Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/4AF79C947A7011EB940A5E42C4F9AE02.roa
File:                     4AF79C947A7011EB940A5E42C4F9AE02.roa (download)
Hash identifier:          NDifrjQadadLrTCkYqlz+p+zJwZmwG9uGyrGP0HPxuw=
Subject key identifier:   E8:60:9D:CD:F3:C6:6D:7F:0A:4B:4E:18:18:AA:9E:2C:31:7C:1A:F0
Certificate issuer:       /CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
Certificate serial:       0529
Authority key identifier: 50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/4AF79C947A7011EB940A5E42C4F9AE02.roa
ROA valid until:          May 28 00:00:00 2023 GMT
asID:                     138995
IP address blocks:
    1: 27.0.235.0/24 maxlen: 24
    2: 103.68.111.0/24 maxlen: 24
    3: 103.208.87.0/24 maxlen: 24
    4: 103.214.70.0/24 maxlen: 24
    5: 144.48.83.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1321 (0x529)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9111590/serialNumber=50229DE035B72572F4E0027472EB6826FDFE94AE
        Validity
            Not Before: Nov 12 14:50:37 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=636fb2bc-0dfc
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:dc:ad:ee:9b:93:c3:fe:6f:04:18:12:9f:e5:
                    77:82:32:31:10:82:09:97:dd:6b:90:a3:9f:e8:54:
                    ee:e2:59:ed:4c:9b:0c:10:f4:a4:11:bd:51:dc:8e:
                    f6:6f:cf:c7:fb:e9:58:2e:ee:49:b5:a7:20:ed:79:
                    79:f3:f8:2b:68:01:e8:0b:66:63:fc:5e:86:e6:8e:
                    0f:f1:fc:b7:01:ac:2c:e9:ff:a1:94:22:55:0f:d2:
                    56:c1:33:7a:6e:05:f8:38:93:3e:85:66:b1:95:80:
                    4f:a3:07:76:12:c8:82:5f:f5:94:6c:cf:db:b8:7c:
                    54:6f:d3:9b:93:b7:2f:c7:80:5a:ae:a9:00:b0:9f:
                    d0:f5:43:f6:93:d4:7c:48:1e:d3:b2:c3:53:a4:b4:
                    1e:97:4b:3a:1e:69:4c:dc:2e:5e:31:a2:25:d3:33:
                    aa:50:84:43:4d:cb:d7:a0:44:44:48:96:c8:4e:a8:
                    21:5c:89:55:75:15:4d:fc:51:f3:fd:ae:c0:c9:dc:
                    3e:ac:f7:aa:9c:25:16:49:ca:81:8c:2d:4a:e3:13:
                    17:c3:16:89:a4:f5:60:73:c4:76:64:b8:d8:e0:a9:
                    96:a7:6b:a3:01:bb:7e:4f:59:3b:c7:18:0c:a7:0a:
                    65:d4:7d:c1:f6:fa:98:bb:9a:ce:32:91:73:53:20:
                    c8:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                E8:60:9D:CD:F3:C6:6D:7F:0A:4B:4E:18:18:AA:9E:2C:31:7C:1A:F0
            X509v3 Authority Key Identifier: 
                keyid:50:22:9D:E0:35:B7:25:72:F4:E0:02:74:72:EB:68:26:FD:FE:94:AE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/UCKd4DW3JXL04AJ0cutoJv3-lK4.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UCKd4DW3JXL04AJ0cutoJv3-lK4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9111590/025CD2627A6E11EB81AF2E3FC4F9AE02/4AF79C947A7011EB940A5E42C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.0.235.0/24
