXBs1sKahNrNV_A4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.8.0/21
                  5.8.48.0-5.8.57.255
                  5.8.59.0-5.8.61.255
                  5.8.65.0/24
                  5.101.0.0/21
                  5.101.32.0/22
                  5.101.64.0/22
                  5.101.80.0/21
                  5.101.90.0/23
                  5.188.9.0-5.188.11.255
                  5.188.44.0-5.188.49.255
                  5.188.60.0-5.188.62.255
                  5.188.164.0-5.188.166.255
                  5.188.204.0/23
                  5.188.207.0-5.188.211.255
                  5.188.220.0/22
                  5.188.233.0-5.188.235.255
                  5.189.248.0/22
                  31.44.184.0/24
                  31.44.188.0/22
                  31.184.192.0/21
                  31.184.228.0/23
                  31.184.231.0-31.184.235.255
                  31.184.238.0/23
                  31.184.243.0/24
                  37.9.48.0/24
                  37.139.49.0/24
                  37.139.51.0/24
                  37.139.53.0-37.139.59.255
                  46.161.1.0-46.161.3.255
                  46.161.8.0/24
                  46.161.10.0-46.161.15.255
                  46.161.20.0-46.161.26.255
                  46.161.28.0-46.161.30.255
                  46.161.32.0/22
                  46.161.41.0-46.161.42.255
                  46.161.48.0/22
                  91.243.32.0/22
                  91.243.44.0-91.243.63.255
                  91.243.90.0/23
                  91.243.93.0/24
                  95.215.0.0/22
                  146.185.223.0-146.185.231.255
                  146.185.244.0/23
                  185.238.152.0/22
                  188.143.232.0/22
                  195.2.240.0/23
                IPv6:
                  2a00:1d78:100:1c0::/58

    Signature Algorithm: sha256WithRSAEncryption
         1a:93:d9:d0:0e:85:37:5a:f2:aa:ba:8f:07:54:e7:86:2d:df:
         bd:84:ad:e7:dc:8f:8c:4c:22:57:05:21:4f:1c:ac:4f:72:ba:
         d5:a9:70:d0:54:f6:cc:83:a8:65:1c:1e:c3:ee:db:b4:d0:78:
         da:d2:a2:e8:4d:6e:c4:44:9d:2a:91:30:71:13:95:76:77:48:
         45:01:dc:aa:bc:7a:82:df:38:86:dc:46:75:19:6c:17:d1:36:
         81:25:6b:d7:32:83:a2:f5:f8:35:4a:d3:bd:e7:37:76:45:65:
         e9:d7:d0:42:c5:72:3e:7c:c9:48:b2:de:f1:59:32:be:0d:7a:
         4e:4f:d7:a9:e8:5a:be:50:dc:f1:5a:0a:6b:13:60:18:98:ad:
         1d:7a:31:45:d7:e2:56:53:95:43:f7:26:d5:10:34:fc:03:d4:
         c1:42:cd:09:f9:7e:f1:5d:79:5d:29:78:c9:3b:f6:3a:6d:24:
         a7:1b:ea:2a:ea:9c:07:02:0e:ec:af:8b:a8:93:d2:00:9e:89:
         04:85:aa:47:31:42:f0:85:16:85:c5:d6:63:b6:b4:30:0c:6c:
         49:0e:d4:48:e4:3a:6b:83:20:ec:87:a3:16:b5:74:cf:b0:59:
         99:4a:7f:1f:a5:89:95:42:70:a3:11:1e:e0:5a:b4:98:de:bc:
         ff:d1:d2:c2
-----BEGIN CERTIFICATE-----
MIIGtjCCBZ6gAwIBAgISAYWfE5Y8N0pVJrTzFnrmovC3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwMTExMDQyNTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2Q4ZmY1MzRhMDg1MTE5ODY1YzFiMzViMGE2YTEzNmIzNTVmYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6VLFc1xRy95gWXXKiUQFbYFGry5
prSow+b1vrHUQma4TibmZX+qnH7BgJCCIRT7ki8xVkvat5Qq/I11czJau1XTLysI
O38i1FdSvC4DvoGabK3fhkmnW/UFrI1T3jPuOfkPIj3YIV6K94vyceYYb0kwf1iu
qGtP7tkzeh6WGc326Fh99idqwT1Z88OzdHJAD2Y62N3iY4gHBNdMx6nm2C+cGijk
hdO+0u0y2nEuoMq3exYv0pUk9PZaA/yh5AyOjnHcu8aMKsgnA1q6uxT2Sm9K3x4P
Gj04zU9+ekdGA3Gn+62jtgZfVpgTsJ2mL31DHq3STyac5Y65DluIdNjUuwIDAQAB
o4IDwjCCA74wHQYDVR0OBBYEFDfY/1NKCFEZhlwbNbCmoTazVfwOMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvTjlqX1Uwb0lVUm1HWEJzMXNLYWhOck5WX0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1gYIKwYBBQUHAQcBAf8EggHFMIIBwTCCAaoEAgABMIIB
ogMEAwUICDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAEFCDwDBAAFCEEDBAMFZQAD
BAIFZSADBAIFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQCBbwsAwQB
BbwwMAwDBAIFvDwDBAAFvD4wDAMEAgW8pAMEAAW8pgMEAQW8zDAMAwQABbzPAwQC
BbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAAfLLgDBAIfLLwDBAMfuMAD
BAEfuOQwDAMEAB+45wMEAh+46AMEAR+47gMEAB+48wMEACUJMAMEACWLMQMEACWL
MzAMAwQAJYs1AwQCJYs4MAwDBAAuoQEDBAIuoQADBAAuoQgwDAMEAS6hCgMEBC6h
ADAMAwQCLqEUAwQALqEaMAwDBAIuoRwDBAAuoR4DBAIuoSAwDAMEAC6hKQMEAC6h
KgMEAi6hMAMEAlvzIDAMAwQCW/MsAwQGW/MAAwQBW/NaAwQAW/NdAwQCX9cAMAwD
BACSud8DBAOSueADBAGSufQDBAK57pgDBAK8j+gDBAHDAvAwEQQCAAIwCwMJBioA
HXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IBAQAak9nQDoU3WvKquo8HVOeGLd+9hK3n
3I+MTCJXBSFPHKxPcrrVqXDQVPbMg6hlHB7D7tu00Hja0qLoTW7ERJ0qkTBxE5V2
d0hFAdyqvHqC3ziG3EZ1GWwX0TaBJWvXMoOi9fg1StO95zd2RWXp19BCxXI+fMlI
st7xWTK+DXpOT9ep6Fq+UNzxWgprE2AYmK0dejFF1+JWU5VD9ybVEDT8A9TBQs0J
+X7xXXldKXjJO/Y6bSSnG+oq6pwHAg7sr4uok9IAnokEhapHMULwhRaFxdZjtrQw
DGxJDtRI5DprgyDsh6MWtXTPsFmZSn8fpYmVQnCjER7gWrSY3rz/0dLC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org