Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234342e302f32342d3234203d3e203338313530.roa
File:                     3138302e3231342e3234342e302f32342d3234203d3e203338313530.roa (raw, json)
Hash identifier:          qfNZaPpjbn+lOdRoyygIkaP26+PT1Q75G7ifSejUsTU=
Subject key identifier:   71:BE:FD:90:5A:E1:D7:F7:21:FF:69:FF:34:9E:A7:D4:09:B8:3E:99
Certificate issuer:       /CN=2CA47487F72781733330A38C95FF8A5DF68CDBB9
Certificate serial:       4B712F42C77C25EE9EE182285FD244869376453E
Authority key identifier: 2C:A4:74:87:F7:27:81:73:33:30:A3:8C:95:FF:8A:5D:F6:8C:DB:B9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234342e302f32342d3234203d3e203338313530.roa
Signing time:             Mon 31 Jul 2023 00:05:06 +0000
ROA not before:           Mon 31 Jul 2023 00:00:06 +0000
ROA not after:            Mon 29 Jul 2024 00:05:06 +0000
asID:                     38150
IP address blocks:        180.214.244.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.crl
                          rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:71:2f:42:c7:7c:25:ee:9e:e1:82:28:5f:d2:44:86:93:76:45:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2CA47487F72781733330A38C95FF8A5DF68CDBB9
        Validity
            Not Before: Jul 31 00:00:06 2023 GMT
            Not After : Jul 29 00:05:06 2024 GMT
        Subject: CN=71BEFD905AE1D7F721FF69FF349EA7D409B83E99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:99:ed:b7:d8:a3:e6:fc:a4:a9:eb:98:0a:17:
                    ef:0a:34:34:18:73:c0:e0:d9:75:16:12:e0:22:4d:
                    19:e1:b0:56:75:a8:76:d0:22:83:8b:00:8d:58:5a:
                    76:c1:ce:e6:e0:29:15:d4:69:d8:2d:aa:a6:51:8e:
                    31:30:31:d1:a4:88:61:e2:f4:b2:42:68:9e:c1:66:
                    eb:0a:c0:fc:ca:24:64:cc:97:96:f7:56:84:6b:8f:
                    61:72:6c:41:3a:0e:40:3c:fd:60:c9:3a:ba:fe:99:
                    b0:74:3f:b0:78:7d:52:bb:91:79:66:04:4c:93:2e:
                    a1:15:f3:6e:d3:b4:04:39:ff:23:ea:18:34:7a:bd:
                    b0:f1:5d:8f:f8:c6:7c:86:43:2d:de:b9:44:f4:28:
                    cf:ad:00:f7:e9:b3:df:0b:08:cc:3e:6c:2e:cc:0e:
                    b3:06:45:ed:65:5d:10:8a:a1:3f:be:a5:d5:bb:39:
                    8e:0f:ab:03:8c:53:7e:5d:5c:3e:c7:2e:44:e1:a4:
                    41:bb:8e:39:7f:9f:49:7a:9d:db:a3:49:26:19:c9:
                    de:a1:3f:4c:37:f8:37:d4:89:6f:cf:45:62:18:87:
                    1c:1b:9d:f8:b0:13:4c:b0:94:56:b9:69:b3:e6:1d:
                    9b:c4:e5:2b:c6:21:a9:9c:53:b3:e9:0b:b3:93:ed:
                    2a:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:BE:FD:90:5A:E1:D7:F7:21:FF:69:FF:34:9E:A7:D4:09:B8:3E:99
            X509v3 Authority Key Identifier:
                keyid:2C:A4:74:87:F7:27:81:73:33:30:A3:8C:95:FF:8A:5D:F6:8C:DB:B9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/2CA47487F72781733330A38C95FF8A5DF68CDBB9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2CA47487F72781733330A38C95FF8A5DF68CDBB9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/17e65b67-905c-403c-8c79-2315659668aa/0/3138302e3231342e3234342e302f32342d3234203d3e203338313530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  180.214.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:3f:0a:8e:30:5d:d6:b4:8b:19:9d:cf:36:64:45:15:8c:33:
         5b:32:6d:4c:43:7f:0c:df:ba:62:5f:85:fa:d2:9a:2a:30:27:
         82:ee:de:d4:4d:6d:80:2c:31:43:41:5e:44:35:d4:49:a6:3a:
         71:95:d4:aa:22:f6:dd:91:8e:5a:a9:63:a4:04:40:19:2c:69:
         0b:32:36:7e:b5:6f:0f:57:b8:c3:f6:72:27:ad:d9:a2:a0:58:
         3c:1d:d1:b9:18:cf:59:5a:6c:73:7e:85:61:76:5d:33:6e:92:
         55:f6:ed:76:dc:6f:3e:2e:62:8b:bf:73:7c:6d:8f:c9:ca:e3:
         89:a1:0a:7e:3b:1d:d1:31:fa:b7:3a:84:c8:ad:6c:58:b8:cf:
         0e:a3:cc:d2:80:a1:7a:15:d0:f7:38:ab:f6:ca:40:e5:3f:84:
         6d:9a:1b:d5:70:47:69:7b:e9:93:76:45:c1:e7:65:65:10:5f:
         ca:3f:49:3d:61:e9:56:27:a9:30:5b:01:93:1a:6f:75:7e:b5:
         7e:41:71:fd:ae:50:27:6b:bf:76:a4:7f:88:5e:0e:ff:54:a1:
         72:46:10:ed:41:ee:1e:53:4a:b2:c9:6a:6e:e5:78:18:b2:d3:
         b5:72:60:11:7a:5d:bc:fd:9d:91:32:e0:8e:3d:4c:d1:d1:a3:
         87:6f:b4:76
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUS3EvQsd8Je6e4YIoX9JEhpN2RT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkNBNDc0ODdGNzI3ODE3MzMzMzBBMzhDOTVGRjhBNURG
NjhDREJCOTAeFw0yMzA3MzEwMDAwMDZaFw0yNDA3MjkwMDA1MDZaMDMxMTAvBgNV
BAMTKDcxQkVGRDkwNUFFMUQ3RjcyMUZGNjlGRjM0OUVBN0Q0MDlCODNFOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFme232KPm/KSp65gKF+8KNDQY
c8Dg2XUWEuAiTRnhsFZ1qHbQIoOLAI1YWnbBzubgKRXUadgtqqZRjjEwMdGkiGHi
9LJCaJ7BZusKwPzKJGTMl5b3VoRrj2FybEE6DkA8/WDJOrr+mbB0P7B4fVK7kXlm
BEyTLqEV827TtAQ5/yPqGDR6vbDxXY/4xnyGQy3euUT0KM+tAPfps98LCMw+bC7M
DrMGRe1lXRCKoT++pdW7OY4PqwOMU35dXD7HLkThpEG7jjl/n0l6ndujSSYZyd6h
P0w3+DfUiW/PRWIYhxwbnfiwE0ywlFa5abPmHZvE5SvGIamcU7PpC7OT7SrbAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUcb79kFrh1/ch/2n/NJ6n1Am4PpkwHwYDVR0j
BBgwFoAULKR0h/cngXMzMKOMlf+KXfaM27kwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
N2U2NWI2Ny05MDVjLTQwM2MtOGM3OS0yMzE1NjU5NjY4YWEvMC8yQ0E0NzQ4N0Y3
Mjc4MTczMzMzMEEzOEM5NUZGOEE1REY2OENEQkI5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkNBNDc0ODdGNzI3ODE3MzMzMzBBMzhDOTVGRjhBNURGNjhD
REJCOS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE3ZTY1YjY3LTkwNWMtNDAzYy04
Yzc5LTIzMTU2NTk2NjhhYS8wLzMxMzgzMDJlMzIzMTM0MmUzMjM0MzQyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzEzNTMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAtNb0MA0GCSqG
SIb3DQEBCwUAA4IBAQBZPwqOMF3WtIsZnc82ZEUVjDNbMm1MQ38M37piX4X60poq
MCeC7t7UTW2ALDFDQV5ENdRJpjpxldSqIvbdkY5aqWOkBEAZLGkLMjZ+tW8PV7jD
9nInrdmioFg8HdG5GM9ZWmxzfoVhdl0zbpJV9u123G8+LmKLv3N8bY/JyuOJoQp+
Ox3RMfq3OoTIrWxYuM8Oo8zSgKF6FdD3OKv2ykDlP4RtmhvVcEdpe+mTdkXB52Vl
EF/KP0k9YelWJ6kwWwGTGm91frV+QXH9rlAna792pH+IXg7/VKFyRhDtQe4eU0qy
yWpu5XgYstO1cmARel28/Z2RMuCOPUzR0aOHb7R2
-----END CERTIFICATE-----
Generated at Fri Mar 29 06:25:26 2024 by rpki-client on console-ams.rpki-client.org