Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133312e302f32342d3234203d3e2034333832.roa
File:                     3230322e39332e3133312e302f32342d3234203d3e2034333832.roa (raw, json)
Hash identifier:          6o6xA4adbnDhjbjlEqOwFU72DUL4+W7MaJZQP3bd7AE=
Subject key identifier:   18:65:CF:E3:D9:6F:6D:46:D1:AB:A4:EF:FD:CB:D3:3C:A1:8D:48:20
Certificate issuer:       /CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
Certificate serial:       5C50278E12E7567B17231BB8907440EFACF7AC39
Authority key identifier: 01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133312e302f32342d3234203d3e2034333832.roa
Signing time:             Wed 20 Sep 2023 12:00:00 +0000
ROA not before:           Wed 20 Sep 2023 11:55:00 +0000
ROA not after:            Wed 18 Sep 2024 12:00:00 +0000
asID:                     4382
IP address blocks:        202.93.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl
                          rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:50:27:8e:12:e7:56:7b:17:23:1b:b8:90:74:40:ef:ac:f7:ac:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
        Validity
            Not Before: Sep 20 11:55:00 2023 GMT
            Not After : Sep 18 12:00:00 2024 GMT
        Subject: CN=1865CFE3D96F6D46D1ABA4EFFDCBD33CA18D4820
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:ea:b6:06:b1:f4:17:ae:e9:81:5b:a8:6f:be:
                    7e:6c:71:b3:06:ab:23:2b:f6:bc:51:87:4c:ac:1f:
                    7d:ff:5a:4e:44:ef:f8:f5:53:04:29:86:f6:41:1a:
                    31:8d:7b:a4:da:ed:b1:0e:7c:01:03:9a:40:e7:30:
                    a9:6a:16:2f:11:a3:21:d9:b9:18:32:86:f8:57:5f:
                    23:92:ab:d1:ba:87:97:eb:32:2b:31:32:91:c9:fd:
                    5d:33:eb:ae:55:cc:ec:7c:6f:d4:03:bd:1d:ba:e8:
                    ef:61:0f:57:a0:ba:2b:ee:d9:e0:39:a5:f8:4c:97:
                    a5:c1:1c:9c:ed:d4:76:26:ad:03:97:96:2e:d8:9b:
                    0f:e3:0d:c1:49:c4:36:5a:b4:8e:74:57:d5:8b:dc:
                    73:78:37:6d:79:6e:3d:68:ba:a3:8e:ce:27:96:ae:
                    ee:44:63:8d:5b:c6:b8:73:d8:42:7b:0e:5a:77:fe:
                    f3:91:42:4a:05:7a:f4:7a:d7:ce:c0:e0:ed:fb:08:
                    91:4a:f8:3d:73:e1:e6:74:15:24:b4:eb:d6:0b:23:
                    cb:21:2f:87:a2:9b:e1:e1:0e:47:d0:52:7f:7c:33:
                    fc:f3:a7:81:c4:5c:91:06:35:42:f4:2f:b0:05:30:
                    16:59:99:c3:64:04:59:b4:bc:ea:12:6b:b2:44:4c:
                    d4:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:65:CF:E3:D9:6F:6D:46:D1:AB:A4:EF:FD:CB:D3:3C:A1:8D:48:20
            X509v3 Authority Key Identifier:
                keyid:01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3133312e302f32342d3234203d3e2034333832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:23:dc:aa:39:f4:ba:13:b2:2a:de:9e:6f:49:d0:0c:25:d0:
         77:b4:55:71:01:81:ad:a2:80:b3:14:df:a6:67:9b:19:12:8f:
         aa:4d:3c:9a:21:7e:69:a9:54:23:cf:e4:f7:f0:d7:66:01:31:
         f1:6c:2f:db:b8:22:b2:5e:8c:03:86:5e:4d:e9:90:a3:ff:71:
         1e:84:33:86:0c:5a:07:4f:2c:a2:e9:6a:76:85:7c:5e:ab:25:
         de:e3:01:4e:76:58:0d:23:ab:ca:68:4a:ca:37:b3:cb:54:0f:
         d9:4d:6d:25:bb:80:6e:3a:76:20:82:0b:8e:21:4e:3f:d3:4e:
         df:72:9e:6c:63:e8:c2:d3:a2:b2:ba:3e:b5:6d:d2:4f:08:7a:
         40:e6:09:2e:c0:05:ba:24:5b:8d:c6:c9:d5:3e:0a:33:f9:14:
         5b:2d:47:4d:1a:5d:7d:b8:3f:bc:0b:67:5f:5d:a0:2b:77:68:
         e3:22:34:ac:92:f7:6f:2f:ce:bc:c8:a4:5f:7f:52:f3:6f:6c:
         09:0b:70:bb:34:c2:82:72:53:8b:80:70:cc:87:36:ff:43:ac:
         66:32:1a:32:62:e2:5e:66:db:67:07:c8:76:1a:4c:83:7b:b5:
         77:3c:09:27:64:20:73:58:45:82:ab:50:e7:5e:fd:12:d8:ca:
         4d:2d:7f:d8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUXFAnjhLnVnsXIxu4kHRA76z3rDkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMx
RUZEQTkzQzAeFw0yMzA5MjAxMTU1MDBaFw0yNDA5MTgxMjAwMDBaMDMxMTAvBgNV
BAMTKDE4NjVDRkUzRDk2RjZENDZEMUFCQTRFRkZEQ0JEMzNDQTE4RDQ4MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM6rYGsfQXrumBW6hvvn5scbMG
qyMr9rxRh0ysH33/Wk5E7/j1UwQphvZBGjGNe6Ta7bEOfAEDmkDnMKlqFi8RoyHZ
uRgyhvhXXyOSq9G6h5frMisxMpHJ/V0z665VzOx8b9QDvR266O9hD1eguivu2eA5
pfhMl6XBHJzt1HYmrQOXli7Ymw/jDcFJxDZatI50V9WL3HN4N215bj1ouqOOzieW
ru5EY41bxrhz2EJ7Dlp3/vORQkoFevR6187A4O37CJFK+D1z4eZ0FSS069YLI8sh
L4eim+HhDkfQUn98M/zzp4HEXJEGNUL0L7AFMBZZmcNkBFm0vOoSa7JETNQZAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUGGXP49lvbUbRq6Tv/cvTPKGNSCAwHwYDVR0j
BBgwFoAUAS0vWZN/2+ZQlbnrSXHZ0x79qTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODZiMzg4OS02OTY2LTQ1ZWYtOTA3My1hZDE0MDExYWMzYjIvMC8wMTJEMkY1OTkz
N0ZEQkU2NTA5NUI5RUI0OTcxRDlEMzFFRkRBOTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMxRUZE
QTkzQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4NmIzODg5LTY5NjYtNDVlZi05
MDczLWFkMTQwMTFhYzNiMi8wLzMyMzAzMjJlMzkzMzJlMzEzMzMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKXYMwDQYJKoZIhvcN
AQELBQADggEBAD0j3Ko59LoTsirenm9J0Awl0He0VXEBga2igLMU36ZnmxkSj6pN
PJohfmmpVCPP5Pfw12YBMfFsL9u4IrJejAOGXk3pkKP/cR6EM4YMWgdPLKLpanaF
fF6rJd7jAU52WA0jq8poSso3s8tUD9lNbSW7gG46diCCC44hTj/TTt9ynmxj6MLT
orK6PrVt0k8IekDmCS7ABbokW43GydU+CjP5FFstR00aXX24P7wLZ19doCt3aOMi
NKyS928vzrzIpF9/UvNvbAkLcLs0woJyU4uAcMyHNv9DrGYyGjJi4l5m22cHyHYa
TIN7tXc8CSdkIHNYRYKrUOde/RLYyk0tf9g=
-----END CERTIFICATE-----
Generated at Wed Mar 27 02:25:55 2024 by rpki-client on console-fra.rpki-client.org