Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/c363Y3-U69APNEdU3NqHSwPfSdk.roa
File:                     c363Y3-U69APNEdU3NqHSwPfSdk.roa (raw, json)
Hash identifier:          BY8Lz7WkQyPfV00/FJV0vc0PHHKu5V783vdTCSPEbZE=
Subject key identifier:   73:7E:B7:63:7F:94:EB:D0:0F:34:47:54:DC:DA:87:4B:03:DF:49:D9
Certificate issuer:       /CN=3c4ed942e5c742e77bfb9beb954f872534f52848
Certificate serial:       018630E1AF5B252E541B34BC328E93811D71
Authority key identifier: 3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/c363Y3-U69APNEdU3NqHSwPfSdk.roa
Signing time:             Wed 08 Feb 2023 11:55:42 +0000
ROA not before:           Wed 08 Feb 2023 11:55:42 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     51089
IP address blocks:        62.182.169.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:86:30:e1:af:5b:25:2e:54:1b:34:bc:32:8e:93:81:1d:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3c4ed942e5c742e77bfb9beb954f872534f52848
        Validity
            Not Before: Feb  8 11:55:42 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=737eb7637f94ebd00f344754dcda874b03df49d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ae:2c:3e:ff:12:40:f6:8c:12:27:2e:5f:3e:
                    1b:2e:7a:30:3a:0b:80:39:1e:16:54:b9:e8:e9:07:
                    a3:a6:39:4d:f3:ac:8c:97:32:ac:cd:3a:ab:c6:03:
                    97:eb:ae:0f:1d:b0:29:f0:30:d8:ff:43:77:67:53:
                    b0:d8:32:59:7b:ac:0e:aa:8e:d7:42:a2:4d:4c:60:
                    7d:71:d8:c0:f0:7d:63:d9:76:a4:c5:4d:f4:cd:29:
                    94:aa:a3:f4:9d:07:5b:da:9b:2e:2e:53:1d:1b:2b:
                    b2:96:47:47:c9:5c:27:68:b1:0e:ed:bf:6a:09:c5:
                    c3:21:af:7b:d6:40:42:97:e4:70:82:fb:3b:90:c8:
                    72:84:4b:18:26:bc:1c:23:4e:ed:46:ff:19:37:87:
                    8f:a4:bf:5e:5d:10:d0:8b:b8:9e:0d:6c:c6:fd:20:
                    04:0c:87:84:ff:74:8d:33:1e:2d:44:47:64:32:cd:
                    0c:f7:71:af:77:3c:0d:62:7f:58:78:f7:52:23:fe:
                    84:ec:aa:12:19:32:0a:62:ad:9a:e5:03:a5:2c:2e:
                    14:12:9d:45:0d:bf:f8:39:00:2c:3f:8e:57:2a:ec:
                    9e:2c:0e:d2:b6:3f:19:2b:ac:04:6b:5f:e9:86:f7:
                    c6:dd:b6:52:68:16:45:0c:01:c2:bc:04:09:03:13:
                    8f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:7E:B7:63:7F:94:EB:D0:0F:34:47:54:DC:DA:87:4B:03:DF:49:D9
            X509v3 Authority Key Identifier:
                keyid:3C:4E:D9:42:E5:C7:42:E7:7B:FB:9B:EB:95:4F:87:25:34:F5:28:48

