Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/dvsVCUtXV8IKWtI1518GWvTwIFg.roa
File:                     dvsVCUtXV8IKWtI1518GWvTwIFg.roa (raw, json)
Hash identifier:          uPmO/k/a3RCY/n3Ky5wCbEbeAQm8sZJuWHr6EfoNvBY=
Subject key identifier:   76:FB:15:09:4B:57:57:C2:0A:5A:D2:35:E7:5F:06:5A:F4:F0:20:58
Certificate issuer:       /CN=237f7db033314c473cda194e0df79f1c375da3f4
Certificate serial:       0BC20623
Authority key identifier: 23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/dvsVCUtXV8IKWtI1518GWvTwIFg.roa
Signing time:             Wed 16 Feb 2022 08:36:48 +0000
ROA not before:           Wed 16 Feb 2022 08:36:48 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     4755
IP address blocks:        91.140.128.0/17 maxlen: 17
                          194.54.192.0/18 maxlen: 19
                          95.175.64.0/19 maxlen: 19

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 197264931 (0xbc20623)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=237f7db033314c473cda194e0df79f1c375da3f4
        Validity
            Not Before: Feb 16 08:36:48 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=76fb15094b5757c20a5ad235e75f065af4f02058
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:89:f9:ed:46:9c:b2:46:6d:fc:01:ca:fd:60:
                    16:de:fd:2f:55:f5:1e:f2:39:70:5d:a0:97:68:08:
                    24:0c:2c:f6:ab:8e:99:08:0f:b9:28:51:43:ef:45:
                    50:21:f0:8a:e3:e3:1b:70:4c:e2:ef:88:9b:f1:76:
                    38:b9:ad:a2:f4:79:30:fd:9a:71:11:b9:8d:c1:d4:
                    f8:05:47:4f:df:db:3d:de:9b:bf:97:11:3f:21:e5:
                    96:a2:8c:01:d1:50:ad:0d:6e:70:d5:a9:0e:f8:7b:
                    57:79:57:ee:86:39:fb:a8:08:a6:9b:49:c3:a9:88:
                    b8:a5:14:a4:55:3b:7f:98:46:4b:4e:a1:d7:af:3e:
                    35:bf:04:8e:85:c2:cc:77:d2:0b:5c:5d:a1:98:0e:
                    11:b2:3a:d2:50:43:e5:9f:fe:fc:e6:9e:bc:2e:42:
                    0d:ff:1d:09:ad:76:78:e5:f6:2a:c9:af:4b:3a:8c:
                    45:a9:bc:c2:71:f8:b9:ec:63:8c:a7:d8:1d:b0:30:
                    87:d9:e6:65:b6:3c:e8:d0:70:3d:b6:0a:d0:65:ff:
                    16:87:45:b2:5f:5b:df:56:68:9f:96:fd:e7:ff:98:
                    76:46:48:9a:a8:b8:4c:0b:2a:5e:86:02:55:26:09:
                    c9:5e:54:13:cc:d8:00:31:d9:64:32:15:a7:ed:0e:
                    f0:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:FB:15:09:4B:57:57:C2:0A:5A:D2:35:E7:5F:06:5A:F4:F0:20:58
            X509v3 Authority Key Identifier:
                keyid:23:7F:7D:B0:33:31:4C:47:3C:DA:19:4E:0D:F7:9F:1C:37:5D:A3:F4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I399sDMxTEc82hlODfefHDddo_Q.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/dvsVCUtXV8IKWtI1518GWvTwIFg.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/88/eef557-0e10-40ce-a48f-ee0603949f93/1/I399sDMxTEc82hlODfefHDddo_Q.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  91.140.128.0/17
