Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/300f4f37-c7fb-47d0-8a85-ecfd12b915f5/0/323430323a626538303a383030303a3a2f33332d3333203d3e20313331373439.roa
File:                     323430323a626538303a383030303a3a2f33332d3333203d3e20313331373439.roa (raw, json)
Hash identifier:          L+qhwffYUDMH6t6zWolx2uE/H3qryW6jnClse7bWuyw=
Subject key identifier:   E2:E3:4E:87:11:AE:13:84:4C:9C:AA:9A:F7:9A:1B:89:07:CF:C2:54
Certificate issuer:       /CN=10FE35B040E8A3D05E5BE9BEE4F0A636952246FF
Certificate serial:       74BD33B29277582F8CC22374DF95D5316478A040
Authority key identifier: 10:FE:35:B0:40:E8:A3:D0:5E:5B:E9:BE:E4:F0:A6:36:95:22:46:FF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10FE35B040E8A3D05E5BE9BEE4F0A636952246FF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/300f4f37-c7fb-47d0-8a85-ecfd12b915f5/0/323430323a626538303a383030303a3a2f33332d3333203d3e20313331373439.roa
Signing time:             Mon 31 Jul 2023 00:03:04 +0000
ROA not before:           Sun 30 Jul 2023 23:58:04 +0000
ROA not after:            Mon 29 Jul 2024 00:03:04 +0000
asID:                     131749
IP address blocks:        2402:be80:8000::/33 maxlen: 33

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/300f4f37-c7fb-47d0-8a85-ecfd12b915f5/0/10FE35B040E8A3D05E5BE9BEE4F0A636952246FF.crl
                          rsync://repo-rpki.idnic.net/repo/300f4f37-c7fb-47d0-8a85-ecfd12b915f5/0/10FE35B040E8A3D05E5BE9BEE4F0A636952246FF.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10FE35B040E8A3D05E5BE9BEE4F0A636952246FF.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:bd:33:b2:92:77:58:2f:8c:c2:23:74:df:95:d5:31:64:78:a0:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=10FE35B040E8A3D05E5BE9BEE4F0A636952246FF
        Validity
            Not Before: Jul 30 23:58:04 2023 GMT
            Not After : Jul 29 00:03:04 2024 GMT
        Subject: CN=E2E34E8711AE13844C9CAA9AF79A1B8907CFC254
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8c:0b:e1:fb:20:c9:4a:bb:6f:38:5f:b2:f9:
                    71:98:f1:1d:d4:c9:52:d4:4b:0a:78:e8:57:fa:87:
                    5c:47:23:22:c3:5b:16:1d:15:eb:d5:c1:ca:fe:ba:
                    50:1d:60:63:fe:d2:55:a1:fe:a9:b2:4c:f1:f7:f2:
                    da:31:98:d1:76:e0:d7:61:2d:4a:9e:5c:39:34:e3:
                    2c:ed:ef:09:b6:8d:c0:43:7a:b7:75:51:38:b2:c7:
                    e7:7b:72:86:e6:a3:f3:af:81:c8:c9:eb:9e:dc:bd:
                    23:32:bf:83:e8:49:5f:14:2e:b0:f4:0e:db:51:46:
                    1b:a9:42:3f:0c:1e:3c:86:b3:a9:2f:89:01:ed:59:
                    7d:f7:90:ed:d5:e1:6e:f7:83:95:f5:8a:62:db:a9:
                    ec:48:7a:d5:32:3f:5b:0b:a4:c5:18:a5:36:ce:26:
                    cc:36:a8:15:3d:06:99:60:65:3e:73:0e:8c:94:58:
                    f2:7a:95:d3:0f:aa:cd:5d:25:ab:4d:97:48:d4:ca:
                    45:b8:26:2f:48:77:e7:06:44:bd:7c:30:f0:c5:60:
                    9e:24:7c:0f:54:bd:ec:3d:98:36:90:36:f9:de:a1:
                    43:8e:fb:0d:60:1f:c7:33:68:5a:b8:03:01:19:28:
                    e2:67:cd:1d:3a:ff:f4:b9:68:ec:d4:34:b5:93:6b:
                    53:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:E3:4E:87:11:AE:13:84:4C:9C:AA:9A:F7:9A:1B:89:07:CF:C2:54
            X509v3 Authority Key Identifier:
                keyid:10:FE:35:B0:40:E8:A3:D0:5E:5B:E9:BE:E4:F0:A6:36:95:22:46:FF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/300f4f37-c7fb-47d0-8a85-ecfd12b915f5/0/10FE35B040E8A3D05E5BE9BEE4F0A636952246FF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/10FE35B040E8A3D05E5BE9BEE4F0A636952246FF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/300f4f37-c7fb-47d0-8a85-ecfd12b915f5/0/323430323a626538303a383030303a3a2f33332d3333203d3e20313331373439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:be80:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         3c:f4:bc:4c:62:4b:ef:f4:8f:2b:5e:40:16:76:9c:1a:64:14:
         ba:3a:e2:57:7d:c1:09:6b:45:c2:c7:5b:39:27:93:df:34:6e:
         f1:c0:9d:73:1e:f2:77:6f:24:f6:c6:e8:1c:94:d1:96:5b:ad:
         35:25:08:bd:5a:df:da:c0:f0:7c:ff:92:3e:c5:51:96:2a:85:
         c3:f5:cb:a4:bd:d1:8c:26:1f:4f:9c:02:11:1a:4e:a6:d4:b9:
         d2:12:2e:89:de:a9:b5:a8:ac:5c:0d:8a:38:25:9c:db:35:7f:
         8b:01:a4:ad:14:eb:ac:9f:80:47:64:c6:31:32:3a:ed:26:28:
         54:02:8e:22:4f:bb:cf:f3:80:55:a2:62:17:97:80:4d:77:8c:
         ea:9f:be:88:1e:05:df:6f:99:32:d2:7a:77:82:08:64:2d:c5:
         ef:05:f6:f0:d0:33:ce:b4:24:b4:28:2c:16:4b:62:b3:f1:b4:
         f9:9c:88:6d:9b:f4:78:e6:1d:f3:7a:51:f8:0a:79:d5:af:fc:
         e3:1b:0c:ea:e1:e3:1a:38:7e:f8:8a:16:e4:2e:b4:22:1e:bd:
         ee:7e:ef:0b:01:e1:78:6a:07:b0:91:f9:f2:c1:66:96:c5:73:
         95:c9:dc:85:f6:d4:82:7e:d9:b0:a6:c2:5a:96:87:9a:ca:e3:
         82:30:1f:12
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUdL0zspJ3WC+MwiN035XVMWR4oEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTBGRTM1QjA0MEU4QTNEMDVFNUJFOUJFRTRGMEE2MzY5
NTIyNDZGRjAeFw0yMzA3MzAyMzU4MDRaFw0yNDA3MjkwMDAzMDRaMDMxMTAvBgNV
BAMTKEUyRTM0RTg3MTFBRTEzODQ0QzlDQUE5QUY3OUExQjg5MDdDRkMyNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIjAvh+yDJSrtvOF+y+XGY8R3U
yVLUSwp46Ff6h1xHIyLDWxYdFevVwcr+ulAdYGP+0lWh/qmyTPH38toxmNF24Ndh
LUqeXDk04yzt7wm2jcBDerd1UTiyx+d7cobmo/OvgcjJ657cvSMyv4PoSV8ULrD0
DttRRhupQj8MHjyGs6kviQHtWX33kO3V4W73g5X1imLbqexIetUyP1sLpMUYpTbO
Jsw2qBU9BplgZT5zDoyUWPJ6ldMPqs1dJatNl0jUykW4Ji9Id+cGRL18MPDFYJ4k
fA9Uvew9mDaQNvneoUOO+w1gH8czaFq4AwEZKOJnzR06//S5aOzUNLWTa1OrAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU4uNOhxGuE4RMnKqa95obiQfPwlQwHwYDVR0j
BBgwFoAUEP41sEDoo9BeW+m+5PCmNpUiRv8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MDBmNGYzNy1jN2ZiLTQ3ZDAtOGE4NS1lY2ZkMTJiOTE1ZjUvMC8xMEZFMzVCMDQw
RThBM0QwNUU1QkU5QkVFNEYwQTYzNjk1MjI0NkZGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTBGRTM1QjA0MEU4QTNEMDVFNUJFOUJFRTRGMEE2MzY5NTIy
NDZGRi5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMwMGY0ZjM3LWM3ZmItNDdkMC04
YTg1LWVjZmQxMmI5MTVmNS8wLzMyMzQzMDMyM2E2MjY1MzgzMDNhMzgzMDMwMzAz
YTNhMmYzMzMzMmQzMzMzMjAzZDNlMjAzMTMzMzEzNzM0Mzkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgck
Ar6AgDANBgkqhkiG9w0BAQsFAAOCAQEAPPS8TGJL7/SPK15AFnacGmQUujriV33B
CWtFwsdbOSeT3zRu8cCdcx7yd28k9sboHJTRllutNSUIvVrf2sDwfP+SPsVRliqF
w/XLpL3RjCYfT5wCERpOptS50hIuid6ptaisXA2KOCWc2zV/iwGkrRTrrJ+AR2TG
MTI67SYoVAKOIk+7z/OAVaJiF5eATXeM6p++iB4F32+ZMtJ6d4IIZC3F7wX28NAz
zrQktCgsFktis/G0+ZyIbZv0eOYd83pR+Ap51a/84xsM6uHjGjh++IoW5C60Ih69
7n7vCwHheGoHsJH58sFmlsVzlcnchfbUgn7ZsKbCWpaHmsrjgjAfEg==
-----END CERTIFICATE-----
Generated at Wed Mar 27 18:21:03 2024 by rpki-client on console-ams.rpki-client.org