Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/478fd4af-fe67-45c8-80b7-06fc118df8e2/0/3137352e3135382e33322e302f31392d3139203d3e2034373837.roa
File:                     3137352e3135382e33322e302f31392d3139203d3e2034373837.roa (raw, json)
Hash identifier:          PtyokHpWBbKem7akihKzWFy281l1ULuX3dj2yTXvMPA=
Subject key identifier:   C6:91:5D:8D:43:FA:15:98:29:25:96:6F:81:D1:FF:F2:8B:67:0A:0D
Certificate issuer:       /CN=FCD05385904E00F3C10A339EE19D924D72FFAE0E
Certificate serial:       5B52C38D50B6901A254738845646F7A4D73EB82E
Authority key identifier: FC:D0:53:85:90:4E:00:F3:C1:0A:33:9E:E1:9D:92:4D:72:FF:AE:0E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FCD05385904E00F3C10A339EE19D924D72FFAE0E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/478fd4af-fe67-45c8-80b7-06fc118df8e2/0/3137352e3135382e33322e302f31392d3139203d3e2034373837.roa
Signing time:             Mon 31 Jul 2023 00:09:45 +0000
ROA not before:           Mon 31 Jul 2023 00:04:45 +0000
ROA not after:            Mon 29 Jul 2024 00:09:45 +0000
asID:                     4787
IP address blocks:        175.158.32.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/478fd4af-fe67-45c8-80b7-06fc118df8e2/0/FCD05385904E00F3C10A339EE19D924D72FFAE0E.crl
                          rsync://repo-rpki.idnic.net/repo/478fd4af-fe67-45c8-80b7-06fc118df8e2/0/FCD05385904E00F3C10A339EE19D924D72FFAE0E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FCD05385904E00F3C10A339EE19D924D72FFAE0E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:52:c3:8d:50:b6:90:1a:25:47:38:84:56:46:f7:a4:d7:3e:b8:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FCD05385904E00F3C10A339EE19D924D72FFAE0E
        Validity
            Not Before: Jul 31 00:04:45 2023 GMT
            Not After : Jul 29 00:09:45 2024 GMT
        Subject: CN=C6915D8D43FA15982925966F81D1FFF28B670A0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:b5:20:85:56:e5:c6:d3:36:73:4a:3d:90:3f:
                    a4:12:30:14:4e:09:cd:54:4e:45:38:f0:12:a2:55:
                    e4:ec:9f:45:20:5e:f1:f5:8a:cd:f3:26:b5:b9:25:
                    3e:14:c4:0c:7b:b1:42:cc:73:df:9f:99:0f:11:b1:
                    0a:51:fa:61:40:1e:45:f0:4d:de:60:52:90:16:62:
                    82:eb:ad:ea:51:0e:6d:a8:af:da:4e:6c:08:b5:c0:
                    e3:89:ae:4e:cf:48:ed:f9:21:f5:a3:be:80:2a:a5:
                    dd:bd:b5:ca:fd:91:39:f5:19:58:64:f3:24:d0:2c:
                    9d:b2:04:4c:24:9d:76:b9:a6:ff:eb:be:87:dd:04:
                    86:49:22:1b:48:8a:6e:97:10:25:f6:0f:cd:1b:d8:
                    09:d9:e5:c1:f3:c7:27:dd:07:ea:05:30:2a:d6:55:
                    f2:cf:38:8a:10:69:89:e0:96:d5:0b:33:0e:6f:4c:
                    b5:46:7f:58:ac:15:39:d7:f0:c1:e7:7c:52:41:c8:
                    14:20:e7:e8:c6:69:b3:7d:c6:db:cf:c9:86:78:6e:
                    aa:b5:49:69:87:87:65:b5:da:e9:88:1e:03:34:88:
                    8e:fe:e9:97:a4:11:62:ac:03:51:ff:c3:3e:02:71:
                    f8:b4:db:01:1a:bc:33:89:07:fe:15:50:51:f6:9f:
                    5d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:91:5D:8D:43:FA:15:98:29:25:96:6F:81:D1:FF:F2:8B:67:0A:0D
            X509v3 Authority Key Identifier:
                keyid:FC:D0:53:85:90:4E:00:F3:C1:0A:33:9E:E1:9D:92:4D:72:FF:AE:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/478fd4af-fe67-45c8-80b7-06fc118df8e2/0/FCD05385904E00F3C10A339EE19D924D72FFAE0E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FCD05385904E00F3C10A339EE19D924D72FFAE0E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/478fd4af-fe67-45c8-80b7-06fc118df8e2/0/3137352e3135382e33322e302f31392d3139203d3e2034373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.158.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         07:0f:22:2d:8b:46:a0:44:12:63:e5:ea:b1:82:ba:b1:79:47:
         a0:86:99:bb:f2:85:cd:a1:db:b1:8e:b1:a8:6a:5b:e1:18:44:
         1c:07:2a:18:9c:af:2f:05:9d:f0:c5:50:d8:b9:be:83:33:b2:
         e4:00:c7:c9:55:5d:3f:6c:05:5e:6e:40:11:40:54:0f:18:c3:
         54:09:a8:65:0f:a9:6e:82:f3:a1:2b:f8:9b:7a:3f:21:a5:35:
         a7:74:59:da:7c:d0:6d:77:64:5c:6e:95:43:06:54:b9:fb:05:
         1d:02:ef:1e:ea:6d:89:73:e4:15:cc:c3:b9:cd:a4:3b:6b:dc:
         5a:4b:c6:91:d5:11:af:ae:2b:82:bc:b0:68:41:3c:af:f5:6a:
         36:31:95:9b:34:d6:6c:f1:c3:81:65:ad:16:a9:b3:55:d1:49:
         d1:ab:c1:57:86:1d:06:33:e6:ec:52:dd:6d:63:8c:f8:1b:1f:
         e1:34:8e:54:06:91:bd:6e:10:b6:7a:6f:d5:a3:a6:19:b4:4f:
         0e:08:b4:2e:67:4a:50:46:39:8c:c8:c1:6b:fd:b9:39:a6:8a:
         3a:da:aa:f9:e4:12:fd:39:3b:bd:1e:52:47:0b:40:d3:b1:dc:
         d9:15:53:f3:01:7e:85:b9:d2:32:12:de:a7:6b:ab:de:a4:9c:
         34:7f:07:7c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUW1LDjVC2kBolRziEVkb3pNc+uC4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkNEMDUzODU5MDRFMDBGM0MxMEEzMzlFRTE5RDkyNEQ3
MkZGQUUwRTAeFw0yMzA3MzEwMDA0NDVaFw0yNDA3MjkwMDA5NDVaMDMxMTAvBgNV
BAMTKEM2OTE1RDhENDNGQTE1OTgyOTI1OTY2RjgxRDFGRkYyOEI2NzBBMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDStSCFVuXG0zZzSj2QP6QSMBRO
Cc1UTkU48BKiVeTsn0UgXvH1is3zJrW5JT4UxAx7sULMc9+fmQ8RsQpR+mFAHkXw
Td5gUpAWYoLrrepRDm2or9pObAi1wOOJrk7PSO35IfWjvoAqpd29tcr9kTn1GVhk
8yTQLJ2yBEwknXa5pv/rvofdBIZJIhtIim6XECX2D80b2AnZ5cHzxyfdB+oFMCrW
VfLPOIoQaYngltULMw5vTLVGf1isFTnX8MHnfFJByBQg5+jGabN9xtvPyYZ4bqq1
SWmHh2W12umIHgM0iI7+6ZekEWKsA1H/wz4Ccfi02wEavDOJB/4VUFH2n11dAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUxpFdjUP6FZgpJZZvgdH/8otnCg0wHwYDVR0j
BBgwFoAU/NBThZBOAPPBCjOe4Z2STXL/rg4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NzhmZDRhZi1mZTY3LTQ1YzgtODBiNy0wNmZjMTE4ZGY4ZTIvMC9GQ0QwNTM4NTkw
NEUwMEYzQzEwQTMzOUVFMTlEOTI0RDcyRkZBRTBFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkNEMDUzODU5MDRFMDBGM0MxMEEzMzlFRTE5RDkyNEQ3MkZG
QUUwRS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3OGZkNGFmLWZlNjctNDVjOC04
MGI3LTA2ZmMxMThkZjhlMi8wLzMxMzczNTJlMzEzNTM4MmUzMzMyMmUzMDJmMzEz
OTJkMzEzOTIwM2QzZTIwMzQzNzM4Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAWvniAwDQYJKoZIhvcN
AQELBQADggEBAAcPIi2LRqBEEmPl6rGCurF5R6CGmbvyhc2h27GOsahqW+EYRBwH
Khicry8FnfDFUNi5voMzsuQAx8lVXT9sBV5uQBFAVA8Yw1QJqGUPqW6C86Er+Jt6
PyGlNad0Wdp80G13ZFxulUMGVLn7BR0C7x7qbYlz5BXMw7nNpDtr3FpLxpHVEa+u
K4K8sGhBPK/1ajYxlZs01mzxw4FlrRaps1XRSdGrwVeGHQYz5uxS3W1jjPgbH+E0
jlQGkb1uELZ6b9Wjphm0Tw4ItC5nSlBGOYzIwWv9uTmmijraqvnkEv05O70eUkcL
QNOx3NkVU/MBfoW50jIS3qdrq96knDR/B3w=
-----END CERTIFICATE-----
Generated at Thu Mar 28 18:49:13 2024 by rpki-client on console-ams.rpki-client.org