Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/4E26A23EB6CF11EB96896F49C4F9AE02.roa
File:                     4E26A23EB6CF11EB96896F49C4F9AE02.roa (download)
Hash identifier:          C3oyekNlqkjPDzAYqef/yoMQm0KPX/6slWM13onDXyc=
Subject key identifier:   3E:7E:18:64:AF:5F:65:0C:2E:4C:38:48:F8:C7:12:BB:F1:61:B9:83
Certificate issuer:       /CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
Certificate serial:       0305
Authority key identifier: 7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/4E26A23EB6CF11EB96896F49C4F9AE02.roa
ROA valid until:          Aug 31 00:00:00 2023 GMT
asID:                     399674
IP address blocks:
    1: 103.116.64.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 773 (0x305)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A916DA3F/serialNumber=7FF3EA9AC083251F5D30B01D056BCBCDE1A7EE2D
        Validity
            Not Before: Jun  7 02:07:58 2022 GMT
            Not After : Aug 31 00:00:00 2023 GMT
        Subject: CN=629eb2fe-6527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fc:f9:3f:af:8c:df:72:47:8f:5c:47:e8:4a:
                    27:1b:39:c2:63:f8:10:fd:9e:0f:00:92:17:a1:a0:
                    59:dd:27:0f:52:67:0f:d2:20:20:20:1c:91:ff:e0:
                    e6:79:8d:69:03:04:46:b8:29:f5:8d:1c:68:9b:81:
                    b1:3c:ab:f1:cc:0c:ad:6f:62:55:5d:4e:b3:0c:06:
                    4f:47:32:44:6a:9c:b1:0d:86:97:76:cd:50:9a:43:
                    f3:a8:67:dd:e4:3d:7c:15:4d:11:cc:3e:a9:73:f6:
                    84:b6:94:bd:6f:2b:7a:1b:ff:af:a9:01:b1:be:dd:
                    dc:35:01:40:26:95:b9:ea:87:76:38:71:32:da:d5:
                    49:3d:04:bc:69:b4:c3:b3:18:f4:eb:72:44:52:a4:
                    9e:85:c2:82:89:30:b8:d7:4d:a0:c4:78:b7:93:03:
                    f2:5d:a5:f9:25:9f:cc:80:b9:0e:25:01:f8:81:f6:
                    15:7b:c1:51:26:7b:40:ae:4f:b2:e5:c3:52:3e:95:
                    2c:70:79:88:f1:0b:5d:1d:bf:ea:eb:f5:c0:81:7a:
                    84:23:23:f4:05:11:3c:2a:4a:bd:b5:fb:64:66:66:
                    3f:d6:59:fd:40:bf:d6:cd:27:ef:c2:95:92:26:f5:
                    65:7d:71:5f:d7:8a:db:aa:38:b4:03:99:3e:17:75:
                    df:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                3E:7E:18:64:AF:5F:65:0C:2E:4C:38:48:F8:C7:12:BB:F1:61:B9:83
            X509v3 Authority Key Identifier: 
                keyid:7F:F3:EA:9A:C0:83:25:1F:5D:30:B0:1D:05:6B:CB:CD:E1:A7:EE:2D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/f_PqmsCDJR9dMLAdBWvLzeGn7i0.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/f_PqmsCDJR9dMLAdBWvLzeGn7i0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916DA3F/04FF89D8B6CD11EB8E108026C4F9AE02/4E26A23EB6CF11EB96896F49C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.64.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:cc:89:8c:79:d7:4c:a0:4a:3b:d8:5c:b3:b4:93:43:bf:eb:
         8a:0f:15:57:74:5a:89:29:70:bf:26:43:54:ee:cd:ff:43:8b:
         1f:91:53:88:e1:ad:d1:87:c1:27:37:70:a7:e6:d5:7b:ff:71:
         cd:3a:1e:72:92:b3:e7:22:83:d5:10:26:69:7e:76:8c:11:16:
         eb:98:df:d0:3d:cb:e3:f9:0a:7d:96:22:81:8e:5b:5e:d6:08:
         34:46:47:fe:13:54:e9:7e:a2:f6:38:df:e2:d7:8b:8f:f2:24:
         27:31:3d:c1:30:a5:a9:3c:26:51:be:57:be:ad:46:31:9d:db:
         af:80:e5:c4:d9:05:d1:07:3a:e4:dd:31:9a:5d:e3:aa:1c:c4:
         10:f5:56:37:fb:d3:bd:11:76:de:70:08:e8:b1:6e:0d:bc:65:
         32:a0:7b:d0:aa:c0:61:13:0f:99:53:2b:31:75:f7:75:17:20:
         71:11:db:3e:aa:22:8d:2f:11:50:d4:ce:77:5d:ab:5e:37:00:
         22:ea:29:23:f6:7f:45:af:53:96:37:54:c2:91:a5:0a:1f:e8:
         26:b2:5d:28:07:be:96:e3:23:72:df:04:57:2b:6f:1f:56:83:
         dc:9c:50:10:f8:14:29:ac:f3:48:7d:66:95:58:88:1e:f3:19:
         37:1e:4d:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NkRBM0YxMTAvBgNVBAUTKDdGRjNFQTlBQzA4MzI1MUY1RDMwQjAxRDA1NkJDQkNE
RTFBN0VFMkQwHhcNMjIwNjA3MDIwNzU4WhcNMjMwODMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjllYjJmZS02NTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAt/z5P6+M33JHj1xH6EonGznCY/gQ/Z4PAJIXoaBZ3ScPUmcP0iAgIByR/+Dm
eY1pAwRGuCn1jRxom4GxPKvxzAytb2JVXU6zDAZPRzJEapyxDYaXds1QmkPzqGfd
5D18FU0RzD6pc/aEtpS9byt6G/+vqQGxvt3cNQFAJpW56od2OHEy2tVJPQS8abTD
sxj063JEUqSehcKCiTC4102gxHi3kwPyXaX5JZ/MgLkOJQH4gfYVe8FRJntArk+y
5cNSPpUscHmI8QtdHb/q6/XAgXqEIyP0BRE8Kkq9tftkZmY/1ln9QL/WzSfvwpWS
JvVlfXFf14rbqji0A5k+F3XfYQIDAQABo4IClTCCApEwHQYDVR0OBBYEFD5+GGSv
X2UMLkw4SPjHErvxYbmDMB8GA1UdIwQYMBaAFH/z6prAgyUfXTCwHQVry83hp+4t
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2REEzRi8wNEZGODlEOEI2
Q0QxMUVCOEUxMDgwMjZDNEY5QUUwMi9mX1BxbXNDREpSOWRNTEFkQld2THplR243
aTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2ZfUHFtc0NESlI5ZE1MQWRCV3ZMemVHbjdpMC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NkRBM0YvMDRGRjg5RDhCNkNEMTFFQjhFMTA4MDI2QzRGOUFFMDIvNEUyNkEyM0VC
NkNGMTFFQjk2ODk2RjQ5QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABndEAwDQYJKoZIhvcNAQELBQADggEBAHHMiYx510ygSjvY
XLO0k0O/64oPFVd0WokpcL8mQ1Tuzf9Dix+RU4jhrdGHwSc3cKfm1Xv/cc06HnKS
s+cig9UQJml+dowRFuuY39A9y+P5Cn2WIoGOW17WCDRGR/4TVOl+ovY43+LXi4/y
JCcxPcEwpak8JlG+V76tRjGd26+A5cTZBdEHOuTdMZpd46ocxBD1Vjf7070Rdt5w
COixbg28ZTKge9CqwGETD5lTKzF193UXIHER2z6qIo0vEVDUznddq143ACLqKSP2
f0WvU5Y3VMKRpQof6CayXSgHvpbjI3LfBFcrbx9Wg9ycUBD4FCms80h9ZpVYiB7z
GTceTQ0=
-----END CERTIFICATE-----
Generated at Wed Dec 7 03:05:31 2022 by rpki-client.