Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/3137352e3131312e3131372e302f32342d3234203d3e203436303236.roa
File:                     3137352e3131312e3131372e302f32342d3234203d3e203436303236.roa (raw, json)
Hash identifier:          2dvMyZMHFnOJZMDTZ7Xm8DEInoy3wCTypFZrOrIRh/0=
Subject key identifier:   C3:8E:89:A8:41:BD:A0:B8:2B:B3:73:07:52:77:2A:A1:24:92:DA:A0
Certificate issuer:       /CN=F8C19A8F8CB0DDC85D1C8E55638FB43584903E17
Certificate serial:       10984CA28991E760B889B500947E9C212CB20D11
Authority key identifier: F8:C1:9A:8F:8C:B0:DD:C8:5D:1C:8E:55:63:8F:B4:35:84:90:3E:17
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/3137352e3131312e3131372e302f32342d3234203d3e203436303236.roa
Signing time:             Mon 31 Jul 2023 00:02:35 +0000
ROA not before:           Sun 30 Jul 2023 23:57:35 +0000
ROA not after:            Mon 29 Jul 2024 00:02:35 +0000
asID:                     46026
IP address blocks:        175.111.117.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.crl
                          rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 03:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:98:4c:a2:89:91:e7:60:b8:89:b5:00:94:7e:9c:21:2c:b2:0d:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F8C19A8F8CB0DDC85D1C8E55638FB43584903E17
        Validity
            Not Before: Jul 30 23:57:35 2023 GMT
            Not After : Jul 29 00:02:35 2024 GMT
        Subject: CN=C38E89A841BDA0B82BB3730752772AA12492DAA0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:f1:93:3b:86:5c:ae:62:66:5a:fc:4f:33:b6:
                    40:2c:19:2f:4c:1e:e8:be:b9:4f:44:8b:ee:3f:37:
                    6d:01:17:7b:67:0d:12:9b:c6:76:56:6c:49:5c:27:
                    d0:97:66:4b:5c:04:46:28:c6:d0:f5:be:87:80:ee:
                    c3:3f:1b:94:c2:48:71:4a:c8:49:4c:79:60:ad:c3:
                    91:2d:a1:4b:27:05:1c:9c:a0:4a:71:d6:da:83:cf:
                    be:04:3f:3a:ce:2b:c3:d1:5d:38:5c:a4:96:c0:03:
                    53:0e:1b:f2:bd:53:c2:34:af:9c:89:01:d0:8a:20:
                    e3:30:77:8a:6d:23:e4:f1:df:cb:10:25:5f:5a:ac:
                    89:a1:7c:19:65:d8:77:57:40:bd:9e:31:73:a3:bf:
                    85:93:e7:2d:8f:b8:2a:d2:c6:b2:32:54:bb:4f:01:
                    b0:28:96:26:a8:b5:35:3a:9a:be:e9:85:a2:47:39:
                    dc:7b:9e:00:59:bb:f2:e0:65:17:63:32:68:b8:f2:
                    4a:54:48:82:b0:e2:88:89:aa:77:c4:b6:6f:a5:a8:
                    2f:c7:d4:08:25:b4:88:2c:5b:2a:1f:25:91:b2:28:
                    5d:1f:6b:d1:26:1c:8b:dc:bd:25:fa:92:12:98:67:
                    61:f0:c1:c8:45:95:82:8b:2e:45:d6:2f:97:4c:a0:
                    6d:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:8E:89:A8:41:BD:A0:B8:2B:B3:73:07:52:77:2A:A1:24:92:DA:A0
            X509v3 Authority Key Identifier:
                keyid:F8:C1:9A:8F:8C:B0:DD:C8:5D:1C:8E:55:63:8F:B4:35:84:90:3E:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/3137352e3131312e3131372e302f32342d3234203d3e203436303236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.111.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9e:e8:49:53:6d:88:16:0c:3b:64:91:ca:5f:d5:70:2e:1a:77:
         ad:59:84:47:40:a1:14:0b:84:90:54:89:47:5b:e4:5d:fc:11:
         f5:ae:6a:5d:4e:dc:b1:5e:6f:cd:26:40:60:ba:8c:4b:01:a3:
         9a:81:47:be:1e:f7:9d:1a:2e:f9:31:df:70:4d:fb:24:2b:f3:
         ae:86:cd:1b:e0:75:50:a0:cb:78:50:22:39:cf:24:9a:bb:e2:
         87:57:a6:54:07:1c:4b:a3:d0:ab:00:1a:a3:9a:b5:04:02:5d:
         9e:e6:b5:d8:c1:0a:a2:e9:c8:37:b3:ce:cf:6e:55:26:e5:bc:
         ef:81:d6:b1:d3:20:e1:b0:c4:68:23:a9:7b:4e:1a:60:de:3d:
         f3:de:ca:1d:85:81:0a:e0:5e:6f:41:02:37:df:76:37:e7:db:
         b3:92:e3:cc:47:52:00:c1:b2:4b:e2:4b:31:d9:29:51:77:d8:
         8a:31:f4:72:20:46:9a:76:ca:4b:1b:d9:db:b4:fa:97:1e:d7:
         f7:6d:69:f8:d6:59:f9:c7:53:e0:6d:6e:01:e6:6c:ba:f0:f8:
         48:99:64:3a:99:5f:6f:47:10:3a:f7:1f:f8:3e:07:b5:84:d1:
         e3:b7:b9:aa:63:cb:d8:82:db:e6:37:08:1b:2a:8d:1c:d4:e2:
         be:fe:05:75
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUEJhMoomR52C4ibUAlH6cISyyDREwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjhDMTlBOEY4Q0IwRERDODVEMUM4RTU1NjM4RkI0MzU4
NDkwM0UxNzAeFw0yMzA3MzAyMzU3MzVaFw0yNDA3MjkwMDAyMzVaMDMxMTAvBgNV
BAMTKEMzOEU4OUE4NDFCREEwQjgyQkIzNzMwNzUyNzcyQUExMjQ5MkRBQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/8ZM7hlyuYmZa/E8ztkAsGS9M
Hui+uU9Ei+4/N20BF3tnDRKbxnZWbElcJ9CXZktcBEYoxtD1voeA7sM/G5TCSHFK
yElMeWCtw5EtoUsnBRycoEpx1tqDz74EPzrOK8PRXThcpJbAA1MOG/K9U8I0r5yJ
AdCKIOMwd4ptI+Tx38sQJV9arImhfBll2HdXQL2eMXOjv4WT5y2PuCrSxrIyVLtP
AbAoliaotTU6mr7phaJHOdx7ngBZu/LgZRdjMmi48kpUSIKw4oiJqnfEtm+lqC/H
1AgltIgsWyofJZGyKF0fa9EmHIvcvSX6khKYZ2HwwchFlYKLLkXWL5dMoG2TAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUw46JqEG9oLgrs3MHUncqoSSS2qAwHwYDVR0j
BBgwFoAU+MGaj4yw3chdHI5VY4+0NYSQPhcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZmY0ZWJjZC0yOWNmLTRlZWMtYTkyYS1kMTEzNmY1Zjk5MzYvMC9GOEMxOUE4RjhD
QjBEREM4NUQxQzhFNTU2MzhGQjQzNTg0OTAzRTE3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjhDMTlBOEY4Q0IwRERDODVEMUM4RTU1NjM4RkI0MzU4NDkw
M0UxNy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFmZjRlYmNkLTI5Y2YtNGVlYy1h
OTJhLWQxMTM2ZjVmOTkzNi8wLzMxMzczNTJlMzEzMTMxMmUzMTMxMzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNDM2MzAzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAr291MA0GCSqG
SIb3DQEBCwUAA4IBAQCe6ElTbYgWDDtkkcpf1XAuGnetWYRHQKEUC4SQVIlHW+Rd
/BH1rmpdTtyxXm/NJkBguoxLAaOagUe+HvedGi75Md9wTfskK/Ouhs0b4HVQoMt4
UCI5zySau+KHV6ZUBxxLo9CrABqjmrUEAl2e5rXYwQqi6cg3s87PblUm5bzvgdax
0yDhsMRoI6l7Thpg3j3z3sodhYEK4F5vQQI333Y359uzkuPMR1IAwbJL4ksx2SlR
d9iKMfRyIEaadspLG9nbtPqXHtf3bWn41ln5x1PgbW4B5my68PhImWQ6mV9vRxA6
9x/4Pge1hNHjt7mqY8vYgtvmNwgbKo0c1OK+/gV1
-----END CERTIFICATE-----
Generated at Thu Mar 28 06:01:00 2024 by rpki-client on console-fra.rpki-client.org