Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/DYrnUFfdyJhuNMt553GWheXc9cA.roa
File:                     DYrnUFfdyJhuNMt553GWheXc9cA.roa (raw, json)
Hash identifier:          JkqB/DfNM1bHTYYGSizSj6xPvN436clQyHm184PidoE=
Subject key identifier:   0D:8A:E7:50:57:DD:C8:98:6E:34:CB:79:E7:71:96:85:E5:DC:F5:C0
Certificate issuer:       /CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
Certificate serial:       01898CC1EFC7557C91EBE4B2F2ECB37D9BF6
Authority key identifier: AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/DYrnUFfdyJhuNMt553GWheXc9cA.roa
Signing time:             Tue 25 Jul 2023 11:14:27 +0000
ROA not before:           Tue 25 Jul 2023 11:14:27 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     25229
IP address blocks:        77.121.17.0/24 maxlen: 24
                          77.121.16.0/24 maxlen: 24
                          77.121.15.0/24 maxlen: 24
                          77.121.13.0/24 maxlen: 24
                          109.201.227.0/24 maxlen: 24
                          77.121.12.0/24 maxlen: 24
                          77.121.18.0/24 maxlen: 24
                          77.121.19.0/24 maxlen: 24
                          77.121.24.0/24 maxlen: 24
                          77.121.23.0/24 maxlen: 24
                          77.121.22.0/24 maxlen: 24
                          77.121.21.0/24 maxlen: 24
                          77.121.20.0/24 maxlen: 24
                          77.121.30.0/24 maxlen: 24
                          77.121.29.0/24 maxlen: 24
                          77.121.28.0/24 maxlen: 24
                          77.121.26.0/24 maxlen: 24
                          77.121.25.0/24 maxlen: 24
                          93.74.0.0/17 maxlen: 18
                          93.74.0.0/16 maxlen: 17
                          109.201.226.0/24 maxlen: 24
                          109.201.225.0/24 maxlen: 24
                          109.201.224.0/24 maxlen: 24
                          77.120.4.0/24 maxlen: 24
                          77.120.6.0/24 maxlen: 24
                          93.73.0.0/16 maxlen: 17
                          93.72.0.0/16 maxlen: 17
                          93.72.0.0/15 maxlen: 16
                          95.69.240.0/21 maxlen: 22
                          77.123.64.0/19 maxlen: 20
                          77.123.0.0/18 maxlen: 19
                          77.123.32.0/19 maxlen: 20
                          77.123.160.0/19 maxlen: 20
                          95.69.192.0/19 maxlen: 20
                          141.170.226.0/24 maxlen: 24
                          141.170.229.0/24 maxlen: 24
                          141.170.227.0/24 maxlen: 24
                          141.170.233.0/24 maxlen: 24
                          141.170.232.0/24 maxlen: 24
                          141.170.231.0/24 maxlen: 24
                          141.170.230.0/24 maxlen: 24
                          141.170.238.0/24 maxlen: 24
                          95.69.224.0/21 maxlen: 22
                          141.170.236.0/24 maxlen: 24
                          77.123.96.0/21 maxlen: 22
                          77.123.104.0/21 maxlen: 22
                          95.69.128.0/20 maxlen: 21
                          95.69.144.0/21 maxlen: 22
                          77.123.112.0/21 maxlen: 22
                          95.69.152.0/22 maxlen: 23
                          77.123.120.0/21 maxlen: 22
                          77.123.128.0/19 maxlen: 20
                          95.69.156.0/22 maxlen: 23
