Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/619B0B285AE611E781C33D7CC4F9AE02.roa
File:                     619B0B285AE611E781C33D7CC4F9AE02.roa (download)
Hash identifier:          Mbr9VK8oyFBpg2Bnk3nGuDlyIGvIPFXn7hCsHl52GAM=
Subject key identifier:   30:FF:91:97:36:13:B0:9A:EB:F9:20:16:0D:F5:1A:44:75:3C:95:DA
Certificate issuer:       /CN=A913CAE9/serialNumber=1D56FE4DA42B8866FE96A297F772EE80B518A40A
Certificate serial:       19DD
Authority key identifier: 1D:56:FE:4D:A4:2B:88:66:FE:96:A2:97:F7:72:EE:80:B5:18:A4:0A
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HVb-TaQriGb-lqKX93LugLUYpAo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/619B0B285AE611E781C33D7CC4F9AE02.roa
ROA valid until:          Oct 31 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 203.33.22.0/24 maxlen: 24
    2: 2001:df3:ba00::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6621 (0x19dd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A913CAE9/serialNumber=1D56FE4DA42B8866FE96A297F772EE80B518A40A
        Validity
            Not Before: Aug 31 17:13:25 2022 GMT
            Not After : Oct 31 00:00:00 2023 GMT
        Subject: CN=630f96b5-e7a5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a5:5c:ab:b7:8a:ef:99:7c:b4:bd:c7:52:9b:
                    15:d3:b8:de:6a:f5:e8:c2:7c:61:ed:02:f2:f5:aa:
                    6e:90:48:8a:f4:e5:66:43:5b:bc:0e:68:ff:ce:f3:
                    4d:8b:68:37:96:df:1c:6e:57:31:b4:f2:26:e4:7f:
                    fa:ad:61:a6:94:5f:d9:48:3f:a6:bf:89:56:28:04:
                    22:83:08:05:00:3c:10:cf:85:0f:f1:e0:9b:be:5b:
                    6b:8f:60:b1:d7:7d:1a:b9:6e:69:65:19:77:6e:24:
                    1e:8f:80:83:d9:2f:56:d1:6f:26:94:e5:77:86:17:
                    e2:b0:13:c7:af:fe:d9:f5:04:ce:97:a3:d3:5f:70:
                    3c:54:80:80:01:08:6e:ab:d6:49:f1:8b:b3:ee:6a:
                    b3:49:7b:1f:68:dc:b3:02:83:74:f6:07:91:2d:fa:
                    9e:42:60:0c:d0:32:05:35:3a:fb:ff:75:ec:41:06:
                    1b:71:bd:e9:c6:4c:f0:d3:fc:9b:e7:02:12:e9:a2:
                    1a:b2:1d:b2:a8:91:8b:18:ac:fb:c4:d3:f3:cc:71:
                    96:21:c7:9c:0e:fd:d5:ac:24:da:ed:6d:77:a6:4c:
                    f2:c3:49:1b:f1:f7:1d:90:86:0b:56:3d:93:61:3b:
                    a5:11:b6:8d:c0:8a:dc:fb:62:f8:f2:56:ec:47:a3:
                    08:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                30:FF:91:97:36:13:B0:9A:EB:F9:20:16:0D:F5:1A:44:75:3C:95:DA
            X509v3 Authority Key Identifier: 
                keyid:1D:56:FE:4D:A4:2B:88:66:FE:96:A2:97:F7:72:EE:80:B5:18:A4:0A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/HVb-TaQriGb-lqKX93LugLUYpAo.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HVb-TaQriGb-lqKX93LugLUYpAo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913CAE9/08DA60C6F1B211E68E74A26CC4F9AE02/619B0B285AE611E781C33D7CC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.33.22.0/24
