Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFB8/85A5D90E453D11EBB55A6225C4F9AE02/B6E44C08454211EBAE62CF6BC4F9AE02.roa
File:                     B6E44C08454211EBAE62CF6BC4F9AE02.roa (download)
Hash identifier:          8J7HarSH6mQGq/Z2LFS8U/VRB6mj+HUBd8CjB7OjzDM=
Subject key identifier:   29:9B:A8:89:91:42:82:F9:1A:16:2C:63:30:2B:93:A6:C2:32:C4:C2
Certificate issuer:       /CN=A911DFB8/serialNumber=0F80F40D3286852C9B9F6E345BE1D5BD2F954832
Certificate serial:       0361
Authority key identifier: 0F:80:F4:0D:32:86:85:2C:9B:9F:6E:34:5B:E1:D5:BD:2F:95:48:32
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D4D0DTKGhSybn240W-HVvS-VSDI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911DFB8/85A5D90E453D11EBB55A6225C4F9AE02/B6E44C08454211EBAE62CF6BC4F9AE02.roa
ROA valid until:          May 28 00:00:00 2023 GMT
asID:                     138995
IP address blocks:
    1: 185.203.36.0/24 maxlen: 24
    2: 185.203.37.0/24 maxlen: 24
    3: 185.203.38.0/24 maxlen: 24
    4: 185.203.39.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 865 (0x361)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911DFB8/serialNumber=0F80F40D3286852C9B9F6E345BE1D5BD2F954832
        Validity
            Not Before: Mar  1 13:30:58 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=621e2012-5304
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:0a:f2:4c:f9:73:e7:6a:4b:4e:26:fc:7c:68:
                    c0:3b:34:d6:14:a5:d7:29:71:41:eb:74:64:da:e6:
                    cb:b6:22:09:f6:cb:3c:3c:e4:f0:68:f7:df:e4:93:
                    74:07:50:45:92:62:e6:9a:8b:be:73:31:15:d7:34:
                    24:4a:1a:54:25:64:e1:2d:ef:d0:97:71:5e:77:0f:
                    7c:ea:0c:76:67:b5:79:04:31:e1:bd:cb:18:7c:b6:
                    d5:ae:20:be:a4:3e:f3:a7:38:d7:b6:a1:bd:31:1f:
                    81:5d:69:2d:66:4d:92:a4:8e:7b:dd:b1:b8:c1:72:
                    e1:5d:6d:81:d9:ce:08:f5:8a:12:5f:b1:39:04:84:
                    7e:aa:62:21:a9:5a:cb:bf:30:16:54:ee:9c:bd:74:
                    f3:70:f4:0b:05:d9:58:85:92:b3:af:40:97:30:5a:
                    cd:5f:55:34:66:e0:29:a2:47:1b:f9:9c:bf:b5:4d:
                    2c:86:64:cb:33:d3:cc:25:96:33:cb:39:17:e9:3b:
                    ea:11:4a:c0:ed:01:18:b9:40:58:97:90:d7:b5:7a:
                    4c:e4:ff:5e:57:1e:fb:ba:dd:66:f2:1c:4b:2c:85:
                    f9:31:d8:fb:a6:2b:41:af:08:ad:f4:e5:61:78:0d:
                    1c:8c:55:54:c7:be:6b:10:4b:4d:bf:5e:85:7e:14:
                    06:53
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                29:9B:A8:89:91:42:82:F9:1A:16:2C:63:30:2B:93:A6:C2:32:C4:C2
            X509v3 Authority Key Identifier: 
