Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/3230332e38302e31332e302f32342d3234203d3e203234323034.roa
File:                     3230332e38302e31332e302f32342d3234203d3e203234323034.roa (raw, json)
Hash identifier:          3fTI/WxA7kYpZmfRx97Qf7vsJ99FuhNt9oBu679sNYI=
Subject key identifier:   BA:75:89:C4:9D:6A:01:F4:88:E9:53:E1:AB:7C:63:8C:66:66:0B:99
Certificate issuer:       /CN=28351380A86044778274FC7CEC0F116CF3B3CA39
Certificate serial:       0738119F37B46BAC103DCC3C13BFB7BC8D5B3AE8
Authority key identifier: 28:35:13:80:A8:60:44:77:82:74:FC:7C:EC:0F:11:6C:F3:B3:CA:39
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/3230332e38302e31332e302f32342d3234203d3e203234323034.roa
Signing time:             Mon 31 Jul 2023 00:07:22 +0000
ROA not before:           Mon 31 Jul 2023 00:02:22 +0000
ROA not after:            Mon 29 Jul 2024 00:07:22 +0000
asID:                     24204
IP address blocks:        203.80.13.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.crl
                          rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:38:11:9f:37:b4:6b:ac:10:3d:cc:3c:13:bf:b7:bc:8d:5b:3a:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28351380A86044778274FC7CEC0F116CF3B3CA39
        Validity
            Not Before: Jul 31 00:02:22 2023 GMT
            Not After : Jul 29 00:07:22 2024 GMT
        Subject: CN=BA7589C49D6A01F488E953E1AB7C638C66660B99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:7f:0e:66:95:de:75:34:9f:72:de:1c:01:36:
                    b5:5c:54:1b:51:22:da:0b:e3:4c:cb:e3:ca:3f:a8:
                    fe:d6:24:73:97:57:f6:35:59:0d:97:75:76:04:23:
                    53:e4:1d:42:9b:3b:09:4d:21:c9:69:55:d0:e3:db:
                    62:e8:6a:20:2a:31:5e:9a:1b:64:11:91:72:fd:d1:
                    c5:f9:6b:93:3f:a5:56:b2:71:cd:56:c0:9c:f8:c2:
                    65:76:4a:39:20:a4:fc:b6:e0:dc:1f:0b:7b:45:df:
                    8c:bc:55:4b:1b:4f:c1:f2:cf:87:ad:26:96:ae:9c:
                    b7:15:45:aa:2c:bc:42:b7:58:20:00:09:52:1f:d1:
                    7e:03:37:21:88:af:0d:c8:43:3f:00:28:df:47:a3:
                    d8:7a:3d:8f:5c:b1:8e:1c:c4:21:9e:04:fd:8a:eb:
                    0e:c9:85:3a:de:b3:15:fb:db:48:67:ec:47:cd:bc:
                    75:11:68:c2:3c:a1:77:77:06:43:96:14:93:a7:f3:
                    e9:49:eb:86:63:78:7b:99:9c:46:90:6b:4a:dd:c2:
                    5b:64:94:2c:5e:a0:43:55:bf:78:75:0e:a1:c5:77:
                    84:b7:3b:e4:a6:95:8f:4d:c0:d4:3d:e1:45:76:f7:
                    67:c2:c3:d2:11:05:4c:b4:85:cb:d1:7e:cc:53:50:
                    3b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BA:75:89:C4:9D:6A:01:F4:88:E9:53:E1:AB:7C:63:8C:66:66:0B:99
            X509v3 Authority Key Identifier:
                keyid:28:35:13:80:A8:60:44:77:82:74:FC:7C:EC:0F:11:6C:F3:B3:CA:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/28351380A86044778274FC7CEC0F116CF3B3CA39.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/28351380A86044778274FC7CEC0F116CF3B3CA39.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/524a9105-8d2a-4b38-a6ae-05ead69719a3/0/3230332e38302e31332e302f32342d3234203d3e203234323034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.80.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:e6:a7:71:2f:61:97:fe:21:bf:55:0e:0d:1d:62:75:3c:74:
         67:21:ba:7a:bf:02:ad:79:5b:c5:21:ca:19:c1:b7:50:a9:14:
         f3:e9:c9:aa:82:ac:70:ca:c5:cf:b7:97:34:e5:cd:79:04:12:
         e6:4e:75:b3:10:42:87:3e:75:c1:13:77:fe:aa:b0:5b:73:e2:
         ec:68:e2:b5:03:87:74:35:fc:c2:5c:d8:f7:d1:e9:c9:8c:58:
         d7:df:fd:af:2b:5d:0b:14:00:5e:60:be:b3:4e:a6:fa:2a:e7:
         d5:b5:14:1d:07:d7:69:3f:a4:af:e6:43:f0:2b:67:4c:0e:0f:
         36:57:90:61:b3:e4:c9:d8:01:79:fa:9d:a9:8e:74:86:79:13:
         a9:b6:bf:4f:67:d0:f2:ea:9c:41:14:d6:bb:b8:47:37:4b:4c:
         1e:f2:8b:18:ae:e0:8e:59:36:b6:4d:db:fc:c2:d2:4f:00:47:
         51:3f:2b:eb:8c:a4:46:df:50:d0:84:aa:01:3b:d2:31:ca:f5:
         3a:8f:0c:0e:b4:0e:4d:89:e5:8b:f8:f4:79:8b:97:7d:ee:bb:
         7d:97:65:52:e6:e6:2c:aa:93:51:eb:fe:73:c3:81:d7:99:96:
         54:0b:2c:f4:e5:b9:b0:bd:e2:3b:d0:7a:1f:95:6a:3d:5c:63:
         bf:49:db:b7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUBzgRnze0a6wQPcw8E7+3vI1bOugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjExNkNG
M0IzQ0EzOTAeFw0yMzA3MzEwMDAyMjJaFw0yNDA3MjkwMDA3MjJaMDMxMTAvBgNV
BAMTKEJBNzU4OUM0OUQ2QTAxRjQ4OEU5NTNFMUFCN0M2MzhDNjY2NjBCOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8fw5mld51NJ9y3hwBNrVcVBtR
ItoL40zL48o/qP7WJHOXV/Y1WQ2XdXYEI1PkHUKbOwlNIclpVdDj22LoaiAqMV6a
G2QRkXL90cX5a5M/pVaycc1WwJz4wmV2SjkgpPy24NwfC3tF34y8VUsbT8Hyz4et
JpaunLcVRaosvEK3WCAACVIf0X4DNyGIrw3IQz8AKN9Ho9h6PY9csY4cxCGeBP2K
6w7JhTresxX720hn7EfNvHURaMI8oXd3BkOWFJOn8+lJ64ZjeHuZnEaQa0rdwltk
lCxeoENVv3h1DqHFd4S3O+SmlY9NwNQ94UV292fCw9IRBUy0hcvRfsxTUDsZAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUunWJxJ1qAfSI6VPhq3xjjGZmC5kwHwYDVR0j
BBgwFoAUKDUTgKhgRHeCdPx87A8RbPOzyjkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
MjRhOTEwNS04ZDJhLTRiMzgtYTZhZS0wNWVhZDY5NzE5YTMvMC8yODM1MTM4MEE4
NjA0NDc3ODI3NEZDN0NFQzBGMTE2Q0YzQjNDQTM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjgzNTEzODBBODYwNDQ3NzgyNzRGQzdDRUMwRjExNkNGM0Iz
Q0EzOS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzUyNGE5MTA1LThkMmEtNGIzOC1h
NmFlLTA1ZWFkNjk3MTlhMy8wLzMyMzAzMzJlMzgzMDJlMzEzMzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMyMzQzMjMwMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADLUA0wDQYJKoZIhvcN
AQELBQADggEBAJDmp3EvYZf+Ib9VDg0dYnU8dGchunq/Aq15W8UhyhnBt1CpFPPp
yaqCrHDKxc+3lzTlzXkEEuZOdbMQQoc+dcETd/6qsFtz4uxo4rUDh3Q1/MJc2PfR
6cmMWNff/a8rXQsUAF5gvrNOpvoq59W1FB0H12k/pK/mQ/ArZ0wODzZXkGGz5MnY
AXn6namOdIZ5E6m2v09n0PLqnEEU1ru4RzdLTB7yixiu4I5ZNrZN2/zC0k8AR1E/
K+uMpEbfUNCEqgE70jHK9TqPDA60Dk2J5Yv49HmLl33uu32XZVLm5iyqk1Hr/nPD
gdeZllQLLPTlubC94jvQeh+Vaj1cY79J27c=
-----END CERTIFICATE-----
Generated at Fri Mar 29 08:39:15 2024 by rpki-client on console-ams.rpki-client.org