Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa
File:                     323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa (raw, json)
Hash identifier:          ug52myYAauurbk/pemf4QMx4EMr955PPrR8O9s1hC0g=
Subject key identifier:   6A:57:4E:6F:95:6D:9C:1D:BC:FE:9C:D9:F1:E1:FD:A4:88:E0:DD:34
Certificate issuer:       /CN=9F6D5D5649D001D2B7A3378F99314A992D482E4A
Certificate serial:       642462E625E2BA1DBED3DD42005C3799F453B56D
Authority key identifier: 9F:6D:5D:56:49:D0:01:D2:B7:A3:37:8F:99:31:4A:99:2D:48:2E:4A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9F6D5D5649D001D2B7A3378F99314A992D482E4A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa
Signing time:             Sun 30 Jul 2023 23:00:00 +0000
ROA not before:           Sun 30 Jul 2023 22:55:00 +0000
ROA not after:            Sun 28 Jul 2024 23:00:00 +0000
asID:                     136821
IP address blocks:        2001:df2:2100::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/9F6D5D5649D001D2B7A3378F99314A992D482E4A.crl
                          rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/9F6D5D5649D001D2B7A3378F99314A992D482E4A.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9F6D5D5649D001D2B7A3378F99314A992D482E4A.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:24:62:e6:25:e2:ba:1d:be:d3:dd:42:00:5c:37:99:f4:53:b5:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9F6D5D5649D001D2B7A3378F99314A992D482E4A
        Validity
            Not Before: Jul 30 22:55:00 2023 GMT
            Not After : Jul 28 23:00:00 2024 GMT
        Subject: CN=6A574E6F956D9C1DBCFE9CD9F1E1FDA488E0DD34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:f4:95:04:b7:c7:71:3d:52:ba:09:35:d0:a1:
                    01:12:71:93:80:f4:4e:70:5f:3a:dd:32:ff:a0:f9:
                    80:e0:4f:83:4c:4d:2f:d1:4e:df:06:dc:bf:62:e2:
                    1c:26:4a:a5:f8:a9:22:dd:5c:b0:76:db:01:fc:37:
                    39:28:c0:f2:e4:5a:35:8a:e4:2c:2d:15:6e:e3:d1:
                    be:49:19:af:2b:98:88:00:fa:cf:5b:c4:c6:78:26:
                    38:55:cc:32:c8:fa:b1:af:e5:37:9c:4f:b7:ca:75:
                    bf:79:11:3e:a0:59:ec:1b:7b:fc:7b:7f:b6:79:cb:
                    7c:13:da:ba:9a:ec:c0:f1:ef:e9:ff:a6:72:ca:de:
                    9f:a0:54:76:61:77:b4:8a:75:44:b3:dc:d0:33:a0:
                    61:87:24:9c:0a:2d:09:24:18:1e:5c:a9:70:7e:3d:
                    8a:78:37:c9:4e:58:6b:a2:65:73:f8:79:48:5d:86:
                    fd:85:e6:f0:b7:7d:49:4c:ea:16:42:dc:ad:3f:27:
                    aa:11:e6:67:81:d6:18:87:8c:43:66:c9:7a:be:99:
                    03:52:7c:ce:a1:21:8f:dc:92:08:24:b1:15:24:3e:
                    e2:d0:80:18:4e:f0:f2:ea:74:0a:94:e2:9e:6d:ff:
                    85:14:d6:9f:d4:f2:42:05:75:e2:6f:33:59:95:8e:
                    81:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:57:4E:6F:95:6D:9C:1D:BC:FE:9C:D9:F1:E1:FD:A4:88:E0:DD:34
            X509v3 Authority Key Identifier:
                keyid:9F:6D:5D:56:49:D0:01:D2:B7:A3:37:8F:99:31:4A:99:2D:48:2E:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/9F6D5D5649D001D2B7A3378F99314A992D482E4A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9F6D5D5649D001D2B7A3378F99314A992D482E4A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fd3fc24-75a2-47f6-928e-4e9802b97085/0/323030313a6466323a323130303a3a2f34382d3438203d3e20313336383231.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df2:2100::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:f0:e7:62:9d:8b:da:5d:71:41:77:b9:19:c5:eb:7c:2c:da:
         63:d8:2a:f3:7c:dd:b3:68:ce:d0:0b:54:7d:bd:28:2b:a7:13:
         87:08:85:31:6a:0b:d7:01:7d:3e:85:8f:45:e1:e1:3c:0c:6c:
         c1:ca:7c:e7:03:b8:67:b4:26:4e:af:a5:37:70:60:4a:0d:86:
         71:2a:eb:62:03:d0:55:37:d6:a5:cc:d4:4c:cd:03:f3:26:32:
         ea:cd:77:2f:ba:e3:c3:e5:44:0f:0a:4e:a9:59:85:0c:90:ee:
         45:09:70:22:1d:56:af:dd:b5:4e:e1:eb:c2:cc:5e:7f:54:37:
         f6:bb:80:c1:86:41:6f:23:d8:2e:08:33:a0:b7:ca:40:96:95:
         4f:35:a5:f0:1e:38:2b:c6:f8:69:58:e3:3f:1e:4a:03:21:b0:
         36:23:52:43:e4:a4:3e:2b:2e:c9:bf:86:99:a1:0d:38:9a:de:
         cd:9d:97:28:f5:5a:c3:84:b7:54:eb:06:d5:3d:c7:1f:f3:e7:
         21:5d:98:f9:4a:d4:93:45:56:58:3b:25:64:a3:0c:d0:99:2a:
         86:94:bb:34:e7:3b:db:a9:a6:1c:31:a2:89:04:95:8f:57:87:
         d7:c4:d2:4c:4b:30:69:18:d4:05:cd:2b:e7:c0:88:4f:5c:2d:
         0c:f4:03:95
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUZCRi5iXiuh2+091CAFw3mfRTtW0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUY2RDVENTY0OUQwMDFEMkI3QTMzNzhGOTkzMTRBOTky
RDQ4MkU0QTAeFw0yMzA3MzAyMjU1MDBaFw0yNDA3MjgyMzAwMDBaMDMxMTAvBgNV
BAMTKDZBNTc0RTZGOTU2RDlDMURCQ0ZFOUNEOUYxRTFGREE0ODhFMEREMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU9JUEt8dxPVK6CTXQoQEScZOA
9E5wXzrdMv+g+YDgT4NMTS/RTt8G3L9i4hwmSqX4qSLdXLB22wH8NzkowPLkWjWK
5CwtFW7j0b5JGa8rmIgA+s9bxMZ4JjhVzDLI+rGv5TecT7fKdb95ET6gWewbe/x7
f7Z5y3wT2rqa7MDx7+n/pnLK3p+gVHZhd7SKdUSz3NAzoGGHJJwKLQkkGB5cqXB+
PYp4N8lOWGuiZXP4eUhdhv2F5vC3fUlM6hZC3K0/J6oR5meB1hiHjENmyXq+mQNS
fM6hIY/ckggksRUkPuLQgBhO8PLqdAqU4p5t/4UU1p/U8kIFdeJvM1mVjoHxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaldOb5VtnB28/pzZ8eH9pIjg3TQwHwYDVR0j
BBgwFoAUn21dVknQAdK3ozePmTFKmS1ILkowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmQzZmMyNC03NWEyLTQ3ZjYtOTI4ZS00ZTk4MDJiOTcwODUvMC85RjZENUQ1NjQ5
RDAwMUQyQjdBMzM3OEY5OTMxNEE5OTJENDgyRTRBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUY2RDVENTY0OUQwMDFEMkI3QTMzNzhGOTkzMTRBOTkyRDQ4
MkU0QS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJmZDNmYzI0LTc1YTItNDdmNi05
MjhlLTRlOTgwMmI5NzA4NS8wLzMyMzAzMDMxM2E2NDY2MzIzYTMyMzEzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM2MzgzMjMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
8iEAMA0GCSqGSIb3DQEBCwUAA4IBAQAn8OdinYvaXXFBd7kZxet8LNpj2CrzfN2z
aM7QC1R9vSgrpxOHCIUxagvXAX0+hY9F4eE8DGzBynznA7hntCZOr6U3cGBKDYZx
KutiA9BVN9alzNRMzQPzJjLqzXcvuuPD5UQPCk6pWYUMkO5FCXAiHVav3bVO4evC
zF5/VDf2u4DBhkFvI9guCDOgt8pAlpVPNaXwHjgrxvhpWOM/HkoDIbA2I1JD5KQ+
Ky7Jv4aZoQ04mt7NnZco9VrDhLdU6wbVPccf8+chXZj5StSTRVZYOyVkowzQmSqG
lLs05zvbqaYcMaKJBJWPV4fXxNJMSzBpGNQFzSvnwIhPXC0M9AOV
-----END CERTIFICATE-----
Generated at Wed Mar 27 05:20:14 2024 by rpki-client on console-fra.rpki-client.org