Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/45E94CF4BEC911ECB678F70EC4F9AE02.roa
File:                     45E94CF4BEC911ECB678F70EC4F9AE02.roa (raw, json)
Hash identifier:          prmL3/nY5uD66Fzx2usEsqd91jNUWgPNhpwds18ThAY=
Subject key identifier:   53:CF:6A:2A:85:5C:AB:A4:39:7C:3F:A5:71:26:99:80:26:32:48:FF
Certificate issuer:       /CN=A9153457/serialNumber=6B0E42D8859E0B1CDE54157ACB8D7604AD3FF1B3
Certificate serial:       31FF
Authority key identifier: 6B:0E:42:D8:85:9E:0B:1C:DE:54:15:7A:CB:8D:76:04:AD:3F:F1:B3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aw5C2IWeCxzeVBV6y412BK0_8bM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/45E94CF4BEC911ECB678F70EC4F9AE02.roa
Signing time:             Mon 18 Apr 2022 03:40:21 +0000
ROA not before:           Mon 18 Apr 2022 03:40:21 +0000
ROA not after:            Sat 30 Jul 2022 00:00:00 +0000
asID:                     4795
IP address blocks:        182.30.0.0/16 maxlen: 16
                          182.30.2.0/23 maxlen: 23
                          182.30.6.0/23 maxlen: 23
                          182.30.12.0/24 maxlen: 24
                          182.30.17.0/24 maxlen: 24
                          182.30.24.0/24 maxlen: 24
                          182.30.25.0/24 maxlen: 24
                          182.30.32.0/22 maxlen: 22
                          182.30.36.0/22 maxlen: 22
                          182.30.40.0/22 maxlen: 22
                          182.30.44.0/22 maxlen: 22
                          182.30.48.0/20 maxlen: 20
                          182.30.64.0/20 maxlen: 20
                          182.30.80.0/20 maxlen: 20
                          182.30.96.0/20 maxlen: 20
                          182.30.112.0/20 maxlen: 20
                          182.30.128.0/20 maxlen: 20
                          182.30.144.0/20 maxlen: 20
                          182.30.160.0/20 maxlen: 20
                          182.30.176.0/20 maxlen: 20
                          182.30.192.0/20 maxlen: 20
                          182.30.208.0/20 maxlen: 20
                          182.30.224.0/22 maxlen: 24
                          182.30.240.0/20 maxlen: 20
                          182.30.248.0/21 maxlen: 21
                          182.30.248.0/23 maxlen: 23
                          182.30.250.0/23 maxlen: 23
                          202.155.0.0/17 maxlen: 17
                          202.155.0.0/22 maxlen: 22
                          202.155.0.0/24 maxlen: 24
                          202.155.2.0/23 maxlen: 24
                          202.155.4.0/23 maxlen: 23
                          202.155.5.0/24 maxlen: 24
                          202.155.6.0/24 maxlen: 24
                          202.155.7.0/24 maxlen: 24
                          202.155.8.0/24 maxlen: 24
                          202.155.9.0/24 maxlen: 24
                          202.155.10.0/23 maxlen: 23
                          202.155.12.0/22 maxlen: 22
                          202.155.12.0/23 maxlen: 23
                          202.155.14.0/24 maxlen: 24
                          202.155.15.0/24 maxlen: 24
                          202.155.16.0/23 maxlen: 23
                          202.155.18.0/24 maxlen: 24
                          202.155.19.0/24 maxlen: 24
                          202.155.20.0/22 maxlen: 22
                          202.155.22.0/24 maxlen: 24
                          202.155.24.0/23 maxlen: 23
                          202.155.25.0/24 maxlen: 24
                          202.155.26.0/23 maxlen: 23
