Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B837B23E454211EBAE62CF6BC4F9AE02.roa
File:                     B837B23E454211EBAE62CF6BC4F9AE02.roa (download)
Hash identifier:          oxURcBIXzKsJsIS5FgBhy4gcY416a2Rbo+UCcbACOrA=
Subject key identifier:   7C:5D:FA:35:F6:2C:2E:A9:DC:C2:17:5B:4E:CE:C6:E3:0E:AE:E5:1F
Certificate issuer:       /CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
Certificate serial:       0365
Authority key identifier: AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B837B23E454211EBAE62CF6BC4F9AE02.roa
ROA valid until:          May 28 00:00:00 2023 GMT
asID:                     138995
IP address blocks:
    1: 2001:df4:1500::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 869 (0x365)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A911DFB8/serialNumber=AEBB93EA7A2FC69E2C19CCE782EEF5DDB1CA32BD
        Validity
            Not Before: Mar  1 13:31:00 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=621e2014-200e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:17:a7:cd:9b:67:08:a9:fb:8e:43:8c:e5:48:
                    c3:d2:3f:22:84:d1:58:19:4b:ed:c5:a3:52:a6:86:
                    de:9c:53:9d:34:9a:f0:a6:35:32:d9:62:01:08:d5:
                    95:08:46:46:cb:3c:52:b8:7d:eb:88:d9:96:7b:2e:
                    dc:55:3a:86:97:93:5d:91:5f:6e:3e:9a:9b:8d:5f:
                    aa:a0:00:60:9a:a2:62:2d:ee:3c:94:79:2b:75:30:
                    7e:72:cc:88:32:5f:64:86:a9:b9:9a:08:54:72:5f:
                    a3:a6:99:20:d6:c2:05:9a:9d:64:56:ed:e2:80:39:
                    49:80:13:19:1f:0d:0e:0d:26:f0:0b:0c:06:c6:f9:
                    98:ce:ba:52:4d:79:e4:56:13:f9:7a:15:a3:95:f0:
                    16:3b:4b:78:3b:b7:8c:91:0a:28:88:24:df:9d:d0:
                    d7:23:d0:bf:dc:20:c0:65:c1:7b:f6:eb:b2:a0:5e:
                    f1:e1:a8:9c:aa:ae:57:64:f7:45:88:cf:11:fa:d5:
                    20:38:7c:3a:f7:25:05:48:10:2c:42:13:d8:e5:06:
                    13:30:92:bf:fe:36:1a:65:b3:9d:8f:4d:3f:bd:b1:
                    6f:70:ed:d1:07:bf:e9:14:84:1e:be:51:42:99:65:
                    e7:2a:1f:24:9a:97:2f:0a:3e:d0:e7:d7:fd:6f:93:
                    13:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7C:5D:FA:35:F6:2C:2E:A9:DC:C2:17:5B:4E:CE:C6:E3:0E:AE:E5:1F
            X509v3 Authority Key Identifier: 
                keyid:AE:BB:93:EA:7A:2F:C6:9E:2C:19:CC:E7:82:EE:F5:DD:B1:CA:32:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/rruT6novxp4sGczngu713bHKMr0.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/rruT6novxp4sGczngu713bHKMr0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFB8/900EAC54453D11EBB55A6225C4F9AE02/B837B23E454211EBAE62CF6BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:1500::/48

