Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/3230322e37322e3139322e302f32342d3234203d3e203138313533.roa
File:                     3230322e37322e3139322e302f32342d3234203d3e203138313533.roa (raw, json)
Hash identifier:          +mC4B/A6ig0FE9X6Nf9AjPZFL2CaawuhmzlhFQxGaUA=
Subject key identifier:   1B:78:E8:D9:6C:DD:2F:B5:80:32:E7:B6:8C:6D:0F:72:D4:53:63:2E
Certificate issuer:       /CN=9EDE64DBC4098881F11B70123DF514D38F7881EE
Certificate serial:       18EDE1A06C0E6DCFC1826E4FF7668E616FF872AA
Authority key identifier: 9E:DE:64:DB:C4:09:88:81:F1:1B:70:12:3D:F5:14:D3:8F:78:81:EE
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9EDE64DBC4098881F11B70123DF514D38F7881EE.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/3230322e37322e3139322e302f32342d3234203d3e203138313533.roa
Signing time:             Mon 31 Jul 2023 00:05:46 +0000
ROA not before:           Mon 31 Jul 2023 00:00:46 +0000
ROA not after:            Mon 29 Jul 2024 00:05:46 +0000
asID:                     18153
IP address blocks:        202.72.192.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/9EDE64DBC4098881F11B70123DF514D38F7881EE.crl
                          rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/9EDE64DBC4098881F11B70123DF514D38F7881EE.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9EDE64DBC4098881F11B70123DF514D38F7881EE.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:ed:e1:a0:6c:0e:6d:cf:c1:82:6e:4f:f7:66:8e:61:6f:f8:72:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9EDE64DBC4098881F11B70123DF514D38F7881EE
        Validity
            Not Before: Jul 31 00:00:46 2023 GMT
            Not After : Jul 29 00:05:46 2024 GMT
        Subject: CN=1B78E8D96CDD2FB58032E7B68C6D0F72D453632E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:1d:c0:a0:78:98:f8:7e:79:cd:41:65:11:33:
                    60:fe:b8:58:a0:d9:0a:b4:26:22:e6:65:90:d0:5c:
                    a7:e9:92:18:8c:9e:45:47:a7:91:1c:d6:f0:c1:da:
                    2a:e7:ab:75:18:01:13:a8:ff:d0:e6:3f:95:c4:04:
                    ad:96:c2:01:82:f3:67:7e:40:89:aa:13:14:bf:d2:
                    a5:eb:ef:10:64:bd:26:c3:83:8a:36:51:10:db:40:
                    b4:fc:d0:c1:df:fc:47:dc:a2:44:dc:20:67:e8:35:
                    24:36:5c:69:bb:74:ed:eb:50:cf:64:8e:32:35:25:
                    4c:8d:b3:75:06:5a:ce:58:cc:2d:21:0c:94:86:7c:
                    6f:e9:e4:67:f7:6d:ff:dd:54:68:01:fb:1f:e3:a3:
                    e5:ef:98:e1:83:74:81:15:65:ce:8f:d7:3c:a4:2c:
                    fe:06:16:35:25:f3:0d:87:b2:e1:f1:0e:8d:b1:00:
                    95:9a:4e:94:9d:63:1f:4d:bc:16:a7:7f:34:53:d9:
                    5d:ee:42:1d:96:81:b9:17:59:7c:e3:1c:86:74:26:
                    05:05:26:16:e9:f8:ac:74:5c:05:2f:0f:8b:bc:17:
                    a5:c3:86:82:be:b1:78:83:1e:da:d2:5e:b5:80:a6:
                    7d:6c:56:fc:63:2c:f8:66:f5:6f:1a:8d:f5:fd:5b:
                    88:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:78:E8:D9:6C:DD:2F:B5:80:32:E7:B6:8C:6D:0F:72:D4:53:63:2E
            X509v3 Authority Key Identifier:
                keyid:9E:DE:64:DB:C4:09:88:81:F1:1B:70:12:3D:F5:14:D3:8F:78:81:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/9EDE64DBC4098881F11B70123DF514D38F7881EE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9EDE64DBC4098881F11B70123DF514D38F7881EE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/3230322e37322e3139322e302f32342d3234203d3e203138313533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.72.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:ca:44:b0:66:d4:c4:31:50:9e:0f:a0:6b:61:72:fb:9e:fe:
         c1:8a:b6:82:db:02:23:8d:54:e2:43:3b:c2:40:0c:84:bb:04:
         82:a1:ff:5d:f7:80:d7:22:8e:8b:2f:33:a9:f5:95:d5:63:11:
         11:40:3e:20:c3:e2:a1:11:cd:ed:73:d2:48:b4:53:9c:40:d5:
         a6:f3:a7:28:e5:14:3a:9a:cf:e9:43:07:9f:ea:f0:b8:4d:58:
         96:00:15:ba:5a:6e:e7:0c:01:b4:ee:af:d9:7b:d6:7b:fe:de:
         4d:e1:41:42:16:2f:35:9a:08:b8:36:2d:3d:8a:2c:79:0c:f2:
         aa:69:c2:d1:6a:85:6b:cc:cc:a6:e2:16:b3:88:45:96:eb:eb:
         19:8f:4e:83:3e:b5:df:0c:2b:0b:59:d3:36:5f:ad:29:7f:2a:
         db:ac:b3:