Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/62AF999AA60C11EC996C8B40C4F9AE02.roa
File:                     62AF999AA60C11EC996C8B40C4F9AE02.roa (raw, json)
Hash identifier:          CdN/txg73KHT0snmSKQeeqFpFE8BkzpglqxOty1ZW64=
Subject key identifier:   3F:88:C6:0B:A8:61:35:0F:CE:CA:76:C3:B1:B3:F0:7A:0B:B9:64:EB
Certificate issuer:       /CN=A915059B/serialNumber=CA877333B712345F05D2DC6706572E1CB6211778
Certificate serial:       0523
Authority key identifier: CA:87:73:33:B7:12:34:5F:05:D2:DC:67:06:57:2E:1C:B6:21:17:78
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yodzM7cSNF8F0txnBlcuHLYhF3g.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/62AF999AA60C11EC996C8B40C4F9AE02.roa
Signing time:             Thu 19 May 2022 08:45:27 +0000
ROA not before:           Thu 19 May 2022 08:45:27 +0000
ROA not after:            Sun 28 May 2023 00:00:00 +0000
asID:                     64052
IP address blocks:        137.59.5.0/24 maxlen: 24

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1315 (0x523)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915059B/serialNumber=CA877333B712345F05D2DC6706572E1CB6211778
        Validity
            Not Before: May 19 08:45:27 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=628603a7-b0cc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c3:69:26:42:ec:f7:89:e0:21:c0:70:fe:bc:
                    ad:b2:96:0b:a1:cb:df:5f:e7:e9:90:6b:29:ff:b3:
                    8a:0d:ca:88:fd:36:6b:8b:85:d2:12:82:76:09:aa:
                    82:a8:73:85:f1:88:a2:bb:07:5d:9c:70:75:21:bb:
                    93:76:d8:7f:38:16:91:d3:43:93:68:fa:d6:a1:33:
                    1a:2f:bc:e3:ff:2d:b4:f4:7b:81:8a:44:10:d7:06:
                    33:cf:48:b9:08:65:ef:f2:b6:b0:a3:e5:a9:da:ab:
                    48:8b:ab:9f:05:79:45:95:a2:4a:69:ed:4c:41:31:
                    2c:e7:cf:3d:58:f0:a8:db:a2:8e:78:52:4d:3a:e6:
                    a8:41:95:54:30:4a:aa:68:87:d4:95:92:fd:e6:86:
                    78:00:d1:cd:6e:de:c9:8b:71:ca:e4:82:e7:a0:31:
                    f7:d9:e8:62:f2:de:f2:bb:ad:5d:3f:7a:65:80:1d:
                    09:76:bd:26:b4:11:1e:b3:0a:f0:e4:73:e6:33:b1:
                    e5:78:bf:f7:44:a6:63:a0:73:7b:1b:36:b1:bb:dd:
                    24:54:c5:88:48:19:c7:bd:ac:ef:b1:df:25:99:98:
                    93:8e:84:bb:5d:f4:37:23:7f:3e:c1:a0:28:67:48:
                    43:41:39:52:af:a4:23:44:93:7d:27:69:1d:ce:f3:
                    92:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:88:C6:0B:A8:61:35:0F:CE:CA:76:C3:B1:B3:F0:7A:0B:B9:64:EB
            X509v3 Authority Key Identifier:
                keyid:CA:87:73:33:B7:12:34:5F:05:D2:DC:67:06:57:2E:1C:B6:21:17:78

