Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/C76451D0C17511ECAC14C36EC4F9AE02.roa
File:                     C76451D0C17511ECAC14C36EC4F9AE02.roa (raw, json)
Hash identifier:          aqUejFz3bTqPckwK5RUSIl5T06EPdmXZUlkdttJsYy8=
Subject key identifier:   8F:B5:E1:14:24:2A:11:1C:03:8F:15:65:35:89:0C:27:DE:A2:2C:91
Certificate issuer:       /CN=A9153457/serialNumber=6B0E42D8859E0B1CDE54157ACB8D7604AD3FF1B3
Certificate serial:       3235
Authority key identifier: 6B:0E:42:D8:85:9E:0B:1C:DE:54:15:7A:CB:8D:76:04:AD:3F:F1:B3
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aw5C2IWeCxzeVBV6y412BK0_8bM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/C76451D0C17511ECAC14C36EC4F9AE02.roa
Signing time:             Thu 12 May 2022 14:40:14 +0000
ROA not before:           Thu 12 May 2022 14:40:14 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     4795
IP address blocks:        182.30.0.0/16 maxlen: 16
                          182.30.48.0/20 maxlen: 20
                          182.30.64.0/20 maxlen: 20
                          182.30.80.0/20 maxlen: 20
                          182.30.96.0/20 maxlen: 20
                          182.30.112.0/20 maxlen: 20
                          182.30.128.0/20 maxlen: 20
                          182.30.144.0/20 maxlen: 20
                          182.30.160.0/20 maxlen: 20
                          182.30.176.0/20 maxlen: 20
                          182.30.192.0/20 maxlen: 20
                          182.30.208.0/20 maxlen: 20
                          182.30.224.0/22 maxlen: 24
                          182.30.240.0/20 maxlen: 20
                          182.30.248.0/21 maxlen: 21
                          182.30.248.0/23 maxlen: 23
                          182.30.250.0/23 maxlen: 23
                          202.155.0.0/17 maxlen: 17
                          202.155.0.0/22 maxlen: 22
                          202.155.0.0/24 maxlen: 24
                          202.155.2.0/23 maxlen: 24
                          202.155.4.0/23 maxlen: 23
                          202.155.5.0/24 maxlen: 24
                          202.155.6.0/24 maxlen: 24
                          202.155.7.0/24 maxlen: 24
                          202.155.8.0/24 maxlen: 24
                          202.155.9.0/24 maxlen: 24
                          202.155.10.0/23 maxlen: 23
                          202.155.12.0/22 maxlen: 22
                          202.155.12.0/23 maxlen: 23
                          202.155.14.0/24 maxlen: 24
                          202.155.15.0/24 maxlen: 24
                          202.155.16.0/23 maxlen: 23
                          202.155.18.0/24 maxlen: 24
                          202.155.19.0/24 maxlen: 24
                          202.155.20.0/22 maxlen: 22
                          202.155.22.0/24 maxlen: 24
                          202.155.24.0/23 maxlen: 23
                          202.155.25.0/24 maxlen: 24
                          202.155.26.0/23 maxlen: 23
                          202.155.26.0/24 maxlen: 24
                          202.155.28.0/23 maxlen: 23
                          202.155.30.0/23 maxlen: 23
                          202.155.32.0/23 maxlen: 23
                          202.155.32.0/24 maxlen: 24
                          202.155.34.0/23 maxlen: 23
                          202.155.36.0/23 maxlen: 23
                          202.155.37.0/24 maxlen: 24
                          202.155.38.0/23 maxlen: 23
