Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/tu9tMqzNIKMtAWsal6jxI_BmCD0.roa
File:                     tu9tMqzNIKMtAWsal6jxI_BmCD0.roa (raw, json)
Hash identifier:          vKMVSGtw1BkSG5EJXqAxoK6CXoaWsEpM20yXGH7eKI4=
Subject key identifier:   B6:EF:6D:32:AC:CD:20:A3:2D:01:6B:1A:97:A8:F1:23:F0:66:08:3D
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       495E8718
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/tu9tMqzNIKMtAWsal6jxI_BmCD0.roa
Signing time:             Wed 30 Mar 2022 08:20:44 +0000
ROA not before:           Wed 30 Mar 2022 08:20:44 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34665
IP address blocks:        46.161.14.0/23 maxlen: 23
                          46.161.20.0/22 maxlen: 22
                          46.161.24.0/23 maxlen: 23
                          5.188.10.0/23 maxlen: 23
                          5.188.9.0/24 maxlen: 24
                          95.215.0.0/22 maxlen: 24
                          95.215.2.0/23 maxlen: 23
                          95.215.0.0/23 maxlen: 23
                          95.215.3.0/24 maxlen: 24
                          95.215.1.0/24 maxlen: 24
                          46.161.28.0/24 maxlen: 24
                          95.215.2.0/24 maxlen: 24
                          46.161.29.0/24 maxlen: 24
                          95.215.0.0/24 maxlen: 24
                          46.161.32.0/22 maxlen: 22
                          46.161.42.0/24 maxlen: 24
                          46.161.48.0/23 maxlen: 23
                          46.161.48.0/22 maxlen: 22
                          46.161.50.0/23 maxlen: 23
                          46.161.48.0/24 maxlen: 24
                          46.161.51.0/24 maxlen: 24
                          46.161.49.0/24 maxlen: 24
                          46.161.50.0/24 maxlen: 24
                          5.188.44.0/22 maxlen: 22
                          5.188.44.0/23 maxlen: 23
                          5.188.44.0/24 maxlen: 24
                          5.188.46.0/23 maxlen: 23
                          5.188.49.0/24 maxlen: 24
                          5.188.47.0/24 maxlen: 24
                          5.188.48.0/24 maxlen: 24
                          5.188.46.0/24 maxlen: 24
                          5.188.45.0/24 maxlen: 24
                          46.161.2.0/23 maxlen: 24
                          46.161.11.0/24 maxlen: 24
                          46.161.10.0/24 maxlen: 24
                          46.161.8.0/24 maxlen: 24
                          5.101.4.0/24 maxlen: 24
                          5.101.2.0/24 maxlen: 24
                          5.101.3.0/24 maxlen: 24
                          5.101.0.0/24 maxlen: 24
                          5.101.1.0/24 maxlen: 24
                          5.101.2.0/23 maxlen: 23
                          5.101.4.0/22 maxlen: 22
                          5.101.4.0/23 maxlen: 23
                          5.101.0.0/22 maxlen: 22
                          5.101.0.0/23 maxlen: 23
                          5.101.7.0/24 maxlen: 24
                          5.101.5.0/24 maxlen: 24
                          5.101.6.0/24 maxlen: 24
                          5.101.6.0/23 maxlen: 23
