Route Origin Authorization

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDFB7/A51EC584140A11EB9636FF22C4F9AE02/9B0DA87CEB8A11EC86295E7BC4F9AE02.roa
File:                     9B0DA87CEB8A11EC86295E7BC4F9AE02.roa (download)
Hash identifier:          HkkGgkuevrQJDiB1NDXdzaYzasfBaCnl5x4T84IOu8s=
Subject key identifier:   05:95:0D:0D:00:02:C6:57:76:51:C2:30:D0:3C:9C:04:A6:A8:DF:07
Certificate issuer:       /CN=A91FDFB7/serialNumber=EA51CE20A59E42B8C71D26AA6B886690CD152984
Certificate serial:       04C3
Authority key identifier: EA:51:CE:20:A5:9E:42:B8:C7:1D:26:AA:6B:88:66:90:CD:15:29:84
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6lHOIKWeQrjHHSaqa4hmkM0VKYQ.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FDFB7/A51EC584140A11EB9636FF22C4F9AE02/9B0DA87CEB8A11EC86295E7BC4F9AE02.roa
ROA valid until:          Jul 30 00:00:00 2023 GMT
asID:                     20473
IP address blocks:
    1: 103.94.61.0/24 maxlen: 24

Validation: OK

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1219 (0x4c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FDFB7/serialNumber=EA51CE20A59E42B8C71D26AA6B886690CD152984
        Validity
            Not Before: Jun 14 02:35:08 2022 GMT
            Not After : Jul 30 00:00:00 2023 GMT
        Subject: CN=62a7f3dc-49eb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d4:84:bf:67:4d:9f:c8:b3:b3:d3:01:ca:da:
                    fd:a7:2a:57:81:ab:5b:f6:32:2b:0b:74:2e:a6:82:
                    d3:9c:f0:d6:9c:06:48:8c:35:d1:78:4f:4a:c8:77:
                    3f:ea:c1:aa:51:c0:66:b3:65:6d:10:27:c3:f2:00:
                    c1:1e:c9:92:ed:61:40:2d:42:66:11:ee:dc:4a:81:
                    df:9c:d5:24:f4:4d:80:74:0d:bc:78:9d:0f:9d:17:
                    c0:c5:e9:e8:51:d8:02:e0:a4:44:6b:e2:cc:7d:73:
                    2c:b4:0d:a0:ea:38:cd:68:0e:ae:b5:fe:a3:19:66:
                    a4:de:39:d3:62:70:41:72:ac:7a:cc:4c:9a:14:ca:
                    97:4f:2a:76:c2:32:86:ce:ce:9e:45:80:7a:55:2b:
                    d4:07:a7:cd:8e:72:a7:ea:31:1b:e4:35:15:4c:7b:
                    d8:d3:b2:bb:f4:a5:88:f4:51:5d:ce:37:09:64:b9:
                    c4:6f:41:25:ab:22:22:f5:30:35:d5:ac:ec:87:03:
                    72:9b:ae:13:70:6f:c7:1d:70:e6:a6:59:70:d5:a6:
                    f5:eb:33:be:0f:59:c6:2f:ae:b2:59:01:a6:c2:44:
                    4d:94:22:7e:aa:2d:9a:0f:b8:40:45:d2:1d:43:8e:
                    9f:71:17:3f:a6:05:5b:c1:07:66:c1:e3:42:55:27:
                    1e:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                05:95:0D:0D:00:02:C6:57:76:51:C2:30:D0:3C:9C:04:A6:A8:DF:07
            X509v3 Authority Key Identifier: 
                keyid:EA:51:CE:20:A5:9E:42:B8:C7:1D:26:AA:6B:88:66:90:CD:15:29:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FDFB7/A51EC584140A11EB9636FF22C4F9AE02/6lHOIKWeQrjHHSaqa4hmkM0VKYQ.crl

