Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/1E17F340724911E88CAE8E84C4F9AE02.roa
File:                     1E17F340724911E88CAE8E84C4F9AE02.roa (download)
Hash identifier:          LgIo6MJvNubiNcT+KtROs5CHwQHX7+BlJ1dul/P65uo=
Subject key identifier:   3F:21:12:DE:5C:11:81:50:29:27:CB:CD:5F:78:CA:21:E8:74:89:61
Certificate issuer:       /CN=A919F6A8/serialNumber=F7D74C7FB8B0BAEFC3635CD4E35048AF88E39EEF
Certificate serial:       1738
Authority key identifier: F7:D7:4C:7F:B8:B0:BA:EF:C3:63:5C:D4:E3:50:48:AF:88:E3:9E:EF
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99dMf7iwuu_DY1zU41BIr4jjnu8.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/1E17F340724911E88CAE8E84C4F9AE02.roa
ROA valid until:          Jul 01 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 2401:3740:374::/48 maxlen: 48
    2: 2401:3740:375::/48 maxlen: 48

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5944 (0x1738)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A919F6A8/serialNumber=F7D74C7FB8B0BAEFC3635CD4E35048AF88E39EEF
        Validity
            Not Before: Apr 16 17:23:40 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=625afb9c-9d3a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:15:cb:a0:c2:de:16:4f:17:27:75:d8:a4:a3:
                    fa:6d:53:00:bf:5a:22:de:3b:6f:72:ac:38:1f:bf:
                    3b:e8:d2:84:7a:70:95:25:dc:76:09:83:6c:96:3b:
                    d3:bd:87:da:4a:59:a0:1f:15:82:96:42:86:ea:47:
                    95:f2:1e:9f:4f:fe:3f:c0:1a:7f:e7:6c:e1:af:cc:
                    ca:52:8a:26:c4:3f:1c:b4:0f:0e:78:ae:b5:08:25:
                    c9:33:cc:26:10:71:dd:51:bc:a2:89:12:d2:a2:b7:
                    b9:b1:76:11:51:90:25:b1:29:cd:75:83:21:e4:4c:
                    1f:03:44:cc:13:da:c1:68:ca:cb:cb:5e:be:06:9d:
                    45:31:7b:ee:68:7c:f3:ea:56:84:37:75:6b:98:38:
                    37:bd:e7:21:72:1f:c9:4d:9a:2c:05:f5:21:b7:f7:
                    e7:3e:61:64:42:c3:53:44:b8:78:87:43:14:81:48:
                    df:ef:1d:38:16:b7:49:03:ba:9d:fa:ed:d8:72:f4:
                    6f:e4:ca:b5:f0:cf:74:5a:f9:d1:13:79:52:ad:81:
                    44:a6:c2:68:c3:28:da:81:a1:36:56:71:61:cc:55:
                    b4:90:5d:bb:9c:ef:92:a2:e1:16:0d:ca:92:72:85:
                    b1:25:2f:b0:40:80:8e:32:8e:6f:58:de:82:9c:b5:
                    f7:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                3F:21:12:DE:5C:11:81:50:29:27:CB:CD:5F:78:CA:21:E8:74:89:61
            X509v3 Authority Key Identifier: 
                keyid:F7:D7:4C:7F:B8:B0:BA:EF:C3:63:5C:D4:E3:50:48:AF:88:E3:9E:EF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/99dMf7iwuu_DY1zU41BIr4jjnu8.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/99dMf7iwuu_DY1zU41BIr4jjnu8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919F6A8/F3BD4C3649CB11E7A4A87C7BC4F9AE02/1E17F340724911E88CAE8E84C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:3740:374::/47

