Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234302e302f32342d3234203d3e203338373738.roa
File:                     3230322e39332e3234302e302f32342d3234203d3e203338373738.roa (raw, json)
Hash identifier:          rDBdN1OCOAfHTAkLxafIkrvg1BYmtcYWWbVt4cZ3Ahg=
Subject key identifier:   1E:AD:31:FC:06:6F:24:08:B6:A3:51:C6:22:15:BB:9E:D6:E8:70:DB
Certificate issuer:       /CN=F38DFF094E16843854EAC1403C69FD7F77809D02
Certificate serial:       27D89AED262446E2269D6E980848915C8B9688
Authority key identifier: F3:8D:FF:09:4E:16:84:38:54:EA:C1:40:3C:69:FD:7F:77:80:9D:02
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234302e302f32342d3234203d3e203338373738.roa
Signing time:             Mon 31 Jul 2023 00:05:29 +0000
ROA not before:           Mon 31 Jul 2023 00:00:29 +0000
ROA not after:            Mon 29 Jul 2024 00:05:29 +0000
asID:                     38778
IP address blocks:        202.93.240.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.crl
                          rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 14:57:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:d8:9a:ed:26:24:46:e2:26:9d:6e:98:08:48:91:5c:8b:96:88
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F38DFF094E16843854EAC1403C69FD7F77809D02
        Validity
            Not Before: Jul 31 00:00:29 2023 GMT
            Not After : Jul 29 00:05:29 2024 GMT
        Subject: CN=1EAD31FC066F2408B6A351C62215BB9ED6E870DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:87:15:9f:b6:c6:aa:0b:21:16:9b:c2:aa:3d:
                    68:75:94:ac:6d:1f:cb:6b:4d:2b:90:8b:a3:6d:58:
                    02:9e:b1:70:a3:00:29:9b:63:46:04:00:15:71:c4:
                    e2:53:b2:d8:45:20:3f:dc:70:75:42:6c:19:de:b9:
                    ff:2b:b0:df:2d:4b:65:7f:14:32:54:1b:43:57:24:
                    95:d8:f0:29:25:16:ab:83:8c:20:33:e4:1a:b8:8b:
                    39:af:48:5e:47:27:81:5f:9e:03:75:45:b8:1f:b1:
                    55:7f:73:3e:45:ef:92:8b:52:05:40:60:9d:9b:bd:
                    5e:9c:69:2d:ec:9d:e2:d3:c9:0a:4e:30:2d:f7:66:
                    26:a1:58:2a:0c:b7:cd:30:29:68:0e:8c:78:9d:99:
                    9a:0e:2c:52:e9:07:46:dd:51:54:b9:6c:a4:f3:73:
                    d9:ea:26:70:f5:b7:a5:54:b1:ae:83:65:aa:34:9a:
                    9a:e1:a4:75:ab:b5:ac:bd:f0:22:16:5d:f6:b5:bf:
                    31:12:8c:48:f2:0c:bb:e4:d8:85:86:b7:1c:73:ce:
                    16:95:94:20:d8:87:db:d5:05:c8:1b:4b:40:34:92:
                    cd:c5:90:0a:c0:65:8a:3f:9c:bb:98:b0:58:79:91:
                    6a:18:dc:bf:f7:47:78:75:cf:2f:e4:99:f9:c1:16:
                    b5:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:AD:31:FC:06:6F:24:08:B6:A3:51:C6:22:15:BB:9E:D6:E8:70:DB
            X509v3 Authority Key Identifier:
                keyid:F3:8D:FF:09:4E:16:84:38:54:EA:C1:40:3C:69:FD:7F:77:80:9D:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234302e302f32342d3234203d3e203338373738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.240.0/24

    Signature Algorithm: sha256WithRSAEncryption
         24:c0:f4:46:ce:0a:63:9f:ed:1e:e7:5a:37:6c:33:41:6a:f8:
         fa:b4:71:cd:9f:2a:67:e5:f7:ce:18:8f:5e:85:9d:02:a5:03:
         2b:85:70:8e:15:73:4c:ae:ed:cd:38:c6:0c:ec:8e:5c:a8:97:
         5b:09:9e:34:32:98:be:77:09:5f:6d:28:8f:2e:ca:a9:c8:e7:
         33:4a:45:06:28:be:cf:0a:8b:e2:fb:8e:d5:51:7f:ca:36:cd:
         ba:26:06:31:fb:e7:3f:47:58:68:89:92:99:bc:71:6c:ad:20:
         75:3f:e8:8d:6e:ba:6b:62:f1:00:5f:78:d9:be:f1:41:46:99:
         e8:35:bd:4c:b8:1b:fd:2b:6d:9e:bb:59:ab:70:68:32:4d:9b:
         43:0c:49:b9:ce:4c:38:07:e8:e5:85:3e:9f:e6:5c:cb:19:00:
         94:86:fd:8f:3e:b9:d2:4f:b9:4e:e7:e5:1a:26:42:b2:37:e9:
         3d:53:fa:fe:09:a3:5b:6f:53:0d:f3:2b:48:81:5c:e9:96:78:
         58:bf:f3:0c:b6:d7:5f:7a:df:1f:fb:2a:3c:80:a4:7a:cb:0f:
         9d:c4:ea:d1:d3:70:0f:d9:97:49:e1:59:6a:de:f1:37:a5:2c:
         f8:5b:b8:40:3b:d4:3c:f6:66:98:ce:6b:90:8d:af:97:a5:ca:
         8a:65:1a:a1
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgITJ9ia7SYkRuImnW6YCEiRXIuWiDANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhGMzhERkYwOTRFMTY4NDM4NTRFQUMxNDAzQzY5RkQ3Rjc3
ODA5RDAyMB4XDTIzMDczMTAwMDAyOVoXDTI0MDcyOTAwMDUyOVowMzExMC8GA1UE
AxMoMUVBRDMxRkMwNjZGMjQwOEI2QTM1MUM2MjIxNUJCOUVENkU4NzBEQjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO2HFZ+2xqoLIRabwqo9aHWUrG0f
y2tNK5CLo21YAp6xcKMAKZtjRgQAFXHE4lOy2EUgP9xwdUJsGd65/yuw3y1LZX8U
MlQbQ1ckldjwKSUWq4OMIDPkGriLOa9IXkcngV+eA3VFuB+xVX9zPkXvkotSBUBg
nZu9XpxpLeyd4tPJCk4wLfdmJqFYKgy3zTApaA6MeJ2Zmg4sUukHRt1RVLlspPNz
2eomcPW3pVSxroNlqjSamuGkdau1rL3wIhZd9rW/MRKMSPIMu+TYhYa3HHPOFpWU
INiH29UFyBtLQDSSzcWQCsBlij+cu5iwWHmRahjcv/dHeHXPL+SZ+cEWtXsCAwEA
AaOCAjIwggIuMB0GA1UdDgQWBBQerTH8Bm8kCLajUcYiFbue1uhw2zAfBgNVHSME
GDAWgBTzjf8JThaEOFTqwUA8af1/d4CdAjAOBgNVHQ8BAf8EBAMCB4AwgYUGA1Ud
HwR+MHwweqB4oHaGdHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVh
ZDZkY2M5LTE3MDAtNDhlYi05MDk5LTY2NzhmOTFiZjQ0ZS8wL0YzOERGRjA5NEUx
Njg0Mzg1NEVBQzE0MDNDNjlGRDdGNzc4MDlEMDIuY3JsMHQGCCsGAQUFBwEBBGgw
ZjBkBggrBgEFBQcwAoZYcnN5bmM6Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8v
SUROSUMtSUQvMi9GMzhERkYwOTRFMTY4NDM4NTRFQUMxNDAzQzY5RkQ3Rjc3ODA5
RDAyLmNlcjCBogYIKwYBBQUHAQsEgZUwgZIwgY8GCCsGAQUFBzALhoGCcnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNWFkNmRjYzktMTcwMC00OGViLTkw
OTktNjY3OGY5MWJmNDRlLzAvMzIzMDMyMmUzOTMzMmUzMjM0MzAyZTMwMmYzMjM0
MmQzMjM0MjAzZDNlMjAzMzM4MzczNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAyl3wMA0GCSqGSIb3
DQEBCwUAA4IBAQAkwPRGzgpjn+0e51o3bDNBavj6tHHNnypn5ffOGI9ehZ0CpQMr
hXCOFXNMru3NOMYM7I5cqJdbCZ40Mpi+dwlfbSiPLsqpyOczSkUGKL7PCovi+47V
UX/KNs26JgYx++c/R1hoiZKZvHFsrSB1P+iNbrprYvEAX3jZvvFBRpnoNb1MuBv9
K22eu1mrcGgyTZtDDEm5zkw4B+jlhT6f5lzLGQCUhv2PPrnST7lO5+UaJkKyN+k9
U/r+CaNbb1MN8ytIgVzplnhYv/MMttdfet8f+yo8gKR6yw+dxOrR03AP2ZdJ4Vlq
3vE3pSz4W7hAO9Q89maYzmuQja+XpcqKZRqh
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:27:26 2024 by rpki-client on console-ams.rpki-client.org