            Authority Information Access: 
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/6lHOIKWeQrjHHSaqa4hmkM0VKYQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access: 
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDFB7/A51EC584140A11EB9636FF22C4F9AE02/9B0DA87CEB8A11EC86295E7BC4F9AE02.roa
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.94.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:ca:47:8f:d8:96:f9:aa:5f:96:66:03:16:d9:b2:d7:ee:8f:
         44:32:53:8e:d9:b0:47:37:90:d4:e8:15:32:96:10:97:10:a2:
         27:9d:3f:47:1f:24:66:4f:4a:97:c3:9c:bf:5f:ec:1d:2a:0f:
         f5:0b:3b:c5:bc:d0:98:16:c4:13:6d:71:5b:b6:31:fd:b3:17:
         3d:af:7a:80:4a:b1:e6:eb:69:a2:5e:15:09:53:a3:15:9c:91:
         f9:e5:c0:a6:2f:f8:11:07:50:c9:80:1a:56:26:91:48:a5:94:
         dc:69:66:eb:e6:d6:bc:d2:cc:ad:4d:87:5c:80:6c:bf:96:07:
         f4:16:00:ef:84:3f:25:0a:26:84:08:fa:bd:e8:f3:20:27:e3:
         53:1a:52:a1:92:48:59:1c:42:16:ff:03:8a:fe:e5:29:13:e2:
         29:f6:9f:99:e9:bb:7b:6a:6b:44:c9:8b:b1:50:9d:93:e1:18:
         6c:bb:d4:d8:cf:07:71:90:18:b4:3c:6b:11:3c:0c:69:ee:12:
         e6:c5:3c:fa:cb:30:b1:8c:c4:14:7a:ef:45:dd:1d:9f:b2:21:
         c9:59:d2:14:16:33:5c:6c:4c:8a:37:01:c1:f8:8d:d0:2a:db:
         6a:75:2d:0a:52:ac:fe:bc:25:88:b9:7c:29:08:76:2e:95:ad:
         ee:10:86:ba
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICBMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRGQjcxMTAvBgNVBAUTKEVBNTFDRTIwQTU5RTQyQjhDNzFEMjZBQTZCODg2Njkw
Q0QxNTI5ODQwHhcNMjIwNjE0MDIzNTA4WhcNMjMwNzMwMDAwMDAwWjAYMRYwFAYD
VQQDEw02MmE3ZjNkYy00OWViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAr9SEv2dNn8izs9MBytr9pypXgatb9jIrC3QupoLTnPDWnAZIjDXReE9KyHc/
6sGqUcBms2VtECfD8gDBHsmS7WFALUJmEe7cSoHfnNUk9E2AdA28eJ0PnRfAxeno
UdgC4KREa+LMfXMstA2g6jjNaA6utf6jGWak3jnTYnBBcqx6zEyaFMqXTyp2wjKG
zs6eRYB6VSvUB6fNjnKn6jEb5DUVTHvY07K79KWI9FFdzjcJZLnEb0ElqyIi9TA1
1azshwNym64TcG/HHXDmpllw1ab16zO+D1nGL66yWQGmwkRNlCJ+qi2aD7hARdId
Q46fcRc/pgVbwQdmweNCVScevwIDAQABo4IClTCCApEwHQYDVR0OBBYEFAWVDQ0A
AsZXdlHCMNA8nASmqN8HMB8GA1UdIwQYMBaAFOpRziClnkK4xx0mqmuIZpDNFSmE
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREZCNy9BNTFFQzU4NDE0
MEExMUVCOTYzNkZGMjJDNEY5QUUwMi82bEhPSUtXZVFyakhIU2FxYTRobWtNMFZL
WVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyLzZsSE9JS1dlUXJqSEhTYXFhNGhta00wVktZUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
RkRGQjcvQTUxRUM1ODQxNDBBMTFFQjk2MzZGRjIyQzRGOUFFMDIvOUIwREE4N0NF
QjhBMTFFQzg2Mjk1RTdCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBABnXj0wDQYJKoZIhvcNAQELBQADggEBAETKR4/YlvmqX5Zm
AxbZstfuj0QyU47ZsEc3kNToFTKWEJcQoiedP0cfJGZPSpfDnL9f7B0qD/ULO8W8
0JgWxBNtcVu2Mf2zFz2veoBKsebraaJeFQlToxWckfnlwKYv+BEHUMmAGlYmkUil
lNxpZuvm1rzSzK1Nh1yAbL+WB/QWAO+EPyUKJoQI+r3o8yAn41MaUqGSSFkcQhb/
A4r+5SkT4in2n5npu3tqa0TJi7FQnZPhGGy71NjPB3GQGLQ8axE8DGnuEubFPPrL
MLGMxBR670XdHZ+yIclZ0hQWM1xsTIo3AcH4jdAq22p1LQpSrP68JYi5fCkIdi6V
re4Qhro=
-----END CERTIFICATE-----
Generated at Fri Dec 9 02:51:10 2022 by rpki-client.