                          202.155.26.0/24 maxlen: 24
                          202.155.28.0/23 maxlen: 23
                          202.155.30.0/23 maxlen: 23
                          202.155.32.0/23 maxlen: 23
                          202.155.32.0/24 maxlen: 24
                          202.155.34.0/23 maxlen: 23
                          202.155.36.0/23 maxlen: 23
                          202.155.37.0/24 maxlen: 24
                          202.155.38.0/23 maxlen: 23
                          202.155.40.0/22 maxlen: 22
                          202.155.40.0/23 maxlen: 23
                          202.155.43.0/24 maxlen: 24
                          202.155.44.0/22 maxlen: 22
                          202.155.44.0/23 maxlen: 23
                          202.155.48.0/20 maxlen: 20
                          202.155.48.0/24 maxlen: 24
                          202.155.49.0/24 maxlen: 24
                          202.155.50.0/23 maxlen: 24
                          202.155.52.0/23 maxlen: 23
                          202.155.54.0/23 maxlen: 23
                          202.155.54.0/24 maxlen: 24
                          202.155.56.0/24 maxlen: 24
                          202.155.57.0/24 maxlen: 24
                          202.155.58.0/24 maxlen: 24
                          202.155.59.0/24 maxlen: 24
                          202.155.60.0/23 maxlen: 23
                          202.155.62.0/23 maxlen: 23
                          202.155.65.0/24 maxlen: 24
                          202.155.66.0/23 maxlen: 23
                          202.155.68.0/23 maxlen: 23
                          202.155.69.0/24 maxlen: 24
                          202.155.70.0/23 maxlen: 23
                          202.155.70.0/24 maxlen: 24
                          202.155.72.0/22 maxlen: 23
                          202.155.76.0/23 maxlen: 23
                          202.155.78.0/23 maxlen: 23
                          202.155.78.0/24 maxlen: 24
                          202.155.79.0/24 maxlen: 24
                          202.155.80.0/23 maxlen: 23
                          202.155.82.0/23 maxlen: 23
                          202.155.84.0/24 maxlen: 24
                          202.155.85.0/24 maxlen: 24
                          202.155.86.0/24 maxlen: 24
                          202.155.87.0/24 maxlen: 24
                          202.155.88.0/23 maxlen: 23
                          202.155.88.0/24 maxlen: 24
                          202.155.90.0/24 maxlen: 24
                          202.155.91.0/24 maxlen: 24
                          202.155.92.0/24 maxlen: 24
                          202.155.93.0/24 maxlen: 24
                          202.155.94.0/23 maxlen: 23
                          202.155.96.0/23 maxlen: 23
                          202.155.98.0/23 maxlen: 23
                          202.155.98.0/24 maxlen: 24
                          202.155.100.0/23 maxlen: 23
                          202.155.100.0/24 maxlen: 24
                          202.155.102.0/24 maxlen: 24
                          202.155.103.0/24 maxlen: 24
                          202.155.104.0/23 maxlen: 23
                          202.155.106.0/23 maxlen: 23
                          202.155.108.0/23 maxlen: 23
                          202.155.110.0/23 maxlen: 23
                          202.155.112.0/23 maxlen: 24
                          202.155.114.0/23 maxlen: 23
                          202.155.114.0/24 maxlen: 24
                          202.155.115.0/24 maxlen: 24
