Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/2605BA6A267D11ECAF7F166DC4F9AE02.roa
File:                     2605BA6A267D11ECAF7F166DC4F9AE02.roa (download)
Hash identifier:          rk1gPzVsPeKHKG3qYy2P7gIggjFJ3YW6hsEktIJbcmY=
Subject key identifier:   2F:89:6A:6D:7A:69:E1:66:C3:9F:34:C3:82:A5:65:84:20:DF:D9:33
Certificate issuer:       /CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
Certificate serial:       0453
Authority key identifier: D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/2605BA6A267D11ECAF7F166DC4F9AE02.roa
ROA valid until:          Jul 30 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 45.114.190.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1107 (0x453)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916D0D2/serialNumber=D5E53AF115997C7FA3B86552F95F5114AF3405E9
        Validity
            Not Before: May 20 00:46:28 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=6286e4e3-9cc6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:a3:39:2b:ee:ee:65:2d:fb:ff:a2:0f:6c:37:
                    71:1c:d7:bf:4a:80:6d:3d:75:69:cc:8e:c4:37:7f:
                    32:a1:b1:7e:fe:45:f3:a4:20:2d:a9:11:ab:0f:ad:
                    d1:f5:57:2f:2b:32:2d:d9:be:5a:04:43:3b:86:01:
                    d5:f3:20:d6:dc:bb:cb:89:26:ab:33:8a:59:df:95:
                    07:31:0d:e3:fb:56:d0:f7:e5:bc:55:98:7d:9c:69:
                    2c:0e:65:80:68:4e:18:01:8e:86:6f:9c:70:40:37:
                    cf:17:9a:7a:5f:37:54:20:7f:1c:2c:ab:5b:51:22:
                    39:70:b0:a7:20:1a:d0:96:c4:3c:36:5b:e8:e5:9e:
                    55:cd:a4:a9:77:cf:19:37:07:02:da:3d:5b:eb:6b:
                    fe:a4:2c:77:dd:22:3a:64:13:9d:61:8a:56:3c:05:
                    c7:69:cb:d9:35:24:5b:e6:36:89:1b:cb:3b:5a:a8:
                    6a:ef:c3:09:f5:8a:f8:07:7e:21:09:f3:ee:17:9c:
                    21:61:5f:45:0b:17:47:57:71:be:40:09:25:25:23:
                    87:87:08:67:2c:37:71:3c:dc:3d:8a:c6:ae:cc:5c:
                    93:0d:d9:cb:f5:6f:19:ec:60:65:80:6e:98:d1:35:
                    69:a7:5e:69:e3:72:95:2c:82:0a:1a:3e:d4:c9:0e:
                    15:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                2F:89:6A:6D:7A:69:E1:66:C3:9F:34:C3:82:A5:65:84:20:DF:D9:33
            X509v3 Authority Key Identifier: 
                keyid:D5:E5:3A:F1:15:99:7C:7F:A3:B8:65:52:F9:5F:51:14:AF:34:05:E9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/1eU68RWZfH-juGVS-V9RFK80Bek.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1eU68RWZfH-juGVS-V9RFK80Bek.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916D0D2/5937D43E35AD11EB81EEAD12C4F9AE02/2605BA6A267D11ECAF7F166DC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.114.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:20:6b:2f:69:3a:8a:41:1d:5d:f3:a6:1f:6a:50:2e:8e:2e:
         3a:5d:29:d4:dc:1a:0d:7d:f9:1f:8e:13:80:8b:f6:f9:ea:57:
         c3:e4:6f:fe:73:50:05:96:ed:61:7c:d8:38:13:fc:4a:b7:da:
         09:51:cd:f8:18:9a:3c:10:05:3d:29:b9:4e:e6:c5:0c:ab:47:
         66:24:ad:6e:05:2f:f8:83:30:41:29:34:dc:4a:40:47:b9:ce:
         c8:73:26:34:f8:ca:2a:e1:d2:4a:68:c1:95:c0:0f:51:87:33:
         2c:01:bf:4c:da:bc:01:cd:e9:f1:f7:c9:87:14:cd:6c:32:c9:
         58:d8:98:78:a9:e1:cd:42:c4:14:4c:26:f5:aa:49:18:49:82:
         1f:c1:9f:75:5b:99:c2:4a:86:18:e9:f2:5b:ee:2e:c4:d8:e7:
         a4:ff:31:0e:6d:ab:c4:f6:fd:b6:07:a2:8a:ed:b9:18:b0:ab:
         46:b7:da:47:07:92:f1:ab:12:52:0e:cd:3b:38:b4:af:28:08:
         00:66:e5:2e:27:0b:b7:8b:b1:65:b4:f6:b5:9a:1c:69:f9:c9:
         f2:8a:3f:8c:25:43:92:07:26:1f:64:22:79:87:02:d8:6c:cc:
         aa:b5:87:1c:f7:c0:bf:c8:5b:d7:d5:c2:61:ec:a7:1e:75:ba:
         a9:e1:99:46
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBFMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkQwRDIxMTAvBgNVBAUTKEQ1RTUzQUYxMTU5OTdDN0ZBM0I4NjU1MkY5NUY1MTE0
QUYzNDA1RTkwHhcNMjIwNTIwMDA0NjI4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02Mjg2ZTRlMy05Y2M2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvaM5K+7uZS37/6IPbDdxHNe/SoBtPXVpzI7EN38yobF+/kXzpCAtqRGrD63R
9VcvKzIt2b5aBEM7hgHV8yDW3LvLiSarM4pZ35UHMQ3j+1bQ9+W8VZh9nGksDmWA
aE4YAY6Gb5xwQDfPF5p6XzdUIH8cLKtbUSI5cLCnIBrQlsQ8Nlvo5Z5VzaSpd88Z
NwcC2j1b62v+pCx33SI6ZBOdYYpWPAXHacvZNSRb5jaJG8s7Wqhq78MJ9Yr4B34h
CfPuF5whYV9FCxdHV3G+QAklJSOHhwhnLDdxPNw9isauzFyTDdnL9W8Z7GBlgG6Y
0TVpp15p43KVLIIKGj7UyQ4VVwIDAQABo4IClTCCApEwHQYDVR0OBBYEFC+Jam16
aeFmw580w4KlZYQg39kzMB8GA1UdIwQYMBaAFNXlOvEVmXx/o7hlUvlfURSvNAXp
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2RDBEMi81OTM3RDQzRTM1
QUQxMUVCODFFRUFEMTJDNEY5QUUwMi8xZVU2OFJXWmZILWp1R1ZTLVY5UkZLODBC
ZWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzFlVTY4UldaZkgtanVHVlMtVjlSRks4MEJlay5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkQwRDIvNTkzN0Q0M0UzNUFEMTFFQjgxRUVBRDEyQzRGOUFFMDIvMjYwNUJBNkEy
NjdEMTFFQ0FGN0YxNjZEQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAAtcr4wDQYJKoZIhvcNAQELBQADggEBACogay9pOopBHV3z
ph9qUC6OLjpdKdTcGg19+R+OE4CL9vnqV8Pkb/5zUAWW7WF82DgT/Eq32glRzfgY
mjwQBT0puU7mxQyrR2YkrW4FL/iDMEEpNNxKQEe5zshzJjT4yirh0kpowZXAD1GH
MywBv0zavAHN6fH3yYcUzWwyyVjYmHip4c1CxBRMJvWqSRhJgh/Bn3VbmcJKhhjp
8lvuLsTY56T/MQ5tq8T2/bYHoortuRiwq0a32kcHkvGrElIOzTs4tK8oCABm5S4n
C7eLsWW09rWaHGn5yfKKP4wlQ5IHJh9kInmHAthszKq1hxz3wL/IW9fVwmHspx51
uqnhmUY=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:09:43 2022 by rpki-client.