                          95.69.160.0/19 maxlen: 20
                          77.123.144.0/22 maxlen: 22
                          188.230.28.0/22 maxlen: 23
                          188.230.26.0/23 maxlen: 24
                          188.230.32.0/21 maxlen: 22
                          188.230.40.0/21 maxlen: 22
                          188.230.48.0/21 maxlen: 22
                          188.230.56.0/21 maxlen: 22
                          188.230.64.0/21 maxlen: 22
                          188.230.78.0/23 maxlen: 24
                          77.122.128.0/17 maxlen: 18
                          188.230.74.0/23 maxlen: 24
                          188.230.0.0/21 maxlen: 22
                          188.230.0.0/22 maxlen: 23
                          188.230.4.0/23 maxlen: 24
                          188.230.8.0/21 maxlen: 22
                          188.230.16.0/21 maxlen: 22
                          188.230.24.0/23 maxlen: 24
                          77.244.32.0/20 maxlen: 21
                          188.230.80.0/21 maxlen: 22
                          188.230.88.0/22 maxlen: 23
                          188.230.96.0/23 maxlen: 24
                          188.230.116.0/23 maxlen: 24
                          77.121.128.0/20 maxlen: 21
                          77.121.144.0/20 maxlen: 21
                          77.121.160.0/19 maxlen: 20
                          77.121.72.0/21 maxlen: 22
                          77.121.80.0/20 maxlen: 21
                          77.121.96.0/20 maxlen: 21
                          77.121.96.0/19 maxlen: 20
                          77.121.112.0/20 maxlen: 21
                          77.122.0.0/17 maxlen: 18
                          77.122.0.0/16 maxlen: 17
                          77.121.192.0/20 maxlen: 21
                          77.121.192.0/19 maxlen: 20
                          77.121.208.0/21 maxlen: 22
                          77.121.216.0/21 maxlen: 22
                          77.121.224.0/19 maxlen: 20
                          77.120.200.0/21 maxlen: 22
                          77.120.208.0/21 maxlen: 22
                          77.120.112.0/22 maxlen: 22
                          77.120.128.0/18 maxlen: 24
                          109.201.232.0/22 maxlen: 23
                          109.201.228.0/22 maxlen: 23
                          109.201.238.0/23 maxlen: 24
                          109.201.236.0/23 maxlen: 24
                          109.201.240.0/20 maxlen: 21
                          77.121.64.0/21 maxlen: 22
                          77.120.216.0/22 maxlen: 23
                          77.120.224.0/20 maxlen: 21
                          77.120.220.0/22 maxlen: 23
                          77.120.240.0/20 maxlen: 21
                          77.121.0.0/21 maxlen: 22
                          77.121.8.0/22 maxlen: 23
                          93.79.96.0/21 maxlen: 22
                          93.79.104.0/21 maxlen: 22
                          93.79.112.0/21 maxlen: 22
                          93.79.120.0/21 maxlen: 22
                          93.79.64.0/19 maxlen: 20
                          77.120.52.0/22 maxlen: 23
                          77.120.64.0/21 maxlen: 22
                          77.120.60.0/22 maxlen: 23
                          77.120.72.0/21 maxlen: 22
                          77.120.80.0/20 maxlen: 21
                          77.120.96.0/19 maxlen: 20
                          77.120.0.0/20 maxlen: 21