    Signature Algorithm: sha256WithRSAEncryption
         37:b6:a4:2f:5c:50:e6:75:2d:44:32:49:15:dc:32:75:b4:7b:
         19:90:5c:5a:ee:04:98:45:b2:c5:df:a8:e0:ca:7a:6c:61:49:
         a0:0d:50:0e:bb:c1:44:f2:e7:01:30:51:24:38:a5:94:24:bc:
         da:e9:e6:db:4c:4f:3f:2f:9a:ed:06:96:85:57:fb:68:29:01:
         70:83:f5:51:e3:5b:b7:c1:bb:45:c4:d8:ee:cb:3d:d2:1e:3d:
         4b:fa:a2:36:fd:d5:f7:2e:d3:cb:13:09:3a:cd:5a:47:19:7e:
         37:03:9c:cb:cb:57:9b:6b:7a:e5:5b:40:55:53:3e:22:ce:e5:
         69:c0:8a:7c:83:66:01:c5:39:c3:15:16:14:c9:67:9d:43:a4:
         ce:c8:2e:76:44:2b:83:71:af:21:4b:fb:db:99:da:da:6c:70:
         89:14:b8:3d:7a:ea:70:4f:3a:66:6d:93:a5:64:ca:99:67:81:
         58:27:c9:90:cb:e1:36:e7:9b:6f:0b:e4:89:22:64:88:f7:d5:
         8d:02:56:a3:d3:78:ea:3d:ae:5b:65:fe:f4:ca:d5:a7:82:c5:
         d9:1c:b8:b5:64:62:4c:c3:f0:d6:9d:57:57:f2:58:66:87:83:
         35:9c:77:23:93:cf:f9:8d:e1:81:d8:90:fe:d5:94:f8:3c:e2:
         a8:0f:b0:3f
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgICFzgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUY2QTgxMTAvBgNVBAUTKEY3RDc0QzdGQjhCMEJBRUZDMzYzNUNENEUzNTA0OEFG
ODhFMzlFRUYwHhcNMjIwNDE2MTcyMzQwWhcNMjMwNzAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MjVhZmI5Yy05ZDNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyhXLoMLeFk8XJ3XYpKP6bVMAv1oi3jtvcqw4H7876NKEenCVJdx2CYNsljvT
vYfaSlmgHxWClkKG6keV8h6fT/4/wBp/52zhr8zKUoomxD8ctA8OeK61CCXJM8wm
EHHdUbyiiRLSore5sXYRUZAlsSnNdYMh5EwfA0TME9rBaMrLy16+Bp1FMXvuaHzz
6laEN3VrmDg3vechch/JTZosBfUht/fnPmFkQsNTRLh4h0MUgUjf7x04FrdJA7qd
+u3YcvRv5Mq18M90WvnRE3lSrYFEpsJowyjagaE2VnFhzFW0kF27nO+SouEWDcqS
coWxJS+wQICOMo5vWN6CnLX3vQIDAQABo4ICmDCCApQwHQYDVR0OBBYEFD8hEt5c
EYFQKSfLzV94yiHodIlhMB8GA1UdIwQYMBaAFPfXTH+4sLrvw2Nc1ONQSK+I457v
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RjZBOC9GM0JENEMzNjQ5
Q0IxMUU3QTRBODdDN0JDNEY5QUUwMi85OWRNZjdpd3V1X0RZMXpVNDFCSXI0ampu
dTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzk5ZE1mN2l3dXVfRFkxelU0MUJJcjRqam51OC5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUY2QTgvRjNCRDRDMzY0OUNCMTFFN0E0QTg3QzdCQzRGOUFFMDIvMUUxN0YzNDA3
MjQ5MTFFODhDQUU4RTg0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8E
EzARMA8EAgACMAkDBwEkATdAA3QwDQYJKoZIhvcNAQELBQADggEBADe2pC9cUOZ1
LUQySRXcMnW0exmQXFruBJhFssXfqODKemxhSaANUA67wUTy5wEwUSQ4pZQkvNrp
5ttMTz8vmu0GloVX+2gpAXCD9VHjW7fBu0XE2O7LPdIePUv6ojb91fcu08sTCTrN
WkcZfjcDnMvLV5treuVbQFVTPiLO5WnAinyDZgHFOcMVFhTJZ51DpM7ILnZEK4Nx
ryFL+9uZ2tpscIkUuD166nBPOmZtk6VkyplngVgnyZDL4Tbnm28L5IkiZIj31Y0C
VqPTeOo9rltl/vTK1aeCxdkcuLVkYkzD8NadV1fyWGaHgzWcdyOTz/mN4YHYkP7V
lPg84qgPsD8=
-----END CERTIFICATE-----
Generated at Fri Dec 9 03:33:01 2022 by rpki-client.