Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136392e302f32342d3234203d3e203436303534.roa
File:                     35382e3134352e3136392e302f32342d3234203d3e203436303534.roa (raw, json)
Hash identifier:          cfMfEejyBhXTskaO4FNt/Ea6aluNxfAadJMX+fw0U0s=
Subject key identifier:   05:32:99:84:BB:10:5C:52:0C:D8:52:4E:20:DA:8F:72:92:29:F0:45
Certificate issuer:       /CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
Certificate serial:       3CCDDEE7A05E43BC992890327219CA38C2588E66
Authority key identifier: 26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136392e302f32342d3234203d3e203436303534.roa
Signing time:             Mon 31 Jul 2023 00:09:47 +0000
ROA not before:           Mon 31 Jul 2023 00:04:47 +0000
ROA not after:            Mon 29 Jul 2024 00:09:47 +0000
asID:                     46054
IP address blocks:        58.145.169.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.crl
                          rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:cd:de:e7:a0:5e:43:bc:99:28:90:32:72:19:ca:38:c2:58:8e:66
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
        Validity
            Not Before: Jul 31 00:04:47 2023 GMT
            Not After : Jul 29 00:09:47 2024 GMT
        Subject: CN=05329984BB105C520CD8524E20DA8F729229F045
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:5d:d6:dc:d0:a2:e5:f7:5f:64:e2:68:f8:73:
                    d0:60:ed:f6:e9:fb:e3:d6:24:0e:64:13:f9:37:e8:
                    2c:2b:0e:d5:8c:96:7e:02:75:73:91:5d:5f:7b:2f:
                    02:94:65:72:d9:65:6e:95:96:02:5b:4b:bc:e3:d4:
                    ab:7b:dc:c7:c0:37:d0:e6:1b:e3:a2:fb:58:78:f3:
                    f6:f7:36:e7:77:c7:98:00:2e:95:7e:53:a3:17:5e:
                    ef:f3:fb:66:1f:b3:f4:b3:34:0f:35:71:a3:8b:da:
                    ed:a6:9f:b6:8d:61:b2:2c:e1:b7:57:c9:81:17:8d:
                    30:55:44:11:7e:af:b4:a2:38:4c:b3:23:45:94:b9:
                    ee:69:02:5b:55:26:88:c3:d0:58:18:11:f1:1f:58:
                    b3:e5:22:b2:0d:f9:95:55:9a:e2:dc:58:74:91:ed:
                    de:1f:96:97:78:c0:71:c8:96:0b:37:e1:14:f5:2e:
                    6f:b1:89:47:be:fe:c8:04:61:88:0c:c0:0c:c8:8d:
                    f4:f3:4a:1b:b3:a0:8d:cc:e7:91:4f:71:eb:94:93:
                    ee:4f:68:c6:00:28:56:23:0a:9c:9e:b2:2e:52:9e:
                    bf:93:dd:18:90:67:2c:4a:91:bf:18:d8:0d:79:a8:
                    0b:77:95:9f:93:1b:1d:09:09:83:d5:fa:28:2c:32:
                    06:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:32:99:84:BB:10:5C:52:0C:D8:52:4E:20:DA:8F:72:92:29:F0:45
            X509v3 Authority Key Identifier:
                keyid:26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136392e302f32342d3234203d3e203436303534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.145.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:19:c7:7b:a4:d1:9b:69:37:62:59:c3:39:37:c9:02:c7:cd:
         c3:b0:1f:cf:93:06:af:10:ed:7a:7a:6d:f1:63:a0:9c:2f:3a:
         4c:d3:23:73:78:e0:60:19:eb:a0:04:fb:e1:7e:6c:51:a1:01:
         6c:03:52:7a:40:e7:20:bc:48:88:51:1a:c3:95:db:94:d0:d9:
         dc:59:bf:0a:f9:7b:27:da:79:f5:88:d3:09:43:20:46:e5:8c:
         5d:a0:35:de:4a:ea:c8:bf:13:57:2b:45:2b:a2:ad:14:66:14:
         00:db:9d:fb:92:ae:40:44:d1:1b:63:3f:1a:67:70:ee:a2:2c:
         28:34:0c:13:58:e5:07:7f:fd:cc:56:35:04:79:6f:65:06:93:
         d8:ec:14:7f:91:7c:f6:74:1e:c1:33:4f:94:1c:62:a7:08:d5:
         d6:2b:6f:56:d5:2b:0e:74:fa:29:ae:e4:2b:81:77:a4:46:05:
         d1:46:cb:2f:3d:da:1f:09:be:77:d5:e4:a8:6f:d7:1a:6c:b7:
         c5:4c:7b:9a:da:79:f9:65:b3:5a:c3:ea:2d:fc:7f:42:cb:5c:
         ce:25:73:b2:36:c5:4a:07:09:4e:b8:cc:28:64:15:84:87:ae:
         70:27:b4:5e:37:49:e9:8f:b8:0e:55:24:91:9c:fc:25:3f:bb:
         5c:b6:b3:81
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUPM3e56BeQ7yZKJAychnKOMJYjmYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNF
QjlDOUNFNTAeFw0yMzA3MzEwMDA0NDdaFw0yNDA3MjkwMDA5NDdaMDMxMTAvBgNV
BAMTKDA1MzI5OTg0QkIxMDVDNTIwQ0Q4NTI0RTIwREE4RjcyOTIyOUYwNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWXdbc0KLl919k4mj4c9Bg7fbp
++PWJA5kE/k36CwrDtWMln4CdXORXV97LwKUZXLZZW6VlgJbS7zj1Kt73MfAN9Dm
G+Oi+1h48/b3Nud3x5gALpV+U6MXXu/z+2Yfs/SzNA81caOL2u2mn7aNYbIs4bdX
yYEXjTBVRBF+r7SiOEyzI0WUue5pAltVJojD0FgYEfEfWLPlIrIN+ZVVmuLcWHSR
7d4flpd4wHHIlgs34RT1Lm+xiUe+/sgEYYgMwAzIjfTzShuzoI3M55FPceuUk+5P
aMYAKFYjCpyesi5Snr+T3RiQZyxKkb8Y2A15qAt3lZ+TGx0JCYPV+igsMgbnAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUBTKZhLsQXFIM2FJOINqPcpIp8EUwHwYDVR0j
BBgwFoAUJkJbcClPmANdOHiOWXpKbOucnOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
Y2YzMDkzNi1jNzUwLTQzM2ItOWMyYS04ZmY1ZjM4ZTYzZDQvMC8yNjQyNUI3MDI5
NEY5ODAzNUQzODc4OEU1OTdBNEE2Q0VCOUM5Q0U1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNFQjlD
OUNFNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjZjMwOTM2LWM3NTAtNDMzYi05
YzJhLThmZjVmMzhlNjNkNC8wLzM1MzgyZTMxMzQzNTJlMzEzNjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzNjMwMzUzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADqRqTANBgkqhkiG
9w0BAQsFAAOCAQEAnxnHe6TRm2k3YlnDOTfJAsfNw7Afz5MGrxDtenpt8WOgnC86
TNMjc3jgYBnroAT74X5sUaEBbANSekDnILxIiFEaw5XblNDZ3Fm/Cvl7J9p59YjT
CUMgRuWMXaA13krqyL8TVytFK6KtFGYUANud+5KuQETRG2M/Gmdw7qIsKDQME1jl
B3/9zFY1BHlvZQaT2OwUf5F89nQewTNPlBxipwjV1itvVtUrDnT6Ka7kK4F3pEYF
0UbLLz3aHwm+d9XkqG/XGmy3xUx7mtp5+WWzWsPqLfx/QstcziVzsjbFSgcJTrjM
KGQVhIeucCe0XjdJ6Y+4DlUkkZz8JT+7XLazgQ==
-----END CERTIFICATE-----
Generated at Wed Mar 27 23:30:21 2024 by rpki-client on console-ams.rpki-client.org