Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa
File:                     cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa (raw, json)
Hash identifier:          +FLp+heQ73N/pbzsIOdIWctTXo+W//pmixOqlmUb6/k=
Subject key identifier:   72:04:4B:59:9A:A9:59:12:4C:2B:63:C8:27:F7:24:7F:29:95:0C:89
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       01821525F380A2EF0CA6F662CA92E2FA1883
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa
Signing time:             Tue 19 Jul 2022 06:29:44 +0000
ROA not before:           Tue 19 Jul 2022 06:29:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34665
IP address blocks:        46.161.14.0/23 maxlen: 23
                          46.161.20.0/22 maxlen: 22
                          46.161.24.0/23 maxlen: 23
                          5.188.10.0/23 maxlen: 23
                          5.188.9.0/24 maxlen: 24
                          95.215.0.0/22 maxlen: 24
                          95.215.2.0/23 maxlen: 23
                          95.215.0.0/23 maxlen: 23
                          95.215.0.0/24 maxlen: 24
                          95.215.3.0/24 maxlen: 24
                          46.161.30.0/24 maxlen: 24
                          46.161.28.0/24 maxlen: 24
                          95.215.1.0/24 maxlen: 24
                          46.161.29.0/24 maxlen: 24
                          95.215.2.0/24 maxlen: 24
                          46.161.32.0/22 maxlen: 22
                          46.161.44.0/22 maxlen: 22
                          46.161.42.0/24 maxlen: 24
                          46.161.48.0/22 maxlen: 22
                          46.161.48.0/23 maxlen: 23
                          46.161.50.0/23 maxlen: 23
                          46.161.48.0/24 maxlen: 24
                          46.161.51.0/24 maxlen: 24
                          46.161.49.0/24 maxlen: 24
                          46.161.50.0/24 maxlen: 24
                          5.188.44.0/22 maxlen: 22
                          5.188.44.0/23 maxlen: 23
                          5.188.44.0/24 maxlen: 24
                          5.188.46.0/23 maxlen: 23
                          5.188.49.0/24 maxlen: 24
                          5.188.47.0/24 maxlen: 24
                          5.188.48.0/24 maxlen: 24
                          5.188.46.0/24 maxlen: 24
                          5.188.45.0/24 maxlen: 24
                          46.161.2.0/23 maxlen: 24
                          46.161.11.0/24 maxlen: 24
                          46.161.10.0/24 maxlen: 24
                          46.161.8.0/24 maxlen: 24
                          5.101.4.0/24 maxlen: 24
                          5.101.2.0/24 maxlen: 24
                          5.101.3.0/24 maxlen: 24
                          5.101.0.0/24 maxlen: 24
                          5.101.1.0/24 maxlen: 24
                          5.101.2.0/23 maxlen: 23
                          5.101.4.0/22 maxlen: 22
                          5.101.4.0/23 maxlen: 23
                          5.101.0.0/22 maxlen: 22
                          5.101.0.0/23 maxlen: 23
                          5.101.7.0/24 maxlen: 24
                          5.101.5.0/24 maxlen: 24
                          5.101.6.0/24 maxlen: 24
                          5.101.6.0/23 maxlen: 23
                          5.188.62.0/24 maxlen: 24
                          5.188.60.0/23 maxlen: 23
                          37.139.51.0/24 maxlen: 24
                          37.139.49.0/24 maxlen: 24
                          37.139.58.0/24 maxlen: 24
                          37.139.57.0/24 maxlen: 24
                          37.139.56.0/24 maxlen: 24
                          37.139.53.0/24 maxlen: 24
                          37.139.58.0/23 maxlen: 23
                          37.139.56.0/23 maxlen: 23
                          37.139.56.0/22 maxlen: 22
                          37.139.54.0/23 maxlen: 23
                          37.139.59.0/24 maxlen: 24
                          31.44.185.0/24 maxlen: 24