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/yodzM7cSNF8F0txnBlcuHLYhF3g.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yodzM7cSNF8F0txnBlcuHLYhF3g.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915059B/74FB42A8227311EA8A0F3822C4F9AE02/62AF999AA60C11EC996C8B40C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  137.59.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8a:52:b1:9d:a7:06:f2:37:fe:6b:fc:3b:82:f5:9f:af:a2:0b:
         ee:29:da:28:27:aa:53:2a:a6:2f:03:e3:8b:8e:47:2b:c2:68:
         0b:c3:10:64:1d:9c:d8:4f:8e:46:0b:f9:54:99:45:1c:b0:f1:
         76:c2:6b:ae:48:14:1f:a2:5b:42:f5:71:70:6f:38:82:b0:ff:
         1a:6b:2c:a3:89:2b:6b:ee:e6:58:3a:ef:01:c8:9b:d2:60:a4:
         11:90:7d:f3:e4:28:57:69:76:6c:00:24:0b:bd:8f:ab:56:f9:
         d8:1f:cb:7f:28:75:c8:f7:c5:00:03:ec:30:bd:32:7d:1a:3b:
         2f:ad:f7:2c:82:66:91:50:cd:34:29:39:45:25:e2:21:6d:d2:
         48:92:f8:1f:80:a7:ed:48:51:52:63:5f:61:08:6c:ac:50:67:
         ae:2c:5b:c1:35:38:c3:8b:19:21:9a:99:89:c4:34:fe:3d:7a:
         3e:f7:8e:a8:8e:a4:b9:fd:5e:54:e5:c4:66:f1:d8:68:ce:2d:
         8e:48:40:62:7d:d6:6c:a7:81:87:e0:f7:1f:15:0d:8b:61:ed:
         55:0b:7f:5a:43:db:2e:32:12:c9:2b:b1:a5:28:f7:9d:cd:db:
         60:cd:1f:13:4c:34:10:1a:a9:9e:f9:24:28:a7:b7:f5:f0:e5:
         fe:c7:d5:30
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBSMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTA1OUIxMTAvBgNVBAUTKENBODc3MzMzQjcxMjM0NUYwNUQyREM2NzA2NTcyRTFD
QjYyMTE3NzgwHhcNMjIwNTE5MDg0NTI3WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg2MDNhNy1iMGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0MNpJkLs94ngIcBw/rytspYLocvfX+fpkGsp/7OKDcqI/TZri4XSEoJ2CaqC
qHOF8YiiuwddnHB1IbuTdth/OBaR00OTaPrWoTMaL7zj/y209HuBikQQ1wYzz0i5
CGXv8rawo+Wp2qtIi6ufBXlFlaJKae1MQTEs5889WPCo26KOeFJNOuaoQZVUMEqq
aIfUlZL95oZ4ANHNbt7Ji3HK5ILnoDH32ehi8t7yu61dP3plgB0Jdr0mtBEeswrw
5HPmM7HleL/3RKZjoHN7Gzaxu90kVMWISBnHvazvsd8lmZiTjoS7XfQ3I38+waAo
Z0hDQTlSr6QjRJN9J2kdzvOS6wIDAQABo4IClTCCApEwHQYDVR0OBBYEFD+Ixguo
YTUPzsp2w7Gz8HoLuWTrMB8GA1UdIwQYMBaAFMqHczO3EjRfBdLcZwZXLhy2IRd4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDU5Qi83NEZCNDJBODIy
NzMxMUVBOEEwRjM4MjJDNEY5QUUwMi95b2R6TTdjU05GOEYwdHhuQmxjdUhMWWhG
M2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lvZHpNN2NTTkY4RjB0eG5CbGN1SExZaEYzZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTA1OUIvNzRGQjQyQTgyMjczMTFFQThBMEYzODIyQzRGOUFFMDIvNjJBRjk5OUFB
NjBDMTFFQzk5NkM4QjQwQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACJOwUwDQYJKoZIhvcNAQELBQADggEBAIpSsZ2nBvI3/mv8
O4L1n6+iC+4p2ignqlMqpi8D44uORyvCaAvDEGQdnNhPjkYL+VSZRRyw8XbCa65I
FB+iW0L1cXBvOIKw/xprLKOJK2vu5lg67wHIm9JgpBGQffPkKFdpdmwAJAu9j6tW
+dgfy38odcj3xQAD7DC9Mn0aOy+t9yyCZpFQzTQpOUUl4iFt0kiS+B+Ap+1IUVJj
X2EIbKxQZ64sW8E1OMOLGSGamYnENP49ej73jqiOpLn9XlTlxGbx2GjOLY5IQGJ9
1myngYfg9x8VDYth7VULf1pD2y4yEskrsaUo953N22DNHxNMNBAaqZ75JCint/Xw
5f7H1TA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org