Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/3230322e3132392e3232342e302f32322d3234203d3e203338373831.roa
File:                     3230322e3132392e3232342e302f32322d3234203d3e203338373831.roa (raw, json)
Hash identifier:          VyPcFzL7unUEo+LFLnlLF/ON3HsZVvWhlC7EcReXJTE=
Subject key identifier:   7A:DF:B4:91:AE:B6:3B:46:F2:03:66:2B:3B:38:51:E0:18:AE:26:0C
Certificate issuer:       /CN=1678F34665D7A5281AECD895B892F07EA136CF72
Certificate serial:       4E6CA132A625088AC7A390B168BC63F717C43828
Authority key identifier: 16:78:F3:46:65:D7:A5:28:1A:EC:D8:95:B8:92:F0:7E:A1:36:CF:72
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1678F34665D7A5281AECD895B892F07EA136CF72.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/3230322e3132392e3232342e302f32322d3234203d3e203338373831.roa
Signing time:             Mon 31 Jul 2023 00:05:27 +0000
ROA not before:           Mon 31 Jul 2023 00:00:27 +0000
ROA not after:            Mon 29 Jul 2024 00:05:27 +0000
asID:                     38781
IP address blocks:        202.129.224.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.crl
                          rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1678F34665D7A5281AECD895B892F07EA136CF72.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:6c:a1:32:a6:25:08:8a:c7:a3:90:b1:68:bc:63:f7:17:c4:38:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1678F34665D7A5281AECD895B892F07EA136CF72
        Validity
            Not Before: Jul 31 00:00:27 2023 GMT
            Not After : Jul 29 00:05:27 2024 GMT
        Subject: CN=7ADFB491AEB63B46F203662B3B3851E018AE260C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ba:55:1c:36:8f:bf:f9:ef:71:05:b0:5c:fb:
                    36:fd:5f:50:46:3a:c1:3f:c8:c8:eb:2d:84:d2:0e:
                    d3:9d:66:fb:c1:58:97:9c:df:2a:34:58:d6:09:82:
                    07:4e:29:82:63:50:50:90:d5:4e:1e:88:59:bc:19:
                    47:87:8c:cd:c2:91:70:d7:49:0a:86:77:2c:cf:8e:
                    f2:1c:bb:72:38:f3:07:2d:a3:10:bf:cc:28:b1:7a:
                    58:a7:f5:09:be:e4:21:04:60:85:a7:0a:01:ef:5c:
                    b4:0c:e9:d4:ad:c2:36:32:57:ad:8a:f0:b5:12:18:
                    63:45:67:de:67:ff:70:d8:fb:e8:63:4c:6c:0e:0c:
                    17:92:aa:78:66:8e:5d:61:14:5a:66:38:0c:2d:52:
                    36:a0:65:2d:75:f8:55:73:77:ec:f3:e6:91:43:fb:
                    54:56:93:c4:12:fb:c4:28:4a:57:70:40:50:9c:50:
                    d7:56:4c:21:3e:38:05:78:58:db:93:da:70:3a:d1:
                    39:ef:47:13:3f:a0:04:a5:53:e3:55:27:ed:76:b1:
                    e8:76:fc:d1:68:d9:a4:26:2c:cb:77:a6:c8:e7:b6:
                    2e:39:eb:4c:74:59:7b:6f:db:4c:aa:73:92:27:d3:
                    be:ef:2c:80:d3:8d:78:b7:57:bf:87:f9:d6:bf:99:
                    f5:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:DF:B4:91:AE:B6:3B:46:F2:03:66:2B:3B:38:51:E0:18:AE:26:0C
            X509v3 Authority Key Identifier:
                keyid:16:78:F3:46:65:D7:A5:28:1A:EC:D8:95:B8:92:F0:7E:A1:36:CF:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/1678F34665D7A5281AECD895B892F07EA136CF72.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1678F34665D7A5281AECD895B892F07EA136CF72.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4793686b-3384-4412-8e7c-e9d1b852aa1e/0/3230322e3132392e3232342e302f32322d3234203d3e203338373831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.129.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:c4:8c:89:56:bb:a7:23:1d:dc:b1:c0:b4:62:72:8e:3b:54:
         22:e5:93:4b:4b:6b:7a:cf:91:8e:fe:79:f0:69:f4:2f:c9:5a:
         cf:8a:cf:63:dd:c5:5b:0d:c9:45:71:60:1d:88:d0:b7:6d:26:
         f4:20:06:0f:96:1c:f7:55:c8:cf:5f:da:0a:6a:01:54:87:75:
         0c:39:97:c0:74:b1:50:29:6a:9b:99:d7:39:9c:38:e1:88:b9:
         d5:08:b3:fd:14:50:15:75:4d:d6:48:1b:02:6e:d2:3b:ba:10:
         e5:63:e1:f8:e4:a5:d6:79:cb:e3:e1:c0:78:33:a9:33:e1:58:
         94:2b:ee:13:37:c6:37:21:93:9c:15:27:58:80:7d:4f:36:e8:
         c7:ba:66:89:a4:f9:b9:98:6a:15:7c:30:08:af:3b:c5:54:0b:
         9c:b8:a9:8c:b6:4d:56:ab:7b:2d:ac:26:12:4f:b3:58:24:e4:
         d8:ec:cb:54:62:81:17:60:69:1b:b7:6c:0e:18:7d:b3:93:a2:
         c7:ad:4f:eb:bc:88:ef:ea:ee:0b:a3:fb:9a:33:0d:e5:95:1d:
         82:66:7f:03:6c:3c:1d:c0:51:f0:5b:b3:26:52:64:a8:eb:5a:
         d7:83:d5:21:b5:be:1d:01:ae:ed:ab:46:fa:2d:16:4a:46:e5:
         12:bb:bd:1b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUTmyhMqYlCIrHo5CxaLxj9xfEOCgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY3OEYzNDY2NUQ3QTUyODFBRUNEODk1Qjg5MkYwN0VB
MTM2Q0Y3MjAeFw0yMzA3MzEwMDAwMjdaFw0yNDA3MjkwMDA1MjdaMDMxMTAvBgNV
BAMTKDdBREZCNDkxQUVCNjNCNDZGMjAzNjYyQjNCMzg1MUUwMThBRTI2MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwulUcNo+/+e9xBbBc+zb9X1BG
OsE/yMjrLYTSDtOdZvvBWJec3yo0WNYJggdOKYJjUFCQ1U4eiFm8GUeHjM3CkXDX
SQqGdyzPjvIcu3I48wctoxC/zCixelin9Qm+5CEEYIWnCgHvXLQM6dStwjYyV62K
8LUSGGNFZ95n/3DY++hjTGwODBeSqnhmjl1hFFpmOAwtUjagZS11+FVzd+zz5pFD
+1RWk8QS+8QoSldwQFCcUNdWTCE+OAV4WNuT2nA60TnvRxM/oASlU+NVJ+12seh2
/NFo2aQmLMt3psjnti4560x0WXtv20yqc5In077vLIDTjXi3V7+H+da/mfW/AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUet+0ka62O0byA2YrOzhR4BiuJgwwHwYDVR0j
BBgwFoAUFnjzRmXXpSga7NiVuJLwfqE2z3IwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
NzkzNjg2Yi0zMzg0LTQ0MTItOGU3Yy1lOWQxYjg1MmFhMWUvMC8xNjc4RjM0NjY1
RDdBNTI4MUFFQ0Q4OTVCODkyRjA3RUExMzZDRjcyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTY3OEYzNDY2NUQ3QTUyODFBRUNEODk1Qjg5MkYwN0VBMTM2
Q0Y3Mi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ3OTM2ODZiLTMzODQtNDQxMi04
ZTdjLWU5ZDFiODUyYWExZS8wLzMyMzAzMjJlMzEzMjM5MmUzMjMyMzQyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMzM4MzczODMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCyoHgMA0GCSqG
SIb3DQEBCwUAA4IBAQB1xIyJVrunIx3cscC0YnKOO1Qi5ZNLS2t6z5GO/nnwafQv
yVrPis9j3cVbDclFcWAdiNC3bSb0IAYPlhz3VcjPX9oKagFUh3UMOZfAdLFQKWqb
mdc5nDjhiLnVCLP9FFAVdU3WSBsCbtI7uhDlY+H45KXWecvj4cB4M6kz4ViUK+4T
N8Y3IZOcFSdYgH1PNujHumaJpPm5mGoVfDAIrzvFVAucuKmMtk1Wq3strCYST7NY
JOTY7MtUYoEXYGkbt2wOGH2zk6LHrU/rvIjv6u4Lo/uaMw3llR2CZn8DbDwdwFHw
W7MmUmSo61rXg9Uhtb4dAa7tq0b6LRZKRuUSu70b
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:38:51 2024 by rpki-client on console-fra.rpki-client.org