                          5.188.62.0/24 maxlen: 24
                          5.188.60.0/23 maxlen: 23
                          37.139.51.0/24 maxlen: 24
                          37.139.49.0/24 maxlen: 24
                          37.139.58.0/24 maxlen: 24
                          37.139.57.0/24 maxlen: 24
                          37.139.56.0/24 maxlen: 24
                          37.139.53.0/24 maxlen: 24
                          37.139.58.0/23 maxlen: 23
                          37.139.56.0/23 maxlen: 23
                          37.139.56.0/22 maxlen: 22
                          37.139.54.0/23 maxlen: 23
                          37.139.59.0/24 maxlen: 24
                          31.44.184.0/24 maxlen: 24
                          31.44.188.0/22 maxlen: 32
                          146.185.244.0/23 maxlen: 23
                          146.185.196.0/22 maxlen: 22
                          146.185.224.0/21 maxlen: 21
                          146.185.223.0/24 maxlen: 24
                          31.184.192.0/24 maxlen: 24
                          31.184.192.0/23 maxlen: 23
                          31.184.192.0/22 maxlen: 22
                          31.184.193.0/24 maxlen: 24
                          31.184.196.0/24 maxlen: 24
                          31.184.195.0/24 maxlen: 24
                          31.184.196.0/22 maxlen: 22
                          31.184.196.0/23 maxlen: 23
                          31.184.194.0/23 maxlen: 23
                          31.184.194.0/24 maxlen: 24
                          31.184.199.0/24 maxlen: 24
                          31.184.198.0/23 maxlen: 23
                          31.184.197.0/24 maxlen: 24
                          31.184.198.0/24 maxlen: 24
                          195.2.240.0/23 maxlen: 24
                          31.184.231.0/24 maxlen: 24
                          31.184.232.0/22 maxlen: 24
                          31.184.228.0/23 maxlen: 23
                          31.184.238.0/23 maxlen: 23
                          31.184.243.0/24 maxlen: 24
                          37.9.36.0/22 maxlen: 22
                          188.143.232.0/24 maxlen: 24
                          188.143.233.0/24 maxlen: 24
                          188.143.232.0/23 maxlen: 23
                          188.143.232.0/22 maxlen: 22
                          37.9.50.0/24 maxlen: 24
                          37.9.48.0/24 maxlen: 24
                          188.143.235.0/24 maxlen: 24
                          37.9.52.0/22 maxlen: 22
                          91.243.93.0/24 maxlen: 24
                          5.8.52.0/23 maxlen: 23
                          5.8.54.0/23 maxlen: 23
                          5.8.52.0/22 maxlen: 22
                          5.8.56.0/24 maxlen: 24
                          5.8.57.0/24 maxlen: 24
                          5.8.54.0/24 maxlen: 24
                          5.8.55.0/24 maxlen: 24
                          5.8.53.0/24 maxlen: 24
                          5.8.52.0/24 maxlen: 24
                          5.8.60.0/23 maxlen: 23
                          5.8.62.0/24 maxlen: 24
                          5.8.59.0/24 maxlen: 24
                          5.8.65.0/24 maxlen: 24