                          31.44.184.0/24 maxlen: 24
                          31.44.188.0/22 maxlen: 32
                          146.185.244.0/23 maxlen: 23
                          146.185.196.0/22 maxlen: 22
                          146.185.224.0/21 maxlen: 21
                          146.185.223.0/24 maxlen: 24
                          31.184.192.0/24 maxlen: 24
                          31.184.192.0/23 maxlen: 23
                          31.184.192.0/22 maxlen: 22
                          31.184.193.0/24 maxlen: 24
                          31.184.196.0/24 maxlen: 24
                          31.184.195.0/24 maxlen: 24
                          31.184.196.0/22 maxlen: 22
                          31.184.196.0/23 maxlen: 23
                          31.184.194.0/23 maxlen: 23
                          31.184.194.0/24 maxlen: 24
                          31.184.199.0/24 maxlen: 24
                          31.184.198.0/23 maxlen: 23
                          31.184.197.0/24 maxlen: 24
                          31.184.198.0/24 maxlen: 24
                          195.2.240.0/23 maxlen: 24
                          31.184.231.0/24 maxlen: 24
                          31.184.232.0/22 maxlen: 24
                          31.184.228.0/23 maxlen: 23
                          31.184.238.0/23 maxlen: 23
                          31.184.243.0/24 maxlen: 24
                          37.9.36.0/22 maxlen: 22
                          188.143.232.0/24 maxlen: 24
                          188.143.233.0/24 maxlen: 24
                          188.143.232.0/23 maxlen: 23
                          188.143.232.0/22 maxlen: 22
                          37.9.50.0/24 maxlen: 24
                          37.9.48.0/24 maxlen: 24
                          188.143.235.0/24 maxlen: 24
                          37.9.52.0/22 maxlen: 22
                          91.243.93.0/24 maxlen: 24
                          5.8.52.0/23 maxlen: 23
                          5.8.54.0/23 maxlen: 23
                          5.8.52.0/22 maxlen: 22
                          5.8.56.0/24 maxlen: 24
                          5.8.57.0/24 maxlen: 24
                          5.8.54.0/24 maxlen: 24
                          5.8.55.0/24 maxlen: 24
                          5.8.53.0/24 maxlen: 24
                          5.8.52.0/24 maxlen: 24
                          5.8.60.0/23 maxlen: 23
                          5.8.62.0/24 maxlen: 24
                          5.8.59.0/24 maxlen: 24
                          5.8.65.0/24 maxlen: 24
                          5.8.8.0/24 maxlen: 24
                          5.8.10.0/23 maxlen: 23
                          5.8.8.0/23 maxlen: 23
                          5.8.8.0/22 maxlen: 22
                          5.8.11.0/24 maxlen: 24
                          5.8.9.0/24 maxlen: 24
                          5.8.10.0/24 maxlen: 24
                          5.8.12.0/22 maxlen: 22
                          5.8.20.0/22 maxlen: 22
                          5.189.248.0/22 maxlen: 22
                          5.8.48.0/23 maxlen: 23
                          5.8.48.0/22 maxlen: 22
                          5.8.50.0/23 maxlen: 23
                          5.8.49.0/24 maxlen: 24
                          5.8.50.0/24 maxlen: 24
                          5.8.48.0/24 maxlen: 24
                          5.8.51.0/24 maxlen: 24
                          5.101.66.0/23 maxlen: 23
                          5.101.66.0/24 maxlen: 24
                          5.101.67.0/24 maxlen: 24
                          5.101.65.0/24 maxlen: 24
                          5.101.68.0/22 maxlen: 22
                          5.188.220.0/23 maxlen: 24
                          5.188.223.0/24 maxlen: 24
                          5.188.222.0/24 maxlen: 24
                          5.101.80.0/22 maxlen: 22
                          5.188.233.0/24 maxlen: 24
                          5.101.84.0/22 maxlen: 22
                          5.188.234.0/23 maxlen: 23