                          77.120.16.0/20 maxlen: 21
                          77.120.32.0/20 maxlen: 21
                          93.78.128.0/17 maxlen: 18
                          93.78.128.0/18 maxlen: 19
                          93.79.0.0/18 maxlen: 19
                          93.79.0.0/19 maxlen: 20
                          93.79.32.0/19 maxlen: 20
                          93.78.192.0/18 maxlen: 19
                          93.77.192.0/19 maxlen: 20
                          93.77.224.0/19 maxlen: 20
                          93.77.128.0/19 maxlen: 20
                          93.78.32.0/20 maxlen: 21
                          93.78.48.0/21 maxlen: 22
                          93.78.56.0/21 maxlen: 22
                          93.78.0.0/19 maxlen: 20
                          93.77.0.0/19 maxlen: 20
                          93.76.160.0/19 maxlen: 20
                          95.69.232.0/24 maxlen: 24
                          141.170.244.0/22 maxlen: 23
                          141.170.250.0/23 maxlen: 24
                          141.170.248.0/23 maxlen: 24
                          141.170.248.0/21 maxlen: 22
                          95.69.253.0/24 maxlen: 24
                          95.69.252.0/24 maxlen: 24
                          95.69.255.0/24 maxlen: 24
                          95.69.254.0/24 maxlen: 24
                          93.76.192.0/18 maxlen: 19
                          93.77.64.0/18 maxlen: 19
                          82.144.192.0/19 maxlen: 20
                          93.77.32.0/20 maxlen: 21
                          93.77.48.0/21 maxlen: 22
                          93.77.56.0/21 maxlen: 22
                          93.76.0.0/19 maxlen: 20
                          93.76.32.0/20 maxlen: 21
                          93.76.48.0/20 maxlen: 21
                          93.75.224.0/19 maxlen: 20
                          93.76.112.0/20 maxlen: 21
                          93.76.128.0/19 maxlen: 20
                          141.170.226.0/23 maxlen: 24
                          141.170.224.0/23 maxlen: 24
                          141.170.234.0/23 maxlen: 24
                          141.170.240.0/22 maxlen: 23
                          93.76.64.0/20 maxlen: 21
                          93.76.80.0/21 maxlen: 22
                          93.76.88.0/21 maxlen: 22
                          93.76.96.0/21 maxlen: 22
                          93.76.104.0/21 maxlen: 22
                          93.75.64.0/21 maxlen: 22
                          93.75.72.0/21 maxlen: 22
                          93.75.80.0/21 maxlen: 22
                          188.230.71.0/24 maxlen: 24
                          188.230.77.0/24 maxlen: 24
                          188.230.76.0/24 maxlen: 24
                          93.75.88.0/21 maxlen: 22
                          188.230.73.0/24 maxlen: 24
                          188.230.72.0/24 maxlen: 24
                          93.75.0.0/19 maxlen: 20
                          188.230.7.0/24 maxlen: 24
                          93.75.32.0/19 maxlen: 20
                          93.75.160.0/21 maxlen: 22
                          93.75.168.0/21 maxlen: 22
                          93.75.176.0/21 maxlen: 22
                          93.75.184.0/21 maxlen: 22
                          93.75.192.0/19 maxlen: 20
                          93.75.192.0/18 maxlen: 19
                          93.75.96.0/19 maxlen: 20
                          188.230.98.0/24 maxlen: 24
                          188.230.95.0/24 maxlen: 24
