Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/zflT0nyhfHRcttKaNaCIv-jRRPs.roa
File:                     zflT0nyhfHRcttKaNaCIv-jRRPs.roa (raw, json)
Hash identifier:          pTY0biyHtvvfX4jWw5Gcl38Ooc8dTdML600GIoVKCI8=
Subject key identifier:   CD:F9:53:D2:7C:A1:7C:74:5C:B6:D2:9A:35:A0:88:BF:E8:D1:44:FB
Certificate issuer:       /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial:       01852E54D96557F2BCEC868054FD2D24B833
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/zflT0nyhfHRcttKaNaCIv-jRRPs.roa
Signing time:             Tue 20 Dec 2022 06:59:50 +0000
ROA not before:           Tue 20 Dec 2022 06:59:50 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     34665
IP address blocks:        46.161.14.0/23 maxlen: 23
                          46.161.20.0/22 maxlen: 22
                          46.161.24.0/23 maxlen: 23
                          5.188.10.0/23 maxlen: 23
                          5.188.9.0/24 maxlen: 24
                          95.215.0.0/22 maxlen: 24
                          95.215.2.0/23 maxlen: 23
                          95.215.0.0/23 maxlen: 23
                          46.161.26.0/24 maxlen: 24
                          95.215.0.0/24 maxlen: 24
                          46.161.30.0/24 maxlen: 24
                          95.215.3.0/24 maxlen: 24
                          95.215.1.0/24 maxlen: 24
                          46.161.28.0/24 maxlen: 24
                          95.215.2.0/24 maxlen: 24
                          46.161.29.0/24 maxlen: 24
                          46.161.32.0/22 maxlen: 22
                          46.161.44.0/22 maxlen: 22
                          46.161.42.0/24 maxlen: 24
                          46.161.48.0/23 maxlen: 23
                          46.161.48.0/22 maxlen: 22
                          46.161.50.0/23 maxlen: 23
                          46.161.48.0/24 maxlen: 24
                          46.161.51.0/24 maxlen: 24
                          46.161.49.0/24 maxlen: 24
                          46.161.50.0/24 maxlen: 24
                          5.188.44.0/22 maxlen: 22
                          5.188.44.0/23 maxlen: 23
                          5.188.44.0/24 maxlen: 24
                          5.188.46.0/23 maxlen: 23
                          5.188.49.0/24 maxlen: 24
                          5.188.47.0/24 maxlen: 24
                          5.188.48.0/24 maxlen: 24
                          5.188.46.0/24 maxlen: 24
                          5.188.45.0/24 maxlen: 24
                          46.161.2.0/23 maxlen: 24
                          46.161.11.0/24 maxlen: 24
                          46.161.10.0/24 maxlen: 24
                          46.161.8.0/24 maxlen: 24
                          5.101.4.0/24 maxlen: 24
                          5.101.2.0/24 maxlen: 24
                          5.101.3.0/24 maxlen: 24
                          5.101.0.0/24 maxlen: 24
                          5.101.1.0/24 maxlen: 24
                          5.101.2.0/23 maxlen: 23
                          5.101.4.0/22 maxlen: 22
                          5.101.4.0/23 maxlen: 23
                          5.101.0.0/22 maxlen: 22
                          5.101.0.0/23 maxlen: 23
                          5.101.7.0/24 maxlen: 24
                          5.101.5.0/24 maxlen: 24
                          5.101.6.0/24 maxlen: 24
                          5.101.6.0/23 maxlen: 23
                          5.188.62.0/24 maxlen: 24
                          5.188.60.0/23 maxlen: 23
                          37.139.51.0/24 maxlen: 24
                          37.139.49.0/24 maxlen: 24
                          37.139.58.0/24 maxlen: 24
                          37.139.57.0/24 maxlen: 24
                          37.139.56.0/24 maxlen: 24
                          37.139.53.0/24 maxlen: 24
                          37.139.58.0/23 maxlen: 23
                          37.139.56.0/23 maxlen: 23
                          37.139.56.0/22 maxlen: 22