                  95.175.64.0/19
                  194.54.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         45:c0:ef:5d:6a:4b:e7:0e:6c:05:bb:f1:7d:1e:8e:c4:6c:19:
         2f:14:aa:03:7c:b5:ff:14:9f:b8:1c:cc:57:20:23:03:e9:0c:
         0c:e0:fe:83:1e:53:90:82:6d:10:68:72:39:11:23:36:a3:24:
         28:58:24:a1:be:9a:65:c1:ba:c8:fc:46:e5:e9:4b:ef:68:cf:
         58:f7:52:63:28:8d:e7:9f:87:75:eb:36:e9:c6:c1:c0:97:55:
         b0:51:b2:3b:2a:b5:c6:77:79:e3:ed:ef:fc:83:ea:53:28:f9:
         bd:6a:cc:fa:02:cb:36:c4:1d:c4:16:54:8c:84:71:60:24:a1:
         78:84:b0:1c:7d:04:c8:c9:a0:ca:95:31:45:7c:b1:48:d2:67:
         7f:8d:c9:37:49:a8:8c:34:f8:99:55:7c:87:99:a6:2a:0e:d7:
         a5:3a:1d:91:80:06:65:2d:d2:0a:e7:28:ae:e4:e4:7b:fe:6a:
         33:44:20:bb:a3:c3:21:a0:4f:58:66:35:5b:dc:8a:4a:18:2e:
         c2:9a:ed:da:ac:0b:fd:47:40:30:99:60:57:ec:dc:a0:1f:8f:
         6a:e5:8d:a7:ee:94:62:30:e4:0e:dd:1f:1f:af:94:c4:24:1d:
         e3:38:13:cc:af:05:c2:a4:cb:f1:45:6d:73:ac:1a:03:88:da:
         10:a0:ff:53
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEC8IGIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MzdmN2RiMDMzMzE0YzQ3M2NkYTE5NGUwZGY3OWYxYzM3NWRhM2Y0MB4XDTIyMDIx
NjA4MzY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzZmYjE1MDk0YjU3
NTdjMjBhNWFkMjM1ZTc1ZjA2NWFmNGYwMjA1ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2J+e1GnLJGbfwByv1gFt79L1X1HvI5cF2gl2gIJAws9quO
mQgPuShRQ+9FUCHwiuPjG3BM4u+Im/F2OLmtovR5MP2acRG5jcHU+AVHT9/bPd6b
v5cRPyHllqKMAdFQrQ1ucNWpDvh7V3lX7oY5+6gIpptJw6mIuKUUpFU7f5hGS06h
168+Nb8EjoXCzHfSC1xdoZgOEbI60lBD5Z/+/OaevC5CDf8dCa12eOX2KsmvSzqM
Ram8wnH4uexjjKfYHbAwh9nmZbY86NBwPbYK0GX/FodFsl9b31Zon5b95/+YdkZI
mqi4TAsqXoYCVSYJyV5UE8zYADHZZDIVp+0O8NsCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR2+xUJS1dXwgpa0jXnXwZa9PAgWDAfBgNVHSMEGDAWgBQjf32wMzFMRzza
GU4N958cN12j9DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzOTlzRE14VEVjODJobE9EZmVmSERkZG9fUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvZWVmNTU3LTBlMTAtNDBjZS1hNDhmLWVlMDYwMzk0OWY5My8x
L2R2c1ZDVXRYVjhJS1d0STE1MThHV3ZUd0lGZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
ZWVmNTU3LTBlMTAtNDBjZS1hNDhmLWVlMDYwMzk0OWY5My8xL0kzOTlzRE14VEVj
ODJobE9EZmVmSERkZG9fUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEB1uMgAMEBV+vQAMEBsI2wDANBgkq
hkiG9w0BAQsFAAOCAQEARcDvXWpL5w5sBbvxfR6OxGwZLxSqA3y1/xSfuBzMVyAj
A+kMDOD+gx5TkIJtEGhyOREjNqMkKFgkob6aZcG6yPxG5elL72jPWPdSYyiN55+H
des26cbBwJdVsFGyOyq1xnd54+3v/IPqUyj5vWrM+gLLNsQdxBZUjIRxYCSheISw
HH0EyMmgypUxRXyxSNJnf43JN0mojDT4mVV8h5mmKg7XpTodkYAGZS3SCucoruTk
e/5qM0Qgu6PDIaBPWGY1W9yKShguwprt2qwL/UdAMJlgV+zcoB+PauWNp+6UYjDk
Dt0fH6+UxCQd4zgTzK8FwqTL8UVtc6waA4jaEKD/Uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:58 2024 by rpki-client on console-fra.rpki-client.org