Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3131302e3233322e38302e302f32322d3234203d3e203233363739.roa
File:                     3131302e3233322e38302e302f32322d3234203d3e203233363739.roa (raw, json)
Hash identifier:          UBg0wKSyr50RhC8daYjXDKabdqP5VYwGNIY/LR8XuC8=
Subject key identifier:   DC:29:A5:07:2E:D3:B4:08:8C:1A:03:25:5C:D3:29:2F:97:FB:FB:BA
Certificate issuer:       /CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
Certificate serial:       0D771C1515C8ABDF8C809789A44C54A571E72C03
Authority key identifier: 55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3131302e3233322e38302e302f32322d3234203d3e203233363739.roa
Signing time:             Fri 11 Jul 2025 11:02:23 +0000
ROA not before:           Fri 11 Jul 2025 10:57:23 +0000
ROA not after:            Fri 10 Jul 2026 11:02:23 +0000
asID:                     23679
IP address blocks:        110.232.80.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl
                          rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 24 Jul 2025 10:30:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:77:1c:15:15:c8:ab:df:8c:80:97:89:a4:4c:54:a5:71:e7:2c:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=552B31A26E92A9DD6A585B92375B7FCA4FA66984
        Validity
            Not Before: Jul 11 10:57:23 2025 GMT
            Not After : Jul 10 11:02:23 2026 GMT
        Subject: CN=DC29A5072ED3B4088C1A03255CD3292F97FBFBBA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:38:ed:33:00:51:94:40:66:c9:3e:00:27:02:
                    9a:13:94:04:9a:a1:e7:42:b3:5f:29:01:42:a7:87:
                    34:ab:5d:41:50:ec:a6:83:9f:ae:39:4b:4f:d0:37:
                    8c:cd:bf:1a:72:2b:7f:38:f0:77:d4:e8:d3:90:20:
                    b3:85:5c:8b:2e:d2:b5:da:5e:1c:77:fd:fd:ad:4d:
                    69:16:5c:9a:2f:c2:88:3e:b9:c2:81:4e:95:c8:81:
                    09:23:5f:b7:94:21:0d:cb:74:2d:11:9b:54:3c:01:
                    42:1b:83:49:a7:8f:f4:01:8a:00:87:30:30:ba:c2:
                    d4:d7:c9:60:87:40:50:10:80:b2:8a:5c:64:a9:53:
                    da:2c:cf:3d:df:95:eb:33:70:6d:74:b9:f1:53:7c:
                    62:25:c2:9a:ff:b9:ee:1c:0b:e7:2e:fa:86:f0:01:
                    9f:0f:c1:59:04:93:ee:8d:46:6f:f4:f3:1d:d5:fe:
                    fd:fd:94:cb:89:f0:59:99:b2:36:95:d5:40:23:78:
                    57:c9:34:4c:a8:5f:cb:77:fb:f9:13:2f:86:06:c2:
                    8a:5f:ae:c8:75:f2:c1:c1:22:f9:ca:81:51:c3:74:
                    2f:86:4b:b7:2a:ee:9e:bb:2f:2d:6b:ea:48:6e:e4:
                    71:a6:67:59:8c:1a:b1:f8:37:ab:67:9a:24:89:00:
                    8f:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DC:29:A5:07:2E:D3:B4:08:8C:1A:03:25:5C:D3:29:2F:97:FB:FB:BA
            X509v3 Authority Key Identifier:
                keyid:55:2B:31:A2:6E:92:A9:DD:6A:58:5B:92:37:5B:7F:CA:4F:A6:69:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/552B31A26E92A9DD6A585B92375B7FCA4FA66984.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/552B31A26E92A9DD6A585B92375B7FCA4FA66984.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/201432cc-3bc9-4858-b506-218aab0b089c/0/3131302e3233322e38302e302f32322d3234203d3e203233363739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.232.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         09:16:45:57:ae:99:ab:61:cc:24:6b:35:97:71:d7:10:0c:61:
         04:93:e7:5c:22:49:12:8f:fc:d9:af:7d:e8:dd:1d:77:1a:62:
         85:4f:99:d1:dc:c5:a4:68:7a:e1:81:6e:01:53:fd:65:ff:4e:
         52:75:35:14:a6:c3:c8:e7:92:5e:26:a5:66:46:b3:96:d0:3b:
         56:1c:88:2b:5e:f6:92:ed:86:48:c0:ac:0e:df:4f:cf:f5:ff:
         24:a7:54:3e:b8:c4:19:2e:0b:01:c3:23:d8:97:80:6b:da:25:
         30:09:a3:2a:e8:9f:41:24:f2:76:22:d4:2e:91:9f:07:38:e0:
         a7:d1:e9:04:66:e4:a5:79:db:0d:c3:24:9a:3e:e5:10:c0:b6:
         a7:43:47:ba:97:44:cd:4a:dd:d1:89:92:cb:98:cc:20:d4:1f:
         c0:67:71:1a:21:33:73:4c:ce:6c:2b:e6:9c:bb:c3:29:ab:f8:
         d2:58:a4:a6:8c:0a:78:2d:be:6e:6e:14:8d:c7:7e:89:1d:fa:
         c4:2a:41:eb:fb:41:22:35:9b:a1:38:e6:97:b8:35:98:6c:1e:
         8c:61:f5:00:61:42:92:89:a8:ce:be:f6:7d:4b:29:4d:ce:d2:
         c2:d5:6d:f1:ea:15:70:41:50:e9:03:93:6c:04:8f:3d:6a:ed:
         69:d7:e7:fd
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUDXccFRXIq9+MgJeJpExUpXHnLAMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0
RkE2Njk4NDAeFw0yNTA3MTExMDU3MjNaFw0yNjA3MTAxMTAyMjNaMDMxMTAvBgNV
BAMTKERDMjlBNTA3MkVEM0I0MDg4QzFBMDMyNTVDRDMyOTJGOTdGQkZCQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUOO0zAFGUQGbJPgAnApoTlASa
oedCs18pAUKnhzSrXUFQ7KaDn645S0/QN4zNvxpyK3848HfU6NOQILOFXIsu0rXa
Xhx3/f2tTWkWXJovwog+ucKBTpXIgQkjX7eUIQ3LdC0Rm1Q8AUIbg0mnj/QBigCH
MDC6wtTXyWCHQFAQgLKKXGSpU9oszz3fleszcG10ufFTfGIlwpr/ue4cC+cu+obw
AZ8PwVkEk+6NRm/08x3V/v39lMuJ8FmZsjaV1UAjeFfJNEyoX8t3+/kTL4YGwopf
rsh18sHBIvnKgVHDdC+GS7cq7p67Ly1r6khu5HGmZ1mMGrH4N6tnmiSJAI8NAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU3CmlBy7TtAiMGgMlXNMpL5f7+7owHwYDVR0j
BBgwFoAUVSsxom6Sqd1qWFuSN1t/yk+maYQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MDE0MzJjYy0zYmM5LTQ4NTgtYjUwNi0yMThhYWIwYjA4OWMvMC81NTJCMzFBMjZF
OTJBOURENkE1ODVCOTIzNzVCN0ZDQTRGQTY2OTg0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTUyQjMxQTI2RTkyQTlERDZBNTg1QjkyMzc1QjdGQ0E0RkE2
Njk4NC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwMTQzMmNjLTNiYzktNDg1OC1i
NTA2LTIxOGFhYjBiMDg5Yy8wLzMxMzEzMDJlMzIzMzMyMmUzODMwMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzIzMzM2MzczOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAm7oUDANBgkqhkiG
9w0BAQsFAAOCAQEACRZFV66Zq2HMJGs1l3HXEAxhBJPnXCJJEo/82a996N0ddxpi
hU+Z0dzFpGh64YFuAVP9Zf9OUnU1FKbDyOeSXialZkazltA7VhyIK172ku2GSMCs
Dt9Pz/X/JKdUPrjEGS4LAcMj2JeAa9olMAmjKuifQSTydiLULpGfBzjgp9HpBGbk
pXnbDcMkmj7lEMC2p0NHupdEzUrd0YmSy5jMINQfwGdxGiEzc0zObCvmnLvDKav4
0likpowKeC2+bm4Ujcd+iR36xCpB6/tBIjWboTjml7g1mGwejGH1AGFCkomozr72
fUspTc7SwtVt8eoVcEFQ6QOTbASPPWrtadfn/Q==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:06:05 2025 by rpki-client