Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3132332e3233312e3230392e302f32342d3234203d3e20313333383431.roa
File:                     3132332e3233312e3230392e302f32342d3234203d3e20313333383431.roa (raw, json)
Hash identifier:          GkE3oluVyyXhcObyWMDLQcje7BjpEAzL4FhIr+7RRKo=
Subject key identifier:   BE:C2:61:F5:45:47:A0:85:BC:54:FB:0D:1F:8B:99:7A:8D:11:BC:96
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       237B5C94F2C7E01D06DDAF0047AAFB778D859660
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3132332e3233312e3230392e302f32342d3234203d3e20313333383431.roa
Signing time:             Mon 31 Jul 2023 00:04:29 +0000
ROA not before:           Sun 30 Jul 2023 23:59:29 +0000
ROA not after:            Mon 29 Jul 2024 00:04:29 +0000
asID:                     133841
IP address blocks:        123.231.209.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 19:44:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:7b:5c:94:f2:c7:e0:1d:06:dd:af:00:47:aa:fb:77:8d:85:96:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jul 30 23:59:29 2023 GMT
            Not After : Jul 29 00:04:29 2024 GMT
        Subject: CN=BEC261F54547A085BC54FB0D1F8B997A8D11BC96
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:47:df:10:d3:1f:c4:07:2e:3e:20:13:3b:92:
                    ca:2f:29:81:a1:41:21:ca:89:a5:15:d9:3e:33:94:
                    87:8d:14:04:d4:af:b4:ef:8d:7e:27:0a:70:c6:92:
                    6c:80:69:47:ff:52:1e:a5:8c:62:6c:7f:de:10:53:
                    2c:8f:2a:7c:6e:c6:f4:b9:c6:2d:41:3c:5f:c9:94:
                    68:8c:c9:8b:df:cb:2a:b2:0c:c3:1f:9f:1b:9a:18:
                    74:2f:46:d8:8a:66:5b:db:13:00:e3:6f:56:03:55:
                    95:67:3e:61:36:85:42:cd:1b:20:42:77:f6:6e:c2:
                    d2:9e:e7:56:f4:8f:ff:39:8d:ec:50:54:0f:2e:07:
                    39:1f:0b:38:ee:35:0c:03:10:94:0c:da:f4:54:f5:
                    a7:63:fe:17:d4:5b:8a:3e:48:a6:7b:ff:21:cc:c7:
                    71:ac:3b:79:4a:96:be:33:8f:0d:47:3d:84:86:c7:
                    49:96:e3:86:8e:3a:a5:4b:e2:f5:d1:b5:cd:0d:46:
                    2e:38:29:d7:c7:bd:2b:3e:76:72:d3:9e:bc:f6:f2:
                    fd:c3:c6:33:d2:b3:98:d1:5c:d8:05:b4:74:89:b1:
                    c8:8a:5d:34:8f:c1:39:26:2f:0a:0f:7e:0d:5c:90:
                    61:56:9b:b7:93:e8:e3:bf:c8:16:90:ff:55:53:4e:
                    17:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:C2:61:F5:45:47:A0:85:BC:54:FB:0D:1F:8B:99:7A:8D:11:BC:96
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3132332e3233312e3230392e302f32342d3234203d3e20313333383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  123.231.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:01:e1:78:64:62:02:7b:d1:3c:54:5b:56:4a:9d:5a:26:ac:
         82:81:60:da:d6:c4:30:0d:da:94:a0:8d:ed:d8:f0:6d:2d:ff:
         11:4a:28:7f:7e:27:77:a1:c7:b9:81:97:93:37:b6:c0:f6:b1:
         d6:37:0d:87:3d:3e:9d:d0:79:52:e5:a3:cc:c0:42:3d:d5:16:
         a8:ea:1f:0f:61:71:ba:14:8b:df:a4:54:e0:62:e4:7b:f9:46:
         05:c8:c8:5d:67:6f:e3:ab:c3:15:71:a0:9c:3f:69:47:e0:32:
         56:90:aa:f2:e0:b9:f7:5b:09:23:94:e5:0e:67:0c:89:38:f6:
         23:a7:bb:44:d8:d7:b7:e2:cb:af:ff:22:f7:d4:80:59:d8:9c:
         1c:b9:f5:2e:59:be:16:57:10:03:70:11:08:65:f5:53:bb:83:
         64:01:94:57:e4:af:5f:50:eb:8e:73:f7:94:b5:09:4b:aa:1a:
         94:9b:a7:23:3f:d7:9f:32:b2:7d:2f:2e:f7:ae:03:6b:a6:9b:
         d1:bf:fc:2d:2e:6d:88:0b:4b:71:bf:7f:ef:74:70:9d:19:60:
         a1:da:91:0f:5d:2d:1f:81:82:36:f5:8a:dc:5f:4a:56:eb:bb:
         5f:de:94:62:77:ba:b9:ee:d7:48:ca:cc:90:81:71:ef:48:45:
         5d:39:fd:76
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUI3tclPLH4B0G3a8AR6r7d42FlmAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yMzA3MzAyMzU5MjlaFw0yNDA3MjkwMDA0MjlaMDMxMTAvBgNV
BAMTKEJFQzI2MUY1NDU0N0EwODVCQzU0RkIwRDFGOEI5OTdBOEQxMUJDOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9R98Q0x/EBy4+IBM7ksovKYGh
QSHKiaUV2T4zlIeNFATUr7TvjX4nCnDGkmyAaUf/Uh6ljGJsf94QUyyPKnxuxvS5
xi1BPF/JlGiMyYvfyyqyDMMfnxuaGHQvRtiKZlvbEwDjb1YDVZVnPmE2hULNGyBC
d/ZuwtKe51b0j/85jexQVA8uBzkfCzjuNQwDEJQM2vRU9adj/hfUW4o+SKZ7/yHM
x3GsO3lKlr4zjw1HPYSGx0mW44aOOqVL4vXRtc0NRi44KdfHvSs+dnLTnrz28v3D
xjPSs5jRXNgFtHSJsciKXTSPwTkmLwoPfg1ckGFWm7eT6OO/yBaQ/1VTThdZAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUvsJh9UVHoIW8VPsNH4uZeo0RvJYwHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMxMzIzMzJlMzIzMzMxMmUzMjMwMzkyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzMzODM0MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAB759EwDQYJ
KoZIhvcNAQELBQADggEBACgB4XhkYgJ70TxUW1ZKnVomrIKBYNrWxDAN2pSgje3Y
8G0t/xFKKH9+J3ehx7mBl5M3tsD2sdY3DYc9Pp3QeVLlo8zAQj3VFqjqHw9hcboU
i9+kVOBi5Hv5RgXIyF1nb+OrwxVxoJw/aUfgMlaQqvLgufdbCSOU5Q5nDIk49iOn
u0TY17fiy6//IvfUgFnYnBy59S5ZvhZXEANwEQhl9VO7g2QBlFfkr19Q645z95S1
CUuqGpSbpyM/158ysn0vLveuA2umm9G//C0ubYgLS3G/f+90cJ0ZYKHakQ9dLR+B
gjb1itxfSlbru1/elGJ3urnu10jKzJCBce9IRV05/XY=
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:54:32 2024 by rpki-client on console-fra.rpki-client.org