Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9131ABD/20E8F9A004E911EA8D20EE5FC4F9AE02/3726AAFA0C0011EAA414FC4AC4F9AE02.roa
File:                     3726AAFA0C0011EAA414FC4AC4F9AE02.roa (download)
Hash identifier:          rsgkbbwby4NnV9DI0RuDI1F5+ab2HZwoRhIXYYYrnb4=
Subject key identifier:   46:34:51:F3:2F:8D:F8:74:4B:5A:57:44:F2:B2:AE:26:2C:C3:92:F3
Certificate issuer:       /CN=A9131ABD/serialNumber=2E9C91F4E394A4AFA976D6BC3F65DF2D9F079EBD
Certificate serial:       0997
Authority key identifier: 2E:9C:91:F4:E3:94:A4:AF:A9:76:D6:BC:3F:65:DF:2D:9F:07:9E:BD
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LpyR9OOUpK-pdta8P2XfLZ8Hnr0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9131ABD/20E8F9A004E911EA8D20EE5FC4F9AE02/3726AAFA0C0011EAA414FC4AC4F9AE02.roa
ROA valid until:          Aug 31 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 103.77.224.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2455 (0x997)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9131ABD/serialNumber=2E9C91F4E394A4AFA976D6BC3F65DF2D9F079EBD
        Validity
            Not Before: Jun 21 19:59:17 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=62b22315-37c6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a4:29:23:e2:27:42:e7:1f:a4:a7:5d:b2:a7:
                    66:1b:4f:d0:10:78:9f:34:16:76:30:9c:1a:37:1d:
                    1a:e4:18:72:cd:9b:7f:d6:2c:3c:a7:1a:6f:fd:80:
                    74:3b:40:17:1b:bc:32:c5:4d:47:54:0c:fa:9c:d1:
                    25:a4:7d:f5:3e:65:fb:f9:92:dd:e7:46:71:1e:8f:
                    48:8e:27:de:55:e7:f4:e6:22:45:fc:6b:da:65:f3:
                    7a:17:f9:63:ba:bb:08:8a:04:6c:31:02:d1:e7:29:
                    56:11:49:8e:85:1f:5f:9e:63:01:8b:98:07:ee:98:
                    87:d1:36:f5:72:90:e9:40:80:a8:3e:02:da:9e:d0:
                    06:7f:10:d0:4b:81:ae:a1:ee:d5:de:1c:b6:4d:d4:
                    8a:1c:29:60:f6:bb:63:a3:3a:58:b6:22:b5:4a:ca:
                    33:74:49:7f:fd:53:98:24:91:17:7c:7b:2f:da:90:
                    42:41:c5:e8:45:db:98:d5:a5:f8:ab:4b:71:f2:b1:
                    56:a4:98:02:4e:b5:6e:a3:67:eb:1b:2e:58:9b:69:
                    7a:6e:14:90:fd:fa:8d:49:26:ff:d6:0d:c1:88:72:
                    94:ed:8d:bc:29:ec:f0:5e:91:c9:9b:bf:0b:17:8c:
                    1a:bc:20:2a:2b:69:fa:60:e3:80:7c:a3:34:5d:12:
                    cc:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                46:34:51:F3:2F:8D:F8:74:4B:5A:57:44:F2:B2:AE:26:2C:C3:92:F3
            X509v3 Authority Key Identifier: 
