Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
File:                     4C4AC452D67911ECBFC6CB7BC4F9AE02.roa (download)
Hash identifier:          yz2jegL3Nmqz4OqkfPr5tJLWmEg24Z6utI017gSPmLY=
Subject key identifier:   B5:0F:C0:C8:03:DC:E8:73:88:92:E1:CA:48:07:9C:98:8A:3C:14:2D
Certificate issuer:       /CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
Certificate serial:       2392
Authority key identifier: 42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
ROA valid until:          Mon 01 May 2023 00:00:00 +0000
asID:                     4294960000
IP address blocks:
    1: 103.138.210.0/24 maxlen: 26

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 9106 (0x2392)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913B805/serialNumber=42D3ECB9C8570AB090EB601EDB3379C0D3D8A6D0
        Validity
            Not Before: Dec 30 18:55:32 2022 GMT
            Not After : May  1 00:00:00 2023 GMT
        Subject: CN=63af3424-0b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:49:d7:67:d9:8c:bf:c9:be:07:68:b5:4e:11:
                    46:0e:5f:f6:48:25:fd:43:d1:3a:14:4c:42:94:8e:
                    60:d5:8b:89:ed:40:4e:cb:0b:fb:3f:5b:0d:4a:12:
                    9e:7e:ad:ff:fd:ad:c7:d3:85:9c:5c:9f:48:e8:8e:
                    fc:f5:54:43:3d:37:a3:4b:e2:d4:86:c4:ec:79:17:
                    51:1d:eb:d6:71:a9:74:6a:2b:d4:b0:36:18:2c:51:
                    2d:0d:4a:04:45:00:85:8a:37:de:e9:27:d3:e1:b8:
                    07:ee:fd:0b:77:49:1b:4f:c3:1e:8a:15:87:63:de:
                    8f:6c:0e:73:a2:9d:0f:57:3e:1f:0f:87:ab:33:53:
                    83:83:32:ad:7f:20:66:ba:7e:9b:c4:c8:c6:3f:02:
                    ff:6b:80:18:93:e4:32:a1:2f:a2:16:62:af:ec:36:
                    62:48:63:b4:40:b0:4a:98:e6:e2:79:13:84:0c:57:
                    1a:92:f9:1b:de:f5:9f:66:6d:55:60:08:34:d3:51:
                    0a:78:51:37:c6:1b:e5:47:8d:8f:73:48:64:b9:8e:
                    fb:51:79:e9:f0:55:93:61:8c:87:a7:e7:60:ee:00:
                    b6:00:c3:cd:1a:c8:76:2d:b8:57:b5:ba:5b:06:e4:
                    28:51:74:4c:c4:2e:e6:53:ca:33:cb:7e:bd:8a:93:
                    fd:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                B5:0F:C0:C8:03:DC:E8:73:88:92:E1:CA:48:07:9C:98:8A:3C:14:2D
            X509v3 Authority Key Identifier: 
                keyid:42:D3:EC:B9:C8:57:0A:B0:90:EB:60:1E:DB:33:79:C0:D3:D8:A6:D0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/QtPsuchXCrCQ62Ae2zN5wNPYptA.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QtPsuchXCrCQ62Ae2zN5wNPYptA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913B805/F8076B8A7B7B11E98B6EC074C4F9AE02/4C4AC452D67911ECBFC6CB7BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.138.210.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:d0:41:9d:ec:14:bf:17:09:19:2c:d2:29:7d:4b:cd:1e:11:
         61:ec:ae:95:2c:24:75:1d:7a:92:3c:c9:78:57:ac:06:e2:69:
         57:f5:bf:32:30:5b:ae:19:a6:ef:d4:76:b7:c9:c6:ee:04:91:
         da:f7:de:6b:21:3c:b7:f4:ed:7d:f9:bf:13:37:a5:16:02:ee:
         bf:71:84:9f:af:d8:3c:50:9b:6b:60:47:02:46:f6:29:d5:14:
         a4:ba:d8:3e:ab:47:f2:6e:6e:79:c8:07:2d:7c:2e:8f:29:53:
         e7:1e:7c:94:1a:40:ab:cd:f6:8d:a6:53:46:28:ee:0f:e4:c4:
         73:89:4b:44:4a:34:54:b2:d8:e5:75:12:e9:1a:d1:1c:00:fa:
         a6:13:2d:28:cf:72:e8:b3:30:58:8c:c0:6e:12:f3:30:a2:91:
         55:7f:d6:46:7c:a7:a6:18:ed:29:fc:e4:39:49:ef:3a:0d:e8:
         34:8e:f3:e1:f0:33:9e:b8:4c:dd:21:1c:08:16:63:a1:f1:81:
         d5:1f:61:82:b4:93:c0:e6:b7:45:1c:ba:0c:93:e9:42:8b:49:
         35:39:a6:e7:bb:59:7b:de:d4:42:6f:02:8b:fa:f9:25:68:35:
         1c:1e:42:90:9c:a6:fe:cc:7c:9b:38:b6:9f:56:0d:4f:e1:b2:
         b1:77:4c:c1
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICI5IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0I4MDUxMTAvBgNVBAUTKDQyRDNFQ0I5Qzg1NzBBQjA5MEVCNjAxRURCMzM3OUMw
RDNEOEE2RDAwHhcNMjIxMjMwMTg1NTMyWhcNMjMwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2FmMzQyNC0wYjdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArEnXZ9mMv8m+B2i1ThFGDl/2SCX9Q9E6FExClI5g1YuJ7UBOywv7P1sNShKe
fq3//a3H04WcXJ9I6I789VRDPTejS+LUhsTseRdRHevWcal0aivUsDYYLFEtDUoE
RQCFijfe6SfT4bgH7v0Ld0kbT8MeihWHY96PbA5zop0PVz4fD4erM1ODgzKtfyBm
un6bxMjGPwL/a4AYk+QyoS+iFmKv7DZiSGO0QLBKmObieROEDFcakvkb3vWfZm1V
YAg001EKeFE3xhvlR42Pc0hkuY77UXnp8FWTYYyHp+dg7gC2AMPNGsh2LbhXtbpb
BuQoUXRMxC7mU8ozy369ipP93wIDAQABo4IClTCCApEwHQYDVR0OBBYEFLUPwMgD
3OhziJLhykgHnJiKPBQtMB8GA1UdIwQYMBaAFELT7LnIVwqwkOtgHtszecDT2KbQ
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQjgwNS9GODA3NkI4QTdC
N0IxMUU5OEI2RUMwNzRDNEY5QUUwMi9RdFBzdWNoWENyQ1E2MkFlMnpONXdOUFlw
dEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1F0UHN1Y2hYQ3JDUTYyQWUyek41d05QWXB0QS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0I4MDUvRjgwNzZCOEE3QjdCMTFFOThCNkVDMDc0QzRGOUFFMDIvNEM0QUM0NTJE
Njc5MTFFQ0JGQzZDQjdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnitIwDQYJKoZIhvcNAQELBQADggEBAALQQZ3sFL8XCRks
0il9S80eEWHsrpUsJHUdepI8yXhXrAbiaVf1vzIwW64Zpu/UdrfJxu4Ekdr33msh
PLf07X35vxM3pRYC7r9xhJ+v2DxQm2tgRwJG9inVFKS62D6rR/JubnnIBy18Lo8p
U+cefJQaQKvN9o2mU0Yo7g/kxHOJS0RKNFSy2OV1Euka0RwA+qYTLSjPcuizMFiM
wG4S8zCikVV/1kZ8p6YY7Sn85DlJ7zoN6DSO8+HwM564TN0hHAgWY6HxgdUfYYK0
k8Dmt0UcugyT6UKLSTU5pue7WXve1EJvAov6+SVoNRweQpCcpv7MfJs4tp9WDU/h
srF3TME=
-----END CERTIFICATE-----
Generated at Sun Jan 29 08:30:52 2023 by rpki-client.