Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/059acb97-6e87-4e31-a569-a2660df4f2b8/0/3133392e352e34302e302f32322d3234203d3e20313335343438.roa
File:                     3133392e352e34302e302f32322d3234203d3e20313335343438.roa (raw, json)
Hash identifier:          MGkf+qpRLFM3gZeOMjaSdEJO7d7b5VENUBAqGUalzeE=
Subject key identifier:   A3:E8:0D:66:C8:E6:35:C6:AE:46:CA:DB:F7:B6:40:7C:5B:B5:78:BF
Certificate issuer:       /CN=03315D0E966A85B878EA9058B8CF03EAF2881889
Certificate serial:       02A031D9F8E9525A5B5621B7C8133982E035631C
Authority key identifier: 03:31:5D:0E:96:6A:85:B8:78:EA:90:58:B8:CF:03:EA:F2:88:18:89
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/03315D0E966A85B878EA9058B8CF03EAF2881889.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/059acb97-6e87-4e31-a569-a2660df4f2b8/0/3133392e352e34302e302f32322d3234203d3e20313335343438.roa
Signing time:             Mon 31 Jul 2023 00:07:36 +0000
ROA not before:           Mon 31 Jul 2023 00:02:36 +0000
ROA not after:            Mon 29 Jul 2024 00:07:36 +0000
asID:                     135448
IP address blocks:        139.5.40.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/059acb97-6e87-4e31-a569-a2660df4f2b8/0/03315D0E966A85B878EA9058B8CF03EAF2881889.crl
                          rsync://repo-rpki.idnic.net/repo/059acb97-6e87-4e31-a569-a2660df4f2b8/0/03315D0E966A85B878EA9058B8CF03EAF2881889.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/03315D0E966A85B878EA9058B8CF03EAF2881889.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 10:19:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:a0:31:d9:f8:e9:52:5a:5b:56:21:b7:c8:13:39:82:e0:35:63:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03315D0E966A85B878EA9058B8CF03EAF2881889
        Validity
            Not Before: Jul 31 00:02:36 2023 GMT
            Not After : Jul 29 00:07:36 2024 GMT
        Subject: CN=A3E80D66C8E635C6AE46CADBF7B6407C5BB578BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:fa:75:e2:50:53:f4:fb:4b:50:ca:f6:a5:4f:
                    9a:61:9d:66:3f:a0:79:fc:6b:f5:f2:c6:9a:da:a7:
                    1b:0f:0f:e4:77:53:94:87:27:6d:b5:1a:9f:3c:fd:
                    af:32:b5:96:56:cc:05:a5:82:c5:21:35:51:ed:bf:
                    ed:6a:a1:a0:aa:bf:03:2c:e6:da:0e:e1:bb:e7:05:
                    f7:59:9b:39:6e:ed:ac:d3:9a:e6:f8:a0:f0:e8:2c:
                    a9:da:e0:f3:90:96:6b:f9:00:58:b5:63:5a:a7:5d:
                    7e:fd:e2:d1:bd:a4:58:29:18:d0:92:e2:16:ce:69:
                    12:3e:ac:b5:1d:c3:b3:a9:4b:bf:e7:2d:b3:56:87:
                    55:01:29:90:d9:99:82:9c:f8:2d:50:50:88:4e:bd:
                    7f:93:11:8d:c3:f8:43:ed:9e:93:2f:a0:39:3f:b3:
                    db:e8:9a:c7:1e:69:f7:de:27:18:ea:72:ce:7b:21:
                    d8:af:aa:c9:67:f7:a2:87:64:c5:4b:ba:90:15:4a:
                    d2:87:53:5d:ed:89:1a:a2:92:3d:c5:a8:51:87:e7:
                    1a:73:e2:51:fc:6d:27:3b:7d:a8:66:64:c0:f9:cd:
                    0a:ff:7e:40:4f:52:43:cd:32:2d:80:e9:7f:48:f9:
                    09:85:0c:4c:fd:9c:0a:25:c8:22:76:29:79:69:e8:
                    4e:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:E8:0D:66:C8:E6:35:C6:AE:46:CA:DB:F7:B6:40:7C:5B:B5:78:BF
            X509v3 Authority Key Identifier:
                keyid:03:31:5D:0E:96:6A:85:B8:78:EA:90:58:B8:CF:03:EA:F2:88:18:89

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/059acb97-6e87-4e31-a569-a2660df4f2b8/0/03315D0E966A85B878EA9058B8CF03EAF2881889.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/03315D0E966A85B878EA9058B8CF03EAF2881889.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/059acb97-6e87-4e31-a569-a2660df4f2b8/0/3133392e352e34302e302f32322d3234203d3e20313335343438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.5.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b9:07:d3:85:31:e6:6f:7f:51:90:73:96:f5:0c:ad:93:46:74:
         f5:a5:c5:3a:6c:2b:b1:bf:42:1c:96:9a:48:63:9e:3b:5e:d0:
         f9:a8:ce:dd:a3:b9:4f:f5:61:14:d4:01:8e:fa:81:0a:62:7f:
         1e:6d:fb:a9:e0:c1:15:97:7b:71:7a:86:c1:14:5a:b9:f5:7d:
         ca:16:44:bf:3f:f0:5f:cc:74:64:92:f2:44:4c:5d:ce:89:f4:
         ec:4b:ce:84:82:87:15:2a:24:f0:f6:3d:8a:bb:6e:67:d8:e2:
         70:dd:67:ef:5c:fa:69:73:75:3e:a6:c0:45:c2:f3:e4:0f:87:
         43:a5:c1:b6:69:35:d5:31:84:ed:fa:06:5f:4b:8b:99:58:34:
         ff:1a:c2:37:fd:ac:b5:25:c6:89:9c:ff:3f:e5:8b:56:50:a4:
         18:cf:7f:13:5b:ed:5e:8b:9a:f5:fc:f8:99:c3:4a:55:e0:db:
         f0:6a:b2:70:e8:50:17:a6:17:8e:29:72:63:c9:cb:f2:4b:6a:
         a4:99:cf:7d:03:ec:9e:3f:c0:be:77:9d:fa:78:7f:5d:81:e7:
         1a:26:1d:45:c8:6b:c5:c4:4d:1d:49:9d:d0:1f:83:07:09:a5:
         fe:85:53:fd:ec:09:44:9f:03:27:61:7c:40:20:83:06:eb:e8:
         3d:1c:82:75
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUAqAx2fjpUlpbViG3yBM5guA1YxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDMzMTVEMEU5NjZBODVCODc4RUE5MDU4QjhDRjAzRUFG
Mjg4MTg4OTAeFw0yMzA3MzEwMDAyMzZaFw0yNDA3MjkwMDA3MzZaMDMxMTAvBgNV
BAMTKEEzRTgwRDY2QzhFNjM1QzZBRTQ2Q0FEQkY3QjY0MDdDNUJCNTc4QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz+nXiUFP0+0tQyvalT5phnWY/
oHn8a/XyxprapxsPD+R3U5SHJ221Gp88/a8ytZZWzAWlgsUhNVHtv+1qoaCqvwMs
5toO4bvnBfdZmzlu7azTmub4oPDoLKna4POQlmv5AFi1Y1qnXX794tG9pFgpGNCS
4hbOaRI+rLUdw7OpS7/nLbNWh1UBKZDZmYKc+C1QUIhOvX+TEY3D+EPtnpMvoDk/
s9vomsceaffeJxjqcs57Idivqsln96KHZMVLupAVStKHU13tiRqikj3FqFGH5xpz
4lH8bSc7fahmZMD5zQr/fkBPUkPNMi2A6X9I+QmFDEz9nAolyCJ2KXlp6E43AgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUo+gNZsjmNcauRsrb97ZAfFu1eL8wHwYDVR0j
BBgwFoAUAzFdDpZqhbh46pBYuM8D6vKIGIkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
NTlhY2I5Ny02ZTg3LTRlMzEtYTU2OS1hMjY2MGRmNGYyYjgvMC8wMzMxNUQwRTk2
NkE4NUI4NzhFQTkwNThCOENGMDNFQUYyODgxODg5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDMzMTVEMEU5NjZBODVCODc4RUE5MDU4QjhDRjAzRUFGMjg4
MTg4OS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA1OWFjYjk3LTZlODctNGUzMS1h
NTY5LWEyNjYwZGY0ZjJiOC8wLzMxMzMzOTJlMzUyZTM0MzAyZTMwMmYzMjMyMmQz
MjM0MjAzZDNlMjAzMTMzMzUzNDM0Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKLBSgwDQYJKoZIhvcN
AQELBQADggEBALkH04Ux5m9/UZBzlvUMrZNGdPWlxTpsK7G/QhyWmkhjnjte0Pmo
zt2juU/1YRTUAY76gQpifx5t+6ngwRWXe3F6hsEUWrn1fcoWRL8/8F/MdGSS8kRM
Xc6J9OxLzoSChxUqJPD2PYq7bmfY4nDdZ+9c+mlzdT6mwEXC8+QPh0OlwbZpNdUx
hO36Bl9Li5lYNP8awjf9rLUlxomc/z/li1ZQpBjPfxNb7V6LmvX8+JnDSlXg2/Bq
snDoUBemF44pcmPJy/JLaqSZz30D7J4/wL53nfp4f12B5xomHUXIa8XETR1JndAf
gwcJpf6FU/3sCUSfAydhfEAggwbr6D0cgnU=
-----END CERTIFICATE-----
Generated at Wed Mar 27 07:57:35 2024 by rpki-client on console-ams.rpki-client.org