                keyid:0F:80:F4:0D:32:86:85:2C:9B:9F:6E:34:5B:E1:D5:BD:2F:95:48:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911DFB8/85A5D90E453D11EBB55A6225C4F9AE02/D4D0DTKGhSybn240W-HVvS-VSDI.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/D4D0DTKGhSybn240W-HVvS-VSDI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFB8/85A5D90E453D11EBB55A6225C4F9AE02/B6E44C08454211EBAE62CF6BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.203.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         80:9b:d3:24:af:f8:e7:8b:a2:7a:08:64:08:9b:aa:4b:63:8b:
         72:92:81:70:61:b6:88:0f:e2:7e:b5:9a:85:da:ed:5f:f3:c0:
         58:94:70:c0:02:a9:2f:86:e9:c2:62:90:4a:c5:59:3e:e6:23:
         9a:11:bd:6b:f4:d3:e8:e4:66:63:2b:b1:f6:88:30:54:d5:bd:
         0b:f2:5d:02:a8:ae:bd:18:cc:c1:2c:eb:cc:11:ed:14:94:0b:
         e6:f9:91:b1:45:db:09:a3:39:8d:ae:2d:9f:f4:1d:ab:39:fb:
         7b:f6:f0:da:b6:5c:2a:d6:0e:06:68:3f:35:8d:ab:11:8e:fc:
         92:5f:6a:0f:30:52:57:77:0a:0a:67:ef:df:84:eb:96:0d:fc:
         48:98:1b:76:dc:45:c4:75:80:2c:7a:a6:75:11:ba:e4:27:2d:
         54:63:32:bc:cb:4b:2a:0d:cf:26:8e:f5:63:a4:28:7c:90:70:
         38:68:44:52:2f:7d:f8:c7:e8:80:83:3f:5c:11:93:d3:13:3e:
         0f:1e:94:2c:0e:4a:23:16:ec:d2:4d:da:dd:6b:6a:51:c6:31:
         65:a7:28:58:77:d2:0c:d6:c0:85:99:23:ba:85:bb:a3:9e:39:
         e5:75:80:8c:f6:1f:13:ea:26:a1:cd:b7:90:c5:31:ed:c7:26:
         ff:50:c3:8f
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICA2EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURGQjgxMTAvBgNVBAUTKDBGODBGNDBEMzI4Njg1MkM5QjlGNkUzNDVCRTFENUJE
MkY5NTQ4MzIwHhcNMjIwMzAxMTMzMDU4WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFlMjAxMi01MzA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAuwryTPlz52pLTib8fGjAOzTWFKXXKXFB63Rk2ubLtiIJ9ss8POTwaPff5JN0
B1BFkmLmmou+czEV1zQkShpUJWThLe/Ql3Fedw986gx2Z7V5BDHhvcsYfLbVriC+
pD7zpzjXtqG9MR+BXWktZk2SpI573bG4wXLhXW2B2c4I9YoSX7E5BIR+qmIhqVrL
vzAWVO6cvXTzcPQLBdlYhZKzr0CXMFrNX1U0ZuApokcb+Zy/tU0shmTLM9PMJZYz
yzkX6TvqEUrA7QEYuUBYl5DXtXpM5P9eVx77ut1m8hxLLIX5Mdj7pitBrwit9OVh
eA0cjFVUx75rEEtNv16FfhQGUwIDAQABo4IClTCCApEwHQYDVR0OBBYEFCmbqImR
QoL5GhYsYzArk6bCMsTCMB8GA1UdIwQYMBaAFA+A9A0yhoUsm59uNFvh1b0vlUgy
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREZCOC84NUE1RDkwRTQ1
M0QxMUVCQjU1QTYyMjVDNEY5QUUwMi9ENEQwRFRLR2hTeWJuMjQwVy1IVnZTLVZT
REkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL0Q0RDBEVEtHaFN5Ym4yNDBXLUhWdlMtVlNESS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURGQjgvODVBNUQ5MEU0NTNEMTFFQkI1NUE2MjI1QzRGOUFFMDIvQjZFNDRDMDg0
NTQyMTFFQkFFNjJDRjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAK5yyQwDQYJKoZIhvcNAQELBQADggEBAICb0ySv+OeLonoI
ZAibqktji3KSgXBhtogP4n61moXa7V/zwFiUcMACqS+G6cJikErFWT7mI5oRvWv0
0+jkZmMrsfaIMFTVvQvyXQKorr0YzMEs68wR7RSUC+b5kbFF2wmjOY2uLZ/0Has5
+3v28Nq2XCrWDgZoPzWNqxGO/JJfag8wUld3Cgpn79+E65YN/EiYG3bcRcR1gCx6
pnURuuQnLVRjMrzLSyoNzyaO9WOkKHyQcDhoRFIvffjH6ICDP1wRk9MTPg8elCwO
SiMW7NJN2t1ralHGMWWnKFh30gzWwIWZI7qFu6OeOeV1gIz2HxPqJqHNt5DFMe3H
Jv9Qw48=
-----END CERTIFICATE-----
Generated at Wed Dec 7 16:06:27 2022 by rpki-client.