                          202.155.40.0/22 maxlen: 22
                          202.155.40.0/23 maxlen: 23
                          202.155.43.0/24 maxlen: 24
                          202.155.44.0/22 maxlen: 22
                          202.155.44.0/23 maxlen: 23
                          202.155.48.0/20 maxlen: 20
                          202.155.48.0/24 maxlen: 24
                          202.155.49.0/24 maxlen: 24
                          202.155.50.0/23 maxlen: 24
                          202.155.52.0/23 maxlen: 23
                          202.155.54.0/23 maxlen: 23
                          202.155.54.0/24 maxlen: 24
                          202.155.56.0/24 maxlen: 24
                          202.155.57.0/24 maxlen: 24
                          202.155.58.0/24 maxlen: 24
                          202.155.59.0/24 maxlen: 24
                          202.155.60.0/23 maxlen: 23
                          202.155.62.0/23 maxlen: 23
                          202.155.65.0/24 maxlen: 24
                          202.155.66.0/23 maxlen: 23
                          202.155.68.0/23 maxlen: 23
                          202.155.69.0/24 maxlen: 24
                          202.155.70.0/23 maxlen: 23
                          202.155.70.0/24 maxlen: 24
                          202.155.72.0/22 maxlen: 23
                          202.155.76.0/23 maxlen: 23
                          202.155.78.0/23 maxlen: 23
                          202.155.78.0/24 maxlen: 24
                          202.155.79.0/24 maxlen: 24
                          202.155.80.0/23 maxlen: 23
                          202.155.82.0/23 maxlen: 23
                          202.155.84.0/24 maxlen: 24
                          202.155.85.0/24 maxlen: 24
                          202.155.86.0/24 maxlen: 24
                          202.155.87.0/24 maxlen: 24
                          202.155.88.0/23 maxlen: 23
                          202.155.88.0/24 maxlen: 24
                          202.155.90.0/24 maxlen: 24
                          202.155.91.0/24 maxlen: 24
                          202.155.92.0/24 maxlen: 24
                          202.155.93.0/24 maxlen: 24
                          202.155.94.0/23 maxlen: 23
                          202.155.96.0/23 maxlen: 23
                          202.155.98.0/23 maxlen: 23
                          202.155.98.0/24 maxlen: 24
                          202.155.100.0/23 maxlen: 23
                          202.155.100.0/24 maxlen: 24
                          202.155.102.0/24 maxlen: 24
                          202.155.103.0/24 maxlen: 24
                          202.155.104.0/23 maxlen: 23
                          202.155.106.0/23 maxlen: 23
                          202.155.108.0/23 maxlen: 23
                          202.155.110.0/23 maxlen: 23
                          202.155.112.0/23 maxlen: 24
                          202.155.114.0/23 maxlen: 23
                          202.155.114.0/24 maxlen: 24
                          202.155.115.0/24 maxlen: 24
                          202.155.116.0/23 maxlen: 23
                          202.155.118.0/23 maxlen: 23
                          202.155.118.0/24 maxlen: 24
                          202.155.120.0/21 maxlen: 21
                          202.155.120.0/23 maxlen: 23
                          202.155.122.0/23 maxlen: 23
                          202.155.124.0/23 maxlen: 23