                keyid:2E:9C:91:F4:E3:94:A4:AF:A9:76:D6:BC:3F:65:DF:2D:9F:07:9E:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9131ABD/20E8F9A004E911EA8D20EE5FC4F9AE02/LpyR9OOUpK-pdta8P2XfLZ8Hnr0.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LpyR9OOUpK-pdta8P2XfLZ8Hnr0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131ABD/20E8F9A004E911EA8D20EE5FC4F9AE02/3726AAFA0C0011EAA414FC4AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.77.224.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9c:e1:04:ad:35:a6:84:8d:78:35:35:5d:72:ae:10:4c:33:d2:
         f1:71:bb:e1:be:5b:7e:5c:47:71:8a:8d:91:41:c5:c8:76:39:
         72:e9:bc:69:7b:a0:a5:a8:af:22:11:0f:fe:0e:e6:27:b0:01:
         77:88:57:2a:50:e7:f6:c5:ab:60:3b:34:20:4d:9b:4c:81:93:
         fc:cc:ff:2f:e0:08:f5:15:96:d0:59:32:11:aa:3a:29:6d:95:
         1c:6c:6d:9d:6c:03:5c:5c:c1:c6:00:0c:62:07:61:e2:6b:cc:
         29:3f:50:85:e7:8d:41:70:11:9b:fc:1e:aa:4b:53:c5:fd:bb:
         09:a1:77:e8:af:20:61:b7:66:67:dc:3f:c5:d9:6f:54:97:30:
         3f:0c:75:0f:b6:1f:39:20:9a:a3:9c:17:c3:6c:b4:b1:cd:62:
         59:93:b3:b0:53:92:f4:80:11:30:3f:1a:9c:7f:04:ff:2f:9a:
         8f:d4:68:c0:4b:b8:68:83:cd:21:fa:d6:2d:94:7e:7b:3c:61:
         27:39:be:83:dd:7c:f9:d5:18:64:0a:02:c7:6b:18:0b:9d:e2:
         db:f0:72:5b:47:50:6f:32:21:f7:18:dd:ab:aa:b4:2d:18:88:
         8a:ce:15:af:c4:16:d9:dc:dd:ab:0f:7b:99:e1:70:e1:cc:0b:
         ac:ec:43:ef
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCZcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
MzFBQkQxMTAvBgNVBAUTKDJFOUM5MUY0RTM5NEE0QUZBOTc2RDZCQzNGNjVERjJE
OUYwNzlFQkQwHhcNMjIwNjIxMTk1OTE3WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmIyMjMxNS0zN2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt6QpI+InQucfpKddsqdmG0/QEHifNBZ2MJwaNx0a5BhyzZt/1iw8pxpv/YB0
O0AXG7wyxU1HVAz6nNElpH31PmX7+ZLd50ZxHo9IjifeVef05iJF/GvaZfN6F/lj
ursIigRsMQLR5ylWEUmOhR9fnmMBi5gH7piH0Tb1cpDpQICoPgLantAGfxDQS4Gu
oe7V3hy2TdSKHClg9rtjozpYtiK1SsozdEl//VOYJJEXfHsv2pBCQcXoRduY1aX4
q0tx8rFWpJgCTrVuo2frGy5Ym2l6bhSQ/fqNSSb/1g3BiHKU7Y28KezwXpHJm78L
F4wavCAqK2n6YOOAfKM0XRLMqQIDAQABo4IClTCCApEwHQYDVR0OBBYEFEY0UfMv
jfh0S1pXRPKyriYsw5LzMB8GA1UdIwQYMBaAFC6ckfTjlKSvqXbWvD9l3y2fB569
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUFCRC8yMEU4RjlBMDA0
RTkxMUVBOEQyMEVFNUZDNEY5QUUwMi9McHlSOU9PVXBLLXBkdGE4UDJYZkxaOEhu
cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0xweVI5T09VcEstcGR0YThQMlhmTFo4SG5yMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
MzFBQkQvMjBFOEY5QTAwNEU5MTFFQThEMjBFRTVGQzRGOUFFMDIvMzcyNkFBRkEw
QzAwMTFFQUE0MTRGQzRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnTeAwDQYJKoZIhvcNAQELBQADggEBAJzhBK01poSNeDU1
XXKuEEwz0vFxu+G+W35cR3GKjZFBxch2OXLpvGl7oKWoryIRD/4O5iewAXeIVypQ
5/bFq2A7NCBNm0yBk/zM/y/gCPUVltBZMhGqOiltlRxsbZ1sA1xcwcYADGIHYeJr
zCk/UIXnjUFwEZv8HqpLU8X9uwmhd+ivIGG3ZmfcP8XZb1SXMD8MdQ+2HzkgmqOc
F8NstLHNYlmTs7BTkvSAETA/Gpx/BP8vmo/UaMBLuGiDzSH61i2Ufns8YSc5voPd
fPnVGGQKAsdrGAud4tvwcltHUG8yIfcY3auqtC0YiIrOFa/EFtnc3asPe5nhcOHM
C6zsQ+8=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:50:20 2022 by rpki-client.