Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/E8381688C69C11EA8B8C2D35C4F9AE02.roa
File:                     E8381688C69C11EA8B8C2D35C4F9AE02.roa (download)
Hash identifier:          zbsax065WHTi/b4tWhKk4zFr7N8PYCZwcoGdEeIqeI4=
Subject key identifier:   87:FF:2D:5F:42:8D:35:18:C2:61:AB:60:54:CE:F2:B4:B0:DF:F3:4D
Certificate issuer:       /CN=A916BCDF/serialNumber=87954C0231CAACB2BE2DFDB567C74AF5ECB75B0C
Certificate serial:       1022
Authority key identifier: 87:95:4C:02:31:CA:AC:B2:BE:2D:FD:B5:67:C7:4A:F5:EC:B7:5B:0C
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/h5VMAjHKrLK-Lf21Z8dK9ey3Www.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/E8381688C69C11EA8B8C2D35C4F9AE02.roa
ROA valid until:          Dec 30 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 158.247.192.0/18 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4130 (0x1022)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916BCDF/serialNumber=87954C0231CAACB2BE2DFDB567C74AF5ECB75B0C
        Validity
            Not Before: Oct 30 18:24:49 2022 GMT
            Not After : Dec 30 00:00:00 2023 GMT
        Subject: CN=635ec171-0213
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:33:e5:c7:ff:c2:d3:71:ab:af:c9:d4:25:10:
                    ed:5b:de:2d:5b:39:07:0b:e8:d3:9f:3d:5b:97:f9:
                    e7:ac:61:66:39:57:a8:b9:fa:29:13:d4:06:55:73:
                    f8:0b:e7:67:f9:b9:30:bd:b4:4c:a2:fd:bc:e8:6a:
                    3c:53:f2:d2:63:46:56:f9:f3:f5:5c:9a:16:ac:1a:
                    cd:1d:86:26:26:99:8a:54:7b:8b:ba:89:c6:01:d0:
                    ed:71:0f:57:46:63:e7:45:4a:4f:76:51:56:96:5c:
                    d7:83:0b:46:35:6d:0c:0f:5c:7d:66:53:e5:c2:0e:
                    b4:09:de:24:cd:e6:9b:f1:20:d1:1b:c9:b1:49:e7:
                    d9:f1:34:92:9b:ff:d9:0e:f5:b4:94:90:dd:42:58:
                    98:a6:b0:e8:22:ec:7d:a7:8c:26:85:19:a0:94:11:
                    80:eb:63:12:4b:0f:b2:b0:75:17:77:e9:63:50:e4:
                    51:e8:7f:43:41:ab:76:15:02:9c:ba:0c:1d:c2:14:
                    e4:85:40:d6:28:7e:03:f4:35:8c:22:70:52:29:59:
                    15:96:be:46:44:6a:66:dd:9f:57:04:ae:1c:0e:63:
                    dc:b6:1d:46:3f:a4:6f:b6:b4:c3:1b:be:25:ad:93:
                    7e:23:ef:5d:1a:bf:6b:11:19:da:32:fd:51:08:27:
                    56:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                87:FF:2D:5F:42:8D:35:18:C2:61:AB:60:54:CE:F2:B4:B0:DF:F3:4D
            X509v3 Authority Key Identifier: 
                keyid:87:95:4C:02:31:CA:AC:B2:BE:2D:FD:B5:67:C7:4A:F5:EC:B7:5B:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/h5VMAjHKrLK-Lf21Z8dK9ey3Www.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/h5VMAjHKrLK-Lf21Z8dK9ey3Www.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BCDF/ECE0FBE6E36D11E8956F3516C4F9AE02/E8381688C69C11EA8B8C2D35C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.247.192.0/18