                          37.139.54.0/23 maxlen: 23
                          37.139.59.0/24 maxlen: 24
                          31.44.184.0/24 maxlen: 24
                          31.44.188.0/22 maxlen: 32
                          146.185.244.0/23 maxlen: 23
                          146.185.224.0/21 maxlen: 21
                          146.185.223.0/24 maxlen: 24
                          185.238.152.0/22 maxlen: 22
                          31.184.192.0/24 maxlen: 24
                          31.184.192.0/23 maxlen: 23
                          31.184.192.0/22 maxlen: 22
                          31.184.193.0/24 maxlen: 24
                          31.184.196.0/24 maxlen: 24
                          31.184.195.0/24 maxlen: 24
                          31.184.196.0/22 maxlen: 22
                          31.184.196.0/23 maxlen: 23
                          31.184.194.0/23 maxlen: 23
                          31.184.194.0/24 maxlen: 24
                          31.184.199.0/24 maxlen: 24
                          31.184.198.0/23 maxlen: 23
                          31.184.197.0/24 maxlen: 24
                          31.184.198.0/24 maxlen: 24
                          31.184.200.0/22 maxlen: 22
                          195.2.240.0/23 maxlen: 24
                          31.184.231.0/24 maxlen: 24
                          31.184.232.0/22 maxlen: 24
                          31.184.228.0/23 maxlen: 23
                          31.184.238.0/23 maxlen: 23
                          31.184.243.0/24 maxlen: 24
                          188.143.232.0/24 maxlen: 24
                          188.143.233.0/24 maxlen: 24
                          188.143.232.0/23 maxlen: 23
                          188.143.232.0/22 maxlen: 22
                          37.9.48.0/24 maxlen: 24
                          188.143.235.0/24 maxlen: 24
                          37.9.52.0/22 maxlen: 22
                          91.243.93.0/24 maxlen: 24
                          5.8.52.0/23 maxlen: 23
                          5.8.54.0/23 maxlen: 23
                          5.8.52.0/22 maxlen: 22
                          5.8.56.0/24 maxlen: 24
                          5.8.57.0/24 maxlen: 24
                          5.8.54.0/24 maxlen: 24
                          5.8.55.0/24 maxlen: 24
                          5.8.53.0/24 maxlen: 24
                          5.8.52.0/24 maxlen: 24
                          5.8.60.0/23 maxlen: 23
                          5.8.59.0/24 maxlen: 24
                          5.8.65.0/24 maxlen: 24
                          5.8.8.0/24 maxlen: 24
                          5.8.10.0/23 maxlen: 23
                          5.8.8.0/22 maxlen: 22
                          5.8.8.0/23 maxlen: 23
                          5.8.11.0/24 maxlen: 24
                          5.8.9.0/24 maxlen: 24
                          5.8.10.0/24 maxlen: 24
                          5.8.12.0/22 maxlen: 22
                          5.189.248.0/22 maxlen: 22
                          5.8.48.0/22 maxlen: 22
                          5.8.48.0/23 maxlen: 23
                          5.8.50.0/23 maxlen: 23
                          5.8.49.0/24 maxlen: 24
                          5.8.50.0/24 maxlen: 24
                          5.8.48.0/24 maxlen: 24
                          5.8.51.0/24 maxlen: 24
                          5.101.66.0/23 maxlen: 23
                          5.101.66.0/24 maxlen: 24
                          5.101.67.0/24 maxlen: 24
                          5.101.65.0/24 maxlen: 24
                          5.188.220.0/23 maxlen: 24
                          5.188.223.0/24 maxlen: 24
                          5.188.222.0/24 maxlen: 24
                          5.101.80.0/22 maxlen: 22
                          5.188.233.0/24 maxlen: 24
                          5.101.84.0/22 maxlen: 22
                          5.188.234.0/23 maxlen: 23
                          5.101.90.0/23 maxlen: 23
                          5.188.166.0/24 maxlen: 24
