Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa
File:                     5A9BEA702D7611EB9827C368C4F9AE02.roa (download)
Hash identifier:          1CqxsG5Iq+u6RHF+sMeZnFhk72Bw/GNaCxHT9QaZ4m8=
Subject key identifier:   D5:E9:6E:7F:C2:E4:68:2D:58:45:1F:82:3A:2F:F8:E4:9F:C6:07:71
Certificate issuer:       /CN=A915DAF1/serialNumber=BB9F42CFCE388EDC4B29EA65DEB6162B256D2102
Certificate serial:       03A0
Authority key identifier: BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa
ROA valid until:          May 28 00:00:00 2023 GMT
asID:                     140224
IP address blocks:
    1: 103.148.186.0/24 maxlen: 24
    2: 103.148.187.0/24 maxlen: 24
    3: 2001:df2:e380::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 928 (0x3a0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A915DAF1/serialNumber=BB9F42CFCE388EDC4B29EA65DEB6162B256D2102
        Validity
            Not Before: Mar  1 13:10:51 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=621e1b5b-3964
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:a6:54:78:bd:ac:42:5f:c3:52:4c:67:c0:21:
                    20:99:33:3a:c4:15:74:11:e8:25:be:b6:eb:59:5a:
                    72:e9:5a:f1:7d:c5:46:61:ae:ba:94:15:e3:30:95:
                    3b:5b:3f:31:d8:09:42:77:19:b0:a9:3c:ac:d3:65:
                    cd:d9:33:3b:e8:d0:0e:fb:fe:0d:0e:e6:7a:b8:c1:
                    3c:a5:a8:fc:43:01:2f:c8:21:13:6d:50:d4:f8:15:
                    63:5a:c1:19:d0:29:a3:8b:4e:00:e0:d5:13:46:2c:
                    d7:41:e8:d4:23:6d:13:b7:2a:f4:b8:3e:13:69:a2:
                    a3:1e:4d:c6:1e:f9:12:e6:89:1a:ad:0d:79:21:89:
                    aa:3e:7b:5c:dc:54:55:03:69:d6:57:6c:ab:f6:25:
                    0f:51:a6:95:bb:e8:12:7e:0b:2e:5c:4a:9d:1e:27:
                    67:64:cd:3b:e8:d0:1f:90:a5:93:66:82:c0:20:48:
                    9a:d3:6d:96:af:0c:36:b5:11:9e:fb:3c:eb:0d:3a:
                    b3:16:75:0a:e7:40:a0:e9:d9:ed:d4:28:8c:98:1a:
                    5e:c2:48:a8:11:ce:8c:ba:3f:6d:eb:44:16:62:7f:
                    57:c0:bf:36:b7:ac:a6:f0:ea:1f:63:79:13:c5:f6:
                    35:43:0d:fc:e5:6c:90:df:6c:64:0d:55:11:11:80:
                    44:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                D5:E9:6E:7F:C2:E4:68:2D:58:45:1F:82:3A:2F:F8:E4:9F:C6:07:71
            X509v3 Authority Key Identifier: 
                keyid:BB:9F:42:CF:CE:38:8E:DC:4B:29:EA:65:DE:B6:16:2B:25:6D:21:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/u59Cz844jtxLKepl3rYWKyVtIQI.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u59Cz844jtxLKepl3rYWKyVtIQI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915DAF1/0B2B90A42D7511EB936E3458C4F9AE02/5A9BEA702D7611EB9827C368C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.186.0/23
