Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/BnqZPBW5akpAPuK0ri3f_Nyr1f4.roa
File:                     BnqZPBW5akpAPuK0ri3f_Nyr1f4.roa (raw, json)
Hash identifier:          lXJMMgzgSW5VZ7Z0YmPtjnsLmJ76VSXssr/2J/r+ypA=
Subject key identifier:   06:7A:99:3C:15:B9:6A:4A:40:3E:E2:B4:AE:2D:DF:FC:DC:AB:D5:FE
Certificate issuer:       /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial:       0188BB5D74C0B34AD91371CADB660F73E58D
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/BnqZPBW5akpAPuK0ri3f_Nyr1f4.roa
Signing time:             Wed 14 Jun 2023 19:24:04 +0000
ROA not before:           Wed 14 Jun 2023 19:24:04 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25229
IP address blocks:        77.121.17.0/24 maxlen: 24
                          77.121.16.0/24 maxlen: 24
                          77.121.15.0/24 maxlen: 24
                          77.121.13.0/24 maxlen: 24
                          77.121.12.0/24 maxlen: 24
                          77.121.18.0/24 maxlen: 24
                          77.121.19.0/24 maxlen: 24
                          77.121.24.0/24 maxlen: 24
                          77.121.23.0/24 maxlen: 24
                          77.121.22.0/24 maxlen: 24
                          77.121.21.0/24 maxlen: 24
                          77.121.20.0/24 maxlen: 24
                          77.121.30.0/24 maxlen: 24
                          77.121.29.0/24 maxlen: 24
                          77.121.28.0/24 maxlen: 24
                          77.121.26.0/24 maxlen: 24
                          77.121.25.0/24 maxlen: 24
                          93.74.0.0/17 maxlen: 18
                          93.74.0.0/16 maxlen: 17
                          109.201.226.0/24 maxlen: 24
                          109.201.225.0/24 maxlen: 24
                          109.201.224.0/24 maxlen: 24
                          77.120.4.0/24 maxlen: 24
                          93.73.0.0/16 maxlen: 17
                          93.72.0.0/16 maxlen: 17
                          93.72.0.0/15 maxlen: 16
                          95.69.240.0/21 maxlen: 22
                          95.69.250.0/23 maxlen: 24
                          95.69.248.0/22 maxlen: 23
                          77.123.64.0/19 maxlen: 20
                          77.123.0.0/18 maxlen: 19
                          77.123.32.0/19 maxlen: 20
                          77.123.160.0/19 maxlen: 20
                          141.170.226.0/24 maxlen: 24
                          45.15.234.0/23 maxlen: 23
                          141.170.229.0/24 maxlen: 24
                          141.170.227.0/24 maxlen: 24
                          141.170.233.0/24 maxlen: 24
                          141.170.232.0/24 maxlen: 24
                          141.170.231.0/24 maxlen: 24
                          141.170.230.0/24 maxlen: 24
                          141.170.238.0/24 maxlen: 24
                          95.69.224.0/21 maxlen: 22
                          141.170.236.0/24 maxlen: 24
                          77.123.96.0/21 maxlen: 22
                          77.123.104.0/21 maxlen: 22
                          95.69.128.0/20 maxlen: 21
                          95.69.144.0/21 maxlen: 22
                          77.123.112.0/21 maxlen: 22
                          95.69.152.0/22 maxlen: 23
                          77.123.120.0/21 maxlen: 22
                          77.123.128.0/19 maxlen: 20
                          95.69.156.0/22 maxlen: 23
                          95.69.160.0/19 maxlen: 20
                          77.123.144.0/22 maxlen: 22
                          188.230.28.0/22 maxlen: 23