                          5.101.90.0/23 maxlen: 23
                          5.188.166.0/24 maxlen: 24
                          5.188.165.0/24 maxlen: 24
                          5.101.32.0/22 maxlen: 24
                          5.188.204.0/23 maxlen: 23
                          5.101.64.0/22 maxlen: 22
                          5.101.64.0/23 maxlen: 23
                          5.188.211.0/24 maxlen: 24
                          5.188.210.0/24 maxlen: 24
                          5.188.207.0/24 maxlen: 24
                          5.101.64.0/24 maxlen: 24
                          5.188.208.0/23 maxlen: 23
                          91.243.48.0/22 maxlen: 22
                          91.243.48.0/23 maxlen: 23
                          91.243.50.0/23 maxlen: 23
                          91.243.51.0/24 maxlen: 24
                          91.243.50.0/24 maxlen: 24
                          91.243.48.0/24 maxlen: 24
                          91.243.49.0/24 maxlen: 24
                          91.243.52.0/22 maxlen: 22
                          91.243.62.0/23 maxlen: 23
                          91.243.60.0/24 maxlen: 24
                          91.243.61.0/24 maxlen: 24
                          91.243.91.0/24 maxlen: 24
                          91.243.90.0/24 maxlen: 24
                          91.243.32.0/22 maxlen: 22
                          2a00:1d78:100:1c0::/58 maxlen: 58

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:82:15:25:f3:80:a2:ef:0c:a6:f6:62:ca:92:e2:fa:18:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Jul 19 06:29:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=72044b599aa959124c2b63c827f7247f29950c89
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:85:b2:ae:d2:68:2e:8e:c8:cb:e3:cd:f4:54:3b:
                    d3:bd:f1:e7:04:d8:a9:58:e0:f4:0e:93:61:26:23:
                    13:d4:e9:2c:8a:63:d3:3e:ac:ec:ba:7b:42:f9:26:
                    2e:49:38:48:aa:31:77:f0:c2:80:ce:57:c6:3d:c9:
                    4c:30:b6:09:57:05:3e:e1:f9:4d:7c:5b:68:34:24:
                    8b:48:b9:75:e0:dc:f9:d2:f3:3e:85:ae:3b:bd:ca:
                    8f:23:f1:ac:06:47:6d:4b:86:cf:46:96:e5:93:14:
                    2e:3f:84:46:45:27:8d:9a:2e:8b:48:73:21:96:72:
                    c7:27:a6:8a:f9:78:0e:f6:73:5c:5b:90:b0:fc:39:
                    f0:38:3d:95:67:4d:94:81:3a:be:5b:45:14:9e:5e:
                    79:04:2f:81:fd:ee:61:f4:fb:87:35:0c:88:34:49:
                    ea:ef:d5:15:18:73:68:57:b8:a6:89:77:ca:4f:e5:
                    1d:a8:10:13:30:0d:eb:59:da:96:3c:1a:42:e1:08:
                    7e:d9:ed:64:b1:e4:7f:24:de:47:87:83:a9:25:c2:
                    55:df:ed:56:83:3e:77:a4:fa:d6:41:ba:00:43:85:
                    2e:ac:7c:cf:c3:fc:5f:2b:f3:53:58:c7:18:2a:d6:
                    09:48:01:9d:05:b9:6e:a6:6b:be:09:17:92:17:71:
                    73:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:04:4B:59:9A:A9:59:12:4C:2B:63:C8:27:F7:24:7F:29:95:0C:89
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/cgRLWZqpWRJMK2PIJ_ckfymVDIk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.8.0/21
                  5.8.20.0/22
                  5.8.48.0-5.8.57.255
                  5.8.59.0-5.8.62.255
                  5.8.65.0/24
                  5.101.0.0/21
                  5.101.32.0/22
                  5.101.64.0/21
                  5.101.80.0/21
                  5.101.90.0/23
                  5.188.9.0-5.188.11.255
                  5.188.44.0-5.188.49.255
                  5.188.60.0-5.188.62.255
                  5.188.165.0-5.188.166.255
                  5.188.204.0/23
                  5.188.207.0-5.188.211.255
                  5.188.220.0/22
                  5.188.233.0-5.188.235.255
                  5.189.248.0/22
                  31.44.184.0/23
                  31.44.188.0/22
                  31.184.192.0/21
                  31.184.228.0/23
                  31.184.231.0-31.184.235.255
                  31.184.238.0/23
                  31.184.243.0/24
                  37.9.36.0/22