                          188.230.94.0/24 maxlen: 24
                          188.230.105.0/24 maxlen: 24
                          188.230.104.0/24 maxlen: 24
                          188.230.103.0/24 maxlen: 24
                          188.230.102.0/24 maxlen: 24
                          188.230.100.0/24 maxlen: 24
                          188.230.99.0/24 maxlen: 24
                          188.230.112.0/24 maxlen: 24
                          188.230.111.0/24 maxlen: 24
                          188.230.109.0/24 maxlen: 24
                          188.230.108.0/24 maxlen: 24
                          188.230.107.0/24 maxlen: 24
                          188.230.106.0/24 maxlen: 24
                          93.75.128.0/19 maxlen: 20
                          188.230.115.0/24 maxlen: 24
                          188.230.113.0/24 maxlen: 24
                          93.74.128.0/17 maxlen: 18

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:89:8c:c1:ef:c7:55:7c:91:eb:e4:b2:f2:ec:b3:7d:9b:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ad5eda0a1e7479c4ca78fe41c58d17e9d13b67aa
        Validity
            Not Before: Jul 25 11:14:27 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=0d8ae75057ddc8986e34cb79e7719685e5dcf5c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:91:1a:37:d2:2b:ad:1e:46:11:64:57:40:84:
                    02:a0:37:15:05:54:26:c6:74:b6:41:2f:8e:42:0a:
                    6e:6e:bb:18:77:f4:48:8e:be:79:02:66:8d:14:6d:
                    de:92:df:7f:cf:f2:ca:b2:1b:cd:42:07:08:75:1e:
                    c3:0f:27:09:73:3f:d4:24:ca:c8:c7:0b:01:17:dc:
                    da:63:c9:97:29:f0:43:ee:c2:99:4b:b7:d6:70:7e:
                    f2:c8:79:e2:fc:04:9c:7d:d4:5b:9f:93:40:d6:c7:
                    16:8e:90:38:8d:82:fd:8a:06:11:f0:35:e1:24:5e:
                    c5:8c:48:cb:24:c6:f7:e4:68:d3:e6:77:99:09:a1:
                    f5:85:90:e9:13:3f:0a:3b:a2:d9:13:a2:bf:66:7c:
                    de:e8:53:7e:a7:c8:c9:a3:62:ca:74:39:d1:cc:75:
                    8f:79:40:85:44:e1:e8:94:2b:13:02:70:a6:dd:35:
                    99:07:da:d6:a5:c9:cc:45:be:d4:32:99:d5:4d:0d:
                    2e:47:5d:0d:d1:2b:a8:34:5b:4b:45:e7:28:dd:02:
                    a7:20:74:c8:3f:0e:c8:33:f3:5c:12:3c:7d:9a:d6:
                    52:67:99:24:4c:b2:0a:17:03:24:6c:12:a6:db:a5:
                    df:9b:89:63:36:5c:0a:5b:2c:5b:a5:81:d7:cd:08:
                    a8:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:8A:E7:50:57:DD:C8:98:6E:34:CB:79:E7:71:96:85:E5:DC:F5:C0
            X509v3 Authority Key Identifier:
                keyid:AD:5E:DA:0A:1E:74:79:C4:CA:78:FE:41:C5:8D:17:E9:D1:3B:67:AA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rV7aCh50ecTKeP5BxY0X6dE7Z6o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/DYrnUFfdyJhuNMt553GWheXc9cA.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/37/febb18-e78a-4d12-80a2-944ce7eeb154/1/rV7aCh50ecTKeP5BxY0X6dE7Z6o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.120.0.0-77.120.47.255
                  77.120.52.0/22
                  77.120.60.0-77.120.191.255
                  77.120.200.0-77.121.13.255
                  77.121.15.0-77.121.26.255
                  77.121.28.0-77.121.30.255
                  77.121.64.0-77.123.191.255
                  77.244.32.0/20
                  82.144.192.0/19
                  93.72.0.0-93.77.159.255
                  93.77.192.0-93.78.63.255
                  93.78.128.0-93.79.127.255
