Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/9A3E4C8A183D11EA9AE2F085C4F9AE02.roa
File:                     9A3E4C8A183D11EA9AE2F085C4F9AE02.roa (download)
Hash identifier:          u/EqyCZYIO+qjtFKXlNefPzJEVRHuhovmVLgMetM8Hk=
Subject key identifier:   F1:99:FE:D3:7E:41:5B:F7:30:EB:45:31:B4:26:FF:A6:16:86:A7:DD
Certificate issuer:       /CN=A916BCDF/serialNumber=4852E8726C1448A1040CCFA043B8314AAE4C4E9A
Certificate serial:       0A22
Authority key identifier: 48:52:E8:72:6C:14:48:A1:04:0C:CF:A0:43:B8:31:4A:AE:4C:4E:9A
Authority info access:    rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/9A3E4C8A183D11EA9AE2F085C4F9AE02.roa
ROA valid until:          Dec 30 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 141.164.32.0/19 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2594 (0xa22)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916BCDF/serialNumber=4852E8726C1448A1040CCFA043B8314AAE4C4E9A
        Validity
            Not Before: Oct 30 18:24:51 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=635ec173-d70c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d1:8d:01:8e:19:df:83:4a:49:e2:48:be:9a:
                    26:09:0b:de:9d:89:d3:2a:21:f7:f2:31:15:e6:15:
                    8f:94:9d:95:24:ea:75:3f:fa:1f:06:d6:42:d6:2c:
                    4c:20:45:eb:f0:af:27:46:56:d1:b6:f6:aa:0d:23:
                    71:8d:42:f4:2c:be:bf:94:7d:59:95:be:fc:82:b7:
                    9f:6a:ed:0e:e8:f2:90:98:6b:52:4a:d2:4c:b2:4f:
                    a9:45:d1:08:a2:75:b0:85:17:60:89:2b:34:8c:70:
                    72:6d:5f:38:ce:12:41:49:04:52:cf:54:b5:ad:64:
                    39:ff:ce:01:d3:5d:e9:32:8d:ae:b0:3c:0d:c1:c6:
                    13:f4:3b:a9:fb:e1:6a:7f:d3:5d:65:91:db:af:7c:
                    66:c5:38:7d:e5:f1:7e:bd:99:09:dd:e0:03:35:97:
                    52:fc:ce:91:30:dc:b6:a1:b7:1b:f3:cd:9a:cc:81:
                    69:cc:c1:c2:8f:85:32:60:6d:aa:7e:f2:73:24:17:
                    63:8d:8b:38:3c:40:b0:bf:1c:3c:df:76:8c:fa:7a:
                    cc:80:90:51:c9:64:b7:a9:67:38:11:8e:52:65:4b:
                    06:5e:9b:ea:03:d4:ab:6b:71:36:24:e2:2f:cb:d6:
                    ac:c0:41:07:02:47:17:7c:a7:cb:90:4a:c0:6f:d9:
                    13:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                F1:99:FE:D3:7E:41:5B:F7:30:EB:45:31:B4:26:FF:A6:16:86:A7:DD
            X509v3 Authority Key Identifier: 
                keyid:48:52:E8:72:6C:14:48:A1:04:0C:CF:A0:43:B8:31:4A:AE:4C:4E:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/SFLocmwUSKEEDM-gQ7gxSq5MTpo.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/SFLocmwUSKEEDM-gQ7gxSq5MTpo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/C1CB2DF210D811EA9BD1A55DC4F9AE02/9A3E4C8A183D11EA9AE2F085C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.164.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         69:6d:5c:bd:62:9e:ff:eb:29:17:c2:78:8a:b7:23:50:64:8e:
         65:d7:1d:1f:91:e8:2b:80:5e:96:cf:70:8f:67:52:06:d2:b1:
         27:d2:d2:58:17:9e:5f:18:87:f2:85:5c:80:0b:74:82:a1:11:
         53:71:ea:f0:81:f9:c5:e3:0e:08:26:e8:7f:d8:fc:37:7f:cf:
         78:70:17:18:88:c5:f7:03:fb:33:1c:d5:45:8e:d9:f0:1d:aa:
         e2:be:d6:a8:07:75:b4:7f:82:f0:66:b4:86:04:73:b3:30:11:
         ee:f2:38:be:ba:29:fd:54:03:86:20:63:4d:db:e3:e2:05:b6:
         f2:c2:0e:f2:9e:08:28:c5:7c:ae:00:ad:af:5b:97:e4:e2:ad:
         9a:af:a2:16:83:22:ce:1e:14:9e:f4:46:62:35:10:0e:89:9d:
         ef:cc:fa:39:c7:b2:60:31:f0:ef:9f:58:55:de:71:d4:79:be:
         5c:ff:0a:31:4a:9a:66:e5:47:c6:8f:23:c7:cb:f0:61:ee:af:
         92:ba:84:e1:9a:e5:49:09:d3:00:c9:d9:20:f5:92:bb:e9:94:
         f7:11:d1:0e:9a:50:68:12:2a:c5:22:ef:0d:25:b0:23:15:cb:
         e9:a1:86:57:db:e4:8a:49:f9:99:9d:2a:dd:39:62:80:60:23:
         df:f7:5d:ea
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICCiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJDREYxMTAvBgNVBAUTKDQ4NTJFODcyNkMxNDQ4QTEwNDBDQ0ZBMDQzQjgzMTRB
QUU0QzRFOUEwHhcNMjIxMDMwMTgyNDUxWhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVlYzE3My1kNzBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAztGNAY4Z34NKSeJIvpomCQvenYnTKiH38jEV5hWPlJ2VJOp1P/ofBtZC1ixM
IEXr8K8nRlbRtvaqDSNxjUL0LL6/lH1Zlb78grefau0O6PKQmGtSStJMsk+pRdEI
onWwhRdgiSs0jHBybV84zhJBSQRSz1S1rWQ5/84B013pMo2usDwNwcYT9Dup++Fq
f9NdZZHbr3xmxTh95fF+vZkJ3eADNZdS/M6RMNy2obcb882azIFpzMHCj4UyYG2q
fvJzJBdjjYs4PECwvxw833aM+nrMgJBRyWS3qWc4EY5SZUsGXpvqA9Sra3E2JOIv
y9aswEEHAkcXfKfLkErAb9kTOwIDAQABo4IClTCCApEwHQYDVR0OBBYEFPGZ/tN+
QVv3MOtFMbQm/6YWhqfdMB8GA1UdIwQYMBaAFEhS6HJsFEihBAzPoEO4MUquTE6a
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9DMUNCMkRGMjEw
RDgxMUVBOUJEMUE1NURDNEY5QUUwMi9TRkxvY213VVNLRUVETS1nUTdneFNxNU1U
cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy
RkQxRkYyL1NGTG9jbXdVU0tFRURNLWdRN2d4U3E1TVRwby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJDREYvQzFDQjJERjIxMEQ4MTFFQTlCRDFBNTVEQzRGOUFFMDIvOUEzRTRDOEEx
ODNEMTFFQTlBRTJGMDg1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAWNpCAwDQYJKoZIhvcNAQELBQADggEBAGltXL1inv/rKRfC
eIq3I1BkjmXXHR+R6CuAXpbPcI9nUgbSsSfS0lgXnl8Yh/KFXIALdIKhEVNx6vCB
+cXjDggm6H/Y/Dd/z3hwFxiIxfcD+zMc1UWO2fAdquK+1qgHdbR/gvBmtIYEc7Mw
Ee7yOL66Kf1UA4YgY03b4+IFtvLCDvKeCCjFfK4Ara9bl+TirZqvohaDIs4eFJ70
RmI1EA6Jne/M+jnHsmAx8O+fWFXecdR5vlz/CjFKmmblR8aPI8fL8GHur5K6hOGa
5UkJ0wDJ2SD1krvplPcR0Q6aUGgSKsUi7w0lsCMVy+mhhlfb5IpJ+ZmdKt05YoBg
I9/3Xeo=
-----END CERTIFICATE-----
Generated at Fri Dec 9 01:29:21 2022 by rpki-client.