Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3133302e302f32342d3234203d3e203538333639.roa
File:                     3131362e3139372e3133302e302f32342d3234203d3e203538333639.roa (raw, json)
Hash identifier:          DFjULgo1ykJn6HW2Hf1QUT+Ax2A0d6LcMBeKhKW3Zr4=
Subject key identifier:   6B:64:FC:E0:1D:29:BB:EF:B7:8C:B4:E8:DE:90:C5:A3:88:A3:6D:FA
Certificate issuer:       /CN=A095A9A71806956C905D5CF7CB797843D22D04B8
Certificate serial:       705985C91BB7D5BA7F713D322542DA5AF0971ACF
Authority key identifier: A0:95:A9:A7:18:06:95:6C:90:5D:5C:F7:CB:79:78:43:D2:2D:04:B8
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3133302e302f32342d3234203d3e203538333639.roa
Signing time:             Mon 31 Jul 2023 00:07:29 +0000
ROA not before:           Mon 31 Jul 2023 00:02:29 +0000
ROA not after:            Mon 29 Jul 2024 00:07:29 +0000
asID:                     58369
IP address blocks:        116.197.130.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.crl
                          rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:59:85:c9:1b:b7:d5:ba:7f:71:3d:32:25:42:da:5a:f0:97:1a:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A095A9A71806956C905D5CF7CB797843D22D04B8
        Validity
            Not Before: Jul 31 00:02:29 2023 GMT
            Not After : Jul 29 00:07:29 2024 GMT
        Subject: CN=6B64FCE01D29BBEFB78CB4E8DE90C5A388A36DFA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:c1:d7:f1:8c:40:35:8c:4c:86:98:c4:79:69:
                    7b:d1:f7:84:d8:32:d2:87:ea:83:0e:46:66:21:fe:
                    2f:d6:58:38:17:b8:ca:65:73:e2:37:c1:b7:76:9c:
                    6c:23:30:a3:61:4c:b0:43:62:8f:ac:5d:14:a7:8c:
                    28:81:f2:57:84:36:9a:35:f8:fc:2c:a8:eb:23:53:
                    71:4b:9c:2e:26:80:a6:3b:ce:28:66:83:fa:fd:2b:
                    b3:67:a5:5f:ee:3e:28:42:f8:2c:a4:63:d7:c7:d5:
                    c1:65:e4:b5:45:cc:aa:a5:ae:5b:b8:2e:56:94:72:
                    76:47:6f:38:21:c7:81:59:47:3e:f7:8d:3d:f7:d1:
                    80:68:03:1c:f3:d8:6d:24:41:ab:a9:2b:05:35:d3:
                    ff:fa:eb:b9:5f:0b:2a:41:60:1e:47:67:ac:5e:f8:
                    c4:2c:ec:91:f9:cb:a3:1f:79:07:94:89:4a:8c:83:
                    dc:7e:0b:88:5f:c9:72:4c:87:73:f4:32:dd:67:3f:
                    b7:0e:c7:21:bc:a8:97:48:02:cf:62:2f:e3:b9:e5:
                    2c:34:85:a3:ae:f0:4f:77:19:24:23:b3:d7:cd:e0:
                    4e:6c:c4:62:65:04:af:e3:00:04:1c:b1:b8:b5:3c:
                    8e:73:2b:81:37:42:dc:98:4b:14:49:8d:1f:5b:24:
                    ef:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:64:FC:E0:1D:29:BB:EF:B7:8C:B4:E8:DE:90:C5:A3:88:A3:6D:FA
            X509v3 Authority Key Identifier:
                keyid:A0:95:A9:A7:18:06:95:6C:90:5D:5C:F7:CB:79:78:43:D2:2D:04:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/A095A9A71806956C905D5CF7CB797843D22D04B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A095A9A71806956C905D5CF7CB797843D22D04B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/16a81182-7ceb-465c-a5b5-a14ec739bf99/0/3131362e3139372e3133302e302f32342d3234203d3e203538333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.197.130.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6f:0f:53:54:19:a7:bc:7f:7a:65:24:c3:c9:83:0c:28:79:84:
         44:58:a6:ba:b2:dd:8c:7c:7d:d1:a7:ca:bc:68:ba:09:20:b5:
         aa:98:07:1d:db:a8:9c:22:d7:88:7d:47:58:f2:f1:dc:6f:6d:
         6f:62:91:ac:c1:e5:d2:6c:ae:02:51:e6:6e:33:06:5c:3b:f1:
         07:94:bb:05:3e:eb:4c:38:71:55:03:81:e2:4c:a4:92:26:b1:
         1c:ea:9a:6a:8e:93:b8:7a:b9:83:f8:87:47:eb:9b:4a:7b:3f:
         47:c0:b6:20:5a:c6:05:fe:3a:06:8b:3e:17:f8:46:8c:7b:77:
         d8:91:3f:b4:69:d7:fb:a7:61:ec:4c:d4:02:37:5c:fb:b9:7e:
         6f:34:11:44:89:d6:c7:ea:03:2e:9f:a9:37:73:79:d3:14:a2:
         9b:f0:fb:1e:36:2e:f3:11:c2:ff:8c:4e:03:0b:fc:cd:e7:50:
         55:a5:32:6b:ea:a9:00:e1:a4:fd:cb:79:b9:0f:72:32:d9:d4:
         e4:74:65:52:ee:ac:b1:89:04:59:e5:18:ce:28:9d:69:77:9e:
         6d:40:31:13:34:f0:72:9f:58:22:a2:97:56:09:98:0c:fb:44:
         96:05:8b:4c:d2:ed:28:75:82:b1:10:31:91:28:72:c0:9d:02:
         56:8c:d4:9d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUcFmFyRu31bp/cT0yJULaWvCXGs8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTA5NUE5QTcxODA2OTU2QzkwNUQ1Q0Y3Q0I3OTc4NDNE
MjJEMDRCODAeFw0yMzA3MzEwMDAyMjlaFw0yNDA3MjkwMDA3MjlaMDMxMTAvBgNV
BAMTKDZCNjRGQ0UwMUQyOUJCRUZCNzhDQjRFOERFOTBDNUEzODhBMzZERkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChwdfxjEA1jEyGmMR5aXvR94TY
MtKH6oMORmYh/i/WWDgXuMplc+I3wbd2nGwjMKNhTLBDYo+sXRSnjCiB8leENpo1
+PwsqOsjU3FLnC4mgKY7zihmg/r9K7NnpV/uPihC+CykY9fH1cFl5LVFzKqlrlu4
LlaUcnZHbzghx4FZRz73jT330YBoAxzz2G0kQaupKwU10//667lfCypBYB5HZ6xe
+MQs7JH5y6MfeQeUiUqMg9x+C4hfyXJMh3P0Mt1nP7cOxyG8qJdIAs9iL+O55Sw0
haOu8E93GSQjs9fN4E5sxGJlBK/jAAQcsbi1PI5zK4E3QtyYSxRJjR9bJO9LAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUa2T84B0pu++3jLTo3pDFo4ijbfowHwYDVR0j
BBgwFoAUoJWppxgGlWyQXVz3y3l4Q9ItBLgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NmE4MTE4Mi03Y2ViLTQ2NWMtYTViNS1hMTRlYzczOWJmOTkvMC9BMDk1QTlBNzE4
MDY5NTZDOTA1RDVDRjdDQjc5Nzg0M0QyMkQwNEI4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTA5NUE5QTcxODA2OTU2QzkwNUQ1Q0Y3Q0I3OTc4NDNEMjJE
MDRCOC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE2YTgxMTgyLTdjZWItNDY1Yy1h
NWI1LWExNGVjNzM5YmY5OS8wLzMxMzEzNjJlMzEzOTM3MmUzMTMzMzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNTM4MzMzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAdMWCMA0GCSqG
SIb3DQEBCwUAA4IBAQBvD1NUGae8f3plJMPJgwwoeYREWKa6st2MfH3Rp8q8aLoJ
ILWqmAcd26icIteIfUdY8vHcb21vYpGsweXSbK4CUeZuMwZcO/EHlLsFPutMOHFV
A4HiTKSSJrEc6ppqjpO4ermD+IdH65tKez9HwLYgWsYF/joGiz4X+EaMe3fYkT+0
adf7p2HsTNQCN1z7uX5vNBFEidbH6gMun6k3c3nTFKKb8PseNi7zEcL/jE4DC/zN
51BVpTJr6qkA4aT9y3m5D3Iy2dTkdGVS7qyxiQRZ5RjOKJ1pd55tQDETNPByn1gi
opdWCZgM+0SWBYtM0u0odYKxEDGRKHLAnQJWjNSd
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:12:51 2024 by rpki-client on console-ams.rpki-client.org