                  95.69.128.0-95.69.232.255
                  95.69.240.0/21
                  95.69.252.0/22
                  109.201.224.0/19
                  141.170.224.0/22
                  141.170.229.0-141.170.236.255
                  141.170.238.0/24
                  141.170.240.0/20
                  188.230.0.0-188.230.91.255
                  188.230.94.0-188.230.100.255
                  188.230.102.0-188.230.109.255
                  188.230.111.0-188.230.113.255
                  188.230.115.0-188.230.117.255

    Signature Algorithm: sha256WithRSAEncryption
         7f:72:5a:f3:31:43:32:aa:86:c3:4a:cd:58:0f:cd:81:18:19:
         10:e2:52:42:8e:6e:af:99:ff:54:6a:d8:f8:28:3b:f9:b7:b4:
         77:20:e9:af:bf:6a:68:d3:fa:61:47:e8:0b:51:7f:a6:86:27:
         e6:fe:d4:3a:58:9c:67:7d:5e:29:8d:9e:a4:4a:c7:d4:a6:39:
         76:f2:e0:5d:5c:53:53:9e:1e:f4:a8:6c:0f:6d:81:34:20:00:
         e3:b2:f4:d2:cf:1c:40:5b:9e:d5:3e:5f:5a:4b:bc:9d:e2:e7:
         7c:df:43:8b:f7:66:0f:c0:48:a5:92:92:f3:bc:5a:f3:ef:94:
         66:91:67:98:7d:24:5a:fb:e8:9e:f8:39:a3:45:72:2f:ea:14:
         03:39:d5:49:d6:de:de:73:6b:42:60:28:0b:42:4f:77:63:3e:
         48:7a:f2:87:dc:ae:59:79:de:c4:1e:3b:6a:d5:fc:5b:4f:3d:
         fb:ca:12:21:81:ec:dd:71:75:c7:b8:c7:1d:ab:8b:bc:96:b1:
         14:da:f9:f4:e6:90:bb:4e:ec:48:52:8e:83:44:e7:94:b2:b1:
         d7:df:08:8d:20:ac:f0:65:6b:52:e4:bb:1b:bd:f6:50:b0:86:
         ce:a1:e3:f9:a5:f7:a4:1d:e0:0b:54:94:7e:48:a2:78:f8:bc:
         25:f3:69:37
-----BEGIN CERTIFICATE-----
MIIGFDCCBPygAwIBAgISAYmMwe/HVXyR6+Sy8uyzfZv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNWVkYTBhMWU3NDc5YzRjYTc4ZmU0MWM1OGQxN2U5ZDEz
YjY3YWEwHhcNMjMwNzI1MTExNDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhhZTc1MDU3ZGRjODk4NmUzNGNiNzllNzcxOTY4NWU1ZGNmNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpEaN9IrrR5GEWRXQIQCoDcVBVQm
xnS2QS+OQgpubrsYd/RIjr55AmaNFG3ekt9/z/LKshvNQgcIdR7DDycJcz/UJMrI
xwsBF9zaY8mXKfBD7sKZS7fWcH7yyHni/AScfdRbn5NA1scWjpA4jYL9igYR8DXh
JF7FjEjLJMb35GjT5neZCaH1hZDpEz8KO6LZE6K/Znze6FN+p8jJo2LKdDnRzHWP
eUCFROHolCsTAnCm3TWZB9rWpcnMRb7UMpnVTQ0uR10N0SuoNFtLReco3QKnIHTI
Pw7IM/NcEjx9mtZSZ5kkTLIKFwMkbBKm26Xfm4ljNlwKWyxbpYHXzQioTwIDAQAB
o4IDIDCCAxwwHQYDVR0OBBYEFA2K51BX3ciYbjTLeedxloXl3PXAMB8GA1UdIwQY
MBaAFK1e2goedHnEynj+QcWNF+nRO2eqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTIt
OTQ0Y2U3ZWViMTU0LzEvRFlyblVGZmR5Smh1Tk10NTUzR1doZVhjOWNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy9mZWJiMTgtZTc4YS00ZDEyLTgwYTItOTQ0Y2U3ZWViMTU0
LzEvclY3YUNoNTBlY1RLZVA1QnhZMFg2ZEU3WjZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNAYIKwYBBQUHAQcBAf8EggEjMIIBHzCCARsEAgABMIIB
EzALAwMDTXgDBARNeCADBAJNeDQwDAMEAk14PAMEBk14gDAMAwQDTXjIAwQBTXkM
MAwDBABNeQ8DBABNeRowDAMEAk15HAMEAE15HjAMAwQGTXlAAwQGTXuAAwQETfQg
AwQFUpDAMAsDAwNdSAMEBV1NgDAMAwQGXU3AAwQGXU4AMAwDBAddToADBAddTwAw
DAMEB19FgAMEAF9F6AMEA19F8AMEAl9F/AMEBW3J4AMEAo2q4DAMAwQAjarlAwQA
jarsAwQAjaruAwQEjarwMAsDAwG85gMEArzmWDAMAwQBvOZeAwQAvOZkMAwDBAG8
5mYDBAG85mwwDAMEALzmbwMEAbzmcDAMAwQAvOZzAwQBvOZ0MA0GCSqGSIb3DQEB
CwUAA4IBAQB/clrzMUMyqobDSs1YD82BGBkQ4lJCjm6vmf9Uatj4KDv5t7R3IOmv
v2po0/phR+gLUX+mhifm/tQ6WJxnfV4pjZ6kSsfUpjl28uBdXFNTnh70qGwPbYE0
IADjsvTSzxxAW57VPl9aS7yd4ud830OL92YPwEilkpLzvFrz75RmkWeYfSRa++ie
+DmjRXIv6hQDOdVJ1t7ec2tCYCgLQk93Yz5IevKH3K5Zed7EHjtq1fxbTz37yhIh
gezdcXXHuMcdq4u8lrEU2vn05pC7TuxIUo6DROeUsrHX3wiNIKzwZWtS5LsbvfZQ
sIbOoeP5pfekHeALVJR+SKJ4+Lwl82k3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:35 2024 by rpki-client on console-fra.rpki-client.org