Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A9142661/4CC7727669BC11EAAF1B9F69C4F9AE02/61096B522DB111EDA42EBE42C4F9AE02.roa
File:                     61096B522DB111EDA42EBE42C4F9AE02.roa (download)
Hash identifier:          xCRmbHsiZQUjU0aKryslZUgSdn9oZIN5P0VkrLDOf0A=
Subject key identifier:   F0:FA:04:71:E8:B9:8B:49:31:D8:0E:18:94:33:60:EB:F4:29:F5:98
Certificate issuer:       /CN=A9142661/serialNumber=7AE9622F834CF4C6CF5AD1A98AF07D501545A4BF
Certificate serial:       0852
Authority key identifier: 7A:E9:62:2F:83:4C:F4:C6:CF:5A:D1:A9:8A:F0:7D:50:15:45:A4:BF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/euliL4NM9MbPWtGpivB9UBVFpL8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A9142661/4CC7727669BC11EAAF1B9F69C4F9AE02/61096B522DB111EDA42EBE42C4F9AE02.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     58895
IP address blocks:
    1: 103.87.192.0/22 maxlen: 22
    2: 103.87.192.0/24 maxlen: 24
    3: 103.87.193.0/24 maxlen: 24
    4: 103.87.194.0/24 maxlen: 24
    5: 103.87.195.0/24 maxlen: 24
    6: 203.96.168.0/24 maxlen: 24
    7: 203.96.169.0/24 maxlen: 24
    8: 203.96.170.0/24 maxlen: 24
    9: 203.96.171.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2130 (0x852)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A9142661/serialNumber=7AE9622F834CF4C6CF5AD1A98AF07D501545A4BF
        Validity
            Not Before: Oct  5 09:08:18 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=633d4982-9e68
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:48:8d:ea:9f:12:90:9a:e1:27:4b:5e:6b:d3:
                    7c:85:31:30:71:a5:1a:ef:06:ca:51:ee:32:e2:33:
                    f5:4d:20:6a:f4:98:a7:75:1d:1b:07:0e:81:73:0a:
                    29:08:51:f0:1a:3d:8d:90:5e:16:4a:9e:92:ae:2c:
                    51:8e:8d:ba:7e:c8:53:98:5a:75:00:e8:4b:5f:61:
                    e1:24:e2:9d:a6:f2:31:68:23:eb:e7:9d:48:96:a5:
                    2e:b2:b4:e7:ad:68:64:48:84:64:08:51:d4:0e:31:
                    36:50:99:49:c4:a7:30:a2:63:d4:5c:0f:e4:39:7d:
                    8b:15:ba:2c:07:10:4e:69:a0:9d:dc:22:87:b8:25:
                    54:55:1f:4c:c3:c7:39:76:87:9b:eb:a3:23:44:ed:
                    9d:71:4d:8f:08:1b:50:a1:9e:5b:f6:0f:8d:50:46:
                    7d:32:d0:25:48:f3:2f:92:f4:33:54:32:de:3c:21:
                    81:51:3b:7d:cc:f9:0a:a4:7c:3b:68:69:4f:a6:e7:
                    c0:e3:e9:92:68:1f:db:6e:c0:c6:27:5b:73:b9:0c:
                    79:37:8b:8c:0e:12:fb:9a:ab:34:54:d1:21:7b:07:
                    9f:1c:fd:17:90:a1:b8:81:8b:db:36:77:cf:04:e0:
                    2a:24:b7:a0:0a:9d:3a:da:f7:46:c7:11:4b:fa:0c:
                    5b:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                F0:FA:04:71:E8:B9:8B:49:31:D8:0E:18:94:33:60:EB:F4:29:F5:98
            X509v3 Authority Key Identifier: 
