Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3134322e302f32342d3234203d3e2034333832.roa
File:                     3230322e39332e3134322e302f32342d3234203d3e2034333832.roa (raw, json)
Hash identifier:          2VM0etQOKIJKFgZDf4G7nKMFklV7JCb+RA9ORtjjzcI=
Subject key identifier:   12:50:DE:52:C5:30:5F:38:AA:EB:F2:35:59:CC:3C:69:09:D1:C7:71
Certificate issuer:       /CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
Certificate serial:       7190665714B23CADB612E09267C2361B17004B5A
Authority key identifier: 01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3134322e302f32342d3234203d3e2034333832.roa
Signing time:             Wed 20 Sep 2023 12:00:00 +0000
ROA not before:           Wed 20 Sep 2023 11:55:00 +0000
ROA not after:            Wed 18 Sep 2024 12:00:00 +0000
asID:                     4382
IP address blocks:        202.93.142.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl
                          rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:90:66:57:14:b2:3c:ad:b6:12:e0:92:67:c2:36:1b:17:00:4b:5a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=012D2F59937FDBE65095B9EB4971D9D31EFDA93C
        Validity
            Not Before: Sep 20 11:55:00 2023 GMT
            Not After : Sep 18 12:00:00 2024 GMT
        Subject: CN=1250DE52C5305F38AAEBF23559CC3C6909D1C771
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:28:56:05:34:72:71:5b:d9:c3:2f:4d:eb:6d:
                    69:6b:61:91:2b:1e:f0:0f:08:ee:05:f5:af:49:da:
                    17:5b:f6:37:c3:ae:d5:db:98:35:d9:42:7f:57:72:
                    6d:1d:26:05:24:85:8e:e9:d4:19:5f:59:b7:e4:7c:
                    ee:52:ea:0c:bf:36:67:be:83:6c:1b:a1:4e:a3:df:
                    e5:eb:60:83:b1:5f:eb:99:58:e8:31:b8:da:63:6f:
                    49:51:bb:f6:5a:2e:7c:f2:b6:07:ff:8f:c8:d5:10:
                    ee:e6:cb:b4:df:e1:4d:b4:ef:ca:9c:5c:ef:e1:51:
                    5a:12:27:d2:53:68:0c:25:84:37:e9:f2:e2:4b:ec:
                    db:e2:1a:58:58:59:7f:57:8b:d7:ec:d3:94:03:ff:
                    ac:d3:f1:35:b7:0e:67:ed:4e:d1:3b:3b:62:17:00:
                    02:75:b9:2c:91:d7:43:bb:bc:9e:98:c4:54:73:6d:
                    d8:b5:5f:d5:90:8f:4e:be:05:d9:71:5d:31:fc:5e:
                    bb:1a:f5:5e:e0:c7:b2:19:61:8d:29:1b:fd:eb:5a:
                    5e:3e:d9:4b:fb:18:04:a1:13:ba:d5:13:94:1a:be:
                    92:91:cb:2a:f8:59:e7:c8:6e:d0:fb:05:0f:1e:45:
                    3e:b3:f0:17:15:03:46:14:ca:4d:72:07:d6:69:09:
                    a6:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:50:DE:52:C5:30:5F:38:AA:EB:F2:35:59:CC:3C:69:09:D1:C7:71
            X509v3 Authority Key Identifier:
                keyid:01:2D:2F:59:93:7F:DB:E6:50:95:B9:EB:49:71:D9:D3:1E:FD:A9:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/012D2F59937FDBE65095B9EB4971D9D31EFDA93C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/186b3889-6966-45ef-9073-ad14011ac3b2/0/3230322e39332e3134322e302f32342d3234203d3e2034333832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:7b:59:33:c7:50:a6:da:74:88:7e:47:69:80:b8:b5:02:5d:
         02:58:67:20:e7:6c:2a:a3:4c:54:ac:61:45:4e:51:54:0f:60:
         e8:2a:eb:af:1f:99:6f:57:ee:01:ec:17:51:3e:ec:d2:e0:97:
         28:02:d7:bc:d8:3a:e4:1f:75:49:c9:b2:00:c3:bc:38:ea:1f:
         1a:4e:35:1b:a8:78:f7:5b:23:2d:25:05:17:21:d0:b2:82:32:
         87:a1:f6:86:53:22:e2:81:f0:5a:00:06:76:70:9a:b7:37:ab:
         de:0d:fd:ea:e5:c4:7d:f6:d2:67:a4:cf:22:3b:85:ce:27:95:
         7f:f9:15:5b:6c:99:42:49:ed:0e:67:fb:33:ca:20:dc:0a:3b:
         0b:af:32:c2:e8:d1:20:8b:01:cd:27:96:12:2e:4e:92:27:b3:
         ee:62:0c:96:89:a4:6c:ec:df:55:ec:f4:6b:15:60:11:df:bc:
         66:7f:e7:7b:7c:6f:c5:13:8c:0a:a3:3b:d4:11:f4:4b:2c:8b:
         4e:22:4c:27:9e:88:a0:9b:73:21:76:8d:18:c8:36:82:38:57:
         dc:d8:35:42:d3:9c:0b:55:f3:b1:3e:e1:e1:4a:28:36:a6:8a:
         46:23:4b:89:ac:03:57:2e:47:11:b1:8e:47:42:48:2a:7e:1a:
         7e:59:22:ab
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUcZBmVxSyPK22EuCSZ8I2GxcAS1owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMx
RUZEQTkzQzAeFw0yMzA5MjAxMTU1MDBaFw0yNDA5MTgxMjAwMDBaMDMxMTAvBgNV
BAMTKDEyNTBERTUyQzUzMDVGMzhBQUVCRjIzNTU5Q0MzQzY5MDlEMUM3NzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5KFYFNHJxW9nDL03rbWlrYZEr
HvAPCO4F9a9J2hdb9jfDrtXbmDXZQn9Xcm0dJgUkhY7p1BlfWbfkfO5S6gy/Nme+
g2wboU6j3+XrYIOxX+uZWOgxuNpjb0lRu/ZaLnzytgf/j8jVEO7my7Tf4U2078qc
XO/hUVoSJ9JTaAwlhDfp8uJL7NviGlhYWX9Xi9fs05QD/6zT8TW3DmftTtE7O2IX
AAJ1uSyR10O7vJ6YxFRzbdi1X9WQj06+BdlxXTH8Xrsa9V7gx7IZYY0pG/3rWl4+
2Uv7GAShE7rVE5QavpKRyyr4WefIbtD7BQ8eRT6z8BcVA0YUyk1yB9ZpCaaJAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUElDeUsUwXziq6/I1Wcw8aQnRx3EwHwYDVR0j
BBgwFoAUAS0vWZN/2+ZQlbnrSXHZ0x79qTwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ODZiMzg4OS02OTY2LTQ1ZWYtOTA3My1hZDE0MDExYWMzYjIvMC8wMTJEMkY1OTkz
N0ZEQkU2NTA5NUI5RUI0OTcxRDlEMzFFRkRBOTNDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDEyRDJGNTk5MzdGREJFNjUwOTVCOUVCNDk3MUQ5RDMxRUZE
QTkzQy5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE4NmIzODg5LTY5NjYtNDVlZi05
MDczLWFkMTQwMTFhYzNiMi8wLzMyMzAzMjJlMzkzMzJlMzEzNDMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzMzM4MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADKXY4wDQYJKoZIhvcN
AQELBQADggEBABR7WTPHUKbadIh+R2mAuLUCXQJYZyDnbCqjTFSsYUVOUVQPYOgq
668fmW9X7gHsF1E+7NLglygC17zYOuQfdUnJsgDDvDjqHxpONRuoePdbIy0lBRch
0LKCMoeh9oZTIuKB8FoABnZwmrc3q94N/erlxH320mekzyI7hc4nlX/5FVtsmUJJ
7Q5n+zPKINwKOwuvMsLo0SCLAc0nlhIuTpIns+5iDJaJpGzs31Xs9GsVYBHfvGZ/
53t8b8UTjAqjO9QR9Essi04iTCeeiKCbcyF2jRjINoI4V9zYNULTnAtV87E+4eFK
KDamikYjS4msA1cuRxGxjkdCSCp+Gn5ZIqs=
-----END CERTIFICATE-----
Generated at Wed Mar 27 01:50:18 2024 by rpki-client on console-ams.rpki-client.org