                          188.230.26.0/23 maxlen: 24
                          188.230.32.0/21 maxlen: 22
                          188.230.40.0/21 maxlen: 22
                          188.230.48.0/21 maxlen: 22
                          188.230.56.0/21 maxlen: 22
                          188.230.64.0/21 maxlen: 22
                          188.230.78.0/23 maxlen: 24
                          77.122.128.0/17 maxlen: 18
                          188.230.74.0/23 maxlen: 24
                          188.230.0.0/21 maxlen: 22
                          188.230.0.0/22 maxlen: 23
                          188.230.4.0/23 maxlen: 24
                          188.230.8.0/21 maxlen: 22
                          188.230.16.0/21 maxlen: 22
                          188.230.24.0/23 maxlen: 24
                          77.244.32.0/20 maxlen: 21
                          188.230.80.0/21 maxlen: 22
                          188.230.88.0/22 maxlen: 23
                          188.230.96.0/23 maxlen: 24
                          188.230.118.0/23 maxlen: 24
                          188.230.116.0/23 maxlen: 24
                          188.230.120.0/22 maxlen: 23
                          188.230.126.0/23 maxlen: 24
                          77.121.128.0/20 maxlen: 21
                          77.121.144.0/20 maxlen: 21
                          77.121.160.0/19 maxlen: 20
                          77.121.72.0/21 maxlen: 22
                          77.121.80.0/20 maxlen: 21
                          77.121.96.0/20 maxlen: 21
                          77.121.96.0/19 maxlen: 20
                          77.121.112.0/20 maxlen: 21
                          77.122.0.0/17 maxlen: 18
                          193.189.96.0/23 maxlen: 24
                          77.122.0.0/16 maxlen: 17
                          77.121.192.0/20 maxlen: 21
                          77.121.192.0/19 maxlen: 20
                          77.121.208.0/21 maxlen: 22
                          77.121.216.0/21 maxlen: 22
                          77.121.224.0/19 maxlen: 20
                          77.120.200.0/21 maxlen: 22
                          77.120.208.0/21 maxlen: 22
                          77.120.112.0/22 maxlen: 22
                          77.120.128.0/18 maxlen: 19
                          109.201.232.0/22 maxlen: 23
                          109.201.228.0/22 maxlen: 23
                          109.201.238.0/23 maxlen: 24
                          109.201.236.0/23 maxlen: 24
                          109.201.240.0/20 maxlen: 21
                          77.121.64.0/21 maxlen: 22
                          77.120.216.0/22 maxlen: 23
                          77.120.224.0/22 maxlen: 23
                          77.120.224.0/20 maxlen: 21
                          77.120.220.0/22 maxlen: 23
                          77.120.232.0/22 maxlen: 23
                          77.120.228.0/22 maxlen: 23
                          77.120.236.0/22 maxlen: 23
                          77.120.240.0/20 maxlen: 21
                          77.121.0.0/21 maxlen: 22
                          77.121.8.0/22 maxlen: 23
                          93.79.96.0/21 maxlen: 22
                          93.79.104.0/21 maxlen: 22
                          93.79.112.0/23 maxlen: 24
                          93.79.114.0/23 maxlen: 24
                          93.79.112.0/21 maxlen: 22
                          93.79.120.0/21 maxlen: 22
                          93.79.64.0/19 maxlen: 20
                          77.120.52.0/22 maxlen: 23
                          77.120.64.0/21 maxlen: 22