    Signature Algorithm: sha256WithRSAEncryption
         1b:00:4e:9e:af:ee:95:0d:14:9a:38:a1:0b:70:5b:15:f5:22:
         06:5b:59:de:5c:aa:5a:83:14:9c:d8:48:46:3b:fe:2c:7b:7d:
         3f:ec:9f:91:61:5f:a2:a1:23:39:93:fc:e6:8d:53:00:7c:4b:
         c0:b2:27:f7:98:4a:af:8b:5b:09:cb:df:3e:ff:05:7b:8f:7f:
         d8:5a:2d:7a:90:dc:9f:8b:da:4b:8c:1f:95:e5:8f:d2:eb:34:
         94:0a:d5:e1:82:6f:9e:f6:68:60:d3:e7:7e:43:f4:ef:49:82:
         cf:37:ee:2f:c4:65:46:1f:a2:0f:41:19:b9:97:cf:6a:0d:ed:
         b7:67:03:d5:3f:12:1a:90:e9:3c:56:b5:0a:8d:7e:cd:bd:8a:
         e8:72:36:2e:3b:19:59:5e:81:c7:4b:b3:6b:8b:30:a9:a5:37:
         7c:ae:0d:17:40:fc:33:1d:db:7a:36:9b:e5:41:f2:a4:cf:69:
         fb:b2:4d:c0:52:a7:a2:2f:73:58:ef:3f:1c:33:c8:54:99:a9:
         b6:50:04:aa:9b:fb:3d:f3:96:00:f0:e7:d5:47:0e:40:cc:08:
         f8:95:af:da:a8:f0:6c:54:a9:c8:03:1b:12:4e:ba:63:ae:47:
         34:72:be:89:7f:b7:4d:1f:15:35:16:87:1a:3a:74:ad:6f:50:
         9a:7d:b6:b2
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICECIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkJDREYxMTAvBgNVBAUTKDg3OTU0QzAyMzFDQUFDQjJCRTJERkRCNTY3Qzc0QUY1
RUNCNzVCMEMwHhcNMjIxMDMwMTgyNDQ5WhcNMjMxMjMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzVlYzE3MS0wMjEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAtzPlx//C03Grr8nUJRDtW94tWzkHC+jTnz1bl/nnrGFmOVeoufopE9QGVXP4
C+dn+bkwvbRMov286Go8U/LSY0ZW+fP1XJoWrBrNHYYmJpmKVHuLuonGAdDtcQ9X
RmPnRUpPdlFWllzXgwtGNW0MD1x9ZlPlwg60Cd4kzeab8SDRG8mxSefZ8TSSm//Z
DvW0lJDdQliYprDoIux9p4wmhRmglBGA62MSSw+ysHUXd+ljUORR6H9DQat2FQKc
ugwdwhTkhUDWKH4D9DWMInBSKVkVlr5GRGpm3Z9XBK4cDmPcth1GP6RvtrTDG74l
rZN+I+9dGr9rERnaMv1RCCdW8wIDAQABo4IClTCCApEwHQYDVR0OBBYEFIf/LV9C
jTUYwmGrYFTO8rSw3/NNMB8GA1UdIwQYMBaAFIeVTAIxyqyyvi39tWfHSvXst1sM
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkNERi9FQ0UwRkJFNkUz
NkQxMUU4OTU2RjM1MTZDNEY5QUUwMi9oNVZNQWpIS3JMSy1MZjIxWjhkSzlleTNX
d3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL2g1Vk1BakhLckxLLUxmMjFaOGRLOWV5M1d3dy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkJDREYvRUNFMEZCRTZFMzZEMTFFODk1NkYzNTE2QzRGOUFFMDIvRTgzODE2ODhD
NjlDMTFFQThCOEMyRDM1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAae98AwDQYJKoZIhvcNAQELBQADggEBABsATp6v7pUNFJo4
oQtwWxX1IgZbWd5cqlqDFJzYSEY7/ix7fT/sn5FhX6KhIzmT/OaNUwB8S8CyJ/eY
Sq+LWwnL3z7/BXuPf9haLXqQ3J+L2kuMH5Xlj9LrNJQK1eGCb572aGDT535D9O9J
gs837i/EZUYfog9BGbmXz2oN7bdnA9U/EhqQ6TxWtQqNfs29iuhyNi47GVlegcdL
s2uLMKmlN3yuDRdA/DMd23o2m+VB8qTPafuyTcBSp6Ivc1jvPxwzyFSZqbZQBKqb
+z3zlgDw59VHDkDMCPiVr9qo8GxUqcgDGxJOumOuRzRyvol/t00fFTUWhxo6dK1v
UJp9trI=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:09:43 2022 by rpki-client.