                          202.155.116.0/23 maxlen: 23
                          202.155.118.0/23 maxlen: 23
                          202.155.118.0/24 maxlen: 24
                          202.155.120.0/21 maxlen: 21
                          202.155.120.0/23 maxlen: 23
                          202.155.122.0/23 maxlen: 23
                          202.155.124.0/23 maxlen: 23
                          202.155.124.0/24 maxlen: 24
                          202.155.126.0/24 maxlen: 24
                          202.155.127.0/24 maxlen: 24
                          202.155.128.0/19 maxlen: 21
                          202.155.128.0/24 maxlen: 24
                          202.155.130.0/24 maxlen: 24
                          202.155.133.0/24 maxlen: 24
                          202.155.134.0/24 maxlen: 24
                          202.155.136.0/24 maxlen: 24
                          202.155.137.0/24 maxlen: 24
                          202.155.138.0/24 maxlen: 24
                          202.155.139.0/24 maxlen: 24
                          202.155.140.0/22 maxlen: 22
                          202.155.140.0/23 maxlen: 23
                          202.155.140.0/24 maxlen: 24
                          202.155.142.0/24 maxlen: 24
                          202.155.143.0/24 maxlen: 24
                          202.155.146.0/23 maxlen: 23
                          202.155.147.0/24 maxlen: 24
                          202.155.148.0/23 maxlen: 23
                          202.155.148.0/24 maxlen: 24
                          202.155.150.0/23 maxlen: 24
                          202.155.152.0/22 maxlen: 22
                          202.155.152.0/24 maxlen: 24
                          202.155.155.0/24 maxlen: 24
                          202.155.156.0/24 maxlen: 24
                          202.155.157.0/24 maxlen: 24
                          202.155.158.0/23 maxlen: 23
                          202.155.158.0/24 maxlen: 24
                          2001:e00::/31 maxlen: 32
                          2001:e00:25::/49 maxlen: 49
                          2001:e00:26::/49 maxlen: 49
                          2001:e00:100:8000::/49 maxlen: 49
                          2001:e00:1005::/48 maxlen: 48
                          2001:e00:10e4:8400::/56 maxlen: 56

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12799 (0x31ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9153457/serialNumber=6B0E42D8859E0B1CDE54157ACB8D7604AD3FF1B3
        Validity
            Not Before: Apr 18 03:40:21 2022 GMT
            Not After : Jul 30 00:00:00 2022 GMT
        Subject: CN=625cdda5-72ef
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c3:44:64:8e:32:4d:57:d1:20:90:3f:9b:e4:
                    c5:d9:b4:a5:75:6e:88:bf:0f:a4:73:5d:ad:af:e1:
                    c0:a6:41:49:c4:8b:4d:a6:ad:39:5b:2f:9c:b7:6d:
                    8a:e2:cf:f0:f5:1f:7f:61:66:48:9f:88:37:60:29:
                    8e:3f:4b:dd:15:3d:98:8f:7a:c3:be:22:d8:c0:60:
                    0e:c8:c0:92:66:a9:a5:b0:50:08:f3:d3:31:ed:61:
                    b5:5f:c3:11:82:61:ce:d9:49:f9:22:0b:4f:1b:31:
                    2b:0a:5e:32:cc:41:7d:bc:f2:68:33:49:34:30:38:
                    47:85:da:cd:4c:bf:5a:bd:24:d0:83:2b:8b:cf:82:
                    e5:77:b2:e5:67:0d:e1:c2:2b:64:d1:ff:c9:5f:d0:
                    e8:e2:20:df:18:5e:8b:10:69:92:90:47:14:c0:f9:
                    58:d1:67:0d:c8:b9:86:80:3a:c5:b3:89:69:b1:fa:
                    86:91:f5:18:a4:df:50:e3:a4:09:cb:3d:d5:10:7c:
                    64:00:8c:31:fc:25:72:95:f8:10:94:10:71:68:44:
                    dd:1b:bb:51:65:9a:ed:a1:55:e1:d8:07:20:61:6e:
                    ab:1a:56:df:24:29:b6:39:93:78:00:5f:02:0b:59:
                    9c:63:53:30:19:0a:93:2a:fe:7a:6f:22:ab:1b:a7:
                    05:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:CF:6A:2A:85:5C:AB:A4:39:7C:3F:A5:71:26:99:80:26:32:48:FF
            X509v3 Authority Key Identifier:
                keyid:6B:0E:42:D8:85:9E:0B:1C:DE:54:15:7A:CB:8D:76:04:AD:3F:F1:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/aw5C2IWeCxzeVBV6y412BK0_8bM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aw5C2IWeCxzeVBV6y412BK0_8bM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/45E94CF4BEC911ECB678F70EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.30.0.0/16
                  202.155.0.0-202.155.159.255
                IPv6:
                  2001:e00::/31

    Signature Algorithm: sha256WithRSAEncryption
         41:45:aa:a0:96:ab:42:2d:fd:f5:29:f0:31:28:51:7e:35:57:
         9e:89:f5:20:cc:1b:92:95:cc:9c:35:f3:43:fb:ca:9c:75:a9:
         65:ce:11:30:22:ff:19:c7:c6:46:e1:d8:38:e1:f9:ee:51:d9:
         64:d2:97:85:db:57:c8:18:42:de:b7:65:cf:64:ab:6f:ea:86:
         03:22:04:90:3c:a6:28:d4:76:27:ce:32:40:1b:40:06:ab:21:
         e5:6a:ad:d6:92:59:28:e8:36:e0:9b:fd:ce:84:80:2c:7f:9b:
         b5:41:81:0d:43:d8:7d:41:66:9b:2c:e4:8c:66:e8:0f:9f:79:
         6c:fb:c2:85:c9:75:0f:4c:02:a4:a0:c3:b4:36:74:ba:36:cf:
         55:db:04:f1:10:01:6d:57:11:28:c4:ed:09:24:f9:65:0c:a4:
         7d:ca:84:93:fa:18:1e:94:78:60:b5:1b:e8:64:c7:49:dc:a7:
         17:6d:32:64:ea:95:32:a2:df:68:9e:a2:f9:53:d5:70:7a:4b:
         09:ac:88:bc:fb:5a:4a:e1:95:b6:46:7f:21:28:88:1e:46:08:
         2e:29:1f:8d:d8:1a:25:e1:a2:bd:64:0f:2d:32:0b:e1:0b:48:
         78:f6:42:b2:b8:6f:b0:38:35:90:c7:c9:85:f4:cf:d3:55:6a:
         08:39:86:12
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICMf8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM0NTcxMTAvBgNVBAUTKDZCMEU0MkQ4ODU5RTBCMUNERTU0MTU3QUNCOEQ3NjA0
QUQzRkYxQjMwHhcNMjIwNDE4MDM0MDIxWhcNMjIwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjVjZGRhNS03MmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnMNEZI4yTVfRIJA/m+TF2bSldW6Ivw+kc12tr+HApkFJxItNpq05Wy+ct22K
4s/w9R9/YWZIn4g3YCmOP0vdFT2Yj3rDviLYwGAOyMCSZqmlsFAI89Mx7WG1X8MR
gmHO2Un5IgtPGzErCl4yzEF9vPJoM0k0MDhHhdrNTL9avSTQgyuLz4Lld7LlZw3h
witk0f/JX9Do4iDfGF6LEGmSkEcUwPlY0WcNyLmGgDrFs4lpsfqGkfUYpN9Q46QJ
yz3VEHxkAIwx/CVylfgQlBBxaETdG7tRZZrtoVXh2AcgYW6rGlbfJCm2OZN4AF8C
C1mcY1MwGQqTKv56byKrG6cF0wIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFFPPaiqF
XKukOXw/pXEmmYAmMkj/MB8GA1UdIwQYMBaAFGsOQtiFngsc3lQVesuNdgStP/Gz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzQ1Ny80QzFBMDM0QzFE
N0IxMUUyQkUzREE2QzgwOEIwMkNEMi9hdzVDMklXZUN4emVWQlY2eTQxMkJLMF84
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F3NUMySVdlQ3h6ZVZCVjZ5NDEyQkswXzhiTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM0NTcvNEMxQTAzNEMxRDdCMTFFMkJFM0RBNkM4MDhCMDJDRDIvNDVFOTRDRjRC
RUM5MTFFQ0I2NzhGNzBFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDAwC2HjALAwMAypsDBAXKm4AwDQQCAAIwBwMFASABDgAwDQYJ
KoZIhvcNAQELBQADggEBAEFFqqCWq0It/fUp8DEoUX41V56J9SDMG5KVzJw180P7
ypx1qWXOETAi/xnHxkbh2Djh+e5R2WTSl4XbV8gYQt63Zc9kq2/qhgMiBJA8pijU
difOMkAbQAarIeVqrdaSWSjoNuCb/c6EgCx/m7VBgQ1D2H1BZpss5Ixm6A+feWz7
woXJdQ9MAqSgw7Q2dLo2z1XbBPEQAW1XESjE7Qkk+WUMpH3KhJP6GB6UeGC1G+hk
x0ncpxdtMmTqlTKi32ieovlT1XB6SwmsiLz7WkrhlbZGfyEoiB5GCC4pH43YGiXh
or1kDy0yC+ELSHj2QrK4b7A4NZDHyYX0z9NVagg5hhI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org