Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa
File:                     323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa (raw, json)
Hash identifier:          DYetKz1oNDgb8W+4ORtCpNuRVmMh/03bp0qWTYOWUgg=
Subject key identifier:   E8:9A:14:45:28:5E:7D:DF:CF:AB:0A:A2:0A:5B:B5:AB:0D:BF:5C:BE
Certificate issuer:       /CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
Certificate serial:       2BFB6A5E07696D732D16DA9C4C5E661ED7C91B3D
Authority key identifier: 44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa
Signing time:             Fri 08 Sep 2023 09:00:00 +0000
ROA not before:           Fri 08 Sep 2023 08:55:00 +0000
ROA not after:            Fri 06 Sep 2024 09:00:00 +0000
asID:                     4800
IP address blocks:        2400:8000:8001::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl
                          rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 19:44:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:fb:6a:5e:07:69:6d:73:2d:16:da:9c:4c:5e:66:1e:d7:c9:1b:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=44BF6682B6B493048C6F1864A0DEA47ECF66752B
        Validity
            Not Before: Sep  8 08:55:00 2023 GMT
            Not After : Sep  6 09:00:00 2024 GMT
        Subject: CN=E89A1445285E7DDFCFAB0AA20A5BB5AB0DBF5CBE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:c7:c7:28:5f:5e:3d:fb:37:1f:dd:99:7c:82:
                    c2:97:a0:f9:8b:b1:db:0a:d9:08:18:81:93:85:c1:
                    e7:5c:5b:6d:b0:79:f4:25:55:4a:c1:a2:18:87:66:
                    d2:f3:31:ff:7a:1e:f0:3e:84:b2:90:3b:6c:7e:49:
                    4c:1d:7d:e0:b8:f5:13:a4:f5:da:34:d2:7d:a8:5a:
                    35:35:17:1d:ea:b9:ba:33:38:36:e1:70:e2:8f:bc:
                    01:9e:45:f0:3d:2c:ae:dc:25:42:6d:3d:58:58:3d:
                    c3:c1:96:e5:03:20:f2:68:a4:c7:3d:b3:ab:54:7f:
                    f5:8c:77:a7:4d:53:03:4d:0e:20:4f:79:7c:3a:3d:
                    e0:00:60:e5:ff:59:62:3b:4e:ab:34:f4:3b:1a:a4:
                    b2:9c:9b:44:ac:62:56:71:83:d5:a1:77:1b:2d:4f:
                    39:34:75:00:44:cd:91:4a:db:31:11:78:43:ae:b3:
                    c9:3c:c7:3c:5b:18:8e:56:39:a9:5f:16:a3:30:17:
                    16:8c:54:5a:24:e4:0f:87:cb:c5:c5:ce:46:6c:ca:
                    64:c8:d6:a2:4e:5b:cb:31:07:72:c7:fc:13:23:8b:
                    b6:40:41:25:cb:e7:2d:f9:63:6d:70:7a:7a:9a:97:
                    90:b3:00:69:03:1c:53:bd:02:1b:58:04:e3:44:d5:
                    8e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:9A:14:45:28:5E:7D:DF:CF:AB:0A:A2:0A:5B:B5:AB:0D:BF:5C:BE
            X509v3 Authority Key Identifier:
                keyid:44:BF:66:82:B6:B4:93:04:8C:6F:18:64:A0:DE:A4:7E:CF:66:75:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/44BF6682B6B493048C6F1864A0DEA47ECF66752B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/44BF6682B6B493048C6F1864A0DEA47ECF66752B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/55ce36de-f921-4274-8497-2987d909543e/0/323430303a383030303a383030313a3a2f34382d3438203d3e2034383030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:8000:8001::/48

    Signature Algorithm: sha256WithRSAEncryption
         b7:19:83:b4:8e:ac:51:29:0d:f1:4f:0e:a7:21:c6:d4:34:7e:
         c8:e4:db:4d:0c:e7:43:74:66:8d:b5:1a:4d:2c:8d:af:7a:9a:
         6a:b1:e4:bf:f1:fd:be:02:61:b2:39:a3:b4:73:ef:2c:83:6c:
         1e:ac:65:5b:91:59:00:1e:ec:38:33:d2:66:9b:f2:3d:df:d1:
         08:59:4f:a0:41:87:f3:a4:37:3d:c9:5e:25:91:5c:7e:2f:3c:
         ad:1e:86:6e:4f:cd:cf:29:e4:90:c2:a4:60:c5:1e:67:35:72:
         cc:ca:90:c5:93:bc:a7:ef:51:ff:3e:55:29:da:94:56:ca:cb:
         6e:49:89:bd:25:22:26:76:94:3b:ba:dd:7a:7f:1d:9d:9a:ad:
         f9:79:1e:59:44:e5:c5:11:9f:3d:91:bb:09:cd:98:58:9c:84:
         a4:af:2a:8d:97:8f:e6:c3:1e:56:0e:7d:eb:93:1d:c0:6a:1d:
         e5:17:0a:86:e8:4f:f8:70:4e:0d:29:d4:c2:5f:0b:c9:e0:09:
         4f:e6:4b:e3:62:ec:00:f3:6b:54:ec:a3:a8:58:38:80:cd:72:
         7f:80:b4:4a:6b:89:96:86:c2:72:73:42:0a:e2:68:ae:8c:7b:
         f0:4c:1a:66:b7:d9:03:09:62:f1:94:5d:56:1b:94:9c:e0:85:
         c4:fe:65:bd
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUK/tqXgdpbXMtFtqcTF5mHtfJGz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VD
RjY2NzUyQjAeFw0yMzA5MDgwODU1MDBaFw0yNDA5MDYwOTAwMDBaMDMxMTAvBgNV
BAMTKEU4OUExNDQ1Mjg1RTdEREZDRkFCMEFBMjBBNUJCNUFCMERCRjVDQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxx8coX149+zcf3Zl8gsKXoPmL
sdsK2QgYgZOFwedcW22wefQlVUrBohiHZtLzMf96HvA+hLKQO2x+SUwdfeC49ROk
9do00n2oWjU1Fx3qubozODbhcOKPvAGeRfA9LK7cJUJtPVhYPcPBluUDIPJopMc9
s6tUf/WMd6dNUwNNDiBPeXw6PeAAYOX/WWI7Tqs09DsapLKcm0SsYlZxg9Whdxst
Tzk0dQBEzZFK2zEReEOus8k8xzxbGI5WOalfFqMwFxaMVFok5A+Hy8XFzkZsymTI
1qJOW8sxB3LH/BMji7ZAQSXL5y35Y21wenqal5CzAGkDHFO9AhtYBONE1Y7lAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU6JoURShefd/PqwqiClu1qw2/XL4wHwYDVR0j
BBgwFoAURL9mgra0kwSMbxhkoN6kfs9mdSswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NWNlMzZkZS1mOTIxLTQyNzQtODQ5Ny0yOTg3ZDkwOTU0M2UvMC80NEJGNjY4MkI2
QjQ5MzA0OEM2RjE4NjRBMERFQTQ3RUNGNjY3NTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDRCRjY2ODJCNkI0OTMwNDhDNkYxODY0QTBERUE0N0VDRjY2
NzUyQi5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU1Y2UzNmRlLWY5MjEtNDI3NC04
NDk3LTI5ODdkOTA5NTQzZS8wLzMyMzQzMDMwM2EzODMwMzAzMDNhMzgzMDMwMzEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzNDM4MzAzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQAgACA
ATANBgkqhkiG9w0BAQsFAAOCAQEAtxmDtI6sUSkN8U8OpyHG1DR+yOTbTQznQ3Rm
jbUaTSyNr3qaarHkv/H9vgJhsjmjtHPvLINsHqxlW5FZAB7sODPSZpvyPd/RCFlP
oEGH86Q3PcleJZFcfi88rR6Gbk/NzynkkMKkYMUeZzVyzMqQxZO8p+9R/z5VKdqU
VsrLbkmJvSUiJnaUO7rden8dnZqt+XkeWUTlxRGfPZG7Cc2YWJyEpK8qjZeP5sMe
Vg5965MdwGod5RcKhuhP+HBODSnUwl8LyeAJT+ZL42LsAPNrVOyjqFg4gM1yf4C0
SmuJlobCcnNCCuJorox78EwaZrfZAwli8ZRdVhuUnOCFxP5lvQ==
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:54:32 2024 by rpki-client on console-fra.rpki-client.org