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PE7ZQuXHQud7-5vrlU-HJTT1KEg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/c363Y3-U69APNEdU3NqHSwPfSdk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/66/1bb45a-551c-4967-95ca-77344bcc9191/1/PE7ZQuXHQud7-5vrlU-HJTT1KEg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  62.182.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a1:a8:be:16:7e:47:95:38:a6:c5:46:3a:7a:93:6d:2a:20:1a:
         02:f3:ef:a8:4a:9d:06:43:3f:c8:85:25:89:01:23:bc:be:b6:
         34:77:57:91:ad:67:52:2d:bd:23:74:b6:40:56:35:57:58:e5:
         8a:6a:a3:f9:7f:cc:c2:e7:c4:14:18:b4:02:16:83:83:a1:64:
         9f:df:a8:20:24:42:54:cc:14:1d:50:8f:17:74:8a:a0:c5:c6:
         eb:5a:fb:77:40:d8:20:a8:8b:c8:33:d1:b2:51:2b:88:1c:ec:
         26:a3:26:03:0a:8c:14:45:3a:cc:dd:ee:61:e6:7d:af:54:17:
         89:7b:ca:66:44:5d:09:3b:ef:87:20:a5:7b:eb:4f:30:ba:03:
         04:9b:79:4c:84:23:34:c2:f2:40:77:ae:d4:06:bc:bd:7f:f2:
         ee:a2:06:8b:65:f5:da:66:44:5e:fb:60:9b:70:a2:49:10:81:
         1c:f3:ed:c8:7c:58:53:f2:51:8e:a9:48:3e:2c:02:64:e0:bf:
         47:72:4b:90:cb:a1:72:8b:c4:8e:b4:90:70:f1:6c:26:64:eb:
         f0:f0:ef:bd:a4:e4:77:f3:5b:42:4b:4f:79:a3:b1:50:91:59:
         29:3f:8c:49:a4:e6:0b:cb:4d:b6:43:e8:3f:f9:b9:f8:51:99:
         f1:86:df:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYYw4a9bJS5UGzS8Mo6TgR1xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjNGVkOTQyZTVjNzQyZTc3YmZiOWJlYjk1NGY4NzI1MzRm
NTI4NDgwHhcNMjMwMjA4MTE1NTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzdlYjc2MzdmOTRlYmQwMGYzNDQ3NTRkY2RhODc0YjAzZGY0OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt64sPv8SQPaMEicuXz4bLnowOguA
OR4WVLno6QejpjlN86yMlzKszTqrxgOX664PHbAp8DDY/0N3Z1Ow2DJZe6wOqo7X
QqJNTGB9cdjA8H1j2XakxU30zSmUqqP0nQdb2psuLlMdGyuylkdHyVwnaLEO7b9q
CcXDIa971kBCl+Rwgvs7kMhyhEsYJrwcI07tRv8ZN4ePpL9eXRDQi7ieDWzG/SAE
DIeE/3SNMx4tREdkMs0M93GvdzwNYn9YePdSI/6E7KoSGTIKYq2a5QOlLC4UEp1F
Db/4OQAsP45XKuyeLA7Stj8ZK6wEa1/phvfG3bZSaBZFDAHCvAQJAxOPxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHN+t2N/lOvQDzRHVNzah0sD30nZMB8GA1UdIwQY
MBaAFDxO2ULlx0Lne/ub65VPhyU09ShIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2Et
NzczNDRiY2M5MTkxLzEvYzM2M1kzLVU2OUFQTkVkVTNOcUhTd1BmU2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8xYmI0NWEtNTUxYy00OTY3LTk1Y2EtNzczNDRiY2M5MTkx
LzEvUEU3WlF1WEhRdWQ3LTV2cmxVLUhKVFQxS0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPrapMA0G
CSqGSIb3DQEBCwUAA4IBAQChqL4WfkeVOKbFRjp6k20qIBoC8++oSp0GQz/IhSWJ
ASO8vrY0d1eRrWdSLb0jdLZAVjVXWOWKaqP5f8zC58QUGLQCFoODoWSf36ggJEJU
zBQdUI8XdIqgxcbrWvt3QNggqIvIM9GyUSuIHOwmoyYDCowURTrM3e5h5n2vVBeJ
e8pmRF0JO++HIKV7608wugMEm3lMhCM0wvJAd67UBry9f/LuogaLZfXaZkRe+2Cb
cKJJEIEc8+3IfFhT8lGOqUg+LAJk4L9HckuQy6Fyi8SOtJBw8WwmZOvw8O+9pOR3
81tCS095o7FQkVkpP4xJpOYLy022Q+g/+bn4UZnxht/v
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:04 2024 by rpki-client on console-fra.rpki-client.org