Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/46302810-564c-45b7-8a72-ef6b8f6309c0/0/323030313a6466343a6530303a3a2f34382d3438203d3e20313335343731.roa
File:                     323030313a6466343a6530303a3a2f34382d3438203d3e20313335343731.roa (raw, json)
Hash identifier:          nUator34k0lBHchGBsEjxHkY/N3yct8gsYdwMkDIQKU=
Subject key identifier:   BD:09:AA:28:F5:D5:36:72:5B:3C:60:C5:28:F6:7E:B8:65:3B:4A:EB
Certificate issuer:       /CN=EDBD845A9597FEC4AD90030F9018E4B8B63FCC77
Certificate serial:       1C3A37995410ABB1643888CD67F2BB9B053713D1
Authority key identifier: ED:BD:84:5A:95:97:FE:C4:AD:90:03:0F:90:18:E4:B8:B6:3F:CC:77
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EDBD845A9597FEC4AD90030F9018E4B8B63FCC77.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/46302810-564c-45b7-8a72-ef6b8f6309c0/0/323030313a6466343a6530303a3a2f34382d3438203d3e20313335343731.roa
Signing time:             Mon 31 Jul 2023 00:04:42 +0000
ROA not before:           Sun 30 Jul 2023 23:59:42 +0000
ROA not after:            Mon 29 Jul 2024 00:04:42 +0000
asID:                     135471
IP address blocks:        2001:df4:e00::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/46302810-564c-45b7-8a72-ef6b8f6309c0/0/EDBD845A9597FEC4AD90030F9018E4B8B63FCC77.crl
                          rsync://repo-rpki.idnic.net/repo/46302810-564c-45b7-8a72-ef6b8f6309c0/0/EDBD845A9597FEC4AD90030F9018E4B8B63FCC77.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EDBD845A9597FEC4AD90030F9018E4B8B63FCC77.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 17:28:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:3a:37:99:54:10:ab:b1:64:38:88:cd:67:f2:bb:9b:05:37:13:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EDBD845A9597FEC4AD90030F9018E4B8B63FCC77
        Validity
            Not Before: Jul 30 23:59:42 2023 GMT
            Not After : Jul 29 00:04:42 2024 GMT
        Subject: CN=BD09AA28F5D536725B3C60C528F67EB8653B4AEB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:ba:11:a3:9f:28:96:e1:71:61:34:b2:a3:8c:
                    bb:3c:a2:4a:5a:96:2c:87:e3:1b:a0:11:50:55:25:
                    60:00:42:81:32:14:b0:ea:35:ee:79:27:90:b0:d7:
                    a8:35:16:e5:1c:b7:60:17:e4:0a:91:31:4d:cc:9a:
                    c4:f8:27:9e:10:a6:3b:62:97:d2:bc:4d:d2:c7:8b:
                    ac:cd:e0:c6:40:2c:82:20:52:a3:6d:22:b5:8c:b9:
                    11:83:a6:a1:93:07:d2:ac:86:8d:2a:12:22:09:14:
                    9b:6f:fd:9e:4f:c2:3b:0a:84:97:5b:6f:bd:cd:f4:
                    3d:b5:10:db:07:8a:c0:ea:55:dc:04:ef:48:53:b2:
                    18:08:57:d6:7b:b2:1a:ee:4a:bc:46:27:a5:5d:3d:
                    c7:42:a2:92:ae:9b:e8:17:65:56:dd:cc:f6:52:39:
                    19:ff:be:1e:c3:a4:14:6f:04:ce:34:ff:42:0b:0c:
                    74:82:84:d5:45:c1:38:d0:85:2c:fe:9d:71:47:d1:
                    a7:88:31:73:4c:76:f4:9d:7d:84:15:95:5c:db:87:
                    fa:b3:fd:a1:99:4b:74:af:d6:94:2d:dc:d8:9c:d1:
                    67:22:78:3e:87:9b:e1:8f:f2:25:7b:b0:56:dc:5a:
                    6d:95:2d:be:8e:ba:29:32:7c:75:f6:20:f1:3e:ca:
                    04:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:09:AA:28:F5:D5:36:72:5B:3C:60:C5:28:F6:7E:B8:65:3B:4A:EB
            X509v3 Authority Key Identifier:
                keyid:ED:BD:84:5A:95:97:FE:C4:AD:90:03:0F:90:18:E4:B8:B6:3F:CC:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/46302810-564c-45b7-8a72-ef6b8f6309c0/0/EDBD845A9597FEC4AD90030F9018E4B8B63FCC77.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EDBD845A9597FEC4AD90030F9018E4B8B63FCC77.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/46302810-564c-45b7-8a72-ef6b8f6309c0/0/323030313a6466343a6530303a3a2f34382d3438203d3e20313335343731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df4:e00::/48

    Signature Algorithm: sha256WithRSAEncryption
         48:df:8f:d4:d3:dc:74:0f:37:b3:69:da:58:95:0f:6a:48:93:
         96:5c:0a:b8:fc:26:2d:a8:13:f4:ac:8c:c2:a2:b1:a9:bb:44:
         46:ff:d1:64:f7:6e:8d:e2:c9:c8:4c:b5:9c:53:2a:96:b2:ba:
         f8:74:fc:70:b9:6e:11:f4:64:f2:b8:05:19:6f:7a:f1:98:fd:
         20:3c:18:32:9f:99:6d:07:98:8e:8d:f1:e7:b4:d5:34:0e:c6:
         0a:c2:d5:7a:a1:98:5e:75:79:ff:a3:d0:55:e1:09:a7:ce:f5:
         39:b0:3b:04:b9:4e:a2:d3:f2:30:63:46:a8:36:0f:3a:02:18:
         af:41:60:5b:1b:f2:a5:8e:ad:d1:36:b9:69:8a:c7:a8:af:c4:
         51:e8:3d:a1:6b:50:f0:4c:a4:a5:68:6a:58:b1:9f:0c:58:50:
         98:6e:ba:3e:41:81:00:d5:d2:60:a1:cc:4a:44:db:51:f8:95:
         09:f1:c4:1d:34:9e:97:b7:4a:b3:1d:e7:83:01:88:5d:e9:9e:
         aa:cf:28:fc:77:1e:3a:d6:3d:2a:39:04:23:58:10:89:02:b1:
         a8:ee:00:99:5c:bc:60:e2:07:04:42:27:96:04:b2:cb:a2:a7:
         f8:97:29:89:da:b0:f6:5f:c8:e9:0e:6b:8f:d3:be:96:e6:cd:
         92:1d:ea:fe
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUHDo3mVQQq7FkOIjNZ/K7mwU3E9EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRURCRDg0NUE5NTk3RkVDNEFEOTAwMzBGOTAxOEU0QjhC
NjNGQ0M3NzAeFw0yMzA3MzAyMzU5NDJaFw0yNDA3MjkwMDA0NDJaMDMxMTAvBgNV
BAMTKEJEMDlBQTI4RjVENTM2NzI1QjNDNjBDNTI4RjY3RUI4NjUzQjRBRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeuhGjnyiW4XFhNLKjjLs8okpa
liyH4xugEVBVJWAAQoEyFLDqNe55J5Cw16g1FuUct2AX5AqRMU3MmsT4J54Qpjti
l9K8TdLHi6zN4MZALIIgUqNtIrWMuRGDpqGTB9Ksho0qEiIJFJtv/Z5PwjsKhJdb
b73N9D21ENsHisDqVdwE70hTshgIV9Z7shruSrxGJ6VdPcdCopKum+gXZVbdzPZS
ORn/vh7DpBRvBM40/0ILDHSChNVFwTjQhSz+nXFH0aeIMXNMdvSdfYQVlVzbh/qz
/aGZS3Sv1pQt3Nic0WcieD6Hm+GP8iV7sFbcWm2VLb6OuikyfHX2IPE+ygQpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUvQmqKPXVNnJbPGDFKPZ+uGU7SuswHwYDVR0j
BBgwFoAU7b2EWpWX/sStkAMPkBjkuLY/zHcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NjMwMjgxMC01NjRjLTQ1YjctOGE3Mi1lZjZiOGY2MzA5YzAvMC9FREJEODQ1QTk1
OTdGRUM0QUQ5MDAzMEY5MDE4RTRCOEI2M0ZDQzc3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRURCRDg0NUE5NTk3RkVDNEFEOTAwMzBGOTAxOEU0QjhCNjNG
Q0M3Ny5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ2MzAyODEwLTU2NGMtNDViNy04
YTcyLWVmNmI4ZjYzMDljMC8wLzMyMzAzMDMxM2E2NDY2MzQzYTY1MzAzMDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzMzNTM0MzczMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABDfQO
ADANBgkqhkiG9w0BAQsFAAOCAQEASN+P1NPcdA83s2naWJUPakiTllwKuPwmLagT
9KyMwqKxqbtERv/RZPdujeLJyEy1nFMqlrK6+HT8cLluEfRk8rgFGW968Zj9IDwY
Mp+ZbQeYjo3x57TVNA7GCsLVeqGYXnV5/6PQVeEJp871ObA7BLlOotPyMGNGqDYP
OgIYr0FgWxvypY6t0Ta5aYrHqK/EUeg9oWtQ8EykpWhqWLGfDFhQmG66PkGBANXS
YKHMSkTbUfiVCfHEHTSel7dKsx3ngwGIXemeqs8o/HceOtY9KjkEI1gQiQKxqO4A
mVy8YOIHBEInlgSyy6Kn+Jcpidqw9l/I6Q5rj9O+lubNkh3q/g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:13 2024 by rpki-client on console-fra.rpki-client.org