Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4F2324164E2511EDA49B5C52C4F9AE02.roa
File:                     4F2324164E2511EDA49B5C52C4F9AE02.roa (raw, json)
Hash identifier:          rpgn2h+7dnMY1Us8G4+I8uiz0pJNCeP7T/O0KDSyLwc=
Subject key identifier:   CD:3D:50:FD:9E:60:3B:B3:A9:2E:4A:CD:A4:47:4B:D7:9C:AC:61:9D
Certificate issuer:       /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial:       0808
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4F2324164E2511EDA49B5C52C4F9AE02.roa
Signing time:             Mon 26 Dec 2022 12:38:53 +0000
ROA not before:           Mon 26 Dec 2022 12:38:53 +0000
ROA not after:            Sun 30 Jul 2023 00:00:00 +0000
asID:                     1239
IP address blocks:        139.190.4.0/22 maxlen: 22
                          139.190.20.0/22 maxlen: 22
                          139.190.28.0/22 maxlen: 22
                          139.190.48.0/22 maxlen: 24
                          139.190.56.0/22 maxlen: 24
                          139.190.96.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl
                          rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 21 Mar 2023 22:54:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2056 (0x808)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
        Validity
            Not Before: Dec 26 12:38:53 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=63a995dc-7e0b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e1:99:e7:fe:b6:cd:a9:3b:7c:1d:d6:e3:e6:
                    d3:d5:f5:bd:76:3e:bc:c5:7a:0c:74:da:27:ca:a9:
                    74:f0:29:3e:9d:c5:bf:88:89:e0:dc:90:23:4c:81:
                    00:79:1c:c0:0f:df:16:d9:c6:fb:24:2b:58:89:52:
                    6b:9a:67:29:3f:c7:56:ce:ba:c7:61:51:e7:c2:c4:
                    8e:ed:2f:93:d7:af:33:8d:3d:80:39:fd:45:e7:7e:
                    18:f2:ab:17:7c:0f:22:8d:2b:f1:d8:8d:aa:f2:fd:
                    9f:18:cf:99:11:c3:97:9d:4c:3f:d6:f6:46:fb:e3:
                    e5:ba:9d:97:13:f1:81:42:ed:0b:12:61:fd:d9:bc:
                    06:b4:e0:d3:f1:a4:a0:05:be:dd:d5:24:37:6f:27:
                    72:f2:01:bb:52:fe:81:d7:3f:54:c7:88:96:21:df:
                    4f:82:db:6d:2c:dc:01:fe:47:41:d4:5c:d7:46:6e:
                    d5:55:42:c2:99:aa:e9:0e:a0:9c:ec:75:b4:bb:0a:
                    60:5a:87:aa:ff:97:95:29:c7:f8:7a:f9:f2:34:fb:
                    34:c1:c8:cb:44:d0:7f:0e:f8:82:01:99:a4:b7:89:
                    52:1b:29:db:69:48:63:3e:70:13:df:72:93:e4:da:
                    ca:44:80:8e:11:ce:e7:8a:f9:69:cf:63:80:59:a6:
                    6a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                CD:3D:50:FD:9E:60:3B:B3:A9:2E:4A:CD:A4:47:4B:D7:9C:AC:61:9D
            X509v3 Authority Key Identifier: 
                keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/4F2324164E2511EDA49B5C52C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.190.4.0/22
                  139.190.20.0/22
                  139.190.28.0/22
                  139.190.48.0/22
                  139.190.56.0/22
                  139.190.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         55:ce:e2:22:53:55:c7:55:31:7f:13:23:e9:fe:24:e4:37:dd:
         9f:50:95:3e:60:41:d2:09:3b:bb:11:2e:da:02:32:4e:f8:5c:
         1d:70:54:99:b0:c4:ba:0b:2f:a6:a0:db:af:ab:50:08:1f:a1:
         78:21:87:46:5d:b4:a1:c2:a5:55:ed:7d:a2:0d:a8:0a:f6:c3:
         b1:1b:b6:7c:4e:87:31:58:cd:51:2f:46:ea:50:68:4c:2d:a6:
         ce:fd:55:7f:9a:08:97:c2:17:7e:83:df:c1:e8:96:5d:41:34:
         91:be:ac:2d:00:70:dd:f3:75:18:7a:c8:b1:31:a6:4a:96:b6:
         86:81:5e:6d:13:3c:1b:1b:fc:ab:ce:d5:34:7e:1b:4a:ae:90:
         64:f6:4a:a9:b4:ca:4b:b2:4b:79:98:e5:92:1a:81:55:c8:d1:
         57:cd:62:c2:f7:16:4c:3d:60:af:2f:20:7a:8d:b9:4a:af:6c:
         54:ad:3a:46:b2:5a:79:6f:0a:e6:52:55:17:9d:d4:4e:c4:70:
         64:06:da:66:47:ad:50:dd:53:df:a3:9f:58:56:c6:c1:24:a3:
         08:9f:f6:74:e2:65:89:8c:b7:41:fa:c2:95:d2:c5:ad:c1:8a:
         0c:6d:5a:db:6f:d6:61:54:a9:a5:ed:30:17:86:78:dd:b4:95:
         eb:cb:9e:66
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICCAgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIxMjI2MTIzODUzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02M2E5OTVkYy03ZTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsuGZ5/62zak7fB3W4+bT1fW9dj68xXoMdNonyql08Ck+ncW/iIng3JAjTIEA
eRzAD98W2cb7JCtYiVJrmmcpP8dWzrrHYVHnwsSO7S+T168zjT2AOf1F534Y8qsX
fA8ijSvx2I2q8v2fGM+ZEcOXnUw/1vZG++Plup2XE/GBQu0LEmH92bwGtODT8aSg
Bb7d1SQ3bydy8gG7Uv6B1z9Ux4iWId9PgtttLNwB/kdB1FzXRm7VVULCmarpDqCc
7HW0uwpgWoeq/5eVKcf4evnyNPs0wcjLRNB/DviCAZmkt4lSGynbaUhjPnAT33KT
5NrKRICOEc7nivlpz2OAWaZqYwIDAQABo4ICszCCAq8wHQYDVR0OBBYEFM09UP2e
YDuzqS5KzaRHS9ecrGGdMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvNEYyMzI0MTY0
RTI1MTFFREE0OUI1QzUyQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwPQYIKwYBBQUHAQcBAf8E
LjAsMCoEAgABMCQDBAKLvgQDBAKLvhQDBAKLvhwDBAKLvjADBAKLvjgDBAKLvmAw
DQYJKoZIhvcNAQELBQADggEBAFXO4iJTVcdVMX8TI+n+JOQ33Z9QlT5gQdIJO7sR
LtoCMk74XB1wVJmwxLoLL6ag26+rUAgfoXghh0ZdtKHCpVXtfaINqAr2w7EbtnxO
hzFYzVEvRupQaEwtps79VX+aCJfCF36D38Holl1BNJG+rC0AcN3zdRh6yLExpkqW
toaBXm0TPBsb/KvO1TR+G0qukGT2Sqm0ykuyS3mY5ZIagVXI0VfNYsL3Fkw9YK8v
IHqNuUqvbFStOkayWnlvCuZSVRed1E7EcGQG2mZHrVDdU9+jn1hWxsEkowif9nTi
ZYmMt0H6wpXSxa3BigxtWttv1mFUqaXtMBeGeN20levLnmY=
-----END CERTIFICATE-----
Generated at Wed Mar 15 11:54:27 2023 by rpki-client on console-fra.rpki-client.org