Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/48f39bd4-cdac-41cf-8858-d7410f64d155/0/323430353a316534303a313a3a2f34382d3438203d3e203538343735.roa
File:                     323430353a316534303a313a3a2f34382d3438203d3e203538343735.roa (raw, json)
Hash identifier:          5wX6jJnWnnHHzX/VqvKgJiAHR72Di5B+DPg8BQumtqM=
Subject key identifier:   5D:AE:85:3E:31:D0:6C:D5:DF:48:3C:62:ED:D7:08:1E:7A:1F:00:FB
Certificate issuer:       /CN=A51E37523B05B166B7DE977CF4AC6596FDD97B98
Certificate serial:       1BFE7348788398A6A51F3CD7C8C5AEDB6DAF9426
Authority key identifier: A5:1E:37:52:3B:05:B1:66:B7:DE:97:7C:F4:AC:65:96:FD:D9:7B:98
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A51E37523B05B166B7DE977CF4AC6596FDD97B98.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/48f39bd4-cdac-41cf-8858-d7410f64d155/0/323430353a316534303a313a3a2f34382d3438203d3e203538343735.roa
Signing time:             Mon 31 Jul 2023 00:13:42 +0000
ROA not before:           Mon 31 Jul 2023 00:08:42 +0000
ROA not after:            Mon 29 Jul 2024 00:13:42 +0000
asID:                     58475
IP address blocks:        2405:1e40:1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/48f39bd4-cdac-41cf-8858-d7410f64d155/0/A51E37523B05B166B7DE977CF4AC6596FDD97B98.crl
                          rsync://repo-rpki.idnic.net/repo/48f39bd4-cdac-41cf-8858-d7410f64d155/0/A51E37523B05B166B7DE977CF4AC6596FDD97B98.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A51E37523B05B166B7DE977CF4AC6596FDD97B98.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:fe:73:48:78:83:98:a6:a5:1f:3c:d7:c8:c5:ae:db:6d:af:94:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A51E37523B05B166B7DE977CF4AC6596FDD97B98
        Validity
            Not Before: Jul 31 00:08:42 2023 GMT
            Not After : Jul 29 00:13:42 2024 GMT
        Subject: CN=5DAE853E31D06CD5DF483C62EDD7081E7A1F00FB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b6:a5:80:3d:ef:97:4d:80:71:3b:a6:be:22:
                    fc:ed:80:d5:82:3f:fb:74:87:b4:22:52:c3:c2:26:
                    c8:75:ee:19:b0:2a:23:d8:25:12:db:74:51:18:06:
                    96:84:bd:38:cf:74:55:74:d9:8d:43:57:ef:e0:5b:
                    10:ed:81:f3:fe:4b:11:e9:ee:02:1b:4b:42:66:2d:
                    a4:5d:f9:7c:00:a8:0d:54:14:46:18:1a:a1:a1:c7:
                    6c:0b:26:14:2d:54:08:54:b8:10:18:5b:57:1d:1a:
                    d5:ea:6b:d0:8c:ff:e1:65:9e:23:64:c0:fb:d1:8d:
                    d5:bd:de:3c:d8:ac:98:2c:9a:ca:e3:d0:19:5e:80:
                    0a:7a:80:53:f8:17:37:37:c7:5c:2e:46:e8:7a:35:
                    6b:02:27:62:78:27:7b:ba:3e:72:17:e3:98:00:5e:
                    74:ba:a0:a0:6e:ae:1b:53:ae:97:37:b5:26:10:cf:
                    23:50:79:45:06:23:5f:ea:b8:06:59:81:85:d1:3a:
                    b1:5a:db:1d:f9:23:09:0a:1f:d5:7a:32:ff:56:e6:
                    7f:2b:ec:f8:c7:42:e8:92:1b:ce:3b:fd:4f:c6:bf:
                    f5:2a:b4:ab:15:5d:03:4b:17:47:a9:02:7c:c9:b2:
                    3b:47:d0:aa:dc:5d:46:0e:97:98:c6:cb:16:18:4a:
                    f2:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:AE:85:3E:31:D0:6C:D5:DF:48:3C:62:ED:D7:08:1E:7A:1F:00:FB
            X509v3 Authority Key Identifier:
                keyid:A5:1E:37:52:3B:05:B1:66:B7:DE:97:7C:F4:AC:65:96:FD:D9:7B:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/48f39bd4-cdac-41cf-8858-d7410f64d155/0/A51E37523B05B166B7DE977CF4AC6596FDD97B98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A51E37523B05B166B7DE977CF4AC6596FDD97B98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/48f39bd4-cdac-41cf-8858-d7410f64d155/0/323430353a316534303a313a3a2f34382d3438203d3e203538343735.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:1e40:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         29:50:dd:f8:d0:b6:13:be:94:35:32:87:88:7f:c4:dc:c6:c5:
         f2:84:29:b3:a3:70:b7:52:0e:ab:49:b8:ff:6b:d2:4d:15:29:
         7f:c6:a1:6a:45:1c:c8:1f:b7:88:55:4f:91:b2:2f:1d:36:6d:
         02:23:26:16:75:55:55:87:8d:1b:ae:e1:ba:26:b0:4d:b0:6d:
         59:13:1c:fb:91:45:f3:ae:7c:9f:f2:1c:63:c5:28:a6:f4:f0:
         16:22:2e:2f:75:c0:78:7e:89:2b:40:46:8e:6f:05:5a:62:08:
         48:55:cd:bb:eb:3c:a6:e0:c1:03:9e:5f:20:cd:b5:98:e9:16:
         fb:3d:fd:6a:e9:84:23:cf:4e:40:03:9e:96:b6:12:ec:bd:9d:
         ce:7a:cd:4d:da:6b:1f:c1:bc:65:1d:f7:5d:4f:86:1f:89:c4:
         0e:83:9d:b2:b3:39:a0:ce:5e:02:47:dd:f2:83:57:4d:29:19:
         3d:6f:e0:58:57:f7:4e:7f:30:92:a2:cd:2c:ee:b5:0d:eb:c8:
         5b:3c:31:ea:10:b8:16:da:58:fb:f1:d7:26:73:cd:30:90:e9:
         4c:d6:22:33:6a:1d:97:56:4c:df:7e:ed:05:9d:ec:e5:ca:11:
         a6:26:f1:13:b7:62:2d:a3:96:bd:72:6b:2e:86:e9:19:2e:ba:
         81:fd:45:14
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUG/5zSHiDmKalHzzXyMWu222vlCYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTUxRTM3NTIzQjA1QjE2NkI3REU5NzdDRjRBQzY1OTZG
REQ5N0I5ODAeFw0yMzA3MzEwMDA4NDJaFw0yNDA3MjkwMDEzNDJaMDMxMTAvBgNV
BAMTKDVEQUU4NTNFMzFEMDZDRDVERjQ4M0M2MkVERDcwODFFN0ExRjAwRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCtqWAPe+XTYBxO6a+IvztgNWC
P/t0h7QiUsPCJsh17hmwKiPYJRLbdFEYBpaEvTjPdFV02Y1DV+/gWxDtgfP+SxHp
7gIbS0JmLaRd+XwAqA1UFEYYGqGhx2wLJhQtVAhUuBAYW1cdGtXqa9CM/+FlniNk
wPvRjdW93jzYrJgsmsrj0BlegAp6gFP4Fzc3x1wuRuh6NWsCJ2J4J3u6PnIX45gA
XnS6oKBurhtTrpc3tSYQzyNQeUUGI1/quAZZgYXROrFa2x35IwkKH9V6Mv9W5n8r
7PjHQuiSG847/U/Gv/UqtKsVXQNLF0epAnzJsjtH0KrcXUYOl5jGyxYYSvIRAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUXa6FPjHQbNXfSDxi7dcIHnofAPswHwYDVR0j
BBgwFoAUpR43UjsFsWa33pd89Kxllv3Ze5gwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
OGYzOWJkNC1jZGFjLTQxY2YtODg1OC1kNzQxMGY2NGQxNTUvMC9BNTFFMzc1MjNC
MDVCMTY2QjdERTk3N0NGNEFDNjU5NkZERDk3Qjk4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTUxRTM3NTIzQjA1QjE2NkI3REU5NzdDRjRBQzY1OTZGREQ5
N0I5OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQ4ZjM5YmQ0LWNkYWMtNDFjZi04
ODU4LWQ3NDEwZjY0ZDE1NS8wLzMyMzQzMDM1M2EzMTY1MzQzMDNhMzEzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzNTM4MzQzNzM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAUeQAABMA0G
CSqGSIb3DQEBCwUAA4IBAQApUN340LYTvpQ1MoeIf8TcxsXyhCmzo3C3Ug6rSbj/
a9JNFSl/xqFqRRzIH7eIVU+Rsi8dNm0CIyYWdVVVh40bruG6JrBNsG1ZExz7kUXz
rnyf8hxjxSim9PAWIi4vdcB4fokrQEaObwVaYghIVc276zym4MEDnl8gzbWY6Rb7
Pf1q6YQjz05AA56WthLsvZ3Oes1N2msfwbxlHfddT4YficQOg52yszmgzl4CR93y
g1dNKRk9b+BYV/dOfzCSos0s7rUN68hbPDHqELgW2lj78dcmc80wkOlM1iIzah2X
Vkzffu0FnezlyhGmJvETt2Ito5a9cmsuhukZLrqB/UUU
-----END CERTIFICATE-----
Generated at Wed Mar 27 20:56:59 2024 by rpki-client on console-ams.rpki-client.org