Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3137332e302f32342d3234203d3e203436303534.roa
File:                     35382e3134352e3137332e302f32342d3234203d3e203436303534.roa (raw, json)
Hash identifier:          twmxECkN+7skyAQREQtMlObojHv490Tr0WaFXloU4XM=
Subject key identifier:   6E:9A:CF:80:EB:6E:46:07:A7:F0:E6:73:12:3F:1A:CA:AD:81:B6:09
Certificate issuer:       /CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
Certificate serial:       68757B91CE4F5A259839B845C15E29E18A13D1F5
Authority key identifier: 26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3137332e302f32342d3234203d3e203436303534.roa
Signing time:             Mon 31 Jul 2023 00:09:47 +0000
ROA not before:           Mon 31 Jul 2023 00:04:47 +0000
ROA not after:            Mon 29 Jul 2024 00:09:47 +0000
asID:                     46054
IP address blocks:        58.145.173.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.crl
                          rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:75:7b:91:ce:4f:5a:25:98:39:b8:45:c1:5e:29:e1:8a:13:d1:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
        Validity
            Not Before: Jul 31 00:04:47 2023 GMT
            Not After : Jul 29 00:09:47 2024 GMT
        Subject: CN=6E9ACF80EB6E4607A7F0E673123F1ACAAD81B609
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:7c:33:03:b6:3c:63:7c:c4:8f:40:87:e4:9f:
                    b3:b3:c9:74:58:4e:84:ca:d4:ef:a4:0c:89:66:a9:
                    38:18:cb:30:27:0b:12:e4:2d:6f:12:de:b3:90:47:
                    b8:78:b4:17:92:08:de:79:82:3c:ea:9c:a5:a4:a1:
                    50:ad:34:7d:80:a4:b8:05:65:b5:bc:ca:56:78:26:
                    07:f0:a1:5c:2f:81:6d:e5:69:97:16:c3:cf:df:d5:
                    ce:57:5c:dd:11:c4:d0:e9:7b:95:ad:73:40:73:1f:
                    b6:af:3b:fe:c8:ba:b8:8b:95:65:a2:d0:0d:6a:87:
                    93:a2:6e:43:df:fd:c5:e6:f6:ee:97:b0:8a:1f:25:
                    8c:29:e1:70:44:9c:fe:c2:f8:a0:9a:08:35:a4:70:
                    f9:82:b8:2a:34:45:0d:6b:ac:65:49:05:6a:0a:1c:
                    0f:51:14:a5:eb:d0:a1:e9:a5:42:fa:ff:67:57:34:
                    79:f6:b9:61:09:c3:a3:b2:cb:a4:1a:62:04:51:b4:
                    27:ad:9a:db:f1:9f:b6:0c:d0:dd:97:38:a7:3d:aa:
                    a0:07:c0:07:da:5a:2c:07:8d:64:f5:ee:cb:9f:85:
                    75:b4:82:33:44:a0:fb:99:5e:d6:1f:b1:78:9c:56:
                    45:2a:6b:12:28:e8:f4:20:a3:69:57:88:c0:f1:89:
                    d8:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:9A:CF:80:EB:6E:46:07:A7:F0:E6:73:12:3F:1A:CA:AD:81:B6:09
            X509v3 Authority Key Identifier:
                keyid:26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3137332e302f32342d3234203d3e203436303534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.145.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:3a:67:67:71:86:c4:28:2f:2a:70:0d:6a:cc:a8:84:cd:53:
         14:38:a7:0f:1c:a7:47:5b:f9:56:2f:e7:fe:f9:d9:1f:61:e5:
         15:56:14:b0:96:e1:12:80:62:a1:bb:ad:9e:36:00:f3:4e:d4:
         b4:5a:7e:5d:97:76:0c:5e:60:16:44:f1:a8:5b:cc:c6:1f:50:
         73:f1:db:ca:32:f0:0a:a0:7b:14:f6:55:08:9d:2e:c3:71:b8:
         24:27:e3:b7:76:a3:20:95:31:14:1b:e0:d8:28:70:4e:9e:94:
         64:a6:92:61:59:e9:a7:7d:76:cc:f6:80:1b:cf:54:19:96:a3:
         b5:d8:ed:95:ec:fc:27:e9:23:78:8a:26:9f:2d:0c:83:18:e6:
         9e:4a:82:8b:b4:ea:ce:8d:bb:6f:ca:52:3c:f1:68:01:67:9c:
         e6:d6:45:18:ae:a5:4b:43:98:27:cf:94:e9:94:9d:2a:14:92:
         be:a7:98:d5:3d:b2:b3:10:33:96:a0:0a:50:fe:95:a0:95:d8:
         31:cd:db:31:cb:be:aa:ec:8d:23:e7:27:0c:93:fb:50:74:60:
         a8:06:a0:0f:43:8b:f9:0c:1b:bf:86:51:41:87:64:6c:1e:8d:
         cc:ec:e5:4a:c4:d9:ed:49:8f:40:41:13:30:9b:a3:66:92:e0:
         0b:c3:0c:cf
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUaHV7kc5PWiWYObhFwV4p4YoT0fUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNF
QjlDOUNFNTAeFw0yMzA3MzEwMDA0NDdaFw0yNDA3MjkwMDA5NDdaMDMxMTAvBgNV
BAMTKDZFOUFDRjgwRUI2RTQ2MDdBN0YwRTY3MzEyM0YxQUNBQUQ4MUI2MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwfDMDtjxjfMSPQIfkn7OzyXRY
ToTK1O+kDIlmqTgYyzAnCxLkLW8S3rOQR7h4tBeSCN55gjzqnKWkoVCtNH2ApLgF
ZbW8ylZ4JgfwoVwvgW3laZcWw8/f1c5XXN0RxNDpe5Wtc0BzH7avO/7IuriLlWWi
0A1qh5OibkPf/cXm9u6XsIofJYwp4XBEnP7C+KCaCDWkcPmCuCo0RQ1rrGVJBWoK
HA9RFKXr0KHppUL6/2dXNHn2uWEJw6Oyy6QaYgRRtCetmtvxn7YM0N2XOKc9qqAH
wAfaWiwHjWT17sufhXW0gjNEoPuZXtYfsXicVkUqaxIo6PQgo2lXiMDxidjdAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUbprPgOtuRgen8OZzEj8ayq2BtgkwHwYDVR0j
BBgwFoAUJkJbcClPmANdOHiOWXpKbOucnOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
Y2YzMDkzNi1jNzUwLTQzM2ItOWMyYS04ZmY1ZjM4ZTYzZDQvMC8yNjQyNUI3MDI5
NEY5ODAzNUQzODc4OEU1OTdBNEE2Q0VCOUM5Q0U1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNFQjlD
OUNFNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjZjMwOTM2LWM3NTAtNDMzYi05
YzJhLThmZjVmMzhlNjNkNC8wLzM1MzgyZTMxMzQzNTJlMzEzNzMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzNjMwMzUzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADqRrTANBgkqhkiG
9w0BAQsFAAOCAQEAujpnZ3GGxCgvKnANasyohM1TFDinDxynR1v5Vi/n/vnZH2Hl
FVYUsJbhEoBiobutnjYA807UtFp+XZd2DF5gFkTxqFvMxh9Qc/HbyjLwCqB7FPZV
CJ0uw3G4JCfjt3ajIJUxFBvg2ChwTp6UZKaSYVnpp312zPaAG89UGZajtdjtlez8
J+kjeIomny0MgxjmnkqCi7Tqzo27b8pSPPFoAWec5tZFGK6lS0OYJ8+U6ZSdKhSS
vqeY1T2ysxAzlqAKUP6VoJXYMc3bMcu+quyNI+cnDJP7UHRgqAagD0OL+Qwbv4ZR
QYdkbB6NzOzlSsTZ7UmPQEETMJujZpLgC8MMzw==
-----END CERTIFICATE-----
Generated at Wed Mar 27 21:29:29 2024 by rpki-client on console-fra.rpki-client.org