                IPv6:
                  2001:df3:ba00::/48

    Signature Algorithm: sha256WithRSAEncryption
         93:3d:03:a1:a6:7e:8f:d1:d4:45:fa:c2:ce:3f:56:34:c1:4e:
         99:9f:b2:fe:10:07:7a:23:7f:5b:2a:5d:67:ee:b1:21:24:7b:
         c2:f8:e7:2e:9e:80:59:5d:9d:06:76:04:4f:9b:a0:a7:24:ae:
         0e:9d:51:ce:6e:cf:b9:e2:b2:76:dd:ab:94:52:18:a4:c5:0d:
         4c:2b:8d:c5:f2:f3:ba:02:1b:e2:40:5c:ca:8a:12:13:55:f5:
         77:dd:eb:6a:ac:5b:79:f1:17:35:c2:ea:71:cf:a5:1e:93:29:
         81:28:ad:bd:2d:84:4c:75:5e:9a:d6:03:ae:80:ac:9d:69:0a:
         b4:f3:03:75:c6:03:e8:19:01:68:cc:bb:db:e7:9e:4c:e3:5c:
         59:dd:5c:f0:c6:fb:8d:18:71:88:3f:8e:46:26:29:38:9c:d9:
         e7:4d:75:9c:95:c6:0e:da:85:08:e1:ed:67:45:1c:80:b0:84:
         6b:c3:88:ea:71:db:60:6a:cf:d0:94:57:44:6b:9b:7b:4f:20:
         00:ee:1e:6e:2a:16:56:dd:9a:56:b4:97:e3:68:b2:74:bd:75:
         b4:4e:60:8e:5a:56:fe:3f:5e:42:a4:70:6b:6a:99:57:d6:6b:
         8d:54:43:8c:13:30:99:44:8f:d7:cc:0b:45:62:43:bf:ba:47:
         e4:18:4a:c1
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICGd0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
M0NBRTkxMTAvBgNVBAUTKDFENTZGRTREQTQyQjg4NjZGRTk2QTI5N0Y3NzJFRTgw
QjUxOEE0MEEwHhcNMjIwODMxMTcxMzI1WhcNMjMxMDMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzBmOTZiNS1lN2E1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0aVcq7eK75l8tL3HUpsV07jeavXownxh7QLy9apukEiK9OVmQ1u8Dmj/zvNN
i2g3lt8cblcxtPIm5H/6rWGmlF/ZSD+mv4lWKAQigwgFADwQz4UP8eCbvltrj2Cx
130auW5pZRl3biQej4CD2S9W0W8mlOV3hhfisBPHr/7Z9QTOl6PTX3A8VICAAQhu
q9ZJ8Yuz7mqzSXsfaNyzAoN09geRLfqeQmAM0DIFNTr7/3XsQQYbcb3pxkzw0/yb
5wIS6aIash2yqJGLGKz7xNPzzHGWIcecDv3VrCTa7W13pkzyw0kb8fcdkIYLVj2T
YTulEbaNwIrc+2L48lbsR6MILQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFDD/kZc2
E7Ca6/kgFg31GkR1PJXaMB8GA1UdIwQYMBaAFB1W/k2kK4hm/pail/dy7oC1GKQK
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQ0FFOS8wOERBNjBDNkYx
QjIxMUU2OEU3NEEyNkNDNEY5QUUwMi9IVmItVGFRcmlHYi1scUtYOTNMdWdMVVlw
QW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0hWYi1UYVFyaUdiLWxxS1g5M0x1Z0xVWXBBby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
M0NBRTkvMDhEQTYwQzZGMUIyMTFFNjhFNzRBMjZDQzRGOUFFMDIvNjE5QjBCMjg1
QUU2MTFFNzgxQzMzRDdDQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBADLIRYwDwQCAAIwCQMHACABDfO6ADANBgkqhkiG9w0BAQsF
AAOCAQEAkz0DoaZ+j9HURfrCzj9WNMFOmZ+y/hAHeiN/WypdZ+6xISR7wvjnLp6A
WV2dBnYET5ugpySuDp1Rzm7PueKydt2rlFIYpMUNTCuNxfLzugIb4kBcyooSE1X1
d93raqxbefEXNcLqcc+lHpMpgSitvS2ETHVemtYDroCsnWkKtPMDdcYD6BkBaMy7
2+eeTONcWd1c8Mb7jRhxiD+ORiYpOJzZ5011nJXGDtqFCOHtZ0UcgLCEa8OI6nHb
YGrP0JRXRGube08gAO4ebioWVt2aVrSX42iydL11tE5gjlpW/j9eQqRwa2qZV9Zr
jVRDjBMwmUSP18wLRWJDv7pH5BhKwQ==
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:09:31 2022 by rpki-client.