Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138332e39312e36342e302f31392d3234203d3e2034383030.roa
File:                     3138332e39312e36342e302f31392d3234203d3e2034383030.roa (raw, json)
Hash identifier:          +D7uYATjRhYBw/0Pa1X3VfuXmKSJ65nqXsuKSefkMbw=
Subject key identifier:   13:FE:9D:DC:72:30:08:AE:1E:0F:D4:BF:35:56:40:81:AA:58:B9:90
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       2A94048BA2642E8016AFE4406C83282B0A1A9ACB
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138332e39312e36342e302f31392d3234203d3e2034383030.roa
Signing time:             Mon 31 Jul 2023 00:04:29 +0000
ROA not before:           Sun 30 Jul 2023 23:59:29 +0000
ROA not after:            Mon 29 Jul 2024 00:04:29 +0000
asID:                     4800
IP address blocks:        183.91.64.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 19:44:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:94:04:8b:a2:64:2e:80:16:af:e4:40:6c:83:28:2b:0a:1a:9a:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Jul 30 23:59:29 2023 GMT
            Not After : Jul 29 00:04:29 2024 GMT
        Subject: CN=13FE9DDC723008AE1E0FD4BF35564081AA58B990
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:0d:68:90:ce:40:a2:18:0a:a3:c1:e7:7e:1f:
                    f6:74:ac:2a:42:af:bf:c4:6d:fe:54:f9:37:84:89:
                    02:02:ae:6b:70:f7:e9:be:16:92:e7:ee:90:ec:04:
                    54:a2:8e:fc:11:58:dc:f4:0f:59:dd:df:e1:4e:f1:
                    82:d6:d2:77:17:73:d2:a9:58:71:de:2d:bc:1f:74:
                    47:c0:7a:f6:bb:4d:7a:62:b8:4d:4b:5c:4b:0f:1c:
                    bf:4f:40:a7:7e:8a:3e:3f:3b:9d:8d:cb:dc:18:e6:
                    cc:85:bc:fd:c3:5a:02:1d:8f:41:53:07:81:0b:02:
                    05:65:e2:a0:ef:de:20:52:7e:3a:fd:73:5d:6f:56:
                    80:c2:b0:ce:28:67:04:00:cc:43:21:e5:89:78:e8:
                    63:5e:6e:da:41:89:11:2f:37:01:d1:a2:d2:64:29:
                    11:94:dc:c7:35:23:28:19:29:5f:04:9c:79:1c:58:
                    49:78:e0:21:49:9b:55:af:3f:47:b9:ab:8a:22:a3:
                    bf:98:69:51:de:8d:f8:bb:9c:54:8b:c7:47:3a:7b:
                    ea:d8:62:eb:9d:51:08:fb:8c:09:79:7d:30:c2:eb:
                    99:ed:f0:cb:e2:3f:3e:9e:82:d5:d8:2f:8f:12:86:
                    d8:97:88:cf:6d:08:dc:8e:6c:1f:9c:be:39:8f:1b:
                    7d:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:FE:9D:DC:72:30:08:AE:1E:0F:D4:BF:35:56:40:81:AA:58:B9:90
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/3138332e39312e36342e302f31392d3234203d3e2034383030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  183.91.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         5d:ad:13:d8:f9:a4:9e:b1:11:ba:f9:e6:f5:a7:6c:6d:77:f4:
         af:52:53:71:b7:80:1f:c9:3b:05:3d:5a:95:e8:ed:3c:3f:2e:
         c8:83:6e:05:78:7f:0d:14:ea:1a:50:52:76:a1:22:18:03:2a:
         8d:57:59:18:93:b7:61:85:d9:f1:6e:19:f8:c0:be:5a:0c:89:
         b9:f9:1a:f6:cc:53:67:3c:37:07:95:f9:fc:f7:7f:b2:8e:a6:
         32:66:f0:bd:89:fb:bd:a3:dc:a3:78:7f:a8:a1:ba:d6:47:85:
         18:aa:4d:22:b7:0e:71:6c:74:e1:6c:39:e7:61:a4:e3:4c:8d:
         57:81:99:40:08:d7:bc:0c:fd:e6:a3:e4:e5:0e:89:4b:50:dc:
         0c:6b:dd:fd:62:45:1f:c0:0e:71:2d:33:61:af:71:12:6b:72:
         1a:fc:8f:7c:8a:fe:50:26:08:36:29:c5:87:03:81:41:07:be:
         03:9f:68:59:3c:46:2e:84:73:69:03:3a:bb:37:7d:50:d1:a9:
         ce:9f:fc:db:47:f2:c7:2c:3d:9e:98:10:0f:be:06:36:cc:1b:
         21:e9:22:4c:c3:56:a7:8a:9a:1a:05:d8:8f:e2:fa:ec:0a:7e:
         c0:34:78:b9:4d:96:f5:3d:72:92:e0:64:4c:d5:01:d9:3a:d4:
         f1:25:29:f2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUKpQEi6JkLoAWr+RAbIMoKwoamsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yMzA3MzAyMzU5MjlaFw0yNDA3MjkwMDA0MjlaMDMxMTAvBgNV
BAMTKDEzRkU5RERDNzIzMDA4QUUxRTBGRDRCRjM1NTY0MDgxQUE1OEI5OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/DWiQzkCiGAqjwed+H/Z0rCpC
r7/Ebf5U+TeEiQICrmtw9+m+FpLn7pDsBFSijvwRWNz0D1nd3+FO8YLW0ncXc9Kp
WHHeLbwfdEfAeva7TXpiuE1LXEsPHL9PQKd+ij4/O52Ny9wY5syFvP3DWgIdj0FT
B4ELAgVl4qDv3iBSfjr9c11vVoDCsM4oZwQAzEMh5Yl46GNebtpBiREvNwHRotJk
KRGU3Mc1IygZKV8EnHkcWEl44CFJm1WvP0e5q4oio7+YaVHejfi7nFSLx0c6e+rY
YuudUQj7jAl5fTDC65nt8MviPz6egtXYL48ShtiXiM9tCNyObB+cvjmPG30RAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUE/6d3HIwCK4eD9S/NVZAgapYuZAwHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNTVjZTM2ZGUtZjkyMS00Mjc0LTg0
OTctMjk4N2Q5MDk1NDNlLzAvMzEzODMzMmUzOTMxMmUzNjM0MmUzMDJmMzEzOTJk
MzIzNDIwM2QzZTIwMzQzODMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAW3W0AwDQYJKoZIhvcNAQEL
BQADggEBAF2tE9j5pJ6xEbr55vWnbG139K9SU3G3gB/JOwU9WpXo7Tw/LsiDbgV4
fw0U6hpQUnahIhgDKo1XWRiTt2GF2fFuGfjAvloMibn5GvbMU2c8NweV+fz3f7KO
pjJm8L2J+72j3KN4f6ihutZHhRiqTSK3DnFsdOFsOedhpONMjVeBmUAI17wM/eaj
5OUOiUtQ3Axr3f1iRR/ADnEtM2GvcRJrchr8j3yK/lAmCDYpxYcDgUEHvgOfaFk8
Ri6Ec2kDOrs3fVDRqc6f/NtH8scsPZ6YEA++BjbMGyHpIkzDVqeKmhoF2I/i+uwK
fsA0eLlNlvU9cpLgZEzVAdk61PElKfI=
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:34:03 2024 by rpki-client on console-ams.rpki-client.org