Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F688FE388C5611E792848B4AC4F9AE02.roa
File:                     F688FE388C5611E792848B4AC4F9AE02.roa (download)
Hash identifier:          PKfRk2Z78hn2ZuisvVkjKSExEgkaxx/1HuQ+RGlsHl8=
Subject key identifier:   FB:FD:C5:62:88:C6:6B:4C:0A:5A:25:B1:80:80:38:3B:84:97:E5:16
Certificate issuer:       /CN=A91DFB70/serialNumber=5D2DD154B5DCE21FB786C526DBDEF1B045928AB8
Certificate serial:       2264
Authority key identifier: 5D:2D:D1:54:B5:DC:E2:1F:B7:86:C5:26:DB:DE:F1:B0:45:92:8A:B8
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XS3RVLXc4h-3hsUm297xsEWSirg.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F688FE388C5611E792848B4AC4F9AE02.roa
ROA valid until:          May 28 00:00:00 2023 GMT
asID:                     46071
IP address blocks:
    1: 58.69.6.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8804 (0x2264)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91DFB70/serialNumber=5D2DD154B5DCE21FB786C526DBDEF1B045928AB8
        Validity
            Not Before: Mar 28 04:42:54 2022 GMT
            Not After : May 28 00:00:00 2023 GMT
        Subject: CN=62413cce-c39e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:17:98:0b:03:a4:dc:9d:fb:fc:8b:a7:fa:8c:
                    57:97:14:46:3a:11:15:31:71:b7:be:3c:75:1e:f6:
                    48:b8:58:77:18:c5:4b:19:8a:1a:02:0f:96:21:fb:
                    2a:69:c5:3c:86:72:e8:f5:24:6b:40:69:a5:e9:53:
                    e4:fe:2f:1f:3c:43:c6:02:5a:4e:0c:4b:e3:d5:3c:
                    4c:d5:aa:8d:e7:6f:c9:78:fc:d4:72:20:a4:a9:29:
                    b9:83:50:39:b7:ff:bc:26:f8:fd:0b:0b:2f:97:1c:
                    bb:62:c3:cc:79:2f:f5:ae:2d:7a:2b:8c:df:74:78:
                    60:c5:6c:1c:af:ae:7c:41:65:fe:be:86:c7:35:fb:
                    a5:ec:60:14:6a:e5:75:56:d3:6b:d0:4f:96:91:fe:
                    a7:e3:f4:09:14:05:af:7e:94:60:a4:14:15:76:1e:
                    7d:0b:d0:c5:cb:8f:2b:09:c1:97:06:4a:2d:53:ac:
                    cc:8a:fd:68:70:09:4b:25:ce:50:4b:0d:59:7a:ec:
                    89:b3:ab:d1:98:16:f7:2e:bb:8b:36:a3:27:e6:df:
                    41:99:1b:e4:bb:17:4e:33:37:ff:49:56:e0:60:02:
                    70:8b:96:5f:9c:29:b2:a7:c5:1a:b0:ae:39:a4:fe:
                    2c:a7:1b:e5:6e:8b:e9:32:5f:c5:ea:01:6c:56:53:
                    d5:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                FB:FD:C5:62:88:C6:6B:4C:0A:5A:25:B1:80:80:38:3B:84:97:E5:16
            X509v3 Authority Key Identifier: 
                keyid:5D:2D:D1:54:B5:DC:E2:1F:B7:86:C5:26:DB:DE:F1:B0:45:92:8A:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/XS3RVLXc4h-3hsUm297xsEWSirg.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XS3RVLXc4h-3hsUm297xsEWSirg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DFB70/2983647C838F11E586FC5812C4F9AE02/F688FE388C5611E792848B4AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.69.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c9:de:c1:0b:01:67:ff:9c:12:4f:6a:01:df:91:ad:76:d5:77:
         21:91:e5:da:ca:2a:81:f3:a5:95:98:09:35:1b:15:73:2b:f8:
         a6:6e:be:49:95:df:97:8a:0b:3d:e7:87:fd:3a:ed:dc:33:0d:
         2a:fc:cd:3e:6f:5d:2e:66:e9:82:74:bd:ca:76:e5:96:2f:67:
         8a:bd:46:f3:3c:43:2a:7e:f5:62:90:4b:d5:51:c7:9e:3f:2e:
         d9:c3:29:54:32:d4:4e:97:d8:1b:39:19:ca:09:07:d7:c4:7e:
         39:3e:5c:7f:41:69:71:cb:72:ab:e3:ee:1e:f3:c4:11:d7:97:
         04:7b:f1:1e:53:91:e1:e0:d4:a7:66:1f:c5:2f:77:6a:e1:a8:
         1a:2d:8a:a7:6a:32:a0:b6:f9:45:1b:b2:c8:97:c7:89:8e:bb:
         cf:f4:11:31:92:c5:c3:83:ba:f8:82:5e:4f:bf:43:9d:5b:88:
         51:0f:4d:fd:80:ba:ba:6d:7a:ba:7f:9f:c4:a9:73:51:84:71:
         fc:19:b0:07:4b:a5:7f:d7:2c:70:db:91:fe:18:29:ec:ef:76:
         3b:d4:1a:0a:4b:5e:36:01:30:13:3a:ea:4a:09:b0:ab:4b:ad:
         e5:d6:23:70:1b:fc:6c:57:01:47:13:d7:f0:49:97:ad:2e:19:
         51:a4:79:0d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICImQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
REZCNzAxMTAvBgNVBAUTKDVEMkREMTU0QjVEQ0UyMUZCNzg2QzUyNkRCREVGMUIw
NDU5MjhBQjgwHhcNMjIwMzI4MDQ0MjU0WhcNMjMwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02MjQxM2NjZS1jMzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAyxeYCwOk3J37/Iun+oxXlxRGOhEVMXG3vjx1HvZIuFh3GMVLGYoaAg+WIfsq
acU8hnLo9SRrQGml6VPk/i8fPEPGAlpODEvj1TxM1aqN52/JePzUciCkqSm5g1A5
t/+8Jvj9Cwsvlxy7YsPMeS/1ri16K4zfdHhgxWwcr658QWX+vobHNful7GAUauV1
VtNr0E+Wkf6n4/QJFAWvfpRgpBQVdh59C9DFy48rCcGXBkotU6zMiv1ocAlLJc5Q
Sw1ZeuyJs6vRmBb3LruLNqMn5t9BmRvkuxdOMzf/SVbgYAJwi5ZfnCmyp8UasK45
pP4spxvlbovpMl/F6gFsVlPVPQIDAQABo4IClTCCApEwHQYDVR0OBBYEFPv9xWKI
xmtMClolsYCAODuEl+UWMB8GA1UdIwQYMBaAFF0t0VS13OIft4bFJtve8bBFkoq4
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERkI3MC8yOTgzNjQ3Qzgz
OEYxMUU1ODZGQzU4MTJDNEY5QUUwMi9YUzNSVkxYYzRoLTNoc1VtMjk3eHNFV1Np
cmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL1hTM1JWTFhjNGgtM2hzVW0yOTd4c0VXU2lyZy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
REZCNzAvMjk4MzY0N0M4MzhGMTFFNTg2RkM1ODEyQzRGOUFFMDIvRjY4OEZFMzg4
QzU2MTFFNzkyODQ4QjRBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAA6RQYwDQYJKoZIhvcNAQELBQADggEBAMnewQsBZ/+cEk9q
Ad+RrXbVdyGR5drKKoHzpZWYCTUbFXMr+KZuvkmV35eKCz3nh/067dwzDSr8zT5v
XS5m6YJ0vcp25ZYvZ4q9RvM8Qyp+9WKQS9VRx54/LtnDKVQy1E6X2Bs5GcoJB9fE
fjk+XH9BaXHLcqvj7h7zxBHXlwR78R5TkeHg1KdmH8Uvd2rhqBotiqdqMqC2+UUb
ssiXx4mOu8/0ETGSxcODuviCXk+/Q51biFEPTf2Aurpterp/n8Spc1GEcfwZsAdL
pX/XLHDbkf4YKezvdjvUGgpLXjYBMBM66koJsKtLreXWI3Ab/GxXAUcT1/BJl60u
GVGkeQ0=
-----END CERTIFICATE-----
Generated at Tue Dec 6 10:17:49 2022 by rpki-client.