Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/323030313a6466363a343530303a3a2f34382d3438203d3e20313338303539.roa
File:                     323030313a6466363a343530303a3a2f34382d3438203d3e20313338303539.roa (raw, json)
Hash identifier:          iW9uYrNS6gR80FVfgn06PqKITi+LJGQRrUvhKT51sJQ=
Subject key identifier:   44:7F:ED:5A:88:8F:E8:0D:E6:71:0D:85:26:40:3A:0A:03:D2:9A:D2
Certificate issuer:       /CN=B6847B928C30800282D7BA8E337482DFF4DEC8A5
Certificate serial:       3AE9B7569B62A05FBDA8191100D667FBDCA6AA65
Authority key identifier: B6:84:7B:92:8C:30:80:02:82:D7:BA:8E:33:74:82:DF:F4:DE:C8:A5
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6847B928C30800282D7BA8E337482DFF4DEC8A5.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/323030313a6466363a343530303a3a2f34382d3438203d3e20313338303539.roa
Signing time:             Mon 31 Jul 2023 00:14:28 +0000
ROA not before:           Mon 31 Jul 2023 00:09:28 +0000
ROA not after:            Mon 29 Jul 2024 00:14:28 +0000
asID:                     138059
IP address blocks:        2001:df6:4500::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/B6847B928C30800282D7BA8E337482DFF4DEC8A5.crl
                          rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/B6847B928C30800282D7BA8E337482DFF4DEC8A5.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6847B928C30800282D7BA8E337482DFF4DEC8A5.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:e9:b7:56:9b:62:a0:5f:bd:a8:19:11:00:d6:67:fb:dc:a6:aa:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6847B928C30800282D7BA8E337482DFF4DEC8A5
        Validity
            Not Before: Jul 31 00:09:28 2023 GMT
            Not After : Jul 29 00:14:28 2024 GMT
        Subject: CN=447FED5A888FE80DE6710D8526403A0A03D29AD2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:4b:3b:08:70:55:a6:3c:91:3f:ff:a5:95:9a:
                    ff:02:6c:5d:e1:c2:3c:98:eb:8b:49:8d:cd:cc:48:
                    06:f3:f2:7f:a4:a5:6c:08:4f:c7:cc:55:61:ea:05:
                    34:d0:53:d1:3c:ed:2b:0c:40:90:6d:d8:1f:47:3c:
                    c9:43:71:e8:2c:23:75:39:96:ff:72:64:b8:8d:4e:
                    a6:e9:70:a6:23:64:78:b3:65:88:e9:b9:f8:8b:e8:
                    93:76:47:4f:14:39:83:ed:56:4d:e3:89:11:10:67:
                    b4:9d:df:04:77:72:bb:d8:90:3a:11:4b:c5:ff:a5:
                    25:44:c8:49:92:b7:d0:15:0d:1f:95:f2:84:f6:81:
                    54:75:f8:cf:b3:88:ce:11:b6:ad:62:ad:d8:26:b8:
                    23:c9:8a:1c:fb:21:3a:90:4d:c9:03:d6:0d:f4:9b:
                    85:d9:cd:76:e9:d4:67:2a:13:90:91:97:56:24:8b:
                    38:aa:64:6f:1f:5e:48:59:13:fe:29:4f:9e:34:53:
                    b6:79:5a:b3:b0:bb:41:11:63:b2:c5:c4:41:ad:6f:
                    f9:b8:71:a1:16:56:ec:a0:4d:a6:d4:32:c6:a4:39:
                    16:b4:bd:7c:ef:eb:84:3b:3e:c5:64:b6:cf:ee:63:
                    ad:ec:a1:6b:07:94:78:af:8a:9e:76:fc:f8:0a:22:
                    08:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:7F:ED:5A:88:8F:E8:0D:E6:71:0D:85:26:40:3A:0A:03:D2:9A:D2
            X509v3 Authority Key Identifier:
                keyid:B6:84:7B:92:8C:30:80:02:82:D7:BA:8E:33:74:82:DF:F4:DE:C8:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/B6847B928C30800282D7BA8E337482DFF4DEC8A5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6847B928C30800282D7BA8E337482DFF4DEC8A5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/07deded1-d14e-4123-b5c9-c93a5997fc30/0/323030313a6466363a343530303a3a2f34382d3438203d3e20313338303539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df6:4500::/48

    Signature Algorithm: sha256WithRSAEncryption
         85:4e:dd:50:c9:51:5d:19:65:df:5a:46:90:47:b5:9c:d0:04:
         ed:9d:db:2c:cf:d7:ce:9a:59:5c:cf:ba:ed:4a:60:5f:85:8e:
         a8:31:05:38:a8:a4:31:99:d7:07:6d:a3:6b:a0:f0:df:2b:32:
         57:28:26:a4:af:bf:89:c1:48:32:06:59:cb:65:c9:92:fc:68:
         4e:88:8e:25:20:ab:29:97:64:75:73:3f:82:67:6f:41:75:90:
         02:eb:a1:28:9a:87:77:ea:b4:6e:35:67:23:ea:88:c0:fa:e9:
         d5:74:f2:56:73:9f:f0:ab:5d:2d:00:ef:85:e8:a3:43:2a:9f:
         3b:3f:68:75:83:7d:ca:d5:35:26:f4:98:8a:f6:8e:88:9d:ec:
         88:eb:17:a1:26:5d:8a:57:dc:35:45:15:09:8d:b2:ad:67:1d:
         4a:ae:75:e9:58:54:3d:aa:cc:fc:0d:2a:f9:77:6e:ee:91:ec:
         bd:77:c1:11:2e:5b:c4:30:62:8b:8f:49:ad:5b:cf:ef:0d:86:
         bc:d2:45:e9:28:ab:4f:db:10:ad:45:b6:3c:78:3e:d8:37:5d:
         9c:eb:c1:64:d4:ac:9a:a4:d1:17:be:a3:3a:46:49:a1:c4:27:
         e3:e5:3f:bc:59:03:a2:5e:20:52:d7:b4:09:6b:96:13:62:91:
         89:2a:7b:bf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOum3VptioF+9qBkRANZn+9ymqmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjY4NDdCOTI4QzMwODAwMjgyRDdCQThFMzM3NDgyREZG
NERFQzhBNTAeFw0yMzA3MzEwMDA5MjhaFw0yNDA3MjkwMDE0MjhaMDMxMTAvBgNV
BAMTKDQ0N0ZFRDVBODg4RkU4MERFNjcxMEQ4NTI2NDAzQTBBMDNEMjlBRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDESzsIcFWmPJE//6WVmv8CbF3h
wjyY64tJjc3MSAbz8n+kpWwIT8fMVWHqBTTQU9E87SsMQJBt2B9HPMlDcegsI3U5
lv9yZLiNTqbpcKYjZHizZYjpufiL6JN2R08UOYPtVk3jiREQZ7Sd3wR3crvYkDoR
S8X/pSVEyEmSt9AVDR+V8oT2gVR1+M+ziM4Rtq1irdgmuCPJihz7ITqQTckD1g30
m4XZzXbp1GcqE5CRl1YkiziqZG8fXkhZE/4pT540U7Z5WrOwu0ERY7LFxEGtb/m4
caEWVuygTabUMsakORa0vXzv64Q7PsVkts/uY63soWsHlHivip52/PgKIghnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURH/tWoiP6A3mcQ2FJkA6CgPSmtIwHwYDVR0j
BBgwFoAUtoR7kowwgAKC17qOM3SC3/TeyKUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
N2RlZGVkMS1kMTRlLTQxMjMtYjVjOS1jOTNhNTk5N2ZjMzAvMC9CNjg0N0I5MjhD
MzA4MDAyODJEN0JBOEUzMzc0ODJERkY0REVDOEE1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjY4NDdCOTI4QzMwODAwMjgyRDdCQThFMzM3NDgyREZGNERF
QzhBNS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA3ZGVkZWQxLWQxNGUtNDEyMy1i
NWM5LWM5M2E1OTk3ZmMzMC8wLzMyMzAzMDMxM2E2NDY2MzYzYTM0MzUzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM4MzAzNTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
9kUAMA0GCSqGSIb3DQEBCwUAA4IBAQCFTt1QyVFdGWXfWkaQR7Wc0ATtndssz9fO
mllcz7rtSmBfhY6oMQU4qKQxmdcHbaNroPDfKzJXKCakr7+JwUgyBlnLZcmS/GhO
iI4lIKspl2R1cz+CZ29BdZAC66Eomod36rRuNWcj6ojA+unVdPJWc5/wq10tAO+F
6KNDKp87P2h1g33K1TUm9JiK9o6IneyI6xehJl2KV9w1RRUJjbKtZx1KrnXpWFQ9
qsz8DSr5d27ukey9d8ERLlvEMGKLj0mtW8/vDYa80kXpKKtP2xCtRbY8eD7YN12c
68Fk1KyapNEXvqM6RkmhxCfj5T+8WQOiXiBS17QJa5YTYpGJKnu/
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:03:22 2024 by rpki-client on console-ams.rpki-client.org