                          5.188.165.0/24 maxlen: 24
                          5.101.36.0/22 maxlen: 22
                          5.101.32.0/22 maxlen: 24
                          5.188.204.0/23 maxlen: 23
                          5.101.64.0/22 maxlen: 22
                          5.101.64.0/23 maxlen: 23
                          5.188.211.0/24 maxlen: 24
                          5.188.210.0/24 maxlen: 24
                          5.188.207.0/24 maxlen: 24
                          5.101.64.0/24 maxlen: 24
                          5.188.208.0/23 maxlen: 23
                          91.243.44.0/22 maxlen: 22
                          91.243.48.0/23 maxlen: 23
                          91.243.48.0/22 maxlen: 22
                          91.243.50.0/23 maxlen: 23
                          91.243.51.0/24 maxlen: 24
                          91.243.50.0/24 maxlen: 24
                          91.243.48.0/24 maxlen: 24
                          91.243.49.0/24 maxlen: 24
                          91.243.56.0/22 maxlen: 22
                          91.243.52.0/22 maxlen: 22
                          91.243.62.0/23 maxlen: 23
                          91.243.60.0/24 maxlen: 24
                          91.243.61.0/24 maxlen: 24
                          91.243.91.0/24 maxlen: 24
                          91.243.90.0/24 maxlen: 24
                          91.243.32.0/22 maxlen: 22
                          2a00:1d78:100:1c0::/58 maxlen: 58

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:2e:54:d9:65:57:f2:bc:ec:86:80:54:fd:2d:24:b8:33
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
        Validity
            Not Before: Dec 20 06:59:50 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=cdf953d27ca17c745cb6d29a35a088bfe8d144fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e4:92:ce:ae:5f:b1:46:45:cf:b0:e2:8f:0a:
                    1f:83:c1:9a:86:e1:50:91:47:51:fb:99:d1:21:b1:
                    41:3e:d7:fd:c2:6c:c2:e2:b3:ff:f7:ee:22:31:73:
                    7b:f4:77:0e:0d:82:74:fb:f3:50:a2:f1:45:17:8d:
                    c6:56:e2:01:c8:32:d8:fe:a5:93:5b:1b:4a:c1:ec:
                    8c:c9:44:ab:37:bc:81:97:f9:fb:16:9f:b1:85:3f:
                    29:f0:09:f4:48:19:d7:c2:32:2b:dd:a9:24:fc:0d:
                    c3:38:43:7b:64:8b:0f:14:bf:75:f2:d2:50:d9:ef:
                    60:d3:48:e9:86:4d:25:58:68:ce:b6:3b:61:50:14:
                    b4:34:18:77:8d:a6:dd:d5:99:2a:e8:a8:4a:47:66:
                    f8:cd:67:3f:ed:03:ff:0c:e7:d1:2c:c3:18:6c:24:
                    c8:f2:a6:74:30:4d:53:d0:a6:e5:f6:3f:2b:f1:d4:
                    12:f1:aa:41:11:29:7d:c2:58:41:bf:c4:ea:88:89:
                    59:9a:9f:8f:89:d1:70:1d:24:10:ee:c7:a6:8c:3b:
                    65:a3:99:2a:ea:f9:f2:ac:cb:fc:14:5b:47:f9:ea:
                    ab:c6:73:0c:c7:c1:0d:b3:85:b9:81:b2:23:d3:c2:
                    50:b6:26:a6:94:84:21:9e:7a:a4:d8:3e:fb:d9:79:
                    b3:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:F9:53:D2:7C:A1:7C:74:5C:B6:D2:9A:35:A0:88:BF:E8:D1:44:FB
            X509v3 Authority Key Identifier:
                keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/zflT0nyhfHRcttKaNaCIv-jRRPs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.8.8.0/21
                  5.8.48.0-5.8.57.255
                  5.8.59.0-5.8.61.255
                  5.8.65.0/24
                  5.101.0.0/21
                  5.101.32.0/21
                  5.101.64.0/22
                  5.101.80.0/21
                  5.101.90.0/23
                  5.188.9.0-5.188.11.255
                  5.188.44.0-5.188.49.255
                  5.188.60.0-5.188.62.255
                  5.188.165.0-5.188.166.255
                  5.188.204.0/23
                  5.188.207.0-5.188.211.255
                  5.188.220.0/22
                  5.188.233.0-5.188.235.255
                  5.189.248.0/22
                  31.44.184.0/24
                  31.44.188.0/22
