Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/3136332e35332e3139322e302f32322d3234203d3e203538333831.roa
File:                     3136332e35332e3139322e302f32322d3234203d3e203538333831.roa (raw, json)
Hash identifier:          j7JaOEwVvZDPtojTO9yGTpC46kUST+sU/oyqs93maRE=
Subject key identifier:   24:09:B6:E0:25:E3:0F:89:34:B6:AC:32:09:44:73:5D:31:27:79:10
Certificate issuer:       /CN=E5A907C4EC6DA6D9342613280CCAF26E98DBEB98
Certificate serial:       49F3AC82410967B76D126FE2C5C8114CEDABDBEC
Authority key identifier: E5:A9:07:C4:EC:6D:A6:D9:34:26:13:28:0C:CA:F2:6E:98:DB:EB:98
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/3136332e35332e3139322e302f32322d3234203d3e203538333831.roa
Signing time:             Mon 29 Jan 2024 02:54:11 +0000
ROA not before:           Mon 29 Jan 2024 02:49:11 +0000
ROA not after:            Mon 27 Jan 2025 02:54:11 +0000
asID:                     58381
IP address blocks:        163.53.192.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.crl
                          rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 13:56:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:f3:ac:82:41:09:67:b7:6d:12:6f:e2:c5:c8:11:4c:ed:ab:db:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E5A907C4EC6DA6D9342613280CCAF26E98DBEB98
        Validity
            Not Before: Jan 29 02:49:11 2024 GMT
            Not After : Jan 27 02:54:11 2025 GMT
        Subject: CN=2409B6E025E30F8934B6AC320944735D31277910
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:cc:a6:4a:c0:1b:a7:61:1b:51:83:37:12:0a:
                    aa:95:f0:29:b4:61:55:d2:32:94:7c:3b:7a:a4:62:
                    3a:27:bd:82:5b:f3:ad:e8:a5:77:16:f3:90:32:0a:
                    65:5d:24:b1:3a:94:8a:db:ed:f1:18:05:fc:bd:c8:
                    bd:b3:bf:91:ff:3e:92:f7:04:94:8e:c5:37:60:f4:
                    7c:12:bc:b9:b7:93:76:c7:e7:cf:6b:d3:53:98:8d:
                    a7:35:4a:be:37:ba:fc:61:65:36:d5:c9:ad:fe:97:
                    0f:9b:65:1e:93:95:5c:90:b0:fa:db:8e:22:d0:f5:
                    c1:37:d9:dc:67:d4:74:c7:9a:68:68:a6:63:f6:70:
                    82:7a:3d:53:77:65:7f:c3:d7:ca:a7:7d:bb:53:f9:
                    c8:10:bb:58:02:4d:d0:d0:fe:41:e2:01:44:68:d2:
                    94:45:11:2e:d9:12:85:e2:80:a5:a6:eb:b7:25:6d:
                    40:ea:2b:58:23:3e:a6:de:64:33:be:08:3d:ef:01:
                    58:eb:cb:37:2b:4a:eb:19:03:af:b6:c6:d4:3c:80:
                    3f:89:32:1a:3e:52:bf:33:28:6f:6e:bc:f8:37:3d:
                    30:a0:b6:37:b7:b8:9f:57:25:2f:43:31:cc:45:84:
                    04:f9:b2:a8:6e:c8:78:90:e3:63:1c:c7:18:c6:ea:
                    c7:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:09:B6:E0:25:E3:0F:89:34:B6:AC:32:09:44:73:5D:31:27:79:10
            X509v3 Authority Key Identifier:
                keyid:E5:A9:07:C4:EC:6D:A6:D9:34:26:13:28:0C:CA:F2:6E:98:DB:EB:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E5A907C4EC6DA6D9342613280CCAF26E98DBEB98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/338d2755-380d-477e-bf25-0af29026bd70/0/3136332e35332e3139322e302f32322d3234203d3e203538333831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  163.53.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         34:5b:af:2a:4c:b3:c6:ed:2a:1d:10:4c:9d:0e:e9:b0:cc:b0:
         6a:7d:bd:f1:e3:4a:53:e6:56:fc:63:12:29:73:c2:b0:b0:35:
         9b:9b:e0:de:19:ba:ab:d6:2a:a6:36:18:51:80:ce:96:f2:0a:
         c1:27:8e:47:80:88:df:47:6c:27:ec:c1:80:e7:e1:81:8a:74:
         75:67:38:8b:c2:b0:b0:36:f5:bc:4a:e0:36:1b:6d:ea:bc:87:
         e2:93:40:41:a6:1b:3b:0d:c1:03:a5:44:5e:6f:3e:25:42:27:
         6f:8f:1f:7e:81:2f:50:b8:36:50:e3:11:b9:3f:20:06:74:d7:
         7b:49:29:9b:7c:7f:b4:dd:74:c0:b2:4b:43:67:d7:f8:f8:c5:
         0b:df:50:55:30:f5:30:4a:8b:5c:77:92:02:07:d1:64:5a:a1:
         25:cc:b8:b1:54:16:bd:2a:9a:c7:37:63:af:b4:5a:7f:a6:3d:
         02:2e:60:da:83:a9:e2:8a:ac:e8:6b:74:b7:5d:34:d4:95:1e:
         db:e0:b9:02:d6:8f:04:d5:8b:da:a3:1c:4b:5f:bc:f9:7d:56:
         b2:0f:45:a8:49:1e:50:9f:4b:c1:98:7e:2b:c8:3f:01:72:92:
         85:48:cb:e8:38:b8:c4:c4:bf:01:f3:80:c5:a0:b0:94:d0:63:
         4a:12:d3:84
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUSfOsgkEJZ7dtEm/ixcgRTO2r2+wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTVBOTA3QzRFQzZEQTZEOTM0MjYxMzI4MENDQUYyNkU5
OERCRUI5ODAeFw0yNDAxMjkwMjQ5MTFaFw0yNTAxMjcwMjU0MTFaMDMxMTAvBgNV
BAMTKDI0MDlCNkUwMjVFMzBGODkzNEI2QUMzMjA5NDQ3MzVEMzEyNzc5MTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpzKZKwBunYRtRgzcSCqqV8Cm0
YVXSMpR8O3qkYjonvYJb863opXcW85AyCmVdJLE6lIrb7fEYBfy9yL2zv5H/PpL3
BJSOxTdg9HwSvLm3k3bH589r01OYjac1Sr43uvxhZTbVya3+lw+bZR6TlVyQsPrb
jiLQ9cE32dxn1HTHmmhopmP2cIJ6PVN3ZX/D18qnfbtT+cgQu1gCTdDQ/kHiAURo
0pRFES7ZEoXigKWm67clbUDqK1gjPqbeZDO+CD3vAVjryzcrSusZA6+2xtQ8gD+J
Mho+Ur8zKG9uvPg3PTCgtje3uJ9XJS9DMcxFhAT5sqhuyHiQ42McxxjG6sc/AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUJAm24CXjD4k0tqwyCURzXTEneRAwHwYDVR0j
BBgwFoAU5akHxOxtptk0JhMoDMrybpjb65gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MzhkMjc1NS0zODBkLTQ3N2UtYmYyNS0wYWYyOTAyNmJkNzAvMC9FNUE5MDdDNEVD
NkRBNkQ5MzQyNjEzMjgwQ0NBRjI2RTk4REJFQjk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTVBOTA3QzRFQzZEQTZEOTM0MjYxMzI4MENDQUYyNkU5OERC
RUI5OC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMzOGQyNzU1LTM4MGQtNDc3ZS1i
ZjI1LTBhZjI5MDI2YmQ3MC8wLzMxMzYzMzJlMzUzMzJlMzEzOTMyMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzUzODMzMzgzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqM1wDANBgkqhkiG
9w0BAQsFAAOCAQEANFuvKkyzxu0qHRBMnQ7psMywan298eNKU+ZW/GMSKXPCsLA1
m5vg3hm6q9YqpjYYUYDOlvIKwSeOR4CI30dsJ+zBgOfhgYp0dWc4i8KwsDb1vErg
Nhtt6ryH4pNAQaYbOw3BA6VEXm8+JUInb48ffoEvULg2UOMRuT8gBnTXe0kpm3x/
tN10wLJLQ2fX+PjFC99QVTD1MEqLXHeSAgfRZFqhJcy4sVQWvSqaxzdjr7Raf6Y9
Ai5g2oOp4oqs6Gt0t1001JUe2+C5AtaPBNWL2qMcS1+8+X1Wsg9FqEkeUJ9LwZh+
K8g/AXKShUjL6Di4xMS/AfOAxaCwlNBjShLThA==
-----END CERTIFICATE-----
Generated at Wed Mar 27 07:57:35 2024 by rpki-client on console-ams.rpki-client.org