                          77.120.60.0/22 maxlen: 23
                          77.120.72.0/21 maxlen: 22
                          77.120.80.0/22 maxlen: 23
                          77.120.80.0/20 maxlen: 21
                          77.120.84.0/22 maxlen: 23
                          77.120.88.0/22 maxlen: 23
                          77.120.92.0/22 maxlen: 23
                          77.120.96.0/19 maxlen: 20
                          77.120.0.0/20 maxlen: 21
                          77.120.16.0/20 maxlen: 21
                          77.120.32.0/20 maxlen: 21
                          93.78.96.0/19 maxlen: 20
                          93.78.128.0/17 maxlen: 18
                          93.78.128.0/18 maxlen: 19
                          93.79.0.0/18 maxlen: 19
                          93.79.0.0/19 maxlen: 20
                          93.79.32.0/19 maxlen: 20
                          93.78.192.0/18 maxlen: 19
                          93.77.192.0/19 maxlen: 20
                          93.77.224.0/19 maxlen: 20
                          93.77.128.0/19 maxlen: 20
                          93.78.32.0/20 maxlen: 21
                          93.78.48.0/21 maxlen: 22
                          93.78.56.0/21 maxlen: 22
                          93.78.0.0/19 maxlen: 20
                          93.77.0.0/19 maxlen: 20
                          93.76.160.0/19 maxlen: 20
                          95.69.232.0/24 maxlen: 24
                          141.170.250.0/23 maxlen: 24
                          141.170.248.0/23 maxlen: 24
                          95.69.253.0/24 maxlen: 24
                          95.69.252.0/24 maxlen: 24
                          95.69.255.0/24 maxlen: 24
                          95.69.254.0/24 maxlen: 24
                          93.76.192.0/18 maxlen: 19
                          93.77.64.0/18 maxlen: 19
                          82.144.192.0/19 maxlen: 20
                          93.77.32.0/20 maxlen: 21
                          93.77.48.0/21 maxlen: 22
                          93.77.56.0/21 maxlen: 22
                          93.76.0.0/19 maxlen: 20
                          93.76.32.0/20 maxlen: 21
                          93.76.48.0/20 maxlen: 21
                          93.75.224.0/19 maxlen: 20
                          93.76.112.0/20 maxlen: 21
                          93.76.128.0/19 maxlen: 20
                          141.170.226.0/23 maxlen: 24
                          141.170.224.0/23 maxlen: 24
                          45.15.234.0/24 maxlen: 24
                          141.170.234.0/23 maxlen: 24
                          141.170.240.0/22 maxlen: 23
                          93.76.64.0/20 maxlen: 21
                          93.76.80.0/21 maxlen: 22
                          93.76.88.0/21 maxlen: 22
                          93.76.96.0/21 maxlen: 22
                          93.76.104.0/21 maxlen: 22
                          93.75.64.0/21 maxlen: 22
                          93.75.72.0/21 maxlen: 22
                          93.75.80.0/21 maxlen: 22
                          188.230.71.0/24 maxlen: 24
                          188.230.77.0/24 maxlen: 24
                          188.230.76.0/24 maxlen: 24
                          93.75.88.0/21 maxlen: 22
                          188.230.73.0/24 maxlen: 24
                          188.230.72.0/24 maxlen: 24
                          93.75.0.0/19 maxlen: 20
                          188.230.7.0/24 maxlen: 24
                          93.75.32.0/19 maxlen: 20
                          93.75.160.0/21 maxlen: 22
                          93.75.168.0/21 maxlen: 22
