Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/3137352e3131312e3131392e302f32342d3234203d3e203436303236.roa
File:                     3137352e3131312e3131392e302f32342d3234203d3e203436303236.roa (raw, json)
Hash identifier:          +qmCjFARxHgJrX5Owi9O+2KeIgkQv6FV9SfM34HrBmU=
Subject key identifier:   39:1E:0F:25:57:98:C9:43:1B:6D:F2:83:8B:0C:0A:BA:6C:D8:27:FD
Certificate issuer:       /CN=F8C19A8F8CB0DDC85D1C8E55638FB43584903E17
Certificate serial:       1414E4900649D1E03F59C4E8A4C5DB82AE496168
Authority key identifier: F8:C1:9A:8F:8C:B0:DD:C8:5D:1C:8E:55:63:8F:B4:35:84:90:3E:17
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/3137352e3131312e3131392e302f32342d3234203d3e203436303236.roa
Signing time:             Mon 31 Jul 2023 00:02:34 +0000
ROA not before:           Sun 30 Jul 2023 23:57:34 +0000
ROA not after:            Mon 29 Jul 2024 00:02:34 +0000
asID:                     46026
IP address blocks:        175.111.119.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.crl
                          rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 09:34:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:14:e4:90:06:49:d1:e0:3f:59:c4:e8:a4:c5:db:82:ae:49:61:68
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F8C19A8F8CB0DDC85D1C8E55638FB43584903E17
        Validity
            Not Before: Jul 30 23:57:34 2023 GMT
            Not After : Jul 29 00:02:34 2024 GMT
        Subject: CN=391E0F255798C9431B6DF2838B0C0ABA6CD827FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b8:be:3f:a5:41:80:6a:9a:23:4a:63:d4:1d:
                    51:fe:02:7a:9b:2a:e8:b8:29:6a:52:11:10:e8:33:
                    57:99:d8:12:6e:e3:4c:a2:9e:10:7b:eb:e8:b0:56:
                    f4:9a:b0:08:7f:2e:fd:82:6d:b2:f0:87:32:f8:7d:
                    2f:02:9c:46:a1:16:49:ff:bf:95:cc:7e:bd:6a:8f:
                    8c:bc:c2:ca:c7:15:68:11:34:13:33:08:57:48:9d:
                    24:b1:be:a0:f1:73:7f:cf:b4:93:0d:d6:44:d2:05:
                    7e:9d:b9:39:bb:e8:50:b6:e5:0e:0d:d1:e5:c6:9b:
                    81:e1:c7:dd:c4:1d:6a:7f:1a:03:5c:b5:3f:5e:08:
                    7f:21:ce:e3:ab:ab:79:0f:7b:99:21:14:5c:b4:90:
                    cd:1b:db:7a:8a:a2:ac:4f:b8:fe:07:25:08:48:58:
                    13:5a:f0:80:d9:f1:a9:7d:45:e4:42:93:e7:09:01:
                    6e:3d:79:05:db:81:38:52:33:7f:e6:15:cf:8c:f2:
                    75:8f:0b:e3:fa:45:97:11:f6:26:98:b8:0f:b1:40:
                    be:d1:14:45:39:f9:11:b0:66:92:a0:12:28:db:d7:
                    80:d3:da:cd:3c:1c:30:21:f8:4f:be:4e:26:55:3c:
                    b6:8f:18:2d:9e:eb:5f:9a:c3:01:46:e8:7e:db:cd:
                    1a:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:1E:0F:25:57:98:C9:43:1B:6D:F2:83:8B:0C:0A:BA:6C:D8:27:FD
            X509v3 Authority Key Identifier:
                keyid:F8:C1:9A:8F:8C:B0:DD:C8:5D:1C:8E:55:63:8F:B4:35:84:90:3E:17

