Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3132352e3231332e3132382e302f32342d3234203d3e203338353133.roa
File:                     3132352e3231332e3132382e302f32342d3234203d3e203338353133.roa (raw, json)
Hash identifier:          EpWKl2NFAmiECv4yhdodeDg/qttrrVeAQYjcqrdlxwU=
Subject key identifier:   40:0D:8E:5D:25:1C:22:19:13:75:99:0B:21:C0:20:29:43:E9:91:9E
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       44BCBFFC5FBF53237102D95022E8F8AD4282A0DE
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3132352e3231332e3132382e302f32342d3234203d3e203338353133.roa
Signing time:             Mon 31 Jul 2023 00:04:29 +0000
ROA not before:           Sun 30 Jul 2023 23:59:29 +0000
ROA not after:            Mon 29 Jul 2024 00:04:29 +0000
asID:                     38513
IP address blocks:        125.213.128.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 19:44:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:bc:bf:fc:5f:bf:53:23:71:02:d9:50:22:e8:f8:ad:42:82:a0:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jul 30 23:59:29 2023 GMT
            Not After : Jul 29 00:04:29 2024 GMT
        Subject: CN=400D8E5D251C22191375990B21C0202943E9919E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:2f:e2:b8:43:be:1f:80:f2:00:55:cf:5b:57:
                    2e:5d:45:88:4a:06:68:eb:f7:4b:df:27:9d:27:da:
                    53:19:98:78:2a:40:61:94:6c:03:29:6a:18:4f:a3:
                    67:4d:1b:ea:89:7d:53:06:b6:e0:9e:59:ae:cb:0d:
                    73:45:57:3c:e6:da:7d:3b:75:45:27:5f:bc:56:b8:
                    97:69:2f:09:02:29:b7:8e:97:52:80:10:20:88:91:
                    31:5b:a9:9f:e3:8a:55:bc:8b:24:cf:14:c9:fc:50:
                    0b:6e:fc:44:d7:1a:b5:8c:d8:32:5a:de:46:01:5b:
                    14:b9:31:8f:6c:97:59:e1:3e:6a:3c:a8:70:82:72:
                    b8:9a:93:d0:ff:de:c7:c3:29:e3:c7:95:f0:f5:41:
                    a9:6b:c1:ee:31:db:0c:13:00:26:09:26:78:61:2a:
                    3f:97:cf:75:ed:dd:5f:61:46:d7:9c:c6:10:de:4c:
                    b3:df:b2:9d:ea:fe:cf:b7:88:be:e3:b6:e8:b4:f0:
                    0e:3a:5e:7d:f1:f5:36:ca:d4:90:bc:50:a1:ee:37:
                    bc:4e:73:97:1f:56:24:7b:15:23:49:4f:c0:1d:47:
                    52:5a:f3:f6:e7:82:dd:31:59:b4:01:6d:97:39:d2:
                    34:66:5a:a2:e2:0a:77:a8:09:b8:e5:b0:ef:5f:83:
                    46:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:0D:8E:5D:25:1C:22:19:13:75:99:0B:21:C0:20:29:43:E9:91:9E
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3132352e3231332e3132382e302f32342d3234203d3e203338353133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.213.128.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:85:08:63:1b:65:a0:16:ff:a9:00:f9:99:55:b5:2f:7e:6d:
         bc:47:04:3f:86:7b:01:b6:07:6f:7c:ba:69:48:ec:ee:2c:07:
         1e:fd:6c:9e:d3:ec:ea:57:e3:9e:fc:ad:12:cf:60:ad:b3:e9:
         d6:7c:fe:9e:00:d2:9c:a8:76:05:e6:84:0b:d5:b8:9d:7b:53:
         0f:69:3e:cb:54:ab:12:9e:4b:59:f1:f5:eb:76:7e:0b:8c:ad:
         3d:69:4c:1c:01:f8:1b:67:58:92:48:b4:38:6e:b2:3a:f0:8b:
         5f:8a:d3:f8:a0:7c:55:fc:e2:1c:16:a7:da:75:ea:f3:58:30:
         5a:83:3f:88:04:45:42:82:15:0b:72:22:9e:a1:39:49:68:67:
         d3:d2:91:75:53:25:3d:1d:37:89:3d:70:85:b5:55:02:a0:11:
         96:89:4c:2a:92:9a:57:97:41:f1:40:88:a8:cd:4b:48:3d:c2:
         2b:6e:15:62:39:29:b9:c7:0f:21:15:62:28:8a:b4:1b:3f:68:
         12:2c:db:77:37:3f:0d:bc:6f:dc:38:2d:d3:01:13:71:d3:e8:
         ce:b8:1a:16:71:a8:aa:f1:d9:da:69:9d:2b:c8:ec:51:e3:97:
         be:ee:2c:59:2d:bb:55:26:88:8a:48:e3:07:69:53:59:11:d3:
         68:d4:70:b0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIURLy//F+/UyNxAtlQIuj4rUKCoN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yMzA3MzAyMzU5MjlaFw0yNDA3MjkwMDA0MjlaMDMxMTAvBgNV
BAMTKDQwMEQ4RTVEMjUxQzIyMTkxMzc1OTkwQjIxQzAyMDI5NDNFOTkxOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOL+K4Q74fgPIAVc9bVy5dRYhK
Bmjr90vfJ50n2lMZmHgqQGGUbAMpahhPo2dNG+qJfVMGtuCeWa7LDXNFVzzm2n07
dUUnX7xWuJdpLwkCKbeOl1KAECCIkTFbqZ/jilW8iyTPFMn8UAtu/ETXGrWM2DJa
3kYBWxS5MY9sl1nhPmo8qHCCcriak9D/3sfDKePHlfD1Qalrwe4x2wwTACYJJnhh
Kj+Xz3Xt3V9hRtecxhDeTLPfsp3q/s+3iL7jtui08A46Xn3x9TbK1JC8UKHuN7xO
c5cfViR7FSNJT8AdR1Ja8/bngt0xWbQBbZc50jRmWqLiCneoCbjlsO9fg0ZzAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUQA2OXSUcIhkTdZkLIcAgKUPpkZ4wHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMxMzIzNTJlMzIzMTMzMmUzMTMyMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMzM4MzUzMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAfdWAMA0GCSqG
SIb3DQEBCwUAA4IBAQAUhQhjG2WgFv+pAPmZVbUvfm28RwQ/hnsBtgdvfLppSOzu
LAce/Wye0+zqV+Oe/K0Sz2Cts+nWfP6eANKcqHYF5oQL1bide1MPaT7LVKsSnktZ
8fXrdn4LjK09aUwcAfgbZ1iSSLQ4brI68ItfitP4oHxV/OIcFqfaderzWDBagz+I
BEVCghULciKeoTlJaGfT0pF1UyU9HTeJPXCFtVUCoBGWiUwqkppXl0HxQIiozUtI
PcIrbhViOSm5xw8hFWIoirQbP2gSLNt3Nz8NvG/cOC3TARNx0+jOuBoWcaiq8dna
aZ0ryOxR45e+7ixZLbtVJoiKSOMHaVNZEdNo1HCw
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:34:03 2024 by rpki-client on console-ams.rpki-client.org