Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A912B600/3B06F306043511E99E09CC63C4F9AE02/6C510F98B51C11EAA1649251C4F9AE02.roa
File:                     6C510F98B51C11EAA1649251C4F9AE02.roa (raw, json)
Hash identifier:          q0X8VVPUBCg3+JTZ8U3XXWG+a7Z1JNYcZRC+LKoRn3o=
Subject key identifier:   61:E3:45:69:4D:DB:A2:1E:D7:B9:0A:C2:B7:0E:E5:DB:E8:D6:28:1F
Certificate issuer:       /CN=A912B600/serialNumber=477E22E1BD3AD5204E3ADC2DECD6D2A194ACFA58
Certificate serial:       103F
Authority key identifier: 47:7E:22:E1:BD:3A:D5:20:4E:3A:DC:2D:EC:D6:D2:A1:94:AC:FA:58
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/R34i4b061SBOOtwt7NbSoZSs-lg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A912B600/3B06F306043511E99E09CC63C4F9AE02/6C510F98B51C11EAA1649251C4F9AE02.roa
Signing time:             Wed 04 Oct 2023 15:10:45 +0000
ROA not before:           Wed 04 Oct 2023 15:10:45 +0000
ROA not after:            Sun 01 Dec 2024 00:00:00 +0000
asID:                     38466
IP address blocks:        188.214.64.0/20 maxlen: 20
                          188.214.64.0/24 maxlen: 24
                          188.214.65.0/24 maxlen: 24
                          188.214.66.0/24 maxlen: 24
                          188.214.67.0/24 maxlen: 24
                          188.214.68.0/24 maxlen: 24
                          188.214.69.0/24 maxlen: 24
                          188.214.70.0/24 maxlen: 24
                          188.214.71.0/24 maxlen: 24
                          188.214.72.0/24 maxlen: 24
                          188.214.73.0/24 maxlen: 24
                          188.214.74.0/24 maxlen: 24
                          188.214.75.0/24 maxlen: 24
                          188.214.76.0/24 maxlen: 24
                          188.214.77.0/24 maxlen: 24
                          188.214.78.0/24 maxlen: 24
                          188.214.79.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A912B600/3B06F306043511E99E09CC63C4F9AE02/R34i4b061SBOOtwt7NbSoZSs-lg.crl
                          rsync://rpki.apnic.net/member_repository/A912B600/3B06F306043511E99E09CC63C4F9AE02/R34i4b061SBOOtwt7NbSoZSs-lg.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/R34i4b061SBOOtwt7NbSoZSs-lg.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 02 Apr 2024 14:50:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4159 (0x103f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A912B600/serialNumber=477E22E1BD3AD5204E3ADC2DECD6D2A194ACFA58
        Validity
            Not Before: Oct  4 15:10:45 2023 GMT
            Not After : Dec  1 00:00:00 2024 GMT
        Subject: CN=651d8075-2fb8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:9c:2f:68:5a:f4:4b:11:ab:32:c4:8e:f1:c5:
                    72:f8:12:8c:15:55:1b:b8:42:91:13:08:43:21:83:
                    0c:79:da:fb:2f:e6:42:2a:89:33:5a:cb:6b:f6:25:
                    8c:33:f7:cb:69:a4:2b:ce:8b:6b:99:2f:23:aa:15:
                    1e:fa:29:27:8a:0f:7c:a7:20:85:4f:97:67:31:96:
                    24:ae:5f:2f:98:e6:f7:9b:96:17:ca:94:5b:85:74:
                    f7:3e:25:b1:ae:77:66:7b:94:4f:1e:97:f0:0a:21:
                    6a:8b:1a:10:d0:3b:ec:be:16:ca:2d:06:4b:d6:ae:
                    a5:61:b3:bd:f1:ab:28:a1:a1:9a:d7:5a:5b:3e:e1:
                    28:bc:01:c2:1e:cf:dc:f4:9c:41:84:21:2a:b9:52:
                    b7:19:1d:93:13:d9:cb:8e:22:d1:f4:3b:0a:bc:3d:
                    04:53:a5:3b:a7:1d:97:e7:a0:fe:5f:f3:43:b0:4a:
                    5e:19:c9:a3:c1:fb:08:cb:f2:5f:b2:19:c9:c3:bf:
                    24:99:7d:9a:dd:0b:97:77:92:5a:67:3a:0c:34:bd:
                    fd:2a:1c:1e:62:81:0c:67:6e:84:dc:86:4d:da:cb:
                    64:31:47:94:cf:6e:90:14:e8:93:fd:47:4c:af:6e:
                    50:25:d4:93:4e:6a:00:9c:f1:70:ac:d7:84:e8:aa:
                    44:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:E3:45:69:4D:DB:A2:1E:D7:B9:0A:C2:B7:0E:E5:DB:E8:D6:28:1F
            X509v3 Authority Key Identifier:
                keyid:47:7E:22:E1:BD:3A:D5:20:4E:3A:DC:2D:EC:D6:D2:A1:94:AC:FA:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A912B600/3B06F306043511E99E09CC63C4F9AE02/R34i4b061SBOOtwt7NbSoZSs-lg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/R34i4b061SBOOtwt7NbSoZSs-lg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912B600/3B06F306043511E99E09CC63C4F9AE02/6C510F98B51C11EAA1649251C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.214.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d7:13:99:a7:12:90:c8:5c:3d:d5:c3:c3:d7:af:5f:30:a8:79:
         c9:f4:b9:2d:f8:3c:b2:18:ab:4c:18:47:fa:2f:82:78:e7:a6:
         4c:a0:60:37:ad:88:31:29:0a:6f:54:a9:a4:91:8f:97:8e:63:
         b2:f1:19:bf:68:40:dc:a2:25:d9:28:a7:7c:97:ac:f2:61:88:
         84:72:51:6f:be:eb:2d:ca:55:eb:18:67:3a:0d:e9:eb:63:7a:
         98:d2:49:5e:ce:68:76:15:56:e7:dc:89:b3:2d:df:df:22:1d:
         22:c3:30:5b:bd:0b:d5:fa:73:fb:a7:3b:05:57:d6:bb:9a:4c:
         f4:d6:b0:a5:0b:25:42:b6:3c:4f:10:ac:9e:d6:52:da:e8:b8:
         f7:d7:7a:6e:70:b4:4e:a5:1a:3e:79:de:64:ac:0b:bc:7f:3c:
         ed:c8:0e:15:7e:14:ec:ae:63:ef:da:f7:e6:08:73:dc:df:ec:
         8f:a4:17:6c:da:68:37:f1:16:54:e6:6b:8a:30:37:37:af:91:
         8a:f2:ea:df:1e:34:ac:df:af:55:d7:ce:a0:79:fd:8c:6b:c2:
         dd:5e:ea:b2:ee:30:4f:8c:36:38:41:fb:26:50:10:1d:db:23:
         7f:9d:b3:59:c3:83:1f:a9:71:07:11:54:ad:93:40:85:5d:6b:
         32:50:31:5d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICED8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MkI2MDAxMTAvBgNVBAUTKDQ3N0UyMkUxQkQzQUQ1MjA0RTNBREMyREVDRDZEMkEx
OTRBQ0ZBNTgwHhcNMjMxMDA0MTUxMDQ1WhcNMjQxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NTFkODA3NS0yZmI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwpwvaFr0SxGrMsSO8cVy+BKMFVUbuEKREwhDIYMMedr7L+ZCKokzWstr9iWM
M/fLaaQrzotrmS8jqhUe+iknig98pyCFT5dnMZYkrl8vmOb3m5YXypRbhXT3PiWx
rndme5RPHpfwCiFqixoQ0DvsvhbKLQZL1q6lYbO98asooaGa11pbPuEovAHCHs/c
9JxBhCEquVK3GR2TE9nLjiLR9DsKvD0EU6U7px2X56D+X/NDsEpeGcmjwfsIy/Jf
shnJw78kmX2a3QuXd5JaZzoMNL39KhweYoEMZ26E3IZN2stkMUeUz26QFOiT/UdM
r25QJdSTTmoAnPFwrNeE6KpEqwIDAQABo4IClTCCApEwHQYDVR0OBBYEFGHjRWlN
26Ie17kKwrcO5dvo1igfMB8GA1UdIwQYMBaAFEd+IuG9OtUgTjrcLezW0qGUrPpY
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQjYwMC8zQjA2RjMwNjA0
MzUxMUU5OUUwOUNDNjNDNEY5QUUwMi9SMzRpNGIwNjFTQk9PdHd0N05iU29aU3Mt
bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1IzNGk0YjA2MVNCT090d3Q3TmJTb1pTcy1sZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MkI2MDAvM0IwNkYzMDYwNDM1MTFFOTlFMDlDQzYzQzRGOUFFMDIvNkM1MTBGOThC
NTFDMTFFQUExNjQ5MjUxQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAS81kAwDQYJKoZIhvcNAQELBQADggEBANcTmacSkMhcPdXD
w9evXzCoecn0uS34PLIYq0wYR/ovgnjnpkygYDetiDEpCm9UqaSRj5eOY7LxGb9o
QNyiJdkop3yXrPJhiIRyUW++6y3KVesYZzoN6etjepjSSV7OaHYVVufcibMt398i
HSLDMFu9C9X6c/unOwVX1ruaTPTWsKULJUK2PE8QrJ7WUtrouPfXem5wtE6lGj55
3mSsC7x/PO3IDhV+FOyuY+/a9+YIc9zf7I+kF2zaaDfxFlTma4owNzevkYry6t8e
NKzfr1XXzqB5/Yxrwt1e6rLuME+MNjhB+yZQEB3bI3+ds1nDgx+pcQcRVK2TQIVd
azJQMV0=
-----END CERTIFICATE-----
Generated at Tue Mar 26 18:02:39 2024 by rpki-client on console-ams.rpki-client.org