Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3132342e302f32322d3234203d3e203436303531.roa
File:                     3230322e36352e3132342e302f32322d3234203d3e203436303531.roa (raw, json)
Hash identifier:          h4SwZFwOLp+5xxwPetdIHUPq+vo930uZejiBuGBVM3c=
Subject key identifier:   63:44:FD:1B:BC:77:B9:93:45:8F:88:85:17:B9:39:FB:90:AC:FA:2D
Certificate issuer:       /CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
Certificate serial:       3A8F6250DA52D1C8BCBF3CE38E341146E8C95781
Authority key identifier: CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3132342e302f32322d3234203d3e203436303531.roa
Signing time:             Tue 19 Sep 2023 05:00:00 +0000
ROA not before:           Tue 19 Sep 2023 04:55:00 +0000
ROA not after:            Tue 17 Sep 2024 05:00:00 +0000
asID:                     46051
IP address blocks:        202.65.124.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl
                          rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:8f:62:50:da:52:d1:c8:bc:bf:3c:e3:8e:34:11:46:e8:c9:57:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F
        Validity
            Not Before: Sep 19 04:55:00 2023 GMT
            Not After : Sep 17 05:00:00 2024 GMT
        Subject: CN=6344FD1BBC77B993458F888517B939FB90ACFA2D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:0f:aa:97:bc:a9:50:14:eb:83:9e:2c:b7:fc:
                    9c:c7:99:cd:55:61:bf:fa:cf:a9:82:39:35:a5:15:
                    da:a0:c1:3b:60:75:3f:20:e1:83:6c:65:0a:8f:bf:
                    0f:8e:56:4a:5e:e0:0c:d6:51:dd:82:ec:70:fc:7e:
                    89:b9:af:38:dd:25:d0:05:55:2d:48:8f:22:1b:64:
                    cf:5c:79:02:5c:bc:c0:45:b8:47:7c:1f:5c:cf:69:
                    7b:0c:91:11:0b:e2:6b:ac:06:90:15:2a:f2:05:ed:
                    d6:f8:d4:98:4b:2f:c4:4c:c8:52:5f:a9:74:f7:1b:
                    9d:d7:b7:fe:0e:53:01:25:e9:36:5f:35:35:d2:52:
                    02:f0:ea:e1:b4:f3:34:cf:b7:8e:53:aa:01:a3:e7:
                    56:1f:82:e6:25:9a:14:9f:66:7d:76:01:3f:38:6e:
                    46:08:1a:60:f5:17:d3:bd:73:81:ba:a3:43:61:d8:
                    4c:c4:62:79:e4:4f:d9:4c:1e:4c:45:75:f2:9a:68:
                    80:dc:a6:31:e9:43:62:1f:aa:ea:20:7d:e5:e8:89:
                    2b:f2:33:c0:d6:f0:04:7a:55:23:67:52:64:5d:16:
                    ac:10:2a:eb:56:1d:c2:60:54:d1:b0:52:87:f7:ce:
                    df:db:9d:ec:02:95:25:a5:72:65:3a:9c:7f:7b:c1:
                    76:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:44:FD:1B:BC:77:B9:93:45:8F:88:85:17:B9:39:FB:90:AC:FA:2D
            X509v3 Authority Key Identifier:
                keyid:CA:35:BA:C7:A4:05:DF:1E:D9:ED:62:F0:9D:2F:4F:2E:14:3C:8E:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CA35BAC7A405DF1ED9ED62F09D2F4F2E143C8E8F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1e6a7e46-b6ad-4a7d-b930-1ab0bf02dd5d/0/3230322e36352e3132342e302f32322d3234203d3e203436303531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.65.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:65:77:13:93:7f:d4:29:e7:1f:70:23:63:60:4e:40:42:e2:
         ec:ba:7b:c7:49:1c:1c:a9:eb:56:d7:82:60:ff:70:c9:67:6f:
         2c:12:b3:bd:23:2a:11:f6:0d:cc:8e:5d:74:53:f1:e8:9e:6f:
         0d:93:fe:02:65:22:84:5b:73:4d:2e:0d:ea:22:95:cb:3e:57:
         d1:97:e0:17:3b:2a:6a:01:bf:6e:a6:55:4e:b7:7a:90:02:9f:
         ef:7e:4e:8a:49:4e:dc:1e:95:f7:44:7d:65:a1:64:f3:5b:ea:
         76:7e:fa:47:92:3e:f4:ff:bc:b6:95:0b:6c:1a:61:10:25:af:
         d4:7a:1a:6b:2a:2c:49:de:fd:71:6d:ef:60:a2:9c:66:c8:50:
         6c:cc:e4:fc:dd:51:c1:2c:86:d1:56:2f:07:0e:5d:f1:62:7b:
         9e:61:b5:58:46:de:2b:5c:3e:bb:92:d9:db:50:50:be:e1:e2:
         9e:d2:f2:44:c9:63:7a:41:6e:fd:60:7f:7b:cc:6e:60:56:d2:
         60:cf:c7:ba:25:55:03:c1:d8:d9:bc:a5:53:15:94:7f:4d:a1:
         aa:20:fd:f8:59:03:de:91:1b:2a:f0:ec:62:c8:e5:a8:e3:1f:
         16:c6:85:fd:f6:67:b2:25:29:9f:ad:78:ae:08:2b:b7:1f:8e:
         01:13:3a:f6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUOo9iUNpS0ci8vzzjjjQRRujJV4EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUx
NDNDOEU4RjAeFw0yMzA5MTkwNDU1MDBaFw0yNDA5MTcwNTAwMDBaMDMxMTAvBgNV
BAMTKDYzNDRGRDFCQkM3N0I5OTM0NThGODg4NTE3QjkzOUZCOTBBQ0ZBMkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJD6qXvKlQFOuDniy3/JzHmc1V
Yb/6z6mCOTWlFdqgwTtgdT8g4YNsZQqPvw+OVkpe4AzWUd2C7HD8fom5rzjdJdAF
VS1IjyIbZM9ceQJcvMBFuEd8H1zPaXsMkREL4musBpAVKvIF7db41JhLL8RMyFJf
qXT3G53Xt/4OUwEl6TZfNTXSUgLw6uG08zTPt45TqgGj51YfguYlmhSfZn12AT84
bkYIGmD1F9O9c4G6o0Nh2EzEYnnkT9lMHkxFdfKaaIDcpjHpQ2IfquogfeXoiSvy
M8DW8AR6VSNnUmRdFqwQKutWHcJgVNGwUof3zt/bnewClSWlcmU6nH97wXYrAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUY0T9G7x3uZNFj4iFF7k5+5Cs+i0wHwYDVR0j
BBgwFoAUyjW6x6QF3x7Z7WLwnS9PLhQ8jo8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZTZhN2U0Ni1iNmFkLTRhN2QtYjkzMC0xYWIwYmYwMmRkNWQvMC9DQTM1QkFDN0E0
MDVERjFFRDlFRDYyRjA5RDJGNEYyRTE0M0M4RThGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0EzNUJBQzdBNDA1REYxRUQ5RUQ2MkYwOUQyRjRGMkUxNDND
OEU4Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFlNmE3ZTQ2LWI2YWQtNGE3ZC1i
OTMwLTFhYjBiZjAyZGQ1ZC8wLzMyMzAzMjJlMzYzNTJlMzEzMjM0MmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzQzNjMwMzUzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAspBfDANBgkqhkiG
9w0BAQsFAAOCAQEAbmV3E5N/1CnnH3AjY2BOQELi7Lp7x0kcHKnrVteCYP9wyWdv
LBKzvSMqEfYNzI5ddFPx6J5vDZP+AmUihFtzTS4N6iKVyz5X0ZfgFzsqagG/bqZV
Trd6kAKf735OiklO3B6V90R9ZaFk81vqdn76R5I+9P+8tpULbBphECWv1Hoaayos
Sd79cW3vYKKcZshQbMzk/N1RwSyG0VYvBw5d8WJ7nmG1WEbeK1w+u5LZ21BQvuHi
ntLyRMljekFu/WB/e8xuYFbSYM/HuiVVA8HY2bylUxWUf02hqiD9+FkD3pEbKvDs
YsjlqOMfFsaF/fZnsiUpn614rggrtx+OARM69g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:41:57 2024 by rpki-client on console-fra.rpki-client.org