                  31.184.192.0-31.184.203.255
                  31.184.228.0/23
                  31.184.231.0-31.184.235.255
                  31.184.238.0/23
                  31.184.243.0/24
                  37.9.48.0/24
                  37.9.52.0/22
                  37.139.49.0/24
                  37.139.51.0/24
                  37.139.53.0-37.139.59.255
                  46.161.2.0/23
                  46.161.8.0/24
                  46.161.10.0/23
                  46.161.14.0/23
                  46.161.20.0-46.161.26.255
                  46.161.28.0-46.161.30.255
                  46.161.32.0/22
                  46.161.42.0/24
                  46.161.44.0-46.161.51.255
                  91.243.32.0/22
                  91.243.44.0-91.243.63.255
                  91.243.90.0/23
                  91.243.93.0/24
                  95.215.0.0/22
                  146.185.223.0-146.185.231.255
                  146.185.244.0/23
                  185.238.152.0/22
                  188.143.232.0/22
                  195.2.240.0/23
                IPv6:
                  2a00:1d78:100:1c0::/58

    Signature Algorithm: sha256WithRSAEncryption
         16:94:5c:6e:a7:b0:8c:02:dc:0b:1c:66:1f:5b:c2:7f:59:ba:
         1a:77:0e:7f:5d:36:c4:3c:cb:c1:6e:c5:e3:67:0c:b3:d8:0b:
         11:0f:f2:40:ba:cc:e6:21:25:5c:bf:41:0c:45:83:ce:cf:94:
         b1:19:e8:e8:8c:f1:09:cd:9f:da:b4:6d:29:d8:f9:ee:c6:63:
         a7:8e:42:d1:b6:18:bb:c6:74:71:13:2b:2f:45:94:4c:d8:85:
         a5:63:af:aa:fa:04:b7:74:ca:39:0d:b1:c2:fe:d2:87:db:4c:
         be:db:6f:cd:2f:cc:0a:6f:67:70:dd:cd:d0:90:83:34:18:5b:
         58:84:7d:0e:cd:92:3c:09:b4:8f:4b:49:0c:b7:13:75:1d:ce:
         8e:a7:26:40:1c:3d:ae:d6:92:3a:c9:da:dd:97:e0:52:77:b2:
         78:63:0f:52:e1:ca:dc:53:56:73:6c:e7:d7:00:cb:8d:3a:d2:
         04:ed:f8:38:76:4b:07:b5:f9:32:98:7f:4e:a3:e8:ef:86:69:
         12:6e:16:2a:3b:12:f2:0c:08:19:fc:16:8e:a4:b5:8d:13:0e:
         fe:56:a3:ce:0a:60:7f:8c:9e:13:b0:fb:a8:42:85:4a:18:f6:
         6b:79:e9:50:ec:8d:81:f6:88:f3:f0:06:07:d3:fb:5c:e2:51:
         a3:12:db:bd
-----BEGIN CERTIFICATE-----
MIIGujCCBaKgAwIBAgISAYUuVNllV/K87IaAVP0tJLgzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjIxMjIwMDY1OTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGY5NTNkMjdjYTE3Yzc0NWNiNmQyOWEzNWEwODhiZmU4ZDE0NGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eSSzq5fsUZFz7Dijwofg8GahuFQ
kUdR+5nRIbFBPtf9wmzC4rP/9+4iMXN79HcODYJ0+/NQovFFF43GVuIByDLY/qWT
WxtKweyMyUSrN7yBl/n7Fp+xhT8p8An0SBnXwjIr3akk/A3DOEN7ZIsPFL918tJQ
2e9g00jphk0lWGjOtjthUBS0NBh3jabd1Zkq6KhKR2b4zWc/7QP/DOfRLMMYbCTI
8qZ0ME1T0Kbl9j8r8dQS8apBESl9wlhBv8TqiIlZmp+PidFwHSQQ7semjDtlo5kq
6vnyrMv8FFtH+eqrxnMMx8ENs4W5gbIj08JQtiamlIQhnnqk2D772Xmz3wIDAQAB
o4IDxjCCA8IwHQYDVR0OBBYEFM35U9J8oXx0XLbSmjWgiL/o0UT7MB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvemZsVDBueWhmSFJjdHRLYU5hQ0l2LWpSUlBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB2gYIKwYBBQUHAQcBAf8EggHJMIIBxTCCAa4EAgABMIIB
pgMEAwUICDAMAwQEBQgwAwQBBQg4MAwDBAAFCDsDBAEFCDwDBAAFCEEDBAMFZQAD
BAMFZSADBAIFZUADBAMFZVADBAEFZVowDAMEAAW8CQMEAgW8CDAMAwQCBbwsAwQB
BbwwMAwDBAIFvDwDBAAFvD4wDAMEAAW8pQMEAAW8pgMEAQW8zDAMAwQABbzPAwQC
BbzQAwQCBbzcMAwDBAAFvOkDBAIFvOgDBAIFvfgDBAAfLLgDBAIfLLwwDAMEBh+4
wAMEAh+4yAMEAR+45DAMAwQAH7jnAwQCH7joAwQBH7juAwQAH7jzAwQAJQkwAwQC
JQk0AwQAJYsxAwQAJYszMAwDBAAlizUDBAIlizgDBAEuoQIDBAAuoQgDBAEuoQoD
BAEuoQ4wDAMEAi6hFAMEAC6hGjAMAwQCLqEcAwQALqEeAwQCLqEgAwQALqEqMAwD
BAIuoSwDBAIuoTADBAJb8yAwDAMEAlvzLAMEBlvzAAMEAVvzWgMEAFvzXQMEAl/X
ADAMAwQAkrnfAwQDkrngAwQBkrn0AwQCue6YAwQCvI/oAwQBwwLwMBEEAgACMAsD
CQYqAB14AQABwDANBgkqhkiG9w0BAQsFAAOCAQEAFpRcbqewjALcCxxmH1vCf1m6
GncOf102xDzLwW7F42cMs9gLEQ/yQLrM5iElXL9BDEWDzs+UsRno6IzxCc2f2rRt
Kdj57sZjp45C0bYYu8Z0cRMrL0WUTNiFpWOvqvoEt3TKOQ2xwv7Sh9tMvttvzS/M
Cm9ncN3N0JCDNBhbWIR9Ds2SPAm0j0tJDLcTdR3OjqcmQBw9rtaSOsna3ZfgUney
eGMPUuHK3FNWc2zn1wDLjTrSBO34OHZLB7X5Mph/TqPo74ZpEm4WKjsS8gwIGfwW
jqS1jRMO/lajzgpgf4yeE7D7qEKFShj2a3npUOyNgfaI8/AGB9P7XOJRoxLbvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org