                          5.8.8.0/24 maxlen: 24
                          5.8.10.0/23 maxlen: 23
                          5.8.8.0/22 maxlen: 22
                          5.8.8.0/23 maxlen: 23
                          5.8.11.0/24 maxlen: 24
                          5.8.9.0/24 maxlen: 24
                          5.8.10.0/24 maxlen: 24
                          5.8.12.0/22 maxlen: 22
                          5.8.20.0/22 maxlen: 22
                          5.189.248.0/22 maxlen: 22
                          5.8.48.0/22 maxlen: 22
                          5.8.48.0/23 maxlen: 23
                          5.8.50.0/23 maxlen: 23
                          5.8.49.0/24 maxlen: 24
                          5.8.50.0/24 maxlen: 24
                          5.8.48.0/24 maxlen: 24
                          5.8.51.0/24 maxlen: 24
                          5.101.66.0/23 maxlen: 23
                          5.101.66.0/24 maxlen: 24
                          5.101.67.0/24 maxlen: 24
                          5.101.65.0/24 maxlen: 24
                          5.101.68.0/22 maxlen: 22
                          5.188.220.0/23 maxlen: 24
                          5.188.223.0/24 maxlen: 24
                          5.188.222.0/24 maxlen: 24
                          5.101.80.0/22 maxlen: 22
                          5.188.233.0/24 maxlen: 24
                          5.101.84.0/22 maxlen: 22
                          5.188.234.0/23 maxlen: 23
                          5.101.90.0/23 maxlen: 23
                          5.188.166.0/24 maxlen: 24
                          5.188.165.0/24 maxlen: 24
                          5.101.32.0/22 maxlen: 24
                          5.188.204.0/23 maxlen: 23
                          5.101.64.0/22 maxlen: 22
                          5.101.64.0/23 maxlen: 23
                          5.188.211.0/24 maxlen: 24
                          5.188.210.0/24 maxlen: 24
                          5.188.207.0/24 maxlen: 24
                          5.101.64.0/24 maxlen: 24
                          5.188.208.0/23 maxlen: 23
                          91.243.48.0/23 maxlen: 23
                          91.243.48.0/22 maxlen: 22
                          91.243.50.0/23 maxlen: 23
                          91.243.51.0/24 maxlen: 24
                          91.243.50.0/24 maxlen: 24
                          91.243.48.0/24 maxlen: 24
                          91.243.49.0/24 maxlen: 24
                          91.243.52.0/22 maxlen: 22
                          91.243.62.0/23 maxlen: 23
                          91.243.60.0/24 maxlen: 24
                          91.243.61.0/24 maxlen: 24
                          91.243.91.0/24 maxlen: 24
                          91.243.90.0/24 maxlen: 24
                          2a00:1d78:100:1c0::/58 maxlen: 58

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1230931736 (0x495e8718)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Mar 30 08:20:44 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=b6ef6d32accd20a32d016b1a97a8f123f066083d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:73:77:a4:50:b5:65:48:60:15:47:fa:05:8f:
                    37:29:fd:17:bf:30:59:e7:d3:5d:fc:7c:07:f6:bf:
                    09:a9:65:65:d1:05:f6:37:b6:d9:a0:9b:a0:ee:3b:
                    44:44:1d:c5:e1:4c:db:e7:b6:64:cb:4f:b3:dc:45:
                    9a:46:ab:23:13:a8:b5:19:88:c2:56:19:92:1a:aa:
                    5a:f4:d2:8d:16:0f:2e:d1:58:5f:3d:b2:66:0e:57:
                    44:27:e5:ac:b6:02:3a:62:9b:44:e3:89:2a:48:22:
                    c6:cd:fa:b4:90:c6:22:70:ef:18:4d:4e:9d:aa:42:
                    e5:4d:9d:1d:cb:63:49:ff:9b:26:e8:c6:74:fe:a3:
                    94:ce:7a:bf:aa:5a:89:71:ee:50:53:70:29:04:7c:
                    64:88:d7:ec:e1:4f:52:c4:cc:29:dd:f1:b8:e0:cb:
                    21:d4:27:4c:2d:eb:e8:0a:2f:ad:1c:ea:eb:7b:55:
                    f1:a3:04:dd:f9:64:28:28:25:29:41:fe:8f:e8:74:
                    21:f8:ca:73:23:02:44:b4:54:12:67:24:f9:11:70:
                    7c:c2:62:27:42:d8:d4:d3:11:a2:0d:58:d0:cb:9b:
                    9a:c2:53:8d:00:b7:c9:8b:99:dd:36:bc:4b:9a:88:
                    5f:9b:12:3a:a7:f4:e2:fb:42:69:61:5e:de:c4:34:
                    c6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:EF:6D:32:AC:CD:20:A3:2D:01:6B:1A:97:A8:F1:23:F0:66:08:3D
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/tu9tMqzNIKMtAWsal6jxI_BmCD0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.8.0/21
                  5.8.20.0/22
                  5.8.48.0-5.8.57.255
                  5.8.59.0-5.8.62.255
                  5.8.65.0/24
                  5.101.0.0/21
                  5.101.32.0/22
                  5.101.64.0/21
                  5.101.80.0/21
                  5.101.90.0/23
                  5.188.9.0-5.188.11.255
                  5.188.44.0-5.188.49.255
                  5.188.60.0-5.188.62.255
                  5.188.165.0-5.188.166.255
                  5.188.204.0/23
                  5.188.207.0-5.188.211.255
                  5.188.220.0/22
                  5.188.233.0-5.188.235.255
                  5.189.248.0/22
                  31.44.184.0/24
                  31.44.188.0/22
                  31.184.192.0/21
                  31.184.228.0/23
                  31.184.231.0-31.184.235.255
                  31.184.238.0/23
                  31.184.243.0/24
                  37.9.36.0/22
                  37.9.48.0/24
                  37.9.50.0/24
                  37.9.52.0/22
                  37.139.49.0/24
                  37.139.51.0/24
                  37.139.53.0-37.139.59.255
                  46.161.2.0/23
                  46.161.8.0/24
                  46.161.10.0/23
                  46.161.14.0/23
                  46.161.20.0-46.161.25.255
                  46.161.28.0/23
                  46.161.32.0/22
                  46.161.42.0/24
                  46.161.48.0/22
                  91.243.48.0/21
                  91.243.60.0/22
                  91.243.90.0/23
                  91.243.93.0/24
                  95.215.0.0/22
                  146.185.196.0/22
                  146.185.223.0-146.185.231.255
                  146.185.244.0/23
                  188.143.232.0/22
                  195.2.240.0/23
                IPv6:
                  2a00:1d78:100:1c0::/58

    Signature Algorithm: sha256WithRSAEncryption
         d1:e7:6a:7a:ed:2f:bc:3b:6d:bb:c4:4f:c3:97:64:c8:ea:72:
         c1:e2:ae:58:2c:a7:81:8c:fc:54:ab:de:8f:db:dc:b1:88:66:
         2b:04:3b:10:dd:56:9b:b6:0e:db:7e:d1:c7:ab:a0:69:d2:2e:
         8a:16:5d:53:f3:6f:7a:9d:56:58:1c:13:1a:a2:d1:c7:c5:69:
         76:de:12:04:7d:b7:51:88:fc:b6:6d:9b:ab:91:99:39:29:6b:
         7a:68:d4:d7:d2:07:e9:20:c5:9d:ce:1f:4b:d3:85:7f:12:85:
         5a:9e:3f:56:8e:5b:46:3c:e0:c6:54:c1:4d:fb:a1:87:82:5a:
         e9:d1:7c:09:a7:1d:b5:33:82:3d:aa:6f:b9:c5:68:cc:d2:3a:
         48:d4:b4:5d:e8:08:3b:f0:f0:14:17:a4:a1:5a:31:24:3a:e2:
         cc:4c:b0:dc:99:1c:a5:99:f0:35:b1:4c:7c:79:93:10:66:5d:
         8e:34:91:69:eb:5e:ab:72:aa:d9:69:ae:eb:97:1a:24:16:ae:
         e9:ce:f8:62:4a:6c:99:66:b0:9b:43:ff:e4:70:3f:a7:66:10:
         ab:fd:84:03:a0:5d:dd:17:5e:58:58:31:c2:40:39:2c:21:fe:
         33:8f:fa:43:c7:55:88:23:c9:fe:96:ca:c0:f0:01:0f:1a:22:
         f2:b7:ff:0c
-----BEGIN CERTIFICATE-----
MIIGnjCCBYagAwIBAgIESV6HGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YWFhOGEwYTVmZGZkNjk4ZTEwNGJlMzZhMmFlZWM4MTNhZWNhMDcxMB4XDTIyMDMz
MDA4MjA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjZlZjZkMzJhY2Nk
MjBhMzJkMDE2YjFhOTdhOGYxMjNmMDY2MDgzZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKdzd6RQtWVIYBVH+gWPNyn9F78wWefTXfx8B/a/CallZdEF
9je22aCboO47REQdxeFM2+e2ZMtPs9xFmkarIxOotRmIwlYZkhqqWvTSjRYPLtFY
Xz2yZg5XRCflrLYCOmKbROOJKkgixs36tJDGInDvGE1OnapC5U2dHctjSf+bJujG
dP6jlM56v6paiXHuUFNwKQR8ZIjX7OFPUsTMKd3xuODLIdQnTC3r6AovrRzq63tV
8aME3flkKCglKUH+j+h0IfjKcyMCRLRUEmck+RFwfMJiJ0LY1NMRog1Y0MubmsJT
jQC3yYuZ3Ta8S5qIX5sSOqf04vtCaWFe3sQ0xmMCAwEAAaOCA7gwggO0MB0GA1Ud
DgQWBBS2720yrM0goy0BaxqXqPEj8GYIPTAfBgNVHSMEGDAWgBTqqooKX9/WmOEE
vjairuyBOuygcTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZxcUtDbF9mMXBqaEJMNDJvcTdzZ1Ryc29IRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvMjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8x
L3R1OXRNcXpOSUtNdEFXc2FsNmp4SV9CbUNEMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
MjkzMmRmLWE0YmQtNGFmNS1hNGQ0LTg5ZDA5MjQwYzQzYi8xLzZxcUtDbF9mMXBq
aEJMNDJvcTdzZ1Ryc29IRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AcwGCCsGAQUFBwEHAQH/BIIBuzCCAbcwggGgBAIAATCCAZgDBAMFCAgDBAIFCBQw
DAMEBAUIMAMEAQUIODAMAwQABQg7AwQABQg+AwQABQhBAwQDBWUAAwQCBWUgAwQD
BWVAAwQDBWVQAwQBBWVaMAwDBAAFvAkDBAIFvAgwDAMEAgW8LAMEAQW8MDAMAwQC
Bbw8AwQABbw+MAwDBAAFvKUDBAAFvKYDBAEFvMwwDAMEAAW8zwMEAgW80AMEAgW8
3DAMAwQABbzpAwQCBbzoAwQCBb34AwQAHyy4AwQCHyy8AwQDH7jAAwQBH7jkMAwD
BAAfuOcDBAIfuOgDBAEfuO4DBAAfuPMDBAIlCSQDBAAlCTADBAAlCTIDBAIlCTQD
BAAlizEDBAAlizMwDAMEACWLNQMEAiWLOAMEAS6hAgMEAC6hCAMEAS6hCgMEAS6h
DjAMAwQCLqEUAwQBLqEYAwQBLqEcAwQCLqEgAwQALqEqAwQCLqEwAwQDW/MwAwQC
W/M8AwQBW/NaAwQAW/NdAwQCX9cAAwQCkrnEMAwDBACSud8DBAOSueADBAGSufQD
BAK8j+gDBAHDAvAwEQQCAAIwCwMJBioAHXgBAAHAMA0GCSqGSIb3DQEBCwUAA4IB
AQDR52p67S+8O227xE/Dl2TI6nLB4q5YLKeBjPxUq96P29yxiGYrBDsQ3Vabtg7b
ftHHq6Bp0i6KFl1T8296nVZYHBMaotHHxWl23hIEfbdRiPy2bZurkZk5KWt6aNTX
0gfpIMWdzh9L04V/EoVanj9WjltGPODGVMFN+6GHglrp0XwJpx21M4I9qm+5xWjM
0jpI1LRd6Ag78PAUF6ShWjEkOuLMTLDcmRylmfA1sUx8eZMQZl2ONJFp616rcqrZ
aa7rlxokFq7pzvhiSmyZZrCbQ//kcD+nZhCr/YQDoF3dF15YWDHCQDksIf4zj/pD
x1WII8n+lsrA8AEPGiLyt/8M
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:56 2024 by rpki-client on console-ams.rpki-client.org