                          93.75.176.0/21 maxlen: 22
                          93.75.184.0/21 maxlen: 22
                          93.75.192.0/19 maxlen: 20
                          93.75.192.0/18 maxlen: 19
                          93.75.96.0/19 maxlen: 20
                          188.230.98.0/24 maxlen: 24
                          188.230.95.0/24 maxlen: 24
                          188.230.94.0/24 maxlen: 24
                          188.230.105.0/24 maxlen: 24
                          188.230.104.0/24 maxlen: 24
                          188.230.103.0/24 maxlen: 24
                          188.230.102.0/24 maxlen: 24
                          93.75.112.0/20 maxlen: 21
                          188.230.100.0/24 maxlen: 24
                          188.230.99.0/24 maxlen: 24
                          188.230.112.0/24 maxlen: 24
                          188.230.111.0/24 maxlen: 24
                          188.230.109.0/24 maxlen: 24
                          188.230.108.0/24 maxlen: 24
                          188.230.107.0/24 maxlen: 24
                          188.230.106.0/24 maxlen: 24
                          93.75.128.0/20 maxlen: 21
                          93.75.128.0/19 maxlen: 20
                          188.230.115.0/24 maxlen: 24
                          188.230.113.0/24 maxlen: 24
                          188.230.124.0/24 maxlen: 24
                          93.75.144.0/20 maxlen: 21
                          93.74.128.0/17 maxlen: 18

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:bb:5d:74:c0:b3:4a:d9:13:71:ca:db:66:0f:73:e5:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
        Validity
            Not Before: Jun 14 19:24:04 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=067a993c15b96a4a403ee2b4ae2ddffcdcabd5fe
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:69:40:be:78:bb:42:38:4d:1b:12:bd:c1:bb:
                    a6:e3:4b:b2:fb:ab:b6:a7:8f:50:d1:d2:35:ec:ba:
                    93:fa:1a:d8:ed:74:4f:c9:2b:2b:0a:f6:ca:e6:10:
                    c4:69:42:d5:67:0c:0d:9b:1c:7f:d2:c5:53:7c:57:
                    bf:55:50:1e:be:ea:06:34:75:cf:ed:95:5c:7e:9c:
                    3d:74:48:89:ac:4d:28:39:87:2c:93:d0:c5:13:ef:
                    44:eb:e6:d6:e1:b6:e2:dc:a8:a8:5a:c1:7e:52:79:
                    45:5d:bf:65:58:51:5d:85:b5:cb:e6:b4:5b:19:3d:
                    a5:6b:44:18:1a:6b:74:6e:5a:f2:db:07:44:40:9c:
                    be:bd:43:9e:e8:c5:5d:40:c0:29:8f:e8:05:ca:06:
                    35:64:46:cf:6e:f3:d6:08:89:6f:82:ca:7d:14:a6:
                    a4:aa:4c:6b:34:37:bf:1a:db:22:3d:ce:e8:07:eb:
                    4c:3f:de:69:09:28:5b:22:f2:e3:65:08:bf:13:2f:
                    15:38:0a:17:e1:e9:2f:67:e9:26:5f:21:61:6d:ad:
                    4f:d3:c6:a8:92:82:a5:9a:18:ad:a6:2c:08:6c:79:
                    31:f7:ea:91:ff:b7:f2:c2:66:3b:30:82:e7:d4:6f:
                    be:1b:aa:e6:fa:d2:93:d7:18:2c:af:3a:54:35:c3:
                    dc:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:7A:99:3C:15:B9:6A:4A:40:3E:E2:B4:AE:2D:DF:FC:DC:AB:D5:FE
            X509v3 Authority Key Identifier:
                keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/BnqZPBW5akpAPuK0ri3f_Nyr1f4.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.15.234.0/23
                  77.120.0.0-77.120.47.255
                  77.120.52.0/22
                  77.120.60.0-77.120.191.255
                  77.120.200.0-77.121.13.255
                  77.121.15.0-77.121.26.255
                  77.121.28.0-77.121.30.255
                  77.121.64.0-77.123.191.255
                  77.244.32.0/20
