Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/7UUVoNm8FeCE1O2b1k1rmRizfXs.roa
File:                     7UUVoNm8FeCE1O2b1k1rmRizfXs.roa (raw, json)
Hash identifier:          n9OkdqS1sJWibdIiKYXkQ6wbyUNBiI9St4MwaLhlXhs=
Subject key identifier:   ED:45:15:A0:D9:BC:15:E0:84:D4:ED:9B:D6:4D:6B:99:18:B3:7D:7B
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       0188A6991CFD6E0DE489F0E863FB155E971A
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/7UUVoNm8FeCE1O2b1k1rmRizfXs.roa
Signing time:             Sat 10 Jun 2023 18:37:12 +0000
ROA not before:           Sat 10 Jun 2023 18:37:12 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     834
IP address blocks:        62.182.170.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:88:a6:99:1c:fd:6e:0d:e4:89:f0:e8:63:fb:15:5e:97:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Jun 10 18:37:12 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=ed4515a0d9bc15e084d4ed9bd64d6b9918b37d7b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:89:5e:86:25:35:c6:08:35:a6:8b:e3:67:40:
                    d5:d8:62:fe:cb:73:0b:95:1e:de:ad:35:48:5e:8c:
                    dd:19:0f:99:c4:59:d0:e9:ab:95:f1:c5:cf:e9:40:
                    c3:b4:ce:1d:85:41:ed:b9:39:40:b8:31:8c:f1:63:
                    78:78:bc:50:2b:1b:97:a7:11:bc:e4:3f:91:13:42:
                    ae:01:7e:e2:bb:f5:b3:29:e5:a6:67:27:d1:12:4a:
                    06:b9:c5:83:83:7c:15:91:6e:51:16:be:ab:7b:66:
                    b4:2d:00:79:89:70:be:87:96:83:63:1b:ce:d0:3b:
                    9c:30:6e:20:9a:a8:47:3e:96:ce:9c:91:1a:52:72:
                    92:a2:c5:e3:ec:e0:c0:ac:14:8e:da:94:5c:d9:69:
                    fd:00:e0:c9:bf:1e:df:c2:78:51:ea:77:71:79:76:
                    4e:7b:dc:9e:f3:8a:03:50:87:22:ab:c7:04:d7:93:
                    0a:86:8c:06:93:c3:18:f0:6d:fd:29:4e:f3:50:d4:
                    81:49:7f:b0:d5:2f:85:11:d9:d9:82:11:6d:c2:05:
                    d1:7c:e7:20:74:d4:7d:15:1e:a3:16:4c:c9:07:04:
                    2c:ad:d8:4d:96:08:cb:d7:af:42:a8:79:60:e8:8e:
                    a9:6d:5e:7d:8e:e6:da:32:17:4d:61:44:6c:5a:20:
                    70:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:45:15:A0:D9:BC:15:E0:84:D4:ED:9B:D6:4D:6B:99:18:B3:7D:7B
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/7UUVoNm8FeCE1O2b1k1rmRizfXs.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.182.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         06:27:17:87:2c:e0:32:6e:32:58:94:66:09:2a:4b:a4:ba:58:
         83:6a:d2:97:ee:c6:45:86:ad:ff:b2:b0:91:fb:24:a3:d2:6a:
         32:66:91:1e:a2:65:73:17:3f:d6:88:e2:c4:c5:03:62:d1:4b:
         3c:64:1d:80:8e:5a:63:68:65:c7:1f:03:fd:72:bb:1d:fc:51:
         7c:78:98:40:85:d1:48:54:d7:41:da:a6:b7:8a:ea:e2:8b:26:
         1f:d0:91:30:62:18:10:a8:0b:e5:43:e8:77:a4:4b:8c:11:52:
         df:24:d4:8d:2d:ab:1e:21:8f:7b:c1:1e:63:4e:4b:ee:1a:1b:
         71:d3:c3:94:3c:86:7e:45:38:2c:eb:fc:77:20:fd:0e:13:0f:
         99:6f:99:49:41:2e:ed:42:f5:da:7d:aa:0d:fd:58:4f:3a:2e:
         5c:47:aa:ba:0a:3d:6c:80:27:58:63:39:29:33:b2:c6:67:27:
         65:75:db:7c:a8:41:1c:d3:f4:d8:dc:06:5b:48:db:9c:1f:39:
         10:59:7a:23:7a:dd:9d:e9:52:20:11:0f:31:6c:0e:14:99:2c:
         41:31:a1:f0:aa:3c:50:d7:bb:da:24:94:2a:c2:26:96:59:3e:
         48:75:2c:36:94:74:03:48:a1:07:a9:72:27:76:83:7e:45:43:
         cb:c4:aa:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYimmRz9bg3kifDoY/sVXpcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwNjEwMTgzNzEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDQ1MTVhMGQ5YmMxNWUwODRkNGVkOWJkNjRkNmI5OTE4YjM3ZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkolehiU1xgg1povjZ0DV2GL+y3ML
lR7erTVIXozdGQ+ZxFnQ6auV8cXP6UDDtM4dhUHtuTlAuDGM8WN4eLxQKxuXpxG8
5D+RE0KuAX7iu/WzKeWmZyfREkoGucWDg3wVkW5RFr6re2a0LQB5iXC+h5aDYxvO
0DucMG4gmqhHPpbOnJEaUnKSosXj7ODArBSO2pRc2Wn9AODJvx7fwnhR6ndxeXZO
e9ye84oDUIciq8cE15MKhowGk8MY8G39KU7zUNSBSX+w1S+FEdnZghFtwgXRfOcg
dNR9FR6jFkzJBwQsrdhNlgjL169CqHlg6I6pbV59jubaMhdNYURsWiBwvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO1FFaDZvBXghNTtm9ZNa5kYs317MB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvN1VVVm9ObThGZUNFMU8yYjFrMXJtUml6ZlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPraqMA0G
CSqGSIb3DQEBCwUAA4IBAQAGJxeHLOAybjJYlGYJKkukuliDatKX7sZFhq3/srCR
+ySj0moyZpEeomVzFz/WiOLExQNi0Us8ZB2AjlpjaGXHHwP9crsd/FF8eJhAhdFI
VNdB2qa3iuriiyYf0JEwYhgQqAvlQ+h3pEuMEVLfJNSNLaseIY97wR5jTkvuGhtx
08OUPIZ+RTgs6/x3IP0OEw+Zb5lJQS7tQvXafaoN/VhPOi5cR6q6Cj1sgCdYYzkp
M7LGZydlddt8qEEc0/TY3AZbSNucHzkQWXojet2d6VIgEQ8xbA4UmSxBMaHwqjxQ
17vaJJQqwiaWWT5IdSw2lHQDSKEHqXIndoN+RUPLxKp5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:09 2024 by rpki-client on console-ams.rpki-client.org