Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Q_V7ZdvgEDBe-NU8CweMhG56Yt0.roa
File:                     Q_V7ZdvgEDBe-NU8CweMhG56Yt0.roa (raw, json)
Hash identifier:          FtpWdu8OVoNuEyr4R4CWVcCozbIcEIyMtSLMHuoI4uM=
Subject key identifier:   43:F5:7B:65:DB:E0:10:30:5E:F8:D5:3C:0B:07:8C:84:6E:7A:62:DD
Certificate issuer:       /CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
Certificate serial:       01856BC114FCF8E9C0C0A507F53B1705F3DD
Authority key identifier: E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Q_V7ZdvgEDBe-NU8CweMhG56Yt0.roa
Signing time:             Sun 01 Jan 2023 05:14:53 +0000
ROA not before:           Sun 01 Jan 2023 05:14:53 +0000
ROA not after:            Mon 01 Jul 2024 00:00:00 +0000
asID:                     42910
IP address blocks:        188.132.135.0/24 maxlen: 32
                          188.132.134.0/24 maxlen: 24
                          188.132.142.0/24 maxlen: 24
                          188.132.147.0/24 maxlen: 32
                          188.132.148.0/24 maxlen: 24
                          188.132.153.0/24 maxlen: 24
                          188.132.158.0/24 maxlen: 32
                          188.132.157.0/24 maxlen: 24
                          188.132.216.0/24 maxlen: 24
                          188.132.215.0/24 maxlen: 24
                          188.132.214.0/24 maxlen: 24
                          188.132.219.0/24 maxlen: 32
                          188.132.217.0/24 maxlen: 32
                          188.132.218.0/24 maxlen: 24
                          188.132.224.0/24 maxlen: 24
                          188.132.226.0/24 maxlen: 32
                          188.132.225.0/24 maxlen: 24
                          188.132.223.0/24 maxlen: 32
                          188.132.220.0/24 maxlen: 24
                          188.132.227.0/24 maxlen: 32
                          188.132.231.0/24 maxlen: 24
                          188.132.229.0/24 maxlen: 32
                          188.132.228.0/24 maxlen: 32
                          188.132.233.0/24 maxlen: 24
                          188.132.232.0/24 maxlen: 24
                          188.132.230.0/24 maxlen: 32
                          77.92.130.0/24 maxlen: 24
                          77.92.129.0/24 maxlen: 24
                          77.92.128.0/24 maxlen: 24
                          188.132.235.0/24 maxlen: 24
                          77.92.132.0/24 maxlen: 24
                          188.132.239.0/24 maxlen: 24
                          77.92.131.0/24 maxlen: 24
                          188.132.234.0/24 maxlen: 32
                          188.132.241.0/24 maxlen: 24
                          77.92.133.0/24 maxlen: 32
                          77.92.137.0/24 maxlen: 24
                          77.92.136.0/24 maxlen: 24
                          77.92.135.0/24 maxlen: 24
                          188.132.243.0/24 maxlen: 24
                          188.132.246.0/24 maxlen: 24
                          188.132.245.0/24 maxlen: 24
                          188.132.244.0/24 maxlen: 32
                          77.92.134.0/24 maxlen: 24
                          77.92.139.0/24 maxlen: 24
                          77.92.138.0/24 maxlen: 24
                          188.132.242.0/24 maxlen: 32
                          188.132.250.0/24 maxlen: 24
                          188.132.251.0/24 maxlen: 24
                          77.92.143.0/24 maxlen: 24
                          77.92.142.0/24 maxlen: 24
                          77.92.141.0/24 maxlen: 24
                          188.132.253.0/24 maxlen: 24
                          77.92.144.0/24 maxlen: 32
                          188.132.252.0/24 maxlen: 24