                  82.144.192.0/19
                  93.72.0.0-93.77.159.255
                  93.77.192.0-93.78.63.255
                  93.78.96.0-93.79.127.255
                  95.69.128.0/18
                  95.69.224.0-95.69.232.255
                  95.69.240.0/20
                  109.201.224.0-109.201.226.255
                  109.201.228.0-109.201.255.255
                  141.170.224.0/22
                  141.170.229.0-141.170.236.255
                  141.170.238.0/24
                  141.170.240.0/22
                  141.170.248.0/22
                  188.230.0.0-188.230.91.255
                  188.230.94.0-188.230.100.255
                  188.230.102.0-188.230.109.255
                  188.230.111.0-188.230.113.255
                  188.230.115.0-188.230.124.255
                  188.230.126.0/23
                  193.189.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2f:ee:ff:3c:1d:1d:57:95:cf:8a:b6:df:5b:8c:33:55:bf:59:
         63:a2:19:3b:0c:d1:2a:2b:20:b7:38:68:63:25:3d:b2:19:45:
         47:11:94:72:50:da:7d:7b:43:37:64:17:11:12:82:f1:d7:76:
         1f:b9:51:1d:08:b9:63:03:75:c1:b9:6f:c5:b4:36:b7:5d:55:
         5d:6b:98:6c:da:7d:b4:f0:82:0c:bd:24:c2:85:ae:04:2c:d0:
         ae:85:f2:33:30:bc:8d:68:fb:4b:ea:47:9d:a5:fd:55:04:da:
         d8:2d:7f:fd:f0:0d:44:54:23:1b:e5:d8:5c:ed:c4:fe:d8:0d:
         98:6f:cd:3f:e1:ec:37:6e:3a:de:39:f8:e2:df:44:e0:b7:0c:
         64:00:cd:59:78:46:7e:c8:05:46:58:4a:5c:b3:89:94:a9:ce:
         da:46:a2:45:6d:89:a1:45:26:c6:1c:b1:6e:cf:c0:bc:fb:62:
         34:09:b5:59:5d:4b:0d:a4:d7:67:b3:2b:ee:bf:44:24:30:d2:
         fa:c8:50:31:9d:57:19:12:b7:3c:f1:ab:9b:5c:7d:9c:5b:a4:
         e5:d7:0f:f9:47:ff:b5:ff:20:a1:b5:1a:d4:4e:bf:14:dd:76:
         7f:19:d9:3d:fc:2f:6d:ea:93:64:d0:f0:7a:0b:56:50:69:45:
         f8:4e:dd:be
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAYi7XXTAs0rZE3HK22YPc+WNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjMwNjE0MTkyNDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjdhOTkzYzE1Yjk2YTRhNDAzZWUyYjRhZTJkZGZmY2RjYWJkNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGlAvni7QjhNGxK9wbum40uy+6u2
p49Q0dI17LqT+hrY7XRPySsrCvbK5hDEaULVZwwNmxx/0sVTfFe/VVAevuoGNHXP
7ZVcfpw9dEiJrE0oOYcsk9DFE+9E6+bW4bbi3KioWsF+UnlFXb9lWFFdhbXL5rRb
GT2la0QYGmt0blry2wdEQJy+vUOe6MVdQMApj+gFygY1ZEbPbvPWCIlvgsp9FKak
qkxrNDe/GtsiPc7oB+tMP95pCShbIvLjZQi/Ey8VOAoX4ekvZ+kmXyFhba1P08ao
koKlmhitpiwIbHkx9+qR/7fywmY7MILn1G++G6rm+tKT1xgsrzpUNcPccQIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFAZ6mTwVuWpKQD7itK4t3/zcq9X+MB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvQm5xWlBCVzVha3BBUHVLMHJpM2ZfTnlyMWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAS0P6jALAwMDTXgDBARNeCADBAJNeDQwDAMEAk14PAMEBk14gDAMAwQDTXjI
AwQBTXkMMAwDBABNeQ8DBABNeRowDAMEAk15HAMEAE15HjAMAwQGTXlAAwQGTXuA
AwQETfQgAwQFUpDAMAsDAwNdSAMEBV1NgDAMAwQGXU3AAwQGXU4AMAwDBAVdTmAD
BAddTwADBAZfRYAwDAMEBV9F4AMEAF9F6AMEBF9F8DAMAwQFbcngAwQAbcniMAsD
BAJtyeQDAwFtyAMEAo2q4DAMAwQAjarlAwQAjarsAwQAjaruAwQCjarwAwQCjar4
MAsDAwG85gMEArzmWDAMAwQBvOZeAwQAvOZkMAwDBAG85mYDBAG85mwwDAMEALzm
bwMEAbzmcDAMAwQAvOZzAwQAvOZ8AwQBvOZ+AwQBwb1gMA0GCSqGSIb3DQEBCwUA
A4IBAQAv7v88HR1Xlc+Ktt9bjDNVv1ljohk7DNEqKyC3OGhjJT2yGUVHEZRyUNp9
e0M3ZBcREoLx13YfuVEdCLljA3XBuW/FtDa3XVVda5hs2n208IIMvSTCha4ELNCu
hfIzMLyNaPtL6kedpf1VBNrYLX/98A1EVCMb5dhc7cT+2A2Yb80/4ew3bjreOfji
30TgtwxkAM1ZeEZ+yAVGWEpcs4mUqc7aRqJFbYmhRSbGHLFuz8C8+2I0CbVZXUsN
pNdnsyvuv0QkMNL6yFAxnVcZErc88aubXH2cW6Tl1w/5R/+1/yChtRrUTr8U3XZ/
Gdk9/C9t6pNk0PB6C1ZQaUX4Tt2+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:17 2024 by rpki-client on console-ams.rpki-client.org