                  103.68.111.0/24
                  103.208.87.0/24
                  103.214.70.0/24
                  144.48.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:02:0a:61:2c:40:89:e8:b4:3d:ac:12:b7:b6:1c:3f:cb:04:
         78:d4:4d:d8:e3:2c:51:d3:17:5b:2c:9e:a0:38:c0:b4:a9:29:
         78:7e:ec:6e:1c:fe:07:af:bc:43:7a:b7:c8:e3:50:7d:86:6e:
         16:e7:2e:1e:40:57:89:64:b3:b9:4b:6a:9f:4e:51:18:c6:89:
         bf:05:48:27:2c:d5:c4:cc:7b:27:17:f0:f5:af:bf:71:b2:f2:
         38:30:f7:e3:74:ef:6b:53:f0:c7:83:c3:55:54:d5:45:6d:8a:
         de:e6:7a:27:7f:9c:4c:f3:9c:78:7a:19:47:99:1c:81:3b:fe:
         d8:3a:19:74:d1:55:78:85:5f:ae:64:ca:2b:33:3f:96:3a:d8:
         e1:5e:07:d4:ef:1c:5d:ce:17:2c:35:37:ea:c5:4a:36:a7:86:
         eb:b5:c9:30:e3:93:71:07:94:4f:82:1c:d1:dc:3f:cc:16:c7:
         54:af:4a:ae:75:2f:bc:4b:36:18:3d:3c:73:48:2f:07:3a:9e:
         9b:43:af:32:7f:eb:51:a3:6b:d5:bf:c3:38:42:15:f5:25:ae:
         e3:88:bf:18:15:ed:75:fd:33:d1:72:7f:2d:d5:3f:50:71:78:
         03:f0:15:51:3a:7f:18:b0:68:33:df:e7:36:67:cf:2f:58:5f:
         87:50:85:fe
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgICBSkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MTE1OTAxMTAvBgNVBAUTKDUwMjI5REUwMzVCNzI1NzJGNEUwMDI3NDcyRUI2ODI2
RkRGRTk0QUUwHhcNMjIxMTEyMTQ1MDM3WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MzZmYjJiYy0wZGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuNyt7puTw/5vBBgSn+V3gjIxEIIJl91rkKOf6FTu4lntTJsMEPSkEb1R3I72
b8/H++lYLu5Jtacg7Xl58/graAHoC2Zj/F6G5o4P8fy3Aaws6f+hlCJVD9JWwTN6
bgX4OJM+hWaxlYBPowd2EsiCX/WUbM/buHxUb9Obk7cvx4BarqkAsJ/Q9UP2k9R8
SB7TssNTpLQel0s6HmlM3C5eMaIl0zOqUIRDTcvXoERESJbITqghXIlVdRVN/FHz
/a7Aydw+rPeqnCUWScqBjC1K4xMXwxaJpPVgc8R2ZLjY4KmWp2ujAbt+T1k7xxgM
pwpl1H3B9vqYu5rOMpFzUyDIQwIDAQABo4ICrTCCAqkwHQYDVR0OBBYEFOhgnc3z
xm1/CktOGBiqniwxfBrwMB8GA1UdIwQYMBaAFFAineA1tyVy9OACdHLraCb9/pSu
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExMTU5MC8wMjVDRDI2MjdB
NkUxMUVCODFBRjJFM0ZDNEY5QUUwMi9VQ0tkNERXM0pYTDA0QUowY3V0b0p2My1s
SzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1VDS2Q0RFczSlhMMDRBSjBjdXRvSnYzLWxLNC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MTE1OTAvMDI1Q0QyNjI3QTZFMTFFQjgxQUYyRTNGQzRGOUFFMDIvNEFGNzlDOTQ3
QTcwMTFFQjk0MEE1RTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwNwYIKwYBBQUHAQcBAf8E
KDAmMCQEAgABMB4DBAAbAOsDBABnRG8DBABn0FcDBABn1kYDBACQMFMwDQYJKoZI
hvcNAQELBQADggEBAKsCCmEsQInotD2sEre2HD/LBHjUTdjjLFHTF1ssnqA4wLSp
KXh+7G4c/gevvEN6t8jjUH2GbhbnLh5AV4lks7lLap9OURjGib8FSCcs1cTMeycX
8PWvv3Gy8jgw9+N072tT8MeDw1VU1UVtit7meid/nEzznHh6GUeZHIE7/tg6GXTR
VXiFX65kyiszP5Y62OFeB9TvHF3OFyw1N+rFSjanhuu1yTDjk3EHlE+CHNHcP8wW
x1SvSq51L7xLNhg9PHNILwc6nptDrzJ/61Gja9W/wzhCFfUlruOIvxgV7XX9M9Fy
fy3VP1BxeAPwFVE6fxiwaDPf5zZnzy9YX4dQhf4=
-----END CERTIFICATE-----
Generated at Wed Dec 7 17:21:22 2022 by rpki-client.