Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3132382e302f32342d3234203d3e203538333639.roa
File:                     3131362e3139372e3132382e302f32342d3234203d3e203538333639.roa (raw, json)
Hash identifier:          Tlr0xrSq3+7h767qPy9yElWt3a6Sk3kwdnd3cM2MuT8=
Subject key identifier:   C9:6C:B5:0D:A1:9B:04:A1:65:D9:21:B9:AB:AB:40:2B:82:16:F9:BE
Certificate issuer:       /CN=A095A9A71806956C905D5CF7CB797843D22D04B8
Certificate serial:       5C2FC4A2C023AF33E307025E05F8507C267B6DC4
Authority key identifier: A0:95:A9:A7:18:06:95:6C:90:5D:5C:F7:CB:79:78:43:D2:2D:04:B8
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3132382e302f32342d3234203d3e203538333639.roa
Signing time:             Mon 31 Jul 2023 00:07:30 +0000
ROA not before:           Mon 31 Jul 2023 00:02:30 +0000
ROA not after:            Mon 29 Jul 2024 00:07:30 +0000
asID:                     58369
IP address blocks:        116.197.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.crl
                          rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:2f:c4:a2:c0:23:af:33:e3:07:02:5e:05:f8:50:7c:26:7b:6d:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A095A9A71806956C905D5CF7CB797843D22D04B8
        Validity
            Not Before: Jul 31 00:02:30 2023 GMT
            Not After : Jul 29 00:07:30 2024 GMT
        Subject: CN=C96CB50DA19B04A165D921B9ABAB402B8216F9BE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:3d:74:30:ea:82:47:94:da:fb:c5:c6:97:be:
                    bd:13:7a:cc:bb:66:d9:ab:e0:1b:3b:5e:83:29:cc:
                    61:38:33:a3:ca:24:cb:b0:d4:0e:d3:62:76:8c:1a:
                    60:1f:12:85:6f:6c:ce:29:c1:55:c7:cd:9f:3f:cb:
                    f3:f4:34:9e:13:b2:10:3d:2a:9a:74:76:8c:f3:24:
                    d5:9c:14:2b:de:51:30:7f:47:e4:7d:0e:97:ad:19:
                    52:a5:f4:40:6f:ef:a0:96:b1:ba:8c:fa:9f:21:c5:
                    89:54:94:62:6e:bc:52:cf:12:75:7d:2a:27:f1:2b:
                    dd:cc:6f:d0:0e:c4:c6:d2:20:2c:a7:f4:fa:12:90:
                    35:b9:a0:54:38:c2:fa:17:df:6a:be:08:fe:f6:26:
                    25:c6:14:60:f4:36:8c:ba:6c:ab:6a:cc:46:72:b5:
                    17:1d:06:9f:57:e3:89:f9:6c:f1:d1:a6:ec:fc:a6:
                    12:e8:ca:cf:77:39:b3:46:0f:34:ba:a5:19:20:ed:
                    fd:51:eb:0d:9b:b8:6d:c3:02:2f:fb:c6:0d:1f:33:
                    bf:24:a3:81:5d:fb:7c:26:be:d2:13:6c:9c:2f:09:
                    38:17:16:03:d4:c7:4d:c4:97:0b:92:59:da:2b:eb:
                    e9:14:6a:85:83:05:7d:94:a9:5e:2b:0d:f8:fe:f8:
                    33:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C9:6C:B5:0D:A1:9B:04:A1:65:D9:21:B9:AB:AB:40:2B:82:16:F9:BE
            X509v3 Authority Key Identifier:
                keyid:A0:95:A9:A7:18:06:95:6C:90:5D:5C:F7:CB:79:78:43:D2:2D:04:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3132382e302f32342d3234203d3e203538333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.197.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:9e:9c:94:f7:4b:7f:9a:af:2b:4e:d5:ed:d8:3b:1e:34:33:
         55:38:0b:10:69:97:be:cf:fc:c5:41:c6:85:9a:70:17:60:41:
         2b:48:3f:9a:34:38:92:1a:04:c0:b5:d4:8f:3b:30:e1:cb:15:
         6d:34:4a:6f:7b:f4:4f:2b:31:bb:ef:3a:db:53:04:af:f1:df:
         64:8f:ff:01:69:8a:d3:e9:1f:13:cd:e9:d6:bb:f8:cf:3c:54:
         8b:9c:e5:34:ce:4d:d5:c3:37:8a:77:eb:cb:28:35:21:76:6b:
         7a:ad:65:26:aa:c1:a2:7b:28:0a:b3:46:8e:28:ea:b6:a8:fb:
         19:db:2b:54:69:9c:5d:e1:fe:46:35:41:1a:2b:5b:77:12:4f:
         cf:96:97:d0:5f:14:d0:a1:be:32:3b:3b:4f:00:a5:71:da:4e:
         93:d3:1c:5b:d0:0c:66:39:28:72:29:96:cc:85:fe:2c:aa:ce:
         79:81:b5:09:8c:c9:d2:63:03:b4:9c:fb:e3:78:63:7a:92:b5:
         a1:07:b8:a9:8a:09:08:9b:e0:ff:13:4d:d8:a2:e2:19:ff:93:
         7a:91:b9:30:10:82:e6:95:59:8e:0e:aa:22:43:71:cc:a5:67:
         72:da:09:65:50:9e:29:2b:f6:db:83:3f:d4:05:c4:3b:0f:02:
         da:34:98:b9
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUXC/EosAjrzPjBwJeBfhQfCZ7bcQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTA5NUE5QTcxODA2OTU2QzkwNUQ1Q0Y3Q0I3OTc4NDNE
MjJEMDRCODAeFw0yMzA3MzEwMDAyMzBaFw0yNDA3MjkwMDA3MzBaMDMxMTAvBgNV
BAMTKEM5NkNCNTBEQTE5QjA0QTE2NUQ5MjFCOUFCQUI0MDJCODIxNkY5QkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2PXQw6oJHlNr7xcaXvr0Tesy7
Ztmr4Bs7XoMpzGE4M6PKJMuw1A7TYnaMGmAfEoVvbM4pwVXHzZ8/y/P0NJ4TshA9
Kpp0dozzJNWcFCveUTB/R+R9DpetGVKl9EBv76CWsbqM+p8hxYlUlGJuvFLPEnV9
KifxK93Mb9AOxMbSICyn9PoSkDW5oFQ4wvoX32q+CP72JiXGFGD0Noy6bKtqzEZy
tRcdBp9X44n5bPHRpuz8phLoys93ObNGDzS6pRkg7f1R6w2buG3DAi/7xg0fM78k
o4Fd+3wmvtITbJwvCTgXFgPUx03ElwuSWdor6+kUaoWDBX2UqV4rDfj++DP5AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUyWy1DaGbBKFl2SG5q6tAK4IW+b4wHwYDVR0j
BBgwFoAUoJWppxgGlWyQXVz3y3l4Q9ItBLgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NmE4MTE4Mi03Y2ViLTQ2NWMtYTViNS1hMTRlYzczOWJmOTkvMC9BMDk1QTlBNzE4
MDY5NTZDOTA1RDVDRjdDQjc5Nzg0M0QyMkQwNEI4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTA5NUE5QTcxODA2OTU2QzkwNUQ1Q0Y3Q0I3OTc4NDNEMjJE
MDRCOC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE2YTgxMTgyLTdjZWItNDY1Yy1h
NWI1LWExNGVjNzM5YmY5OS8wLzMxMzEzNjJlMzEzOTM3MmUzMTMyMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNTM4MzMzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAdMWAMA0GCSqG
SIb3DQEBCwUAA4IBAQAOnpyU90t/mq8rTtXt2DseNDNVOAsQaZe+z/zFQcaFmnAX
YEErSD+aNDiSGgTAtdSPOzDhyxVtNEpve/RPKzG77zrbUwSv8d9kj/8BaYrT6R8T
zenWu/jPPFSLnOU0zk3VwzeKd+vLKDUhdmt6rWUmqsGieygKs0aOKOq2qPsZ2ytU
aZxd4f5GNUEaK1t3Ek/PlpfQXxTQob4yOztPAKVx2k6T0xxb0AxmOShyKZbMhf4s
qs55gbUJjMnSYwO0nPvjeGN6krWhB7ipigkIm+D/E03YouIZ/5N6kbkwEILmlVmO
DqoiQ3HMpWdy2gllUJ4pK/bbgz/UBcQ7DwLaNJi5
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:12:51 2024 by rpki-client on console-ams.rpki-client.org