Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_mxSRL8WMWQ4LeP6nZaQGbBLdrc.roa
File:                     _mxSRL8WMWQ4LeP6nZaQGbBLdrc.roa (raw, json)
Hash identifier:          +t5KXE7xV5BGEd3487/A6osRjAfSKFDRSt7coBiycPk=
Subject key identifier:   FE:6C:52:44:BF:16:31:64:38:2D:E3:FA:9D:96:90:19:B0:4B:76:B7
Certificate issuer:       /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial:       1A75FF06
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_mxSRL8WMWQ4LeP6nZaQGbBLdrc.roa
Signing time:             Mon 21 Feb 2022 19:00:14 +0000
ROA not before:           Mon 21 Feb 2022 19:00:14 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     60262
IP address blocks:        2a0f:2b40::/29 maxlen: 29
                          2a0f:fa80::/29 maxlen: 29
                          2a0f:c40::/29 maxlen: 29
                          2a0f:3640::/29 maxlen: 29
                          2a0f:1740::/29 maxlen: 29
                          2a0f:2240::/29 maxlen: 29
                          2a0f:2d40::/29 maxlen: 29
                          2a0f:e40::/29 maxlen: 29
                          2a0f:1940::/29 maxlen: 29
                          2a0f:f380::/29 maxlen: 29
                          2a0f:2f40::/29 maxlen: 29
                          2a0f:fe80::/29 maxlen: 29
                          2a0f:1040::/29 maxlen: 29
                          2a0f:15c0::/29 maxlen: 29
                          2a0f:35c0::/29 maxlen: 29
                          2a0f:16c0::/29 maxlen: 29
                          2a0f:21c0::/29 maxlen: 29
                          2a0f:f680::/29 maxlen: 29
                          2a0f:2cc0::/29 maxlen: 29
                          2a0f:dc0::/29 maxlen: 29
                          2a0f:18c0::/29 maxlen: 29
                          2a0f:2ec0::/29 maxlen: 29
                          2a0f:fc0::/29 maxlen: 29
                          2a0f:e480::/29 maxlen: 29
                          2a0f:1ac0::/29 maxlen: 29
                          2a0f:2040::/29 maxlen: 29
                          2a0f:1640::/29 maxlen: 29
                          2a0f:2140::/29 maxlen: 29
                          2a0f:2c40::/29 maxlen: 29
                          2a0f:240::/29 maxlen: 29
                          2a0f:fb80::/29 maxlen: 29
                          2a0f:12c0::/29 maxlen: 29
                          2a0f:d40::/29 maxlen: 29
                          2a0f:3740::/29 maxlen: 29
                          2a0f:1840::/29 maxlen: 29
                          2a0f:2e40::/29 maxlen: 29
                          2a0f:f40::/29 maxlen: 29
                          2a0f:1a40::/29 maxlen: 29
                          2a0f:1fc0::/29 maxlen: 29
                          2a0f:f480::/29 maxlen: 29
                          2a0f:2ac0::/29 maxlen: 29
                          2a0f:20c0::/29 maxlen: 29
                          2a0f:f580::/29 maxlen: 29
                          2a0f:1c0::/29 maxlen: 29
                          2a0f:2bc0::/29 maxlen: 29
                          2a0f:36c0::/29 maxlen: 29
                          2a0f:cc0::/29 maxlen: 29
                          2a0f:1240::/29 maxlen: 29
                          2a0f:17c0::/29 maxlen: 29
                          2a0f:f780::/29 maxlen: 29
                          2a0f:2dc0::/29 maxlen: 29
                          2a0f:e380::/29 maxlen: 29
                          2a0f:19c0::/29 maxlen: 29
                          2a0f:f980::/29 maxlen: 29
                          2a0f:3540::/29 maxlen: 29

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 443940614 (0x1a75ff06)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
        Validity
            Not Before: Feb 21 19:00:14 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=fe6c5244bf163164382de3fa9d969019b04b76b7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:cc:30:4c:68:6f:23:6b:d2:ca:ea:24:fe:fa:
                    d4:42:7d:fb:0c:ab:66:fe:cc:97:ab:c6:99:e8:0f:
                    a0:bb:b1:69:de:2c:75:98:04:72:71:05:a1:5c:62:
                    8b:db:4f:2d:fa:d3:1d:35:50:e9:15:d7:a4:5d:b3:
                    e1:51:6f:2a:99:8a:08:09:9d:19:a0:5d:6c:46:80:
                    49:f8:62:c9:40:7b:d0:1d:8b:a9:b2:6a:ca:a5:ee:
                    fc:76:17:96:fa:6c:b7:7c:5a:34:2c:47:30:26:54:
                    e4:6f:27:4c:88:ab:c5:7e:7f:75:74:f5:ed:b9:fd:
                    5e:43:df:6a:6a:8b:73:57:e8:21:b5:5e:61:dd:84:
                    95:c7:bd:7d:92:74:7f:b2:ad:12:b0:ad:d8:b9:a0:
                    05:c6:07:5b:78:b4:f3:42:8f:bd:24:1f:47:e3:5f:
                    aa:72:33:97:fc:23:25:69:ec:5d:12:7d:27:0b:29:
                    55:73:eb:60:9e:36:6f:68:f4:78:a2:9e:78:1e:9b:
                    37:b9:b2:32:d4:1f:be:da:9c:09:a8:41:54:1f:33:
                    16:06:32:f1:ab:f6:b4:51:c9:ca:9e:3a:ba:87:75:
                    dd:28:6b:37:27:ed:5f:38:f3:94:b5:d9:a0:3a:fa:
                    44:3f:dd:62:36:16:2f:d8:1d:3e:cc:bf:cb:d2:82:
                    bd:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:6C:52:44:BF:16:31:64:38:2D:E3:FA:9D:96:90:19:B0:4B:76:B7
            X509v3 Authority Key Identifier:
                keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/_mxSRL8WMWQ4LeP6nZaQGbBLdrc.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:1c0::/29
                  2a0f:240::/29
                  2a0f:c40::/29
                  2a0f:cc0::/29
                  2a0f:d40::/29
                  2a0f:dc0::/29
                  2a0f:e40::/29
                  2a0f:f40::/29
                  2a0f:fc0::/29
                  2a0f:1040::/29
                  2a0f:1240::/29
                  2a0f:12c0::/29
                  2a0f:15c0::/29
                  2a0f:1640::/29
                  2a0f:16c0::/29
                  2a0f:1740::/29
                  2a0f:17c0::/29
                  2a0f:1840::/29
                  2a0f:18c0::/29
                  2a0f:1940::/29
                  2a0f:19c0::/29
                  2a0f:1a40::/29
                  2a0f:1ac0::/29
                  2a0f:1fc0::/29
                  2a0f:2040::/29
                  2a0f:20c0::/29
                  2a0f:2140::/29
                  2a0f:21c0::/29
                  2a0f:2240::/29
                  2a0f:2ac0::/29
                  2a0f:2b40::/29
                  2a0f:2bc0::/29
                  2a0f:2c40::/29
                  2a0f:2cc0::/29
                  2a0f:2d40::/29
                  2a0f:2dc0::/29
                  2a0f:2e40::/29
                  2a0f:2ec0::/29
                  2a0f:2f40::/29
                  2a0f:3540::/29
                  2a0f:35c0::/29
                  2a0f:3640::/29
                  2a0f:36c0::/29
                  2a0f:3740::/29
                  2a0f:e380::/29
                  2a0f:e480::/29
                  2a0f:f380::/29
                  2a0f:f480::/29
                  2a0f:f580::/29
                  2a0f:f680::/29
                  2a0f:f780::/29
                  2a0f:f980::/29
                  2a0f:fa80::/29
                  2a0f:fb80::/29
                  2a0f:fe80::/29

    Signature Algorithm: sha256WithRSAEncryption
         64:07:82:0d:b6:2f:b0:d2:2a:96:c6:f6:c1:cb:c1:4b:bd:f2:
         c6:a1:0c:97:5b:6f:b1:88:65:8c:87:1f:ce:db:3a:ce:21:17:
         6b:e8:d8:dd:7a:0d:63:da:7c:c7:64:21:6c:8a:c3:a5:8b:8e:
         72:c3:0d:1d:76:8c:cf:f1:ee:22:94:f7:db:e9:b3:4b:2c:95:
         83:8a:da:09:54:01:ea:1d:80:eb:fc:ab:26:e8:47:a7:0e:a7:
         78:61:38:34:1f:40:fd:60:30:6b:c9:81:3a:ee:69:32:15:5f:
         18:65:df:88:16:70:a2:a8:c7:ab:f6:25:68:0f:56:67:cb:a1:
         e0:5b:00:e0:c2:62:4f:b5:a9:b9:a3:4a:0a:1d:89:0e:0f:25:
         ac:cd:af:74:3f:7b:ba:81:1f:ec:7d:e0:f4:5a:77:e6:5e:28:
         83:42:2c:ac:27:ec:05:26:39:16:2d:2b:09:e5:fb:93:2e:2b:
         da:0b:8d:14:85:82:18:80:82:58:9a:64:f3:1a:6c:03:c4:6e:
         24:1a:a9:f6:a7:71:c6:2a:b4:60:50:aa:9f:75:20:9c:33:38:
         a5:c6:e1:91:2a:18:83:25:b2:da:fa:c7:b5:8e:06:83:84:45:
         b8:c5:cb:82:c5:9d:8d:84:45:c4:36:48:be:f8:54:ae:0c:11:
         b3:14:1c:e9
-----BEGIN CERTIFICATE-----
MIIGdDCCBVygAwIBAgIEGnX/BjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MTU1MDA5YzNkZTQyMWNjNGU2N2I5YTlhZTQyM2JiMzVkZTBiOTI2MB4XDTIyMDIy
MTE5MDAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmU2YzUyNDRiZjE2
MzE2NDM4MmRlM2ZhOWQ5NjkwMTliMDRiNzZiNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMHMMExobyNr0srqJP761EJ9+wyrZv7Ml6vGmegPoLuxad4s
dZgEcnEFoVxii9tPLfrTHTVQ6RXXpF2z4VFvKpmKCAmdGaBdbEaASfhiyUB70B2L
qbJqyqXu/HYXlvpst3xaNCxHMCZU5G8nTIirxX5/dXT17bn9XkPfamqLc1foIbVe
Yd2Elce9fZJ0f7KtErCt2LmgBcYHW3i080KPvSQfR+NfqnIzl/wjJWnsXRJ9Jwsp
VXPrYJ42b2j0eKKeeB6bN7myMtQfvtqcCahBVB8zFgYy8av2tFHJyp46uod13Shr
NyftXzjzlLXZoDr6RD/dYjYWL9gdPsy/y9KCvW8CAwEAAaOCA44wggOKMB0GA1Ud
DgQWBBT+bFJEvxYxZDgt4/qdlpAZsEt2tzAfBgNVHSMEGDAWgBSxVQCcPeQhzE5n
uamuQjuzXeC5JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NWVUFuRDNrSWN4T1o3bXBya0k3czEzZ3VTWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8x
L19teFNSTDhXTVdRNExlUDZuWmFRR2JCTGRyYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
ZGU5MDJjLTNkMTMtNDdkMS1hNWU2LTczODU2YWY0OWYzZS8xL3NWVUFuRDNrSWN4
T1o3bXBya0k3czEzZ3VTWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AaIGCCsGAQUFBwEHAQH/BIIBkTCCAY0wggGJBAIAAjCCAYEDBQMqDwHAAwUDKg8C
QAMFAyoPDEADBQMqDwzAAwUDKg8NQAMFAyoPDcADBQMqDw5AAwUDKg8PQAMFAyoP
D8ADBQMqDxBAAwUDKg8SQAMFAyoPEsADBQMqDxXAAwUDKg8WQAMFAyoPFsADBQMq
DxdAAwUDKg8XwAMFAyoPGEADBQMqDxjAAwUDKg8ZQAMFAyoPGcADBQMqDxpAAwUD
Kg8awAMFAyoPH8ADBQMqDyBAAwUDKg8gwAMFAyoPIUADBQMqDyHAAwUDKg8iQAMF
AyoPKsADBQMqDytAAwUDKg8rwAMFAyoPLEADBQMqDyzAAwUDKg8tQAMFAyoPLcAD
BQMqDy5AAwUDKg8uwAMFAyoPL0ADBQMqDzVAAwUDKg81wAMFAyoPNkADBQMqDzbA
AwUDKg83QAMFAyoP44ADBQMqD+SAAwUDKg/zgAMFAyoP9IADBQMqD/WAAwUDKg/2
gAMFAyoP94ADBQMqD/mAAwUDKg/6gAMFAyoP+4ADBQMqD/6AMA0GCSqGSIb3DQEB
CwUAA4IBAQBkB4INti+w0iqWxvbBy8FLvfLGoQyXW2+xiGWMhx/O2zrOIRdr6Njd
eg1j2nzHZCFsisOli45yww0ddozP8e4ilPfb6bNLLJWDitoJVAHqHYDr/Ksm6Een
Dqd4YTg0H0D9YDBryYE67mkyFV8YZd+IFnCiqMer9iVoD1Zny6HgWwDgwmJPtam5
o0oKHYkODyWsza90P3u6gR/sfeD0WnfmXiiDQiysJ+wFJjkWLSsJ5fuTLivaC40U
hYIYgIJYmmTzGmwDxG4kGqn2p3HGKrRgUKqfdSCcMzilxuGRKhiDJbLa+se1jgaD
hEW4xcuCxZ2NhEXENki++FSuDBGzFBzp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:35:51 2024 by rpki-client on console-ams.rpki-client.org