Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/323030313a6466333a653630303a3a2f34382d3438203d3e203338373831.roa
File:                     323030313a6466333a653630303a3a2f34382d3438203d3e203338373831.roa (raw, json)
Hash identifier:          TrQMXC0lSlOti7Hk6niD49jZQDcFDsNgn/uFUCn/o90=
Subject key identifier:   D0:98:36:32:2A:7F:CC:C7:58:E3:85:49:85:A0:1A:C4:9F:C0:E1:1F
Certificate issuer:       /CN=1678F34665D7A5281AECD895B892F07EA136CF72
Certificate serial:       4C5AC1B611614F6AE2196BF1140688D1EA9D6D6C
Authority key identifier: 16:78:F3:46:65:D7:A5:28:1A:EC:D8:95:B8:92:F0:7E:A1:36:CF:72
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1678F34665D7A5281AECD895B892F07EA136CF72.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/323030313a6466333a653630303a3a2f34382d3438203d3e203338373831.roa
Signing time:             Mon 31 Jul 2023 00:05:27 +0000
ROA not before:           Mon 31 Jul 2023 00:00:27 +0000
ROA not after:            Mon 29 Jul 2024 00:05:27 +0000
asID:                     38781
IP address blocks:        2001:df3:e600::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.crl
                          rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1678F34665D7A5281AECD895B892F07EA136CF72.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:5a:c1:b6:11:61:4f:6a:e2:19:6b:f1:14:06:88:d1:ea:9d:6d:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1678F34665D7A5281AECD895B892F07EA136CF72
        Validity
            Not Before: Jul 31 00:00:27 2023 GMT
            Not After : Jul 29 00:05:27 2024 GMT
        Subject: CN=D09836322A7FCCC758E3854985A01AC49FC0E11F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:e4:52:e9:a0:96:24:96:a5:e9:d4:12:06:20:
                    75:db:ca:a9:dd:d5:31:f2:f1:74:3b:dd:47:51:ce:
                    70:d0:f4:e6:36:5d:a4:3f:cd:90:49:cc:81:cc:3f:
                    f1:21:36:ec:e5:a3:fc:db:a9:e0:46:c8:75:ac:d1:
                    d6:b5:68:c7:6d:43:6a:10:7c:0b:a2:66:43:b7:7f:
                    74:56:56:66:1d:84:5c:40:d4:83:52:b3:c3:08:fc:
                    f3:a3:f8:ca:7b:32:ea:ab:f8:ef:1a:84:ec:a5:46:
                    4d:a0:6f:92:f5:ec:38:b5:50:a2:08:0f:49:dd:95:
                    cf:d3:b9:fc:ea:f2:44:ff:d9:52:c7:2b:99:25:d5:
                    b2:90:6d:1a:2b:92:8b:b1:e4:1f:da:b4:cf:7e:a8:
                    75:7e:69:0f:1a:03:bc:2b:87:f4:0f:4f:39:74:7c:
                    bc:3b:43:8d:a1:20:3d:e0:28:5f:76:de:d0:58:06:
                    36:22:24:49:7a:b2:97:72:ad:3d:5b:5e:d9:31:a4:
                    43:82:5b:66:3d:ee:ff:79:4a:47:8d:99:70:00:94:
                    f8:3a:a9:7f:05:a0:06:41:36:65:61:09:b3:f0:03:
                    12:b1:ed:8f:91:82:6f:ff:d1:9f:ac:52:02:29:68:
                    10:80:9f:44:4b:f6:a1:7b:71:32:b8:a1:47:48:69:
                    73:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:98:36:32:2A:7F:CC:C7:58:E3:85:49:85:A0:1A:C4:9F:C0:E1:1F
            X509v3 Authority Key Identifier:
                keyid:16:78:F3:46:65:D7:A5:28:1A:EC:D8:95:B8:92:F0:7E:A1:36:CF:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1678F34665D7A5281AECD895B892F07EA136CF72.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/323030313a6466333a653630303a3a2f34382d3438203d3e203338373831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df3:e600::/48

    Signature Algorithm: sha256WithRSAEncryption
         a3:c2:53:53:d8:ed:f2:03:1a:00:0a:3f:f5:08:83:68:f8:2a:
         d3:71:5f:5d:84:4a:ba:a9:bf:cd:72:68:83:d7:40:3f:e3:88:
         e9:55:14:a6:0e:c7:0c:61:d1:9d:32:72:e9:e5:ad:71:a1:cc:
         4f:8f:9f:13:06:3c:cb:5c:02:b6:f9:7e:17:9a:12:5c:47:8f:
         6c:8e:48:35:06:d2:b4:ae:8e:10:a1:0a:d4:19:11:f0:28:80:
         23:b1:b5:c7:e2:ba:44:67:06:41:ba:63:34:78:8e:cc:88:34:
         87:96:0b:0a:82:b6:04:83:1d:0d:64:ed:c5:7d:61:74:44:12:
         73:ae:fb:56:9d:41:30:77:56:e3:0e:35:97:f5:18:84:80:8b:
         61:b6:90:34:09:6c:09:c1:ac:01:f6:43:95:d4:fc:dc:12:96:
         9a:69:c1:76:a9:28:13:e1:93:0e:ab:a3:47:e2:e7:3d:45:f4:
         40:86:78:b5:ab:50:38:ab:32:99:4f:5b:83:fb:2a:3b:ab:e4:
         f1:40:09:6d:09:5a:e9:c8:bb:c9:b2:02:5e:d2:16:cc:59:74:
         84:4f:ab:1a:47:ed:e0:17:9f:74:96:8d:40:2c:81:fc:f3:06:
         d4:1d:ae:1b:f0:8f:41:4d:18:21:53:56:70:93:01:82:c4:92:
         40:0c:40:d9
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUTFrBthFhT2riGWvxFAaI0eqdbWwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY3OEYzNDY2NUQ3QTUyODFBRUNEODk1Qjg5MkYwN0VB
MTM2Q0Y3MjAeFw0yMzA3MzEwMDAwMjdaFw0yNDA3MjkwMDA1MjdaMDMxMTAvBgNV
BAMTKEQwOTgzNjMyMkE3RkNDQzc1OEUzODU0OTg1QTAxQUM0OUZDMEUxMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv5FLpoJYklqXp1BIGIHXbyqnd
1THy8XQ73UdRznDQ9OY2XaQ/zZBJzIHMP/EhNuzlo/zbqeBGyHWs0da1aMdtQ2oQ
fAuiZkO3f3RWVmYdhFxA1INSs8MI/POj+Mp7Muqr+O8ahOylRk2gb5L17Di1UKII
D0ndlc/Tufzq8kT/2VLHK5kl1bKQbRorkoux5B/atM9+qHV+aQ8aA7wrh/QPTzl0
fLw7Q42hID3gKF923tBYBjYiJEl6spdyrT1bXtkxpEOCW2Y97v95SkeNmXAAlPg6
qX8FoAZBNmVhCbPwAxKx7Y+Rgm//0Z+sUgIpaBCAn0RL9qF7cTK4oUdIaXMTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU0Jg2Mip/zMdY44VJhaAaxJ/A4R8wHwYDVR0j
BBgwFoAUFnjzRmXXpSga7NiVuJLwfqE2z3IwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NzkzNjg2Yi0zMzg0LTQ0MTItOGU3Yy1lOWQxYjg1MmFhMWUvMC8xNjc4RjM0NjY1
RDdBNTI4MUFFQ0Q4OTVCODkyRjA3RUExMzZDRjcyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTY3OEYzNDY2NUQ3QTUyODFBRUNEODk1Qjg5MkYwN0VBMTM2
Q0Y3Mi5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3OTM2ODZiLTMzODQtNDQxMi04
ZTdjLWU5ZDFiODUyYWExZS8wLzMyMzAzMDMxM2E2NDY2MzMzYTY1MzYzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzMzODM3MzgzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABDfPm
ADANBgkqhkiG9w0BAQsFAAOCAQEAo8JTU9jt8gMaAAo/9QiDaPgq03FfXYRKuqm/
zXJog9dAP+OI6VUUpg7HDGHRnTJy6eWtcaHMT4+fEwY8y1wCtvl+F5oSXEePbI5I
NQbStK6OEKEK1BkR8CiAI7G1x+K6RGcGQbpjNHiOzIg0h5YLCoK2BIMdDWTtxX1h
dEQSc677Vp1BMHdW4w41l/UYhICLYbaQNAlsCcGsAfZDldT83BKWmmnBdqkoE+GT
DqujR+LnPUX0QIZ4tatQOKsymU9bg/sqO6vk8UAJbQla6ci7ybICXtIWzFl0hE+r
Gkft4BefdJaNQCyB/PMG1B2uG/CPQU0YIVNWcJMBgsSSQAxA2Q==
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:38:51 2024 by rpki-client on console-fra.rpki-client.org