Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/323430343a613634303a3131333a3a2f34382d3438203d3e20313333383237.roa
File:                     323430343a613634303a3131333a3a2f34382d3438203d3e20313333383237.roa (raw, json)
Hash identifier:          g6JZMbLo8ZzR+Bh08vbfjSMdJKOePfqALUQ7ovcWi1s=
Subject key identifier:   E1:0D:CC:BD:35:BF:D4:C5:FE:BB:0F:57:F8:65:67:12:A4:3C:61:58
Certificate issuer:       /CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
Certificate serial:       0FF15B564C6BD0968B30815E7B3F6BD19DF355A8
Authority key identifier: 0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/323430343a613634303a3131333a3a2f34382d3438203d3e20313333383237.roa
Signing time:             Thu 07 Sep 2023 03:50:04 +0000
ROA not before:           Thu 07 Sep 2023 03:45:04 +0000
ROA not after:            Thu 05 Sep 2024 03:50:04 +0000
asID:                     133827
IP address blocks:        2404:a640:113::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl
                          rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 08:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:f1:5b:56:4c:6b:d0:96:8b:30:81:5e:7b:3f:6b:d1:9d:f3:55:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
        Validity
            Not Before: Sep  7 03:45:04 2023 GMT
            Not After : Sep  5 03:50:04 2024 GMT
        Subject: CN=E10DCCBD35BFD4C5FEBB0F57F8656712A43C6158
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:72:e3:7d:15:fd:78:df:75:4d:ad:97:15:9f:
                    74:b3:d6:57:d3:d2:ee:85:35:49:18:65:ac:75:3b:
                    78:c1:3d:cf:58:05:56:d8:77:3b:bb:cd:bf:ec:40:
                    5d:50:b4:c5:d7:cd:d7:07:8c:25:11:f2:ed:93:c8:
                    a9:56:9d:d6:ca:53:e2:82:9d:80:37:bf:64:47:69:
                    66:74:43:8d:e8:14:5e:52:7e:99:08:9a:06:10:73:
                    02:f4:c2:dc:8e:75:ad:39:5a:9f:9d:25:6a:3a:35:
                    61:dc:25:8b:de:db:7b:12:8b:88:49:97:32:f2:f5:
                    f6:68:d2:95:64:99:cc:98:f1:b3:a7:7c:7c:56:56:
                    d5:2c:be:5f:0f:84:cc:d3:29:cb:1b:52:40:b9:6f:
                    a5:c8:88:86:40:a1:10:14:a7:e4:a4:14:bc:37:07:
                    af:59:c0:a5:8e:ac:a4:7e:59:a4:c2:25:89:7d:4c:
                    a1:56:48:cd:ab:46:3a:e0:dc:78:99:c2:46:20:cf:
                    71:40:6a:7b:46:e0:6c:ae:80:c8:d0:0f:d0:83:7b:
                    b6:66:44:51:46:d0:33:28:b8:52:6f:2f:fa:6d:89:
                    2f:23:33:d3:e6:40:62:8f:26:48:24:66:7d:b4:9f:
                    52:4e:5e:bc:5f:25:cd:f0:a5:d1:5f:5c:2e:04:b2:
                    36:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:0D:CC:BD:35:BF:D4:C5:FE:BB:0F:57:F8:65:67:12:A4:3C:61:58
            X509v3 Authority Key Identifier:
                keyid:0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/323430343a613634303a3131333a3a2f34382d3438203d3e20313333383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:a640:113::/48

    Signature Algorithm: sha256WithRSAEncryption
         2b:ce:97:32:15:63:4d:22:9b:03:1f:45:2f:8a:a3:83:9f:bc:
         73:be:d4:58:ee:b8:96:ab:f0:cb:a6:13:22:93:76:a1:15:de:
         1f:6a:7a:65:88:1f:62:e6:c8:37:6a:36:3b:89:6b:ea:aa:63:
         4e:4a:59:12:5c:63:b4:37:42:57:de:8d:5e:99:80:ad:1e:c6:
         1a:04:25:53:40:81:8f:60:1a:26:7b:bd:9b:00:16:a4:c8:5e:
         11:79:ba:c4:5e:bb:b8:c2:9b:0b:66:66:d7:b0:67:f7:2e:96:
         17:3c:a6:b0:12:68:a1:27:7b:5d:4c:de:ce:24:51:f7:35:59:
         0a:5f:f4:e3:91:41:c3:47:16:95:81:f9:93:d3:85:b9:21:35:
         91:ac:c5:d1:29:eb:33:9b:2a:57:62:61:dc:e4:07:8f:cf:3e:
         1b:9a:d0:3d:1b:89:26:3c:d6:a1:b8:c4:d1:1f:46:84:38:12:
         11:c0:98:0a:20:05:f6:11:9a:ad:db:3b:75:2e:7c:2b:b6:69:
         6c:94:9c:3f:60:b6:d9:f5:68:63:02:ba:a1:b2:37:5e:49:9d:
         a0:fd:46:03:dc:b2:16:7c:e6:8e:4a:23:a2:50:fc:eb:31:19:
         35:b9:fb:f5:0e:ba:42:a0:55:ea:a9:23:0c:90:01:36:bb:63:
         37:9f:c4:53
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUD/FbVkxr0JaLMIFeez9r0Z3zVagwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1
NjlGODM2RjAeFw0yMzA5MDcwMzQ1MDRaFw0yNDA5MDUwMzUwMDRaMDMxMTAvBgNV
BAMTKEUxMERDQ0JEMzVCRkQ0QzVGRUJCMEY1N0Y4NjU2NzEyQTQzQzYxNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDocuN9Ff1433VNrZcVn3Sz1lfT
0u6FNUkYZax1O3jBPc9YBVbYdzu7zb/sQF1QtMXXzdcHjCUR8u2TyKlWndbKU+KC
nYA3v2RHaWZ0Q43oFF5SfpkImgYQcwL0wtyOda05Wp+dJWo6NWHcJYve23sSi4hJ
lzLy9fZo0pVkmcyY8bOnfHxWVtUsvl8PhMzTKcsbUkC5b6XIiIZAoRAUp+SkFLw3
B69ZwKWOrKR+WaTCJYl9TKFWSM2rRjrg3HiZwkYgz3FAantG4GyugMjQD9CDe7Zm
RFFG0DMouFJvL/ptiS8jM9PmQGKPJkgkZn20n1JOXrxfJc3wpdFfXC4EsjaLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU4Q3MvTW/1MX+uw9X+GVnEqQ8YVgwHwYDVR0j
BBgwFoAUDOannVPYKfKlViNnbo0qmlafg28wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YTk5MDEyNS02MDlhLTQ4YzgtYWM4Ni0xYzNiYzMxNWJhZDYvMC8wQ0U2QTc5RDUz
RDgyOUYyQTU1NjIzNjc2RThEMkE5QTU2OUY4MzZGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1NjlG
ODM2Ri5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhOTkwMTI1LTYwOWEtNDhjOC1h
Yzg2LTFjM2JjMzE1YmFkNi8wLzMyMzQzMDM0M2E2MTM2MzQzMDNhMzEzMTMzM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzMzMzgzMjM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJASm
QAETMA0GCSqGSIb3DQEBCwUAA4IBAQArzpcyFWNNIpsDH0UviqODn7xzvtRY7riW
q/DLphMik3ahFd4fanpliB9i5sg3ajY7iWvqqmNOSlkSXGO0N0JX3o1emYCtHsYa
BCVTQIGPYBome72bABakyF4RebrEXru4wpsLZmbXsGf3LpYXPKawEmihJ3tdTN7O
JFH3NVkKX/TjkUHDRxaVgfmT04W5ITWRrMXRKeszmypXYmHc5AePzz4bmtA9G4km
PNahuMTRH0aEOBIRwJgKIAX2EZqt2zt1LnwrtmlslJw/YLbZ9WhjArqhsjdeSZ2g
/UYD3LIWfOaOSiOiUPzrMRk1ufv1DrpCoFXqqSMMkAE2u2M3n8RT
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:17:16 2024 by rpki-client on console-fra.rpki-client.org