                keyid:7A:E9:62:2F:83:4C:F4:C6:CF:5A:D1:A9:8A:F0:7D:50:15:45:A4:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A9142661/4CC7727669BC11EAAF1B9F69C4F9AE02/euliL4NM9MbPWtGpivB9UBVFpL8.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/euliL4NM9MbPWtGpivB9UBVFpL8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142661/4CC7727669BC11EAAF1B9F69C4F9AE02/61096B522DB111EDA42EBE42C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.87.192.0/22
                  203.96.168.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:ef:bf:13:3f:05:be:20:7d:aa:c1:58:8f:bc:ee:3d:98:3c:
         65:18:c0:2a:a1:38:c8:a7:2d:45:6f:4d:75:49:9e:5c:4d:e1:
         49:d1:aa:e6:79:cd:6a:a2:d6:0e:ee:ac:df:ce:3c:8c:5b:ad:
         0d:36:eb:6c:a1:4e:eb:18:84:96:58:bc:27:0a:85:02:f0:69:
         5c:56:a8:9a:80:80:d0:93:17:21:05:fb:ec:bc:0f:d7:40:87:
         25:4a:2b:df:c0:7f:a0:f4:83:ab:56:15:f9:24:3c:cd:49:fe:
         73:7c:53:4b:2d:e7:3f:8e:b5:fc:a1:60:b7:29:58:e8:a0:2c:
         9b:74:31:ad:b4:9c:e9:6c:64:a1:f7:84:e3:a4:91:4f:06:c2:
         21:b0:8f:7e:54:89:84:76:13:99:bb:c7:97:95:3f:48:e2:ef:
         73:ec:63:4a:3b:12:37:e9:83:77:51:b0:ea:08:ec:f3:9f:0b:
         b0:27:14:d0:72:33:c0:94:f1:28:0b:32:61:01:e9:01:b8:99:
         45:06:32:84:d3:e7:21:c1:38:e5:8d:06:ac:91:f1:f6:11:52:
         45:c3:da:81:d7:e3:8d:3c:b3:8d:f2:c2:ae:42:17:78:4e:f9:
         00:51:8d:02:6f:c2:8d:2c:ae:c3:e6:3d:23:e7:f7:cc:61:e5:
         e9:18:4d:c7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICCFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NDI2NjExMTAvBgNVBAUTKDdBRTk2MjJGODM0Q0Y0QzZDRjVBRDFBOThBRjA3RDUw
MTU0NUE0QkYwHhcNMjIxMDA1MDkwODE4WhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzNkNDk4Mi05ZTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnEiN6p8SkJrhJ0tea9N8hTEwcaUa7wbKUe4y4jP1TSBq9JindR0bBw6Bcwop
CFHwGj2NkF4WSp6SrixRjo26fshTmFp1AOhLX2HhJOKdpvIxaCPr551IlqUusrTn
rWhkSIRkCFHUDjE2UJlJxKcwomPUXA/kOX2LFbosBxBOaaCd3CKHuCVUVR9Mw8c5
doeb66MjRO2dcU2PCBtQoZ5b9g+NUEZ9MtAlSPMvkvQzVDLePCGBUTt9zPkKpHw7
aGlPpufA4+mSaB/bbsDGJ1tzuQx5N4uMDhL7mqs0VNEhewefHP0XkKG4gYvbNnfP
BOAqJLegCp062vdGxxFL+gxblQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFPD6BHHo
uYtJMdgOGJQzYOv0KfWYMB8GA1UdIwQYMBaAFHrpYi+DTPTGz1rRqYrwfVAVRaS/
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjY2MS80Q0M3NzI3NjY5
QkMxMUVBQUYxQjlGNjlDNEY5QUUwMi9ldWxpTDROTTlNYlBXdEdwaXZCOVVCVkZw
TDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2V1bGlMNE5NOU1iUFd0R3BpdkI5VUJWRnBMOC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NDI2NjEvNENDNzcyNzY2OUJDMTFFQUFGMUI5RjY5QzRGOUFFMDIvNjEwOTZCNTIy
REIxMTFFREE0MkVCRTQyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBAJnV8ADBALLYKgwDQYJKoZIhvcNAQELBQADggEBAEHvvxM/
Bb4gfarBWI+87j2YPGUYwCqhOMinLUVvTXVJnlxN4UnRquZ5zWqi1g7urN/OPIxb
rQ0262yhTusYhJZYvCcKhQLwaVxWqJqAgNCTFyEF++y8D9dAhyVKK9/Af6D0g6tW
FfkkPM1J/nN8U0st5z+OtfyhYLcpWOigLJt0Ma20nOlsZKH3hOOkkU8GwiGwj35U
iYR2E5m7x5eVP0ji73PsY0o7Ejfpg3dRsOoI7POfC7AnFNByM8CU8SgLMmEB6QG4
mUUGMoTT5yHBOOWNBqyR8fYRUkXD2oHX4408s43ywq5CF3hO+QBRjQJvwo0srsPm
PSPn98xh5ekYTcc=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:50:26 2022 by rpki-client.