Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138322e32332e37322e302f32342d3234203d3e203338353133.roa
File:                     3138322e32332e37322e302f32342d3234203d3e203338353133.roa (raw, json)
Hash identifier:          HvAfr2ns71G9wWPjtee4IOD3oHH+OBisGbj65QvSA+U=
Subject key identifier:   2A:EC:17:90:93:99:90:FC:C1:B5:A7:7F:E2:C5:B3:89:0D:EA:AE:18
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       A32541A9CE3C529A6C02DDA91C90CFB91622D0
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138322e32332e37322e302f32342d3234203d3e203338353133.roa
Signing time:             Mon 31 Jul 2023 00:04:30 +0000
ROA not before:           Sun 30 Jul 2023 23:59:30 +0000
ROA not after:            Mon 29 Jul 2024 00:04:30 +0000
asID:                     38513
IP address blocks:        182.23.72.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 19:44:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            a3:25:41:a9:ce:3c:52:9a:6c:02:dd:a9:1c:90:cf:b9:16:22:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jul 30 23:59:30 2023 GMT
            Not After : Jul 29 00:04:30 2024 GMT
        Subject: CN=2AEC1790939990FCC1B5A77FE2C5B3890DEAAE18
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:84:8e:d7:b2:17:5c:72:8f:7b:5f:e9:82:5a:
                    d4:a3:17:2b:ba:0b:3c:cb:cf:28:14:20:6a:d7:4f:
                    86:6e:77:78:26:66:28:bd:20:a6:f8:de:f5:9d:27:
                    80:05:cf:f6:b4:df:cb:c2:3a:3d:25:29:cd:6f:9e:
                    71:1c:e9:ae:06:11:89:7b:8f:7e:ac:6e:3d:fb:0d:
                    f7:fa:e2:7a:6e:7d:12:6f:02:7c:84:6f:5e:27:cd:
                    95:03:7f:18:b1:6e:e8:3d:b9:35:07:79:84:67:6f:
                    47:a3:49:81:46:1f:b4:f9:b0:91:f6:f0:9c:2c:0c:
                    55:43:63:89:3a:88:1a:f9:0e:9c:0d:a3:1c:c9:77:
                    e5:ab:27:8c:0a:fc:d3:63:b3:57:cf:03:39:c4:73:
                    ae:53:6c:e7:7f:41:04:74:22:f7:bf:ce:f8:45:4e:
                    d3:76:cd:61:ad:6b:a9:8b:33:b8:82:43:2e:04:fe:
                    d9:48:f7:3a:49:29:c6:5d:bf:7f:26:9c:66:01:a7:
                    b1:a2:8d:91:94:54:93:b5:04:73:46:eb:97:26:ba:
                    8e:c1:d6:a6:58:f2:4f:3f:bd:fe:b0:3b:61:e6:5d:
                    4b:15:50:df:9f:4e:48:d0:00:5c:1f:16:ab:c9:24:
                    c6:87:b3:70:de:7f:64:2e:e8:a9:f5:96:a9:e8:93:
                    99:af
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:EC:17:90:93:99:90:FC:C1:B5:A7:7F:E2:C5:B3:89:0D:EA:AE:18
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138322e32332e37322e302f32342d3234203d3e203338353133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.23.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         85:5b:b0:cb:c1:1c:52:3a:8b:26:21:74:0f:f6:b2:40:cf:53:
         0c:71:de:96:11:55:6c:46:0e:a0:a2:25:d0:03:d4:2c:7a:75:
         f1:6e:e6:7e:cd:93:21:29:94:01:a0:05:62:f8:85:2a:f6:8d:
         6a:24:e4:95:6a:fc:94:9a:88:5b:e9:0d:79:ab:d5:ed:96:ef:
         1a:6d:29:b0:6a:30:da:ed:f7:9d:0c:4c:d9:4e:a6:41:4a:4b:
         20:08:0f:75:ca:d5:29:bb:bb:1e:d7:dc:e3:72:e6:e3:36:af:
         d4:0f:96:12:8f:ef:74:7f:b5:65:9b:7c:07:f4:e7:46:f7:d2:
         4c:19:35:df:ed:e0:45:d2:8c:ec:b1:9c:fa:43:39:d3:a0:9f:
         9d:4f:0c:89:7e:c1:3d:87:bb:62:75:a9:eb:2f:c5:c9:d5:58:
         27:c8:d6:66:03:3d:f2:96:5a:e5:04:6b:0b:bf:7a:3d:9a:62:
         3f:01:89:eb:8d:aa:62:ca:ef:a7:7e:b0:4f:12:22:d5:4c:d1:
         aa:02:33:69:07:fc:f6:8c:b6:0d:1a:a0:dd:a6:f9:c3:e4:6f:
         9c:44:84:bb:49:32:ef:91:ed:9f:b9:a3:2d:83:d4:de:7c:c1:
         b7:52:44:2b:f2:ed:d0:2d:eb:79:3f:2e:73:47:4c:77:de:94:
         ac:88:fd:76
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUAKMlQanOPFKabALdqRyQz7kWItAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yMzA3MzAyMzU5MzBaFw0yNDA3MjkwMDA0MzBaMDMxMTAvBgNV
BAMTKDJBRUMxNzkwOTM5OTkwRkNDMUI1QTc3RkUyQzVCMzg5MERFQUFFMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9hI7Xshdcco97X+mCWtSjFyu6
CzzLzygUIGrXT4Zud3gmZii9IKb43vWdJ4AFz/a038vCOj0lKc1vnnEc6a4GEYl7
j36sbj37Dff64npufRJvAnyEb14nzZUDfxixbug9uTUHeYRnb0ejSYFGH7T5sJH2
8JwsDFVDY4k6iBr5DpwNoxzJd+WrJ4wK/NNjs1fPAznEc65TbOd/QQR0Ive/zvhF
TtN2zWGta6mLM7iCQy4E/tlI9zpJKcZdv38mnGYBp7GijZGUVJO1BHNG65cmuo7B
1qZY8k8/vf6wO2HmXUsVUN+fTkjQAFwfFqvJJMaHs3Def2Qu6Kn1lqnok5mvAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUKuwXkJOZkPzBtad/4sWziQ3qrhgwHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMxMzgzMjJlMzIzMzJlMzczMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMzMzgzNTMxMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC2F0gwDQYJKoZIhvcN
AQELBQADggEBAIVbsMvBHFI6iyYhdA/2skDPUwxx3pYRVWxGDqCiJdAD1Cx6dfFu
5n7NkyEplAGgBWL4hSr2jWok5JVq/JSaiFvpDXmr1e2W7xptKbBqMNrt950MTNlO
pkFKSyAID3XK1Sm7ux7X3ONy5uM2r9QPlhKP73R/tWWbfAf050b30kwZNd/t4EXS
jOyxnPpDOdOgn51PDIl+wT2Hu2J1qesvxcnVWCfI1mYDPfKWWuUEawu/ej2aYj8B
ieuNqmLK76d+sE8SItVM0aoCM2kH/PaMtg0aoN2m+cPkb5xEhLtJMu+R7Z+5oy2D
1N58wbdSRCvy7dAt63k/LnNHTHfelKyI/XY=
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:54:32 2024 by rpki-client on console-fra.rpki-client.org