Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234312e302f32342d3234203d3e203338313530.roa
File:                     3138302e3231342e3234312e302f32342d3234203d3e203338313530.roa (raw, json)
Hash identifier:          Odkgqp9hs44vVZIC7P+BSjNtXB8Lpm9riWpb9SJkfoo=
Subject key identifier:   F8:E1:89:84:10:33:4E:91:94:BB:F6:08:1D:10:1A:8F:8F:12:1A:38
Certificate issuer:       /CN=2CA47487F72781733330A38C95FF8A5DF68CDBB9
Certificate serial:       798AC583883C85C88475594997F5FC1D64D0F221
Authority key identifier: 2C:A4:74:87:F7:27:81:73:33:30:A3:8C:95:FF:8A:5D:F6:8C:DB:B9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234312e302f32342d3234203d3e203338313530.roa
Signing time:             Mon 31 Jul 2023 00:05:05 +0000
ROA not before:           Mon 31 Jul 2023 00:00:05 +0000
ROA not after:            Mon 29 Jul 2024 00:05:05 +0000
asID:                     38150
IP address blocks:        180.214.241.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.crl
                          rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:8a:c5:83:88:3c:85:c8:84:75:59:49:97:f5:fc:1d:64:d0:f2:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2CA47487F72781733330A38C95FF8A5DF68CDBB9
        Validity
            Not Before: Jul 31 00:00:05 2023 GMT
            Not After : Jul 29 00:05:05 2024 GMT
        Subject: CN=F8E1898410334E9194BBF6081D101A8F8F121A38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:2c:96:0b:ca:98:68:a8:ec:f9:65:4f:b0:73:
                    43:fd:65:70:87:0a:1a:ac:3a:4a:58:4d:9b:2f:d6:
                    2f:de:27:dd:b2:fd:cd:c6:2a:5b:1f:19:ae:c1:ce:
                    d5:82:f4:e0:25:b5:86:09:20:02:f7:43:fb:97:d8:
                    5b:45:34:61:55:bd:c2:77:7c:0d:2d:ca:d7:bd:67:
                    a4:64:71:00:a0:32:77:35:c3:49:1f:30:1b:28:3c:
                    e2:94:4a:ca:c0:67:b1:88:01:48:3c:38:4f:ea:3e:
                    c9:8b:44:bc:32:29:ab:a8:91:a1:2f:4b:31:0a:3a:
                    d5:82:04:b0:d2:8f:f9:e6:09:78:26:e3:4a:09:a9:
                    7a:2e:e9:29:23:07:65:10:3a:98:fb:e0:28:f5:98:
                    61:15:8e:84:b4:e1:a2:ba:94:75:1c:b0:99:c9:84:
                    c7:94:fb:5d:58:ca:2e:16:38:30:49:fd:03:6c:b5:
                    ae:f0:7c:08:6a:bd:f2:6b:4c:ef:12:fe:0a:2d:2a:
                    0e:83:9f:38:9a:9a:a5:49:ad:14:8c:e3:32:42:dc:
                    3a:9e:50:28:6b:45:30:3b:48:70:8b:37:8b:be:a1:
                    b9:80:a7:76:f1:b1:ae:9a:72:fa:af:1e:28:f9:a1:
                    59:62:3a:0a:45:58:0a:d3:ce:1a:f5:37:3d:5f:3a:
                    40:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:E1:89:84:10:33:4E:91:94:BB:F6:08:1D:10:1A:8F:8F:12:1A:38
            X509v3 Authority Key Identifier:
                keyid:2C:A4:74:87:F7:27:81:73:33:30:A3:8C:95:FF:8A:5D:F6:8C:DB:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234312e302f32342d3234203d3e203338313530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.214.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:db:62:93:44:91:44:9b:c9:fa:b6:ef:26:62:f9:1e:5f:69:
         cb:f3:2a:e3:2c:15:15:42:b2:e8:d5:31:e2:57:34:d2:58:f3:
         2e:5d:6e:1a:84:5a:7f:29:0b:5a:92:b9:9c:f0:3c:b6:e6:be:
         d9:e9:07:9b:d3:8c:99:07:16:7d:66:5f:da:7e:72:ec:07:96:
         1c:8e:a9:4f:82:e0:9f:46:47:fb:84:d9:8f:d6:75:c9:e9:c1:
         2d:d1:e9:51:94:30:d1:4e:ef:40:27:bb:2c:33:af:30:13:73:
         3a:86:d0:2f:f7:0a:b0:a7:da:58:12:e7:5f:a7:3a:0c:54:db:
         dd:97:a2:9b:d4:bc:48:1e:fc:ce:c2:d9:0a:3a:61:51:0a:5b:
         a4:ee:78:82:03:e4:eb:26:0a:96:37:e3:b4:c2:a2:ac:18:0b:
         49:ab:62:ee:78:21:38:df:a1:8a:92:19:63:8c:a7:ef:eb:43:
         d6:ad:77:c4:e0:ef:17:14:94:b7:89:a3:26:65:55:94:43:91:
         ee:2f:7a:bb:22:46:99:a5:ee:65:7b:ac:a1:09:2e:01:05:92:
         9c:a1:4b:b3:ee:4d:52:b6:5e:aa:98:14:c4:30:e6:db:44:0c:
         40:10:16:0f:a5:01:67:34:0d:bc:b0:4c:f9:46:bb:65:b3:2f:
         37:df:2c:25
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUeYrFg4g8hciEdVlJl/X8HWTQ8iEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkNBNDc0ODdGNzI3ODE3MzMzMzBBMzhDOTVGRjhBNURG
NjhDREJCOTAeFw0yMzA3MzEwMDAwMDVaFw0yNDA3MjkwMDA1MDVaMDMxMTAvBgNV
BAMTKEY4RTE4OTg0MTAzMzRFOTE5NEJCRjYwODFEMTAxQThGOEYxMjFBMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqLJYLyphoqOz5ZU+wc0P9ZXCH
ChqsOkpYTZsv1i/eJ92y/c3GKlsfGa7BztWC9OAltYYJIAL3Q/uX2FtFNGFVvcJ3
fA0tyte9Z6RkcQCgMnc1w0kfMBsoPOKUSsrAZ7GIAUg8OE/qPsmLRLwyKauokaEv
SzEKOtWCBLDSj/nmCXgm40oJqXou6SkjB2UQOpj74Cj1mGEVjoS04aK6lHUcsJnJ
hMeU+11Yyi4WODBJ/QNsta7wfAhqvfJrTO8S/gotKg6DnziamqVJrRSM4zJC3Dqe
UChrRTA7SHCLN4u+obmAp3bxsa6acvqvHij5oVliOgpFWArTzhr1Nz1fOkCdAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU+OGJhBAzTpGUu/YIHRAaj48SGjgwHwYDVR0j
BBgwFoAULKR0h/cngXMzMKOMlf+KXfaM27kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
N2U2NWI2Ny05MDVjLTQwM2MtOGM3OS0yMzE1NjU5NjY4YWEvMC8yQ0E0NzQ4N0Y3
Mjc4MTczMzMzMEEzOEM5NUZGOEE1REY2OENEQkI5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkNBNDc0ODdGNzI3ODE3MzMzMzBBMzhDOTVGRjhBNURGNjhD
REJCOS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE3ZTY1YjY3LTkwNWMtNDAzYy04
Yzc5LTIzMTU2NTk2NjhhYS8wLzMxMzgzMDJlMzIzMTM0MmUzMjM0MzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzEzNTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtNbxMA0GCSqG
SIb3DQEBCwUAA4IBAQBN22KTRJFEm8n6tu8mYvkeX2nL8yrjLBUVQrLo1THiVzTS
WPMuXW4ahFp/KQtakrmc8Dy25r7Z6Qeb04yZBxZ9Zl/afnLsB5YcjqlPguCfRkf7
hNmP1nXJ6cEt0elRlDDRTu9AJ7ssM68wE3M6htAv9wqwp9pYEudfpzoMVNvdl6Kb
1LxIHvzOwtkKOmFRCluk7niCA+TrJgqWN+O0wqKsGAtJq2LueCE436GKkhljjKfv
60PWrXfE4O8XFJS3iaMmZVWUQ5HuL3q7IkaZpe5le6yhCS4BBZKcoUuz7k1Stl6q
mBTEMObbRAxAEBYPpQFnNA28sEz5Rrtlsy833ywl
-----END CERTIFICATE-----
Generated at Wed Mar 27 02:25:55 2024 by rpki-client on console-fra.rpki-client.org