                  37.9.48.0/24
                  37.9.50.0/24
                  37.9.52.0/22
                  37.139.49.0/24
                  37.139.51.0/24
                  37.139.53.0-37.139.59.255
                  46.161.2.0/23
                  46.161.8.0/24
                  46.161.10.0/23
                  46.161.14.0/23
                  46.161.20.0-46.161.25.255
                  46.161.28.0-46.161.30.255
                  46.161.32.0/22
                  46.161.42.0/24
                  46.161.44.0-46.161.51.255
                  91.243.32.0/22
                  91.243.48.0/21
                  91.243.60.0/22
                  91.243.90.0/23
                  91.243.93.0/24
                  95.215.0.0/22
                  146.185.196.0/22
                  146.185.223.0-146.185.231.255
                  146.185.244.0/23
                  188.143.232.0/22
                  195.2.240.0/23
                IPv6:
                  2a00:1d78:100:1c0::/58

    Signature Algorithm: sha256WithRSAEncryption
         96:85:53:57:af:72:4b:ee:f8:c0:46:f3:37:1d:f9:d1:05:36:
         ad:27:61:52:d0:b7:6c:64:3d:a4:c1:09:d9:0c:eb:f3:1d:b4:
         b3:cb:47:8f:93:bf:5f:90:65:54:1c:71:6f:fd:9e:31:76:39:
         38:c8:6c:f5:31:98:dc:ae:d4:ac:6e:a5:59:d9:22:33:e3:c1:
         6d:90:c3:7c:c2:56:e7:31:da:f9:26:27:93:a6:4a:d3:ce:a9:
         7a:01:4e:d5:d6:19:55:d8:ac:85:73:25:ba:cc:2c:8a:3f:7b:
         eb:09:69:fc:85:12:08:ca:b5:0a:26:a2:69:fb:a4:05:1d:20:
         8c:9b:a6:3c:05:2e:d7:a7:a2:98:31:e0:95:f5:e7:8c:ba:71:
         6c:b9:72:2c:30:dd:32:22:0b:15:44:f0:8a:aa:8e:c1:97:59:
         e4:df:9d:87:1c:98:7a:0c:4e:42:66:40:14:e8:40:2b:31:01:
         c0:23:e2:4b:bd:69:27:99:38:ec:ee:c4:e1:68:fa:c3:02:9b:
         8b:95:c2:ec:58:84:b7:90:2b:cc:fd:9b:45:ea:79:32:c0:7f:
         08:14:03:20:7e:a8:5d:f3:8f:d9:2a:c5:0c:ee:8c:29:50:5b:
         81:95:0b:71:cd:86:e8:20:49:fc:74:11:3a:47:71:54:ab:e4:
         cd:fe:38:e9
-----BEGIN CERTIFICATE-----
MIIGwjCCBaqgAwIBAgISAYIVJfOAou8MpvZiypLi+hiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIwNzE5MDYyOTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjA0NGI1OTlhYTk1OTEyNGMyYjYzYzgyN2Y3MjQ3ZjI5OTUwYzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbKu0mgujsjL4830VDvTvfHnBNip
WOD0DpNhJiMT1OksimPTPqzsuntC+SYuSThIqjF38MKAzlfGPclMMLYJVwU+4flN
fFtoNCSLSLl14Nz50vM+ha47vcqPI/GsBkdtS4bPRpblkxQuP4RGRSeNmi6LSHMh
lnLHJ6aK+XgO9nNcW5Cw/DnwOD2VZ02UgTq+W0UUnl55BC+B/e5h9PuHNQyINEnq
79UVGHNoV7imiXfKT+UdqBATMA3rWdqWPBpC4Qh+2e1kseR/JN5Hh4OpJcJV3+1W
gz53pPrWQboAQ4UurHzPw/xfK/NTWMcYKtYJSAGdBblupmu+CReSF3FzDQIDAQAB
o4IDzjCCA8owHQYDVR0OBBYEFHIES1maqVkSTCtjyCf3JH8plQyJMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvY2dSTFdacXBXUkpNSzJQSUpfY2tmeW1WRElrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB4gYIKwYBBQUHAQcBAf8EggHRMIIBzTCCAbYEAgABMIIB
rgMEAwUICAMEAgUIFDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAAFCD4DBAAFCEED
BAMFZQADBAIFZSADBAMFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQC
BbwsAwQBBbwwMAwDBAIFvDwDBAAFvD4wDAMEAAW8pQMEAAW8pgMEAQW8zDAMAwQA
BbzPAwQCBbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAEfLLgDBAIfLLwD
BAMfuMADBAEfuOQwDAMEAB+45wMEAh+46AMEAR+47gMEAB+48wMEAiUJJAMEACUJ
MAMEACUJMgMEAiUJNAMEACWLMQMEACWLMzAMAwQAJYs1AwQCJYs4AwQBLqECAwQA
LqEIAwQBLqEKAwQBLqEOMAwDBAIuoRQDBAEuoRgwDAMEAi6hHAMEAC6hHgMEAi6h
IAMEAC6hKjAMAwQCLqEsAwQCLqEwAwQCW/MgAwQDW/MwAwQCW/M8AwQBW/NaAwQA
W/NdAwQCX9cAAwQCkrnEMAwDBACSud8DBAOSueADBAGSufQDBAK8j+gDBAHDAvAw
EQQCAAIwCwMJBioAHXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IBAQCWhVNXr3JL7vjA
RvM3HfnRBTatJ2FS0LdsZD2kwQnZDOvzHbSzy0ePk79fkGVUHHFv/Z4xdjk4yGz1
MZjcrtSsbqVZ2SIz48FtkMN8wlbnMdr5JieTpkrTzql6AU7V1hlV2KyFcyW6zCyK
P3vrCWn8hRIIyrUKJqJp+6QFHSCMm6Y8BS7Xp6KYMeCV9eeMunFsuXIsMN0yIgsV
RPCKqo7Bl1nk352HHJh6DE5CZkAU6EArMQHAI+JLvWknmTjs7sThaPrDApuLlcLs
WIS3kCvM/ZtF6nkywH8IFAMgfqhd84/ZKsUM7owpUFuBlQtxzYboIEn8dBE6R3FU
q+TN/jjp
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:55 2024 by rpki-client on console-ams.rpki-client.org