Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234332e302f32342d3234203d3e203338313530.roa
File:                     3138302e3231342e3234332e302f32342d3234203d3e203338313530.roa (raw, json)
Hash identifier:          /JNzWFIW1XdefWaVFPEsjDgCDvB/VF+ezOMyWu5r2Ck=
Subject key identifier:   8E:CC:A0:7A:1F:55:A4:B5:B9:84:86:0A:44:9B:5E:B4:8E:E3:B8:B9
Certificate issuer:       /CN=2CA47487F72781733330A38C95FF8A5DF68CDBB9
Certificate serial:       7D629A356B85409B7A0DCE898FDD669F48C40726
Authority key identifier: 2C:A4:74:87:F7:27:81:73:33:30:A3:8C:95:FF:8A:5D:F6:8C:DB:B9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234332e302f32342d3234203d3e203338313530.roa
Signing time:             Mon 31 Jul 2023 00:05:05 +0000
ROA not before:           Mon 31 Jul 2023 00:00:05 +0000
ROA not after:            Mon 29 Jul 2024 00:05:05 +0000
asID:                     38150
IP address blocks:        180.214.243.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.crl
                          rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:62:9a:35:6b:85:40:9b:7a:0d:ce:89:8f:dd:66:9f:48:c4:07:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2CA47487F72781733330A38C95FF8A5DF68CDBB9
        Validity
            Not Before: Jul 31 00:00:05 2023 GMT
            Not After : Jul 29 00:05:05 2024 GMT
        Subject: CN=8ECCA07A1F55A4B5B984860A449B5EB48EE3B8B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f8:99:0e:cd:01:67:fb:ab:48:7e:e6:ee:e8:
                    f9:96:8e:43:e8:d3:ef:2d:f1:c0:33:f0:54:ce:ce:
                    32:01:b0:6b:02:e1:a5:5b:a8:e7:2f:58:d7:c2:16:
                    b4:3b:89:37:47:28:02:1e:8e:6b:20:10:1c:43:15:
                    b9:14:7e:64:c0:f9:c2:5a:86:01:f9:05:a1:8a:97:
                    d6:07:a6:3c:af:d9:63:f9:90:cb:bf:73:01:a3:30:
                    e2:db:e8:c6:78:a2:b8:66:f3:59:e3:71:85:0d:27:
                    52:76:80:90:3a:a2:eb:c0:4a:42:e8:81:a5:c8:95:
                    e5:a6:0a:f4:b6:38:5d:d6:72:8e:a9:3f:0b:5a:04:
                    be:88:40:e1:db:20:4d:1f:9d:9c:be:5c:a9:9e:c1:
                    e7:33:6b:d7:90:6c:fa:20:66:48:b6:f4:d2:b9:c5:
                    23:3f:78:a2:0d:5e:45:23:fb:06:52:28:c1:ff:40:
                    02:5f:03:2b:38:98:93:cd:72:5a:07:0d:85:3d:10:
                    43:b0:b4:00:16:28:c2:84:b3:ee:96:70:ec:ee:e5:
                    b8:81:dc:02:20:73:65:5d:cd:fc:d1:5c:8d:66:e2:
                    bc:54:70:d9:9b:00:38:de:5f:08:80:c0:49:cb:02:
                    55:68:47:a5:0c:6d:2a:90:4a:40:51:7a:a7:dc:32:
                    8c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:CC:A0:7A:1F:55:A4:B5:B9:84:86:0A:44:9B:5E:B4:8E:E3:B8:B9
            X509v3 Authority Key Identifier:
                keyid:2C:A4:74:87:F7:27:81:73:33:30:A3:8C:95:FF:8A:5D:F6:8C:DB:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234332e302f32342d3234203d3e203338313530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.214.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:18:5e:3c:94:7b:20:ff:24:3a:8e:8c:ad:90:59:4b:40:2f:
         5d:73:0c:81:8a:a7:c6:3f:be:67:29:76:3a:07:9c:29:a0:71:
         18:67:f1:fc:99:ab:25:1a:99:c4:2e:85:45:43:94:da:76:e4:
         fc:fa:71:9a:56:d0:01:b8:76:ee:f8:e1:37:bd:08:fa:04:ad:
         08:20:ff:a6:b8:59:94:9d:1b:bb:96:30:a6:a2:82:38:c9:2d:
         87:a7:eb:99:c5:81:96:e6:3a:de:d0:db:87:81:ac:3a:db:3b:
         e2:43:06:c3:fd:a8:6f:8b:dc:d9:1a:a6:75:e0:cd:56:82:b5:
         41:e0:ac:c8:62:46:c3:01:07:33:9e:2d:c5:7c:93:94:8a:46:
         58:71:81:ee:b5:81:cc:01:b1:6c:d5:e9:73:80:a0:e1:11:29:
         af:a2:ca:3e:df:04:fe:41:82:b6:50:0e:fe:3c:68:10:06:c9:
         ba:68:89:61:75:08:da:aa:01:67:8c:92:74:46:6b:4b:e6:95:
         ea:5f:d7:af:82:e0:d2:ac:28:d6:12:69:18:d6:79:41:f1:59:
         97:c6:7e:22:d1:2c:f8:67:5c:61:51:9f:20:23:21:c3:6b:d7:
         db:c4:02:4d:24:d0:fe:f8:7d:5c:e5:6e:78:3f:21:14:5d:da:
         eb:22:07:5c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUfWKaNWuFQJt6Dc6Jj91mn0jEByYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkNBNDc0ODdGNzI3ODE3MzMzMzBBMzhDOTVGRjhBNURG
NjhDREJCOTAeFw0yMzA3MzEwMDAwMDVaFw0yNDA3MjkwMDA1MDVaMDMxMTAvBgNV
BAMTKDhFQ0NBMDdBMUY1NUE0QjVCOTg0ODYwQTQ0OUI1RUI0OEVFM0I4QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn+JkOzQFn+6tIfubu6PmWjkPo
0+8t8cAz8FTOzjIBsGsC4aVbqOcvWNfCFrQ7iTdHKAIejmsgEBxDFbkUfmTA+cJa
hgH5BaGKl9YHpjyv2WP5kMu/cwGjMOLb6MZ4orhm81njcYUNJ1J2gJA6ouvASkLo
gaXIleWmCvS2OF3Wco6pPwtaBL6IQOHbIE0fnZy+XKmewecza9eQbPogZki29NK5
xSM/eKINXkUj+wZSKMH/QAJfAys4mJPNcloHDYU9EEOwtAAWKMKEs+6WcOzu5biB
3AIgc2VdzfzRXI1m4rxUcNmbADjeXwiAwEnLAlVoR6UMbSqQSkBReqfcMowvAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUjsygeh9VpLW5hIYKRJtetI7juLkwHwYDVR0j
BBgwFoAULKR0h/cngXMzMKOMlf+KXfaM27kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
N2U2NWI2Ny05MDVjLTQwM2MtOGM3OS0yMzE1NjU5NjY4YWEvMC8yQ0E0NzQ4N0Y3
Mjc4MTczMzMzMEEzOEM5NUZGOEE1REY2OENEQkI5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkNBNDc0ODdGNzI3ODE3MzMzMzBBMzhDOTVGRjhBNURGNjhD
REJCOS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE3ZTY1YjY3LTkwNWMtNDAzYy04
Yzc5LTIzMTU2NTk2NjhhYS8wLzMxMzgzMDJlMzIzMTM0MmUzMjM0MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzEzNTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtNbzMA0GCSqG
SIb3DQEBCwUAA4IBAQAWGF48lHsg/yQ6joytkFlLQC9dcwyBiqfGP75nKXY6B5wp
oHEYZ/H8maslGpnELoVFQ5TaduT8+nGaVtABuHbu+OE3vQj6BK0IIP+muFmUnRu7
ljCmooI4yS2Hp+uZxYGW5jre0NuHgaw62zviQwbD/ahvi9zZGqZ14M1WgrVB4KzI
YkbDAQczni3FfJOUikZYcYHutYHMAbFs1elzgKDhESmvoso+3wT+QYK2UA7+PGgQ
Bsm6aIlhdQjaqgFnjJJ0RmtL5pXqX9evguDSrCjWEmkY1nlB8VmXxn4i0Sz4Z1xh
UZ8gIyHDa9fbxAJNJND++H1c5W54PyEUXdrrIgdc
-----END CERTIFICATE-----
Generated at Wed Mar 27 04:37:32 2024 by rpki-client on console-ams.rpki-client.org