Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/34332e3234332e3134302e302f32322d3234203d3e20313331313131.roa
File:                     34332e3234332e3134302e302f32322d3234203d3e20313331313131.roa (raw, json)
Hash identifier:          WAUcqdA7O2LLYcTzQMKWrsmTmgFIw7LfRlQQL7UptDI=
Subject key identifier:   C3:30:57:61:8F:C2:4F:66:73:C1:26:80:D6:14:A9:F3:E9:01:96:D5
Certificate issuer:       /CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
Certificate serial:       07B48DA64832830BB36430F5EFE09C43C01F1C90
Authority key identifier: C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/34332e3234332e3134302e302f32322d3234203d3e20313331313131.roa
Signing time:             Tue 08 Aug 2023 15:00:01 +0000
ROA not before:           Tue 08 Aug 2023 14:55:01 +0000
ROA not after:            Tue 06 Aug 2024 15:00:01 +0000
asID:                     131111
IP address blocks:        43.243.140.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl
                          rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:b4:8d:a6:48:32:83:0b:b3:64:30:f5:ef:e0:9c:43:c0:1f:1c:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
        Validity
            Not Before: Aug  8 14:55:01 2023 GMT
            Not After : Aug  6 15:00:01 2024 GMT
        Subject: CN=C33057618FC24F6673C12680D614A9F3E90196D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:66:fe:24:34:0e:0c:0e:f1:f7:3f:0b:6e:45:
                    ed:1d:bb:b5:10:40:27:36:80:90:ee:c1:69:fe:de:
                    0c:10:03:79:86:e1:c6:04:aa:0c:c0:e8:2f:fd:e3:
                    b3:24:79:9d:b6:87:55:19:20:4b:cb:d2:92:84:60:
                    2c:86:87:08:06:30:d2:d0:07:5b:55:fc:9d:87:0a:
                    4e:54:d2:45:03:6c:ae:07:1e:dd:57:44:6c:ce:8d:
                    26:f5:05:36:79:49:a8:11:92:53:96:8f:d3:f3:e0:
                    8c:42:d0:ff:91:bc:e5:c3:65:9e:67:80:a3:65:d9:
                    e2:44:dd:fa:a3:8b:b1:ce:d4:0e:fe:1d:07:2a:5d:
                    5d:d7:0f:ba:46:67:a3:4e:c1:12:6a:df:2e:23:62:
                    27:5b:3c:eb:36:ce:75:9f:73:ac:63:a5:5b:0c:8a:
                    40:96:f8:41:1f:16:8d:0b:0a:e6:41:f2:21:6f:01:
                    ff:c4:49:cf:88:65:87:cb:45:8d:f7:64:fc:7a:75:
                    d8:c1:b2:c5:89:e3:bd:cf:69:d7:79:20:0e:66:02:
                    a3:64:21:53:68:f2:74:e3:fd:e9:5b:06:da:21:a0:
                    75:10:3b:3c:ee:8e:e8:de:7e:27:47:c0:2d:10:19:
                    bb:f0:8b:fe:3d:e4:85:49:48:87:e4:35:f0:2c:79:
                    74:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:30:57:61:8F:C2:4F:66:73:C1:26:80:D6:14:A9:F3:E9:01:96:D5
            X509v3 Authority Key Identifier:
                keyid:C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/34332e3234332e3134302e302f32322d3234203d3e20313331313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  43.243.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b2:8c:d3:ef:ab:7a:16:65:45:b3:9d:b1:fb:65:cd:c8:97:0e:
         b5:bf:89:53:d6:14:5f:f0:62:0d:6c:37:ba:bc:a0:86:e0:65:
         12:e9:ad:5a:25:b2:56:a1:a2:03:67:8c:5d:0b:55:c1:ed:79:
         7a:88:b6:78:7b:86:f2:82:c3:0d:7e:f6:c7:6e:5d:96:61:fb:
         7d:d2:79:bb:85:8a:49:b3:3a:0d:51:c4:21:db:1d:6a:22:7e:
         12:13:fc:97:32:5e:af:99:30:cb:4e:bc:1d:53:36:53:b3:46:
         81:84:c9:34:2f:55:83:97:a4:3a:58:2a:00:7b:76:95:3c:b0:
         d3:60:b5:93:7b:81:01:eb:57:c7:e1:06:ad:71:f7:21:3f:7f:
         fe:3e:cf:2b:3c:4c:77:5b:30:3a:93:c8:1e:83:cc:02:49:db:
         83:cc:eb:9e:a5:4d:1a:45:ae:b7:d5:67:92:8a:0d:74:92:4a:
         4e:ec:da:e6:eb:57:ce:fe:b7:b9:9d:d9:4f:bb:1f:75:4a:20:
         9b:ad:72:cc:9d:57:b8:2d:c7:36:f9:59:a8:7d:f9:76:a8:09:
         66:e7:f5:b1:2d:8c:6f:ee:4a:36:9c:45:3f:a8:e6:0f:3f:b6:
         97:67:7d:82:61:4c:8d:d4:cb:f9:7d:88:7b:a3:19:03:c8:9f:
         aa:5e:94:e3
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUB7SNpkgygwuzZDD17+CcQ8AfHJAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4
NzE2REMyRjAeFw0yMzA4MDgxNDU1MDFaFw0yNDA4MDYxNTAwMDFaMDMxMTAvBgNV
BAMTKEMzMzA1NzYxOEZDMjRGNjY3M0MxMjY4MEQ2MTRBOUYzRTkwMTk2RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Zv4kNA4MDvH3PwtuRe0du7UQ
QCc2gJDuwWn+3gwQA3mG4cYEqgzA6C/947MkeZ22h1UZIEvL0pKEYCyGhwgGMNLQ
B1tV/J2HCk5U0kUDbK4HHt1XRGzOjSb1BTZ5SagRklOWj9Pz4IxC0P+RvOXDZZ5n
gKNl2eJE3fqji7HO1A7+HQcqXV3XD7pGZ6NOwRJq3y4jYidbPOs2znWfc6xjpVsM
ikCW+EEfFo0LCuZB8iFvAf/ESc+IZYfLRY33ZPx6ddjBssWJ473Padd5IA5mAqNk
IVNo8nTj/elbBtohoHUQOzzujujefidHwC0QGbvwi/495IVJSIfkNfAseXTfAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUwzBXYY/CT2ZzwSaA1hSp8+kBltUwHwYDVR0j
BBgwFoAUwa+MmZ6dBtrevDh9eLMFq4cW3C8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
OTIwNWU3Yy1hODgxLTQ4NzMtOTE4OC1lNTIxYjZhZjUyOWMvMC9DMUFGOEM5OTlF
OUQwNkRBREVCQzM4N0Q3OEIzMDVBQjg3MTZEQzJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4NzE2
REMyRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE5MjA1ZTdjLWE4ODEtNDg3My05
MTg4LWU1MjFiNmFmNTI5Yy8wLzM0MzMyZTMyMzQzMzJlMzEzNDMwMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzEzMzMxMzEzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCK/OMMA0GCSqG
SIb3DQEBCwUAA4IBAQCyjNPvq3oWZUWznbH7Zc3Ilw61v4lT1hRf8GINbDe6vKCG
4GUS6a1aJbJWoaIDZ4xdC1XB7Xl6iLZ4e4bygsMNfvbHbl2WYft90nm7hYpJszoN
UcQh2x1qIn4SE/yXMl6vmTDLTrwdUzZTs0aBhMk0L1WDl6Q6WCoAe3aVPLDTYLWT
e4EB61fH4QatcfchP3/+Ps8rPEx3WzA6k8geg8wCSduDzOuepU0aRa631WeSig10
kkpO7Nrm61fO/re5ndlPux91SiCbrXLMnVe4Lcc2+Vmoffl2qAlm5/WxLYxv7ko2
nEU/qOYPP7aXZ32CYUyN1Mv5fYh7oxkDyJ+qXpTj
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:57:44 2024 by rpki-client on console-fra.rpki-client.org