Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BC0927D6DE9B11EDAA652A2AC4F9AE02.roa
File:                     BC0927D6DE9B11EDAA652A2AC4F9AE02.roa (raw, json)
Hash identifier:          23n9OOlWSufvAd/7xsUWtXyOHEDDr0yUChpM2sOq9J0=
Subject key identifier:   50:0A:C8:7E:42:5D:01:5B:EC:9B:7C:E2:50:39:E2:D4:CA:E1:E1:18
Certificate issuer:       /CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
Certificate serial:       0BB3
Authority key identifier: 83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BC0927D6DE9B11EDAA652A2AC4F9AE02.roa
Signing time:             Wed 24 May 2023 23:25:15 +0000
ROA not before:           Wed 24 May 2023 23:25:15 +0000
ROA not after:            Tue 30 Jul 2024 00:00:00 +0000
asID:                     134489
IP address blocks:        180.178.146.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl
                          rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 03 Apr 2024 08:10:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2995 (0xbb3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91E6134/serialNumber=8308087911EA49E215DC4926B0226A521E5B39C4
        Validity
            Not Before: May 24 23:25:15 2023 GMT
            Not After : Jul 30 00:00:00 2024 GMT
        Subject: CN=646e9cdb-4264
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:5c:43:ec:62:2c:58:29:79:c6:b4:87:2e:bd:
                    1f:da:9e:21:2b:b7:d0:e4:f6:0d:db:ce:b0:12:3f:
                    7f:b6:a2:dd:82:9b:1a:8c:77:15:a4:6b:33:1d:91:
                    cd:cb:7d:a3:83:5a:7c:8a:9f:72:00:b3:ba:f1:11:
                    7e:52:57:d0:ff:6f:18:ae:0a:d4:09:88:ab:3c:63:
                    37:ca:68:d1:a7:3d:57:e6:ef:c8:05:06:34:14:e4:
                    ba:25:46:cd:dd:f0:18:74:29:71:5b:1f:bc:44:6b:
                    80:13:dd:ee:30:af:74:18:40:a7:97:97:95:29:6a:
                    b3:8c:06:1b:12:73:14:01:51:39:ae:fe:3f:9e:06:
                    f3:94:62:6b:f6:14:ae:91:d6:3d:94:82:80:ff:a6:
                    fc:27:f9:3a:35:d8:ab:0f:af:4d:3b:3a:18:ab:48:
                    7d:e5:83:47:fc:e9:e4:2b:7e:ba:d1:00:1f:1e:19:
                    e8:a3:1e:f3:be:ca:8d:6c:4b:9d:21:ae:5d:fb:e5:
                    f0:bb:44:a3:0a:56:c7:6b:d6:1e:98:95:81:63:2f:
                    73:c3:54:97:13:21:16:8c:95:6b:38:77:70:da:45:
                    82:45:cb:5f:3a:cc:4f:e5:04:72:c2:04:86:13:ac:
                    9b:3d:08:ee:44:7b:7b:fa:5e:09:0a:79:bc:e9:2d:
                    f2:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:0A:C8:7E:42:5D:01:5B:EC:9B:7C:E2:50:39:E2:D4:CA:E1:E1:18
            X509v3 Authority Key Identifier:
                keyid:83:08:08:79:11:EA:49:E2:15:DC:49:26:B0:22:6A:52:1E:5B:39:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gwgIeRHqSeIV3EkmsCJqUh5bOcQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6134/5F9AA4BEC2A811EAA7918A2EC4F9AE02/BC0927D6DE9B11EDAA652A2AC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.178.146.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:60:b9:6d:5c:6e:47:37:d5:04:5c:ba:16:93:57:d1:45:ba:
         8c:1b:77:d6:49:6c:7a:b3:5e:b9:73:c3:35:da:60:ec:5d:e5:
         ef:71:60:66:9e:0b:73:f9:71:3c:87:bf:66:d4:93:10:c9:38:
         38:b7:7e:4f:88:a7:43:39:fb:a6:4b:67:be:3d:6a:47:e7:0c:
         c2:fa:41:9e:f6:31:76:38:4f:13:f5:b0:5a:0e:68:02:2c:53:
         69:3a:92:6b:80:91:36:54:af:c9:30:83:e7:cc:be:ff:09:5a:
         8f:d4:2c:b4:32:ba:be:75:e7:52:22:93:02:98:14:c0:2e:67:
         45:8a:d3:57:6a:4e:56:02:81:2f:7e:5a:d7:e6:aa:e1:a8:83:
         a7:fd:c3:14:c7:3c:68:ab:e4:52:c3:7e:09:61:98:0d:f9:43:
         24:d6:ad:e4:07:58:5a:03:69:32:fb:ef:3b:ef:25:c3:d6:a9:
         71:e0:60:bc:92:c2:d2:d1:9b:a3:78:13:c5:b8:78:63:4e:80:
         42:11:aa:18:b4:66:a7:41:07:d0:53:85:08:61:0a:e8:94:a7:
         97:fd:7d:f8:01:b2:7f:1c:c2:8e:40:d9:07:ab:c7:60:1b:88:
         54:5f:7b:77:75:26:24:8b:2d:1e:b6:67:ec:b0:82:78:fe:5a:
         8d:46:ed:74
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICC7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RTYxMzQxMTAvBgNVBAUTKDgzMDgwODc5MTFFQTQ5RTIxNURDNDkyNkIwMjI2QTUy
MUU1QjM5QzQwHhcNMjMwNTI0MjMyNTE1WhcNMjQwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02NDZlOWNkYi00MjY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAzlxD7GIsWCl5xrSHLr0f2p4hK7fQ5PYN286wEj9/tqLdgpsajHcVpGszHZHN
y32jg1p8ip9yALO68RF+UlfQ/28YrgrUCYirPGM3ymjRpz1X5u/IBQY0FOS6JUbN
3fAYdClxWx+8RGuAE93uMK90GECnl5eVKWqzjAYbEnMUAVE5rv4/ngbzlGJr9hSu
kdY9lIKA/6b8J/k6NdirD69NOzoYq0h95YNH/OnkK3660QAfHhnoox7zvsqNbEud
Ia5d++Xwu0SjClbHa9YemJWBYy9zw1SXEyEWjJVrOHdw2kWCRctfOsxP5QRywgSG
E6ybPQjuRHt7+l4JCnm86S3ynwIDAQABo4IClTCCApEwHQYDVR0OBBYEFFAKyH5C
XQFb7Jt84lA54tTK4eEYMB8GA1UdIwQYMBaAFIMICHkR6kniFdxJJrAialIeWznE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjEzNC81RjlBQTRCRUMy
QTgxMUVBQTc5MThBMkVDNEY5QUUwMi9nd2dJZVJIcVNlSVYzRWttc0NKcVVoNWJP
Y1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2d3Z0llUkhxU2VJVjNFa21zQ0pxVWg1Yk9jUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RTYxMzQvNUY5QUE0QkVDMkE4MTFFQUE3OTE4QTJFQzRGOUFFMDIvQkMwOTI3RDZE
RTlCMTFFREFBNjUyQTJBQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAC0spIwDQYJKoZIhvcNAQELBQADggEBAF5guW1cbkc31QRc
uhaTV9FFuowbd9ZJbHqzXrlzwzXaYOxd5e9xYGaeC3P5cTyHv2bUkxDJODi3fk+I
p0M5+6ZLZ749akfnDML6QZ72MXY4TxP1sFoOaAIsU2k6kmuAkTZUr8kwg+fMvv8J
Wo/ULLQyur5151IikwKYFMAuZ0WK01dqTlYCgS9+WtfmquGog6f9wxTHPGir5FLD
fglhmA35QyTWreQHWFoDaTL77zvvJcPWqXHgYLySwtLRm6N4E8W4eGNOgEIRqhi0
ZqdBB9BThQhhCuiUp5f9ffgBsn8cwo5A2Qerx2AbiFRfe3d1JiSLLR62Z+ywgnj+
Wo1G7XQ=
-----END CERTIFICATE-----
Generated at Wed Mar 27 13:24:16 2024 by rpki-client on console-fra.rpki-client.org