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8C19A8F8CB0DDC85D1C8E55638FB43584903E17.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/1ff4ebcd-29cf-4eec-a92a-d1136f5f9936/0/3137352e3131312e3131392e302f32342d3234203d3e203436303236.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.111.119.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:9c:d6:c1:d8:9f:d4:ed:61:7b:88:e4:86:5b:5b:d3:14:f7:
         02:67:8b:5d:c0:73:64:ff:76:eb:5c:b9:4e:68:0b:f6:0c:36:
         df:82:b4:db:18:a2:9e:db:28:58:a2:78:c3:7b:c8:0e:26:61:
         0a:c5:57:71:2a:9c:e2:1e:32:87:64:72:c8:7f:17:db:91:4b:
         c7:65:4d:d8:2a:14:40:58:ea:6d:39:41:7c:a2:e9:15:2c:bd:
         fb:b5:0b:d1:2b:70:c1:00:1f:fe:8d:48:08:3e:80:7b:a5:c7:
         9a:39:6a:74:4b:07:71:55:89:47:f5:45:4a:37:ac:de:3b:d1:
         30:e5:9e:1f:d8:48:60:e1:59:7b:46:a6:2b:e5:38:05:ec:f8:
         ef:77:94:8f:2d:22:ce:a9:fd:67:0b:23:79:ef:cd:93:45:b1:
         43:a4:40:b0:0c:8c:77:44:4f:99:aa:ac:87:7a:7b:e0:e0:99:
         d0:ca:b0:b3:4c:c0:a7:99:e3:a9:2c:30:a2:e0:b9:c1:69:5c:
         06:35:37:aa:e7:d2:e7:a8:07:50:38:41:0a:7f:45:c2:9d:5f:
         6c:41:b4:31:9f:3b:1e:6e:37:cc:f4:55:72:10:67:1b:83:1b:
         29:9e:46:24:d5:cf:30:a1:a6:09:1b:1f:af:38:f6:a9:26:ed:
         ef:f7:c6:31
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUFBTkkAZJ0eA/WcTopMXbgq5JYWgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjhDMTlBOEY4Q0IwRERDODVEMUM4RTU1NjM4RkI0MzU4
NDkwM0UxNzAeFw0yMzA3MzAyMzU3MzRaFw0yNDA3MjkwMDAyMzRaMDMxMTAvBgNV
BAMTKDM5MUUwRjI1NTc5OEM5NDMxQjZERjI4MzhCMEMwQUJBNkNEODI3RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMuL4/pUGAapojSmPUHVH+Anqb
Kui4KWpSERDoM1eZ2BJu40yinhB76+iwVvSasAh/Lv2CbbLwhzL4fS8CnEahFkn/
v5XMfr1qj4y8wsrHFWgRNBMzCFdInSSxvqDxc3/PtJMN1kTSBX6duTm76FC25Q4N
0eXGm4Hhx93EHWp/GgNctT9eCH8hzuOrq3kPe5khFFy0kM0b23qKoqxPuP4HJQhI
WBNa8IDZ8al9ReRCk+cJAW49eQXbgThSM3/mFc+M8nWPC+P6RZcR9iaYuA+xQL7R
FEU5+RGwZpKgEijb14DT2s08HDAh+E++TiZVPLaPGC2e61+awwFG6H7bzRqBAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOR4PJVeYyUMbbfKDiwwKumzYJ/0wHwYDVR0j
BBgwFoAU+MGaj4yw3chdHI5VY4+0NYSQPhcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
ZmY0ZWJjZC0yOWNmLTRlZWMtYTkyYS1kMTEzNmY1Zjk5MzYvMC9GOEMxOUE4RjhD
QjBEREM4NUQxQzhFNTU2MzhGQjQzNTg0OTAzRTE3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjhDMTlBOEY4Q0IwRERDODVEMUM4RTU1NjM4RkI0MzU4NDkw
M0UxNy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzFmZjRlYmNkLTI5Y2YtNGVlYy1h
OTJhLWQxMTM2ZjVmOTkzNi8wLzMxMzczNTJlMzEzMTMxMmUzMTMxMzkyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNDM2MzAzMjM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAr293MA0GCSqG
SIb3DQEBCwUAA4IBAQBYnNbB2J/U7WF7iOSGW1vTFPcCZ4tdwHNk/3brXLlOaAv2
DDbfgrTbGKKe2yhYonjDe8gOJmEKxVdxKpziHjKHZHLIfxfbkUvHZU3YKhRAWOpt
OUF8oukVLL37tQvRK3DBAB/+jUgIPoB7pceaOWp0SwdxVYlH9UVKN6zeO9Ew5Z4f
2Ehg4Vl7RqYr5TgF7Pjvd5SPLSLOqf1nCyN5782TRbFDpECwDIx3RE+ZqqyHenvg
4JnQyrCzTMCnmeOpLDCi4LnBaVwGNTeq59LnqAdQOEEKf0XCnV9sQbQxnzsebjfM
9FVyEGcbgxspnkYk1c8woaYJGx+vOPapJu3v98Yx
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:10:34 2024 by rpki-client on console-ams.rpki-client.org