    Signature Algorithm: sha256WithRSAEncryption
         3d:a9:7b:de:ec:dc:0e:35:c5:dc:0a:ad:11:65:d7:ad:f6:8c:
         b0:2d:28:77:89:a5:1c:23:bb:c3:66:77:5d:a0:25:45:e1:27:
         dd:86:cf:84:d8:4c:4d:ef:aa:58:71:67:cf:db:93:03:10:de:
         f3:a1:53:65:3d:64:6d:fc:66:40:f2:13:94:5c:94:99:31:19:
         1c:76:63:87:d5:2f:63:f5:40:7c:b6:0b:a7:ce:98:8a:a6:05:
         56:40:d3:75:0a:4c:8d:cc:b7:5b:af:ff:6a:bf:64:87:8f:4c:
         f7:c4:82:4e:b8:fc:85:98:20:c5:14:78:15:bc:79:95:a0:12:
         4e:2c:f5:51:be:fc:86:87:47:03:b9:17:32:c0:38:ed:59:86:
         5e:32:95:30:d2:58:d7:50:df:08:43:8e:a3:2f:1b:78:a0:7c:
         92:a1:c3:9b:19:69:6d:64:3e:2a:a8:a3:ae:b2:f6:ad:f3:c3:
         4b:a7:67:3d:80:6e:0a:c3:c8:39:de:cc:91:d8:dc:ce:36:31:
         8a:3f:54:60:45:d5:ba:85:4d:53:30:cd:52:3a:f0:cc:2a:44:
         8b:ac:05:c5:a5:cf:cd:5b:94:8e:e1:a4:6f:a8:34:33:6a:c9:
         f2:10:7b:00:60:05:4d:0f:c2:bd:69:db:85:db:be:dc:31:a6:
         ce:6d:0a:02
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICA2UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MURGQjgxMTAvBgNVBAUTKEFFQkI5M0VBN0EyRkM2OUUyQzE5Q0NFNzgyRUVGNURE
QjFDQTMyQkQwHhcNMjIwMzAxMTMzMTAwWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFlMjAxNC0yMDBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA3BenzZtnCKn7jkOM5UjD0j8ihNFYGUvtxaNSpobenFOdNJrwpjUy2WIBCNWV
CEZGyzxSuH3riNmWey7cVTqGl5NdkV9uPpqbjV+qoABgmqJiLe48lHkrdTB+csyI
Ml9khqm5mghUcl+jppkg1sIFmp1kVu3igDlJgBMZHw0ODSbwCwwGxvmYzrpSTXnk
VhP5ehWjlfAWO0t4O7eMkQooiCTfndDXI9C/3CDAZcF79uuyoF7x4aicqq5XZPdF
iM8R+tUgOHw69yUFSBAsQhPY5QYTMJK//jYaZbOdj00/vbFvcO3RB7/pFIQevlFC
mWXnKh8kmpcvCj7Q59f9b5MTjQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFHxd+jX2
LC6p3MIXW07OxuMOruUfMB8GA1UdIwQYMBaAFK67k+p6L8aeLBnM54Lu9d2xyjK9
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExREZCOC85MDBFQUM1NDQ1
M0QxMUVCQjU1QTYyMjVDNEY5QUUwMi9ycnVUNm5vdnhwNHNHY3puZ3U3MTNiSEtN
cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3JydVQ2bm92eHA0c0djem5ndTcxM2JIS01yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MURGQjgvOTAwRUFDNTQ0NTNEMTFFQkI1NUE2MjI1QzRGOUFFMDIvQjgzN0IyM0U0
NTQyMTFFQkFFNjJDRjZCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwAgAQ30FQAwDQYJKoZIhvcNAQELBQADggEBAD2pe97s3A41
xdwKrRFl1632jLAtKHeJpRwju8Nmd12gJUXhJ92Gz4TYTE3vqlhxZ8/bkwMQ3vOh
U2U9ZG38ZkDyE5RclJkxGRx2Y4fVL2P1QHy2C6fOmIqmBVZA03UKTI3Mt1uv/2q/
ZIePTPfEgk64/IWYIMUUeBW8eZWgEk4s9VG+/IaHRwO5FzLAOO1Zhl4ylTDSWNdQ
3whDjqMvG3igfJKhw5sZaW1kPiqoo66y9q3zw0unZz2AbgrDyDnezJHY3M42MYo/
VGBF1bqFTVMwzVI68MwqRIusBcWlz81blI7hpG+oNDNqyfIQewBgBU0Pwr1p24Xb
vtwxps5tCgI=
-----END CERTIFICATE-----
Generated at Wed Dec 7 17:21:28 2022 by rpki-client.