Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/E18EB1E041FE11EDB462961CC4F9AE02.roa
File:                     E18EB1E041FE11EDB462961CC4F9AE02.roa (raw, json)
Hash identifier:          8fe8LP4gW3bJBjSf+fhDSB/BGSiRjywm52BgPgoeHvs=
Subject key identifier:   8C:F8:11:9C:98:44:AD:2F:AC:2F:A1:23:F4:93:B1:15:70:51:8D:C4
Certificate issuer:       /CN=A919456E/serialNumber=B04B7FB20E25D6D7587F26FD757274B9D3EE3E95
Certificate serial:       0131
Authority key identifier: B0:4B:7F:B2:0E:25:D6:D7:58:7F:26:FD:75:72:74:B9:D3:EE:3E:95
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sEt_sg4l1tdYfyb9dXJ0udPuPpU.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/E18EB1E041FE11EDB462961CC4F9AE02.roa
Signing time:             Sun 02 Oct 2022 03:04:08 +0000
ROA not before:           Sun 02 Oct 2022 03:04:08 +0000
ROA not after:            Fri 31 Mar 2023 00:00:00 +0000
asID:                     137278
IP address blocks:        103.106.187.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 305 (0x131)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919456E/serialNumber=B04B7FB20E25D6D7587F26FD757274B9D3EE3E95
        Validity
            Not Before: Oct  2 03:04:08 2022 GMT
            Not After : Mar 31 00:00:00 2023 GMT
        Subject: CN=6338ffa8-5530
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:69:8a:a1:de:48:2e:e1:a1:0a:5e:30:22:61:
                    ef:d9:61:03:02:51:ac:1e:d5:14:3e:c2:e8:ff:e9:
                    7e:d9:81:77:ac:2e:d3:ed:ee:1e:9f:bd:4c:31:87:
                    f1:47:58:15:50:86:4f:db:59:be:1d:52:f1:e2:24:
                    14:2a:86:62:a3:bf:e4:00:b4:ee:d0:dd:1a:02:b7:
                    7a:7c:e3:55:bd:f3:22:4b:61:03:b6:2c:7c:e5:49:
                    9c:4e:45:9b:7f:93:a5:18:d1:33:74:8d:9e:c4:0b:
                    90:b0:d9:88:28:d1:a8:ed:d7:02:eb:3b:5f:a6:21:
                    54:00:b8:61:36:58:10:74:6e:9b:c6:cd:05:9b:82:
                    87:5a:da:3a:91:3a:59:40:1d:ed:12:08:32:b5:11:
                    e6:98:36:20:74:51:72:98:f9:c4:64:32:2e:71:3c:
                    05:3c:31:73:7d:26:7e:a7:10:ac:e0:fa:16:89:ef:
                    2c:55:9e:b6:10:48:f6:9f:39:a9:97:3e:88:31:21:
                    c6:4b:a1:79:a2:4a:dd:3a:fe:a4:b0:0f:16:fd:4e:
                    65:45:7d:2c:02:4f:cf:00:1b:6f:9b:58:90:4e:70:
                    f6:d0:29:21:98:8b:02:e4:34:d1:96:02:77:f8:d4:
                    1f:47:63:8f:b4:b5:82:93:1e:2d:5e:0a:b7:b2:31:
                    3c:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:F8:11:9C:98:44:AD:2F:AC:2F:A1:23:F4:93:B1:15:70:51:8D:C4
            X509v3 Authority Key Identifier:
                keyid:B0:4B:7F:B2:0E:25:D6:D7:58:7F:26:FD:75:72:74:B9:D3:EE:3E:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/sEt_sg4l1tdYfyb9dXJ0udPuPpU.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/sEt_sg4l1tdYfyb9dXJ0udPuPpU.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919456E/6FC329CCCB6811EC8A3F4582C4F9AE02/E18EB1E041FE11EDB462961CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.106.187.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a3:b8:e2:d5:49:11:20:5e:b3:2f:f3:f6:23:4c:0a:36:df:46:
         92:96:d4:92:f5:32:3d:04:96:cd:a8:94:a9:1c:93:45:21:d0:
         0c:2e:9f:e9:b8:89:db:32:d3:29:08:6c:ea:5e:53:e5:52:05:
         fb:ba:36:99:7e:91:e2:0c:58:7d:1a:60:22:54:e7:6b:75:56:
         e2:98:fd:89:22:b8:ca:e9:33:25:72:82:02:c2:46:41:0d:57:
         a9:1c:b1:da:b0:fa:a4:a0:1f:44:91:12:9e:c9:6e:a6:5e:62:
         7b:2b:94:75:4d:a9:a5:36:85:24:87:11:fb:66:5b:e2:7b:79:
         e4:fd:3c:05:c8:cb:9b:50:ef:82:52:10:82:65:64:fb:1a:2b:
         f6:93:99:f0:d6:3c:7d:3b:e7:e3:ed:11:fb:a8:b1:5e:f4:c4:
         a1:02:16:06:c4:9c:1f:f0:2b:72:82:d0:38:01:0c:a6:5c:0e:
         54:81:f0:13:83:ce:49:ca:36:6d:60:b9:18:c1:60:6d:f7:9d:
         d3:96:06:7f:a2:23:5c:88:b7:94:d6:dd:ce:06:2a:af:c5:2d:
         53:b9:e8:27:d6:37:09:c3:97:3f:4c:ae:35:7d:d0:17:ab:f2:
         bf:91:f7:ba:da:f3:c1:98:a2:86:70:74:d8:be:e8:a6:fa:b3:
         6d:ac:d4:5c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICATEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTQ1NkUxMTAvBgNVBAUTKEIwNEI3RkIyMEUyNUQ2RDc1ODdGMjZGRDc1NzI3NEI5
RDNFRTNFOTUwHhcNMjIxMDAyMDMwNDA4WhcNMjMwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzM4ZmZhOC01NTMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuGmKod5ILuGhCl4wImHv2WEDAlGsHtUUPsLo/+l+2YF3rC7T7e4en71MMYfx
R1gVUIZP21m+HVLx4iQUKoZio7/kALTu0N0aArd6fONVvfMiS2EDtix85UmcTkWb
f5OlGNEzdI2exAuQsNmIKNGo7dcC6ztfpiFUALhhNlgQdG6bxs0Fm4KHWto6kTpZ
QB3tEggytRHmmDYgdFFymPnEZDIucTwFPDFzfSZ+pxCs4PoWie8sVZ62EEj2nzmp
lz6IMSHGS6F5okrdOv6ksA8W/U5lRX0sAk/PABtvm1iQTnD20CkhmIsC5DTRlgJ3
+NQfR2OPtLWCkx4tXgq3sjE8zwIDAQABo4IClTCCApEwHQYDVR0OBBYEFIz4EZyY
RK0vrC+hI/STsRVwUY3EMB8GA1UdIwQYMBaAFLBLf7IOJdbXWH8m/XVydLnT7j6V
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDU2RS82RkMzMjlDQ0NC
NjgxMUVDOEEzRjQ1ODJDNEY5QUUwMi9zRXRfc2c0bDF0ZFlmeWI5ZFhKMHVkUHVQ
cFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3NFdF9zZzRsMXRkWWZ5YjlkWEowdWRQdVBwVS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTQ1NkUvNkZDMzI5Q0NDQjY4MTFFQzhBM0Y0NTgyQzRGOUFFMDIvRTE4RUIxRTA0
MUZFMTFFREI0NjI5NjFDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnarswDQYJKoZIhvcNAQELBQADggEBAKO44tVJESBesy/z
9iNMCjbfRpKW1JL1Mj0Els2olKkck0Uh0Awun+m4idsy0ykIbOpeU+VSBfu6Npl+
keIMWH0aYCJU52t1VuKY/YkiuMrpMyVyggLCRkENV6kcsdqw+qSgH0SREp7JbqZe
YnsrlHVNqaU2hSSHEftmW+J7eeT9PAXIy5tQ74JSEIJlZPsaK/aTmfDWPH075+Pt
EfuosV70xKECFgbEnB/wK3KC0DgBDKZcDlSB8BODzknKNm1guRjBYG33ndOWBn+i
I1yIt5TW3c4GKq/FLVO56CfWNwnDlz9MrjV90Ber8r+R97ra88GYooZwdNi+6Kb6
s22s1Fw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:05:47 2024 by rpki-client on console-ams.rpki-client.org