                          202.155.124.0/24 maxlen: 24
                          202.155.126.0/24 maxlen: 24
                          202.155.127.0/24 maxlen: 24
                          202.155.128.0/19 maxlen: 21
                          202.155.128.0/24 maxlen: 24
                          202.155.130.0/24 maxlen: 24
                          202.155.133.0/24 maxlen: 24
                          202.155.134.0/24 maxlen: 24
                          202.155.136.0/24 maxlen: 24
                          202.155.137.0/24 maxlen: 24
                          202.155.138.0/24 maxlen: 24
                          202.155.139.0/24 maxlen: 24
                          202.155.140.0/22 maxlen: 22
                          202.155.140.0/23 maxlen: 23
                          202.155.140.0/24 maxlen: 24
                          202.155.142.0/24 maxlen: 24
                          202.155.143.0/24 maxlen: 24
                          202.155.146.0/23 maxlen: 23
                          202.155.147.0/24 maxlen: 24
                          202.155.148.0/23 maxlen: 23
                          202.155.148.0/24 maxlen: 24
                          202.155.150.0/23 maxlen: 24
                          202.155.152.0/22 maxlen: 22
                          202.155.152.0/24 maxlen: 24
                          202.155.155.0/24 maxlen: 24
                          202.155.156.0/24 maxlen: 24
                          202.155.157.0/24 maxlen: 24
                          202.155.158.0/23 maxlen: 23
                          202.155.158.0/24 maxlen: 24
                          2001:e00::/31 maxlen: 32
                          2001:e00:25::/49 maxlen: 49
                          2001:e00:26::/49 maxlen: 49
                          2001:e00:100:8000::/49 maxlen: 49
                          2001:e00:1005::/48 maxlen: 48
                          2001:e00:10e4:8400::/56 maxlen: 56

Validation:               Failed, RFC 3779 resource not subset of parent's resources

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12853 (0x3235)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9153457/serialNumber=6B0E42D8859E0B1CDE54157ACB8D7604AD3FF1B3
        Validity
            Not Before: May 12 14:40:14 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=627d1c4e-549a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:77:0c:30:77:cf:98:35:9e:f1:b3:c1:4c:12:
                    b0:63:64:6d:44:4d:2e:4f:2d:67:f6:20:ee:31:b2:
                    42:a4:0a:37:18:95:d0:4e:d0:6a:e3:fb:3f:f2:94:
                    90:e1:18:97:08:c6:ba:f7:1b:55:8f:0b:0f:f1:d9:
                    a1:fa:35:df:a3:a3:21:f0:2a:7d:16:74:28:38:47:
                    0b:e9:8f:5b:8d:69:5a:57:71:f4:60:d2:95:9b:b5:
                    01:87:67:f3:2d:e7:91:c9:06:c4:18:54:ae:42:4b:
                    53:10:5f:25:33:48:56:77:08:ce:72:b8:88:a7:8e:
                    1f:ed:db:d1:03:e2:f0:66:6d:d0:8f:80:dc:e3:38:
                    a8:02:84:86:ed:74:ab:c9:0e:25:38:db:62:ad:7b:
                    c8:a3:0e:2f:20:54:3a:53:bb:7c:3f:21:33:da:a2:
                    5f:96:7e:5d:07:44:5f:de:94:02:18:36:00:72:c0:
                    67:5e:5c:7f:17:7c:f5:32:b4:30:69:b1:d9:31:ac:
                    72:e7:d1:3b:c3:40:53:87:0b:ae:21:91:2c:02:93:
                    4d:eb:e1:c7:d4:41:bb:07:53:90:6f:71:7e:41:64:
                    67:eb:db:7f:d8:7a:18:24:e4:ad:23:c8:82:8e:e5:
                    e0:bc:41:31:36:9f:a8:2b:ef:cf:88:e7:4c:36:e5:
                    d9:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:B5:E1:14:24:2A:11:1C:03:8F:15:65:35:89:0C:27:DE:A2:2C:91
            X509v3 Authority Key Identifier:
                keyid:6B:0E:42:D8:85:9E:0B:1C:DE:54:15:7A:CB:8D:76:04:AD:3F:F1:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/aw5C2IWeCxzeVBV6y412BK0_8bM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aw5C2IWeCxzeVBV6y412BK0_8bM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153457/4C1A034C1D7B11E2BE3DA6C808B02CD2/C76451D0C17511ECAC14C36EC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.30.0.0/16
                  202.155.0.0-202.155.159.255
                IPv6:
                  2001:e00::/31

    Signature Algorithm: sha256WithRSAEncryption
         ac:ea:08:ba:da:2f:5e:18:77:1d:6e:af:7d:c3:68:11:2a:85:
         31:dc:bf:d3:55:bb:ee:bb:2f:97:b1:1a:bb:f6:ea:28:99:f3:
         a9:19:07:2e:e4:11:88:d3:cb:65:30:df:48:58:d0:8b:21:e8:
         60:1e:9f:31:06:c9:42:c7:6e:10:1e:58:51:8e:58:40:fd:6a:
         07:07:b3:be:09:0e:fd:5a:8a:1a:9f:cb:32:a4:10:4b:e8:c3:
         1c:06:fe:94:6a:ed:15:62:93:03:20:a8:3b:e0:0c:f8:6a:10:
         ae:70:52:bb:f6:98:77:5f:c6:3f:84:d5:2c:d0:e1:2e:de:6e:
         0c:e8:4e:b9:39:45:78:a4:99:48:5e:7f:9e:17:d9:55:b7:d0:
         13:51:67:15:83:f3:e2:bc:63:0f:f1:b0:62:00:be:cf:57:56:
         34:92:5d:19:4b:0b:3e:53:eb:d5:43:2e:98:33:65:88:b0:d0:
         4d:6c:01:c5:87:12:75:76:3e:30:92:f0:1a:4b:11:db:ee:00:
         cf:99:9f:12:ce:7c:e5:ba:c7:59:9b:da:86:eb:bc:71:35:3e:
         b0:f7:33:9a:38:0f:26:4b:9f:83:ee:97:6e:49:f7:54:e4:0b:
         99:56:e1:04:a3:6a:f4:2a:aa:33:60:43:51:de:73:a8:0a:61:
         e5:50:45:78
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgICMjUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTM0NTcxMTAvBgNVBAUTKDZCMEU0MkQ4ODU5RTBCMUNERTU0MTU3QUNCOEQ3NjA0
QUQzRkYxQjMwHhcNMjIwNTEyMTQ0MDE0WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjdkMWM0ZS01NDlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA1HcMMHfPmDWe8bPBTBKwY2RtRE0uTy1n9iDuMbJCpAo3GJXQTtBq4/s/8pSQ
4RiXCMa69xtVjwsP8dmh+jXfo6Mh8Cp9FnQoOEcL6Y9bjWlaV3H0YNKVm7UBh2fz
LeeRyQbEGFSuQktTEF8lM0hWdwjOcriIp44f7dvRA+LwZm3Qj4Dc4zioAoSG7XSr
yQ4lONtirXvIow4vIFQ6U7t8PyEz2qJfln5dB0Rf3pQCGDYAcsBnXlx/F3z1MrQw
abHZMaxy59E7w0BThwuuIZEsApNN6+HH1EG7B1OQb3F+QWRn69t/2HoYJOStI8iC
juXgvEExNp+oK+/PiOdMNuXZqQIDAQABo4ICsDCCAqwwHQYDVR0OBBYEFI+14RQk
KhEcA48VZTWJDCfeoiyRMB8GA1UdIwQYMBaAFGsOQtiFngsc3lQVesuNdgStP/Gz
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MzQ1Ny80QzFBMDM0QzFE
N0IxMUUyQkUzREE2QzgwOEIwMkNEMi9hdzVDMklXZUN4emVWQlY2eTQxMkJLMF84
Yk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2F3NUMySVdlQ3h6ZVZCVjZ5NDEyQkswXzhiTS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTM0NTcvNEMxQTAzNEMxRDdCMTFFMkJFM0RBNkM4MDhCMDJDRDIvQzc2NDUxRDBD
MTc1MTFFQ0FDMTRDMzZFQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOgYIKwYBBQUHAQcBAf8E
KzApMBgEAgABMBIDAwC2HjALAwMAypsDBAXKm4AwDQQCAAIwBwMFASABDgAwDQYJ
KoZIhvcNAQELBQADggEBAKzqCLraL14Ydx1ur33DaBEqhTHcv9NVu+67L5exGrv2
6iiZ86kZBy7kEYjTy2Uw30hY0Ish6GAenzEGyULHbhAeWFGOWED9agcHs74JDv1a
ihqfyzKkEEvowxwG/pRq7RVikwMgqDvgDPhqEK5wUrv2mHdfxj+E1SzQ4S7ebgzo
Trk5RXikmUhef54X2VW30BNRZxWD8+K8Yw/xsGIAvs9XVjSSXRlLCz5T69VDLpgz
ZYiw0E1sAcWHEnV2PjCS8BpLEdvuAM+ZnxLOfOW6x1mb2obrvHE1PrD3M5o4DyZL
n4Pul25J91TkC5lW4QSjavQqqjNgQ1Hec6gKYeVQRXg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:51:06 2024 by rpki-client on console-fra.rpki-client.org