Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e31362e302f32342d3234203d3e20383334.roa
File:                     39332e39322e31362e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier:          UlwuHbHIU4gBZIt0HA1KaKmOkq1oUWR29qCWt4BxPcc=
Subject key identifier:   4B:66:33:40:84:80:87:68:21:9A:60:F3:4F:17:18:98:BD:59:4B:82
Certificate issuer:       /CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
Certificate serial:       62047939B48C42C3028691CD151060AFDFED9DA8
Authority key identifier: D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e31362e302f32342d3234203d3e20383334.roa
Signing time:             Tue 25 Jul 2023 00:00:06 +0000
ROA not before:           Mon 24 Jul 2023 23:55:06 +0000
ROA not after:            Tue 23 Jul 2024 00:00:06 +0000
asID:                     834
IP address blocks:        93.92.16.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:04:79:39:b4:8c:42:c3:02:86:91:cd:15:10:60:af:df:ed:9d:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d01ba013bc1e6d86f0d6d58eafa54e27fada3444
        Validity
            Not Before: Jul 24 23:55:06 2023 GMT
            Not After : Jul 23 00:00:06 2024 GMT
        Subject: CN=4B66334084808768219A60F34F171898BD594B82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2f:58:f0:de:c8:5e:8e:84:39:18:7b:0e:7c:
                    fe:a0:42:0b:8c:fa:eb:41:71:5b:cc:b7:bf:e6:50:
                    09:e0:f6:c0:50:fe:53:75:13:10:04:e8:df:ca:cf:
                    52:1a:84:98:b8:a3:00:5c:3a:0b:fa:33:9f:be:e6:
                    76:3d:7a:ac:eb:00:d8:e8:1e:c4:15:20:c6:26:79:
                    e2:c9:bd:ef:af:4d:27:46:ed:7b:13:2d:7e:3b:02:
                    97:31:9e:33:17:bf:bc:48:a0:b0:f3:f3:ff:df:ee:
                    b7:9a:db:c1:d4:58:c2:b2:c8:6d:9b:6a:de:02:2f:
                    86:33:e8:7c:4b:60:34:c6:c9:db:d8:2d:a5:24:74:
                    b2:53:16:3a:e4:ec:3e:c2:6f:e9:26:6d:1f:2d:a0:
                    79:f0:9c:0c:0b:44:f4:93:6e:bb:7b:15:ec:44:47:
                    a3:a3:1c:de:ee:4e:47:1b:04:fd:ce:ec:c2:59:fa:
                    47:1e:96:d7:6e:a0:69:e6:4a:3e:01:64:3f:4f:2e:
                    bb:ee:09:c1:c1:b2:b8:de:81:aa:8e:87:56:ba:96:
                    32:e5:6b:0d:3b:98:c2:0c:ae:19:9d:ae:43:e1:56:
                    e3:45:76:c2:4c:90:b5:1b:34:35:5e:ca:66:16:ff:
                    62:0b:0e:9f:23:a2:1d:a6:6f:8f:61:2d:8e:e5:74:
                    ee:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:66:33:40:84:80:87:68:21:9A:60:F3:4F:17:18:98:BD:59:4B:82
            X509v3 Authority Key Identifier:
                keyid:D0:1B:A0:13:BC:1E:6D:86:F0:D6:D5:8E:AF:A5:4E:27:FA:DA:34:44

