Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/EFA23F360D6F11ED90569286C4F9AE02.roa
File:                     EFA23F360D6F11ED90569286C4F9AE02.roa (download)
Hash identifier:          Hb+L8i+7i5dOFZIwjQjkqQ+jB0gkz39Iqjk4eTND1LI=
Subject key identifier:   3A:A3:54:03:A3:E7:B2:94:52:22:F1:02:67:6D:F0:F4:78:D5:90:8F
Certificate issuer:       /CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
Certificate serial:       070F
Authority key identifier: 9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3
Authority info access:    rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/EFA23F360D6F11ED90569286C4F9AE02.roa
ROA valid until:          Jul 30 00:00:00 2023 GMT
asID:                     397373
IP address blocks:
    1: 139.190.104.0/22 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1807 (0x70f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=9A73F1A919FBF46C872E38805B1650B5F88276D3
        Validity
            Not Before: Jul 27 05:49:53 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=62e0d201-f02a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e3:c1:57:44:3e:8c:ea:7c:12:54:74:08:27:
                    f6:0a:c1:0a:b4:35:aa:0e:dc:6f:2c:31:14:3a:20:
                    64:86:41:b9:b0:0a:86:b5:4d:2c:71:50:aa:d3:35:
                    7b:0a:01:d7:67:bc:aa:65:ac:53:76:8b:ad:0d:28:
                    de:c3:76:ac:b4:b8:87:2f:cb:14:41:57:a4:19:05:
                    28:e6:ae:5d:b0:5d:f0:48:32:3f:c4:d5:79:37:94:
                    25:5b:dc:e9:83:eb:89:1f:86:5f:a4:b2:49:10:43:
                    16:cb:ec:18:c4:76:3f:5f:b8:f3:88:9f:05:b0:4f:
                    9f:29:f8:48:2b:19:43:f2:4f:75:d3:04:3c:84:79:
                    4e:2b:49:25:19:28:75:28:c2:f4:c7:e4:96:8f:8b:
                    d4:ba:49:a6:61:b4:4d:61:48:00:55:15:3a:6d:a5:
                    e8:e2:cc:18:ae:17:d1:19:d6:42:22:c2:b1:ea:2d:
                    c6:1d:58:e2:11:82:18:02:ba:a9:dd:12:67:61:4a:
                    b7:db:34:98:a8:02:ca:02:a9:b7:2f:f1:bc:02:16:
                    e1:a1:d1:96:12:fd:7d:c1:d5:e3:27:c0:22:81:a7:
                    0c:2d:69:94:86:8f:e0:4b:47:a1:9a:7b:51:6f:13:
                    67:fe:79:02:5e:40:a7:1c:70:57:4e:db:56:5c:a0:
                    18:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                3A:A3:54:03:A3:E7:B2:94:52:22:F1:02:67:6D:F0:F4:78:D5:90:8F
            X509v3 Authority Key Identifier: 
                keyid:9A:73:F1:A9:19:FB:F4:6C:87:2E:38:80:5B:16:50:B5:F8:82:76:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/mnPxqRn79GyHLjiAWxZQtfiCdtM.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/mnPxqRn79GyHLjiAWxZQtfiCdtM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/57B3E0BCC2A811EAA7918A2EC4F9AE02/EFA23F360D6F11ED90569286C4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.190.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         32:34:61:51:f6:d6:fe:a8:d9:a1:85:7b:a1:ae:72:6e:d5:fe:
         f6:03:df:70:fe:3c:bb:17:68:af:34:ea:0c:14:61:3b:65:82:
         52:9b:7e:91:6d:30:ff:00:db:1d:36:73:99:35:e2:4f:62:74:
         a3:e0:80:bc:9a:b8:99:d4:3f:38:ca:ca:04:b0:d5:21:b2:fb:
         e1:3a:2d:1e:af:7a:a6:67:63:0c:1c:18:0f:39:02:8c:15:3d:
         f6:3f:e4:b1:3e:6b:f5:59:43:46:af:99:ac:4d:71:d6:1c:de:
         9e:8e:38:bd:13:64:54:2f:6c:69:7c:4d:46:4d:ba:58:72:22:
         cd:25:d1:2b:fe:f7:8c:19:f5:14:95:56:a4:e4:0d:b0:dd:55:
         05:c6:92:39:85:78:11:62:1b:7f:f6:3c:cc:13:1a:1e:67:94:
         35:7e:36:57:b0:36:c1:db:cc:e2:5d:84:bb:a1:c7:2a:ee:51:
         2d:3b:b4:16:ff:58:37:04:46:af:83:ab:8e:db:57:b7:86:66:
         90:55:d1:97:a6:ef:95:e7:29:00:8d:fd:dd:85:3f:77:97:27:
         7e:1c:81:11:ab:7f:ea:9a:b3:e3:4a:3b:6d:65:f9:6b:8e:58:
         26:53:66:b0:99:ff:77:03:97:b1:00:11:74:1b:dc:f9:88:0b:
         f2:7c:f5:89
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBw8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDlBNzNGMUE5MTlGQkY0NkM4NzJFMzg4MDVCMTY1MEI1
Rjg4Mjc2RDMwHhcNMjIwNzI3MDU0OTUzWhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmUwZDIwMS1mMDJhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAq+PBV0Q+jOp8ElR0CCf2CsEKtDWqDtxvLDEUOiBkhkG5sAqGtU0scVCq0zV7
CgHXZ7yqZaxTdoutDSjew3astLiHL8sUQVekGQUo5q5dsF3wSDI/xNV5N5QlW9zp
g+uJH4ZfpLJJEEMWy+wYxHY/X7jziJ8FsE+fKfhIKxlD8k910wQ8hHlOK0klGSh1
KML0x+SWj4vUukmmYbRNYUgAVRU6baXo4swYrhfRGdZCIsKx6i3GHVjiEYIYArqp
3RJnYUq32zSYqALKAqm3L/G8AhbhodGWEv19wdXjJ8AigacMLWmUho/gS0ehmntR
bxNn/nkCXkCnHHBXTttWXKAYawIDAQABo4IClTCCApEwHQYDVR0OBBYEFDqjVAOj
57KUUiLxAmdt8PR41ZCPMB8GA1UdIwQYMBaAFJpz8akZ+/Rshy44gFsWULX4gnbT
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81N0IzRTBCQ0My
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9tblB4cVJuNzlHeUhMamlBV3haUXRmaUNk
dE0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL21uUHhxUm43OUd5SExqaUFXeFpRdGZpQ2R0TS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNTdCM0UwQkNDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvRUZBMjNGMzYw
RDZGMTFFRDkwNTY5Mjg2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAKLvmgwDQYJKoZIhvcNAQELBQADggEBADI0YVH21v6o2aGF
e6Gucm7V/vYD33D+PLsXaK806gwUYTtlglKbfpFtMP8A2x02c5k14k9idKPggLya
uJnUPzjKygSw1SGy++E6LR6veqZnYwwcGA85AowVPfY/5LE+a/VZQ0avmaxNcdYc
3p6OOL0TZFQvbGl8TUZNulhyIs0l0Sv+94wZ9RSVVqTkDbDdVQXGkjmFeBFiG3/2
PMwTGh5nlDV+NlewNsHbzOJdhLuhxyruUS07tBb/WDcERq+Dq47bV7eGZpBV0Zem
75XnKQCN/d2FP3eXJ34cgRGrf+qas+NKO21l+WuOWCZTZrCZ/3cDl7EAEXQb3PmI
C/J89Yk=
-----END CERTIFICATE-----
Generated at Wed Dec 7 16:07:13 2022 by rpki-client.