                          77.92.140.0/24 maxlen: 32
                          77.92.149.0/24 maxlen: 24
                          77.92.148.0/24 maxlen: 24
                          188.132.255.0/24 maxlen: 24
                          188.132.254.0/24 maxlen: 24
                          77.92.146.0/24 maxlen: 24
                          77.92.158.0/24 maxlen: 24
                          77.92.156.0/24 maxlen: 24
                          77.92.155.0/24 maxlen: 32
                          77.92.159.0/24 maxlen: 24
                          77.92.157.0/24 maxlen: 32
                          188.132.172.0/24 maxlen: 24
                          188.132.175.0/24 maxlen: 24
                          188.132.176.0/24 maxlen: 32
                          188.132.177.0/24 maxlen: 24
                          188.132.184.0/24 maxlen: 24
                          188.132.183.0/24 maxlen: 32
                          188.132.180.0/24 maxlen: 24
                          188.132.190.0/24 maxlen: 24
                          188.132.195.0/24 maxlen: 24
                          188.132.194.0/24 maxlen: 24
                          188.132.204.0/24 maxlen: 32
                          188.132.200.0/24 maxlen: 24
                          188.132.205.0/24 maxlen: 32
                          188.132.206.0/24 maxlen: 24
                          188.132.210.0/24 maxlen: 24
                          188.132.211.0/24 maxlen: 32
                          188.132.207.0/24 maxlen: 24
                          188.132.208.0/24 maxlen: 32
                          188.132.213.0/24 maxlen: 24
                          188.132.212.0/24 maxlen: 24
                          212.68.55.0/24 maxlen: 24
                          212.68.57.0/24 maxlen: 32
                          212.68.56.0/24 maxlen: 32
                          212.68.61.0/24 maxlen: 32
                          31.210.33.0/24 maxlen: 24
                          31.210.32.0/24 maxlen: 24
                          31.210.36.0/24 maxlen: 24
                          31.210.35.0/24 maxlen: 24
                          31.210.44.0/24 maxlen: 24
                          31.210.40.0/24 maxlen: 32
                          31.210.41.0/24 maxlen: 24
                          31.210.48.0/24 maxlen: 24
                          31.210.46.0/24 maxlen: 24
                          31.210.47.0/24 maxlen: 24
                          31.210.51.0/24 maxlen: 32
                          31.210.50.0/24 maxlen: 32
                          31.210.45.0/24 maxlen: 32
                          31.210.49.0/24 maxlen: 24
                          31.210.58.0/24 maxlen: 24
                          31.210.57.0/24 maxlen: 24
                          31.210.56.0/24 maxlen: 24
                          31.210.59.0/24 maxlen: 24
                          31.210.61.0/24 maxlen: 32
                          78.135.98.0/24 maxlen: 24
                          78.135.103.0/24 maxlen: 24
                          78.135.99.0/24 maxlen: 32
                          78.135.108.0/24 maxlen: 32
                          78.135.113.0/24 maxlen: 32
                          78.135.116.0/24 maxlen: 24
                          78.135.115.0/24 maxlen: 24
                          78.135.114.0/24 maxlen: 32
                          212.68.32.0/24 maxlen: 32
                          212.68.37.0/24 maxlen: 32
                          212.68.33.0/24 maxlen: 32
                          212.68.38.0/24 maxlen: 24
                          212.68.36.0/24 maxlen: 32
                          212.68.41.0/24 maxlen: 32
                          212.68.40.0/24 maxlen: 32
                          212.68.43.0/24 maxlen: 32
                          212.68.44.0/24 maxlen: 24
                          212.68.42.0/24 maxlen: 32
                          212.68.39.0/24 maxlen: 24
                          212.68.45.0/24 maxlen: 32
                          212.68.46.0/24 maxlen: 32
                          212.68.49.0/24 maxlen: 24
                          212.68.48.0/24 maxlen: 24
                          212.68.50.0/24 maxlen: 32
                          212.68.51.0/24 maxlen: 24
                          78.135.79.0/24 maxlen: 24
                          2a02:26b0:8001::/48 maxlen: 48
                          2a02:26b0::/32 maxlen: 32
                          2a02:26b0:8000::/48 maxlen: 48

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:85:6b:c1:14:fc:f8:e9:c0:c0:a5:07:f5:3b:17:05:f3:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e4a2b8e90d157ea022f8e700024a93dc356a514d
        Validity
            Not Before: Jan  1 05:14:53 2023 GMT
            Not After : Jul  1 00:00:00 2024 GMT
        Subject: CN=43f57b65dbe010305ef8d53c0b078c846e7a62dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:2b:19:f3:cd:ef:93:c6:36:16:e1:f1:5a:1a:
                    14:25:54:2a:63:7a:7e:0d:6e:82:4b:7c:4f:fd:51:
                    3c:9e:91:8f:ff:8e:bf:6a:b6:69:b7:f1:6d:c8:68:
                    85:20:2d:2d:30:52:5f:0b:e9:c7:12:47:5f:54:1e:
                    a5:a9:c6:f4:5c:00:51:52:34:03:e2:73:05:3d:05:
                    51:52:e3:d4:bd:36:ed:00:52:e9:24:69:fc:c2:82:
                    08:74:f8:8f:0e:69:58:06:f6:4e:20:a0:e3:ad:73:
                    20:3d:ac:b0:97:d9:ae:a9:7c:52:70:be:49:0d:e3:
                    29:a0:6a:cc:35:ff:c5:c9:91:ae:04:f8:4f:e7:15:
                    d0:a7:b1:7b:00:d2:99:7b:4a:a4:ac:8a:b4:14:9f:
                    42:f5:6f:70:b0:6f:18:42:2a:32:b9:ac:20:a2:41:
                    a1:bb:49:e5:8a:92:66:45:72:21:aa:27:ef:c0:59:
                    e3:7a:ef:ec:80:59:d2:7b:f9:e5:cc:f3:09:66:1e:
                    87:5e:8a:66:e8:ab:c4:d9:d5:bf:04:9e:a3:7f:83:
                    03:eb:62:36:bb:3f:cb:b2:c4:a3:a4:7e:02:e6:ee:
                    77:b8:b4:8a:4c:4c:05:c3:61:94:5a:9f:d3:34:46:
                    5a:bd:3c:12:54:cf:b8:03:72:fd:ef:fe:0b:f1:da:
                    c6:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                43:F5:7B:65:DB:E0:10:30:5E:F8:D5:3C:0B:07:8C:84:6E:7A:62:DD
            X509v3 Authority Key Identifier:
                keyid:E4:A2:B8:E9:0D:15:7E:A0:22:F8:E7:00:02:4A:93:DC:35:6A:51:4D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5KK46Q0VfqAi-OcAAkqT3DVqUU0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/Q_V7ZdvgEDBe-NU8CweMhG56Yt0.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/97/699e85-1027-4c7e-8ae7-df4a2e760ccb/1/5KK46Q0VfqAi-OcAAkqT3DVqUU0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.210.32.0/23
                  31.210.35.0-31.210.36.255
                  31.210.40.0/23
                  31.210.44.0-31.210.51.255
                  31.210.56.0/22
                  31.210.61.0/24
                  77.92.128.0-77.92.144.255
                  77.92.146.0/24
                  77.92.148.0/23
                  77.92.155.0-77.92.159.255
                  78.135.79.0/24
                  78.135.98.0/23
                  78.135.103.0/24
                  78.135.108.0/24
                  78.135.113.0-78.135.116.255
                  188.132.134.0/23
                  188.132.142.0/24
                  188.132.147.0-188.132.148.255
                  188.132.153.0/24
                  188.132.157.0-188.132.158.255
                  188.132.172.0/24
                  188.132.175.0-188.132.177.255
                  188.132.180.0/24
                  188.132.183.0-188.132.184.255
                  188.132.190.0/24
                  188.132.194.0/23
                  188.132.200.0/24
                  188.132.204.0-188.132.208.255
                  188.132.210.0-188.132.220.255
                  188.132.223.0-188.132.235.255
                  188.132.239.0/24
                  188.132.241.0-188.132.246.255
                  188.132.250.0-188.132.255.255
                  212.68.32.0/23
                  212.68.36.0-212.68.46.255
                  212.68.48.0/22
                  212.68.55.0-212.68.57.255
                  212.68.61.0/24
                IPv6:
                  2a02:26b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         37:82:29:7c:b8:b3:e8:f3:bf:3f:14:38:53:62:53:0a:6e:0f:
         03:8c:6e:85:03:35:4b:f9:bc:76:5b:ec:1b:92:38:62:ef:4f:
         4b:51:09:f6:79:51:93:4a:e2:f0:3d:a8:3f:3a:f3:91:03:a5:
         7a:95:df:e9:a6:1d:76:fc:3a:c8:3b:8e:87:bd:0a:02:39:45:
         53:f2:94:81:47:8b:1c:96:89:b1:3a:b5:75:ba:d7:86:6b:f4:
         75:ae:41:9c:92:f8:28:0f:bb:b2:23:ae:e6:2e:e9:32:66:19:
         e4:9e:4d:3d:c0:c9:4c:3e:db:6e:6d:5a:70:3b:27:a3:8c:33:
         3c:14:fa:74:96:90:cf:c9:6a:5f:1a:1b:2f:59:34:41:0f:34:
         1e:5f:67:3d:19:10:7a:f0:31:41:44:ad:76:5c:56:80:df:a6:
         d5:cc:ed:a3:fd:6a:2d:17:92:67:d9:4e:86:0f:c4:94:2d:ca:
         f0:0a:b0:3a:d6:37:fe:b4:9d:43:3c:2e:fb:80:67:d4:d2:a9:
         71:15:ce:7e:de:a4:53:8e:a3:c0:32:9a:75:14:69:3b:c6:27:
         7f:06:35:f8:65:9a:b6:d8:8d:d7:46:aa:dc:4a:1c:e5:71:6a:
         46:7f:06:da:9c:1e:2d:bd:f7:54:f9:e8:66:50:78:db:5c:51:
         8a:22:e2:ce
-----BEGIN CERTIFICATE-----
MIIGczCCBVugAwIBAgISAYVrwRT8+OnAwKUH9TsXBfPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YTJiOGU5MGQxNTdlYTAyMmY4ZTcwMDAyNGE5M2RjMzU2
YTUxNGQwHhcNMjMwMTAxMDUxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2Y1N2I2NWRiZTAxMDMwNWVmOGQ1M2MwYjA3OGM4NDZlN2E2MmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArysZ883vk8Y2FuHxWhoUJVQqY3p+
DW6CS3xP/VE8npGP/46/arZpt/FtyGiFIC0tMFJfC+nHEkdfVB6lqcb0XABRUjQD
4nMFPQVRUuPUvTbtAFLpJGn8woIIdPiPDmlYBvZOIKDjrXMgPaywl9muqXxScL5J
DeMpoGrMNf/FyZGuBPhP5xXQp7F7ANKZe0qkrIq0FJ9C9W9wsG8YQioyuawgokGh
u0nlipJmRXIhqifvwFnjeu/sgFnSe/nlzPMJZh6HXopm6KvE2dW/BJ6jf4MD62I2
uz/LssSjpH4C5u53uLSKTEwFw2GUWp/TNEZavTwSVM+4A3L97/4L8drGhwIDAQAB
o4IDfzCCA3swHQYDVR0OBBYEFEP1e2Xb4BAwXvjVPAsHjIRuemLdMB8GA1UdIwQY
MBaAFOSiuOkNFX6gIvjnAAJKk9w1alFNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTct
ZGY0YTJlNzYwY2NiLzEvUV9WN1pkdmdFREJlLU5VOEN3ZU1oRzU2WXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny82OTllODUtMTAyNy00YzdlLThhZTctZGY0YTJlNzYwY2Ni
LzEvNUtLNDZRMFZmcUFpLU9jQUFrcVQzRFZxVVUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkwYIKwYBBQUHAQcBAf8EggGCMIIBfjCCAWsEAgABMIIB
YwMEAR/SIDAMAwQAH9IjAwQAH9IkAwQBH9IoMAwDBAIf0iwDBAIf0jADBAIf0jgD
BAAf0j0wDAMEB01cgAMEAE1ckAMEAE1ckgMEAU1clDAMAwQATVybAwQFTVyAAwQA
TodPAwQBTodiAwQATodnAwQATodsMAwDBABOh3EDBABOh3QDBAG8hIYDBAC8hI4w
DAMEALyEkwMEALyElAMEALyEmTAMAwQAvISdAwQAvISeAwQAvISsMAwDBAC8hK8D
BAG8hLADBAC8hLQwDAMEALyEtwMEALyEuAMEALyEvgMEAbyEwgMEALyEyDAMAwQC
vITMAwQAvITQMAwDBAG8hNIDBAC8hNwwDAMEALyE3wMEAryE6AMEALyE7zAMAwQA
vITxAwQAvIT2MAsDBAG8hPoDAwC8hAMEAdREIDAMAwQC1EQkAwQA1EQuAwQC1EQw
MAwDBADURDcDBAHURDgDBADURD0wDQQCAAIwBwMFACoCJrAwDQYJKoZIhvcNAQEL
BQADggEBADeCKXy4s+jzvz8UOFNiUwpuDwOMboUDNUv5vHZb7BuSOGLvT0tRCfZ5
UZNK4vA9qD8685EDpXqV3+mmHXb8Osg7joe9CgI5RVPylIFHixyWibE6tXW614Zr
9HWuQZyS+CgPu7IjruYu6TJmGeSeTT3AyUw+225tWnA7J6OMMzwU+nSWkM/Jal8a
Gy9ZNEEPNB5fZz0ZEHrwMUFErXZcVoDfptXM7aP9ai0XkmfZToYPxJQtyvAKsDrW
N/60nUM8LvuAZ9TSqXEVzn7epFOOo8AymnUUaTvGJ38GNfhlmrbYjddGqtxKHOVx
akZ/BtqcHi2991T56GZQeNtcUYoi4s4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:01 2024 by rpki-client on console-fra.rpki-client.org