                IPv6:
                  2001:df2:e380::/48

    Signature Algorithm: sha256WithRSAEncryption
         23:1a:c0:d9:2d:18:cf:09:2a:25:30:25:27:be:ef:25:3e:06:
         cc:e0:3c:60:86:8d:ab:42:1f:6d:33:db:6a:b4:a5:1a:5f:42:
         b4:20:70:04:b3:9a:9d:78:e1:53:97:ab:ad:28:17:e7:c5:de:
         a8:49:45:e4:18:fc:88:18:0d:3f:17:24:1e:02:e8:e6:c6:62:
         29:9b:0a:29:e8:be:36:bc:cf:b5:20:18:d6:48:33:d8:32:43:
         cc:43:8d:1f:a7:71:80:ad:8c:32:db:4b:c5:59:d0:d2:73:0a:
         a0:25:75:01:f2:60:fe:1a:c4:7f:61:74:b4:e5:3e:c7:73:78:
         77:ed:9e:95:6f:22:4e:82:32:f9:3b:35:c0:26:1e:5f:13:75:
         f3:11:62:93:4d:2d:e0:e0:cc:59:6f:23:9c:f8:0d:d9:39:13:
         2b:0e:75:c6:f1:36:21:d2:ce:01:69:ff:b1:d3:ff:e1:f4:0a:
         4a:10:92:c3:1b:d2:5f:36:30:3a:52:e9:be:ab:5b:21:22:6c:
         91:b9:7c:f9:d4:47:70:cc:28:e7:84:ce:2a:32:2c:31:70:ff:
         7b:17:da:a3:3b:4e:45:94:61:2c:33:6b:22:98:67:c7:be:54:
         ec:83:63:70:5a:91:4e:9e:0b:52:06:ee:d5:f0:95:05:2b:7d:
         31:e2:42:bf
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgICA6AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NURBRjExMTAvBgNVBAUTKEJCOUY0MkNGQ0UzODhFREM0QjI5RUE2NURFQjYxNjJC
MjU2RDIxMDIwHhcNMjIwMzAxMTMxMDUxWhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjFlMWI1Yi0zOTY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAu6ZUeL2sQl/DUkxnwCEgmTM6xBV0EeglvrbrWVpy6VrxfcVGYa66lBXjMJU7
Wz8x2AlCdxmwqTys02XN2TM76NAO+/4NDuZ6uME8paj8QwEvyCETbVDU+BVjWsEZ
0Cmji04A4NUTRizXQejUI20Ttyr0uD4TaaKjHk3GHvkS5okarQ15IYmqPntc3FRV
A2nWV2yr9iUPUaaVu+gSfgsuXEqdHidnZM076NAfkKWTZoLAIEia022Wrww2tRGe
+zzrDTqzFnUK50Cg6dnt1CiMmBpewkioEc6Muj9t60QWYn9XwL82t6ym8OofY3kT
xfY1Qw385WyQ32xkDVUREYBEJQIDAQABo4ICpjCCAqIwHQYDVR0OBBYEFNXpbn/C
5GgtWEUfgjov+OSfxgdxMB8GA1UdIwQYMBaAFLufQs/OOI7cSynqZd62FislbSEC
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1REFGMS8wQjJCOTBBNDJE
NzUxMUVCOTM2RTM0NThDNEY5QUUwMi91NTlDejg0NGp0eExLZXBsM3JZV0t5VnRJ
UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3U1OUN6ODQ0anR4TEtlcGwzcllXS3lWdElRSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NURBRjEvMEIyQjkwQTQyRDc1MTFFQjkzNkUzNDU4QzRGOUFFMDIvNUE5QkVBNzAy
RDc2MTFFQjk4MjdDMzY4QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwMAYIKwYBBQUHAQcBAf8E
ITAfMAwEAgABMAYDBAFnlLowDwQCAAIwCQMHACABDfLjgDANBgkqhkiG9w0BAQsF
AAOCAQEAIxrA2S0YzwkqJTAlJ77vJT4GzOA8YIaNq0IfbTPbarSlGl9CtCBwBLOa
nXjhU5errSgX58XeqElF5Bj8iBgNPxckHgLo5sZiKZsKKei+NrzPtSAY1kgz2DJD
zEONH6dxgK2MMttLxVnQ0nMKoCV1AfJg/hrEf2F0tOU+x3N4d+2elW8iToIy+Ts1
wCYeXxN18xFik00t4ODMWW8jnPgN2TkTKw51xvE2IdLOAWn/sdP/4fQKShCSwxvS
XzYwOlLpvqtbISJskbl8+dRHcMwo54TOKjIsMXD/exfaoztORZRhLDNrIphnx75U
7INjcFqRTp4LUgbu1fCVBSt9MeJCvw==
-----END CERTIFICATE-----
Generated at Wed Dec 7 16:44:09 2022 by rpki-client.