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/D01BA013BC1E6D86F0D6D58EAFA54E27FADA3444.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0BugE7webYbw1tWOr6VOJ_raNEQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a522a52f-6534-4165-a6a7-ef9f74ef9431/1/39332e39322e31362e302f32342d3234203d3e20383334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.92.16.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:54:29:62:5e:b5:b7:91:9c:bf:ce:36:74:df:7d:7c:2b:b8:
         07:5f:fc:65:4c:db:5b:31:fb:cd:d2:56:be:4b:4c:52:1a:ad:
         56:dc:2e:b6:1c:09:c9:2e:0a:b0:28:c2:bb:b6:06:ac:63:5e:
         35:01:f0:03:f0:ce:6f:e2:2f:8e:1d:cf:d9:71:8f:74:f3:19:
         bf:75:e9:e3:98:ca:6b:66:ca:ff:ef:fa:6e:0f:30:cd:72:26:
         07:c2:a0:d3:eb:73:7a:70:2f:a3:8f:1e:4d:8b:ca:10:45:05:
         31:c3:0f:2f:6a:7d:bf:f0:9f:5b:7e:b0:20:6b:33:4d:81:8b:
         82:6b:3b:80:1b:84:0b:17:b6:9c:ad:af:79:3e:ae:b2:45:78:
         53:29:40:83:5c:b6:6f:8f:a5:1f:92:3a:69:83:ce:84:1a:90:
         7c:a2:58:ae:95:f4:d2:84:d8:f3:a0:0a:a1:c4:46:51:35:10:
         06:ac:f9:09:d2:27:88:9b:4f:07:9a:93:63:b4:db:19:f6:8f:
         74:f8:a7:95:62:f6:a1:87:d0:38:5c:59:d8:92:af:88:39:77:
         2d:6d:63:51:ee:c4:51:28:72:66:a7:34:53:d2:c8:b5:ca:01:
         47:3e:36:c8:7f:ab:45:fa:32:1c:38:3b:72:91:c7:a2:0e:96:
         2e:74:56:c7
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIUYgR5ObSMQsMChpHNFRBgr9/tnagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZDAxYmEwMTNiYzFlNmQ4NmYwZDZkNThlYWZhNTRlMjdm
YWRhMzQ0NDAeFw0yMzA3MjQyMzU1MDZaFw0yNDA3MjMwMDAwMDZaMDMxMTAvBgNV
BAMTKDRCNjYzMzQwODQ4MDg3NjgyMTlBNjBGMzRGMTcxODk4QkQ1OTRCODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9L1jw3shejoQ5GHsOfP6gQguM
+utBcVvMt7/mUAng9sBQ/lN1ExAE6N/Kz1IahJi4owBcOgv6M5++5nY9eqzrANjo
HsQVIMYmeeLJve+vTSdG7XsTLX47ApcxnjMXv7xIoLDz8//f7rea28HUWMKyyG2b
at4CL4Yz6HxLYDTGydvYLaUkdLJTFjrk7D7Cb+kmbR8toHnwnAwLRPSTbrt7FexE
R6OjHN7uTkcbBP3O7MJZ+kceltduoGnmSj4BZD9PLrvuCcHBsrjegaqOh1a6ljLl
aw07mMIMrhmdrkPhVuNFdsJMkLUbNDVeymYW/2ILDp8joh2mb49hLY7ldO7rAgMB
AAGjggI1MIICMTAdBgNVHQ4EFgQUS2YzQISAh2ghmmDzTxcYmL1ZS4IwHwYDVR0j
BBgwFoAU0BugE7webYbw1tWOr6VOJ/raNEQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYtNjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5
NDMxLzEvRDAxQkEwMTNCQzFFNkQ4NkYwRDZENThFQUZBNTRFMjdGQURBMzQ0NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzBCdWdFN3dlYllidzF0V09yNlZPSl9y
YU5FUS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTUyMmE1MmYt
NjUzNC00MTY1LWE2YTctZWY5Zjc0ZWY5NDMxLzEvMzkzMzJlMzkzMjJlMzEzNjJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF1cEDANBgkq
hkiG9w0BAQsFAAOCAQEADlQpYl61t5Gcv842dN99fCu4B1/8ZUzbWzH7zdJWvktM
UhqtVtwuthwJyS4KsCjCu7YGrGNeNQHwA/DOb+Ivjh3P2XGPdPMZv3Xp45jKa2bK
/+/6bg8wzXImB8Kg0+tzenAvo48eTYvKEEUFMcMPL2p9v/CfW36wIGszTYGLgms7
gBuECxe2nK2veT6uskV4UylAg1y2b4+lH5I6aYPOhBqQfKJYrpX00oTY86AKocRG
UTUQBqz5CdIniJtPB5qTY7TbGfaPdPinlWL2oYfQOFxZ2JKviDl3LW1jUe7EUShy
Zqc0U9LItcoBRz42yH+rRfoyHDg7cpHHog6WLnRWxw==
Generated at Wed Sep 20 12:06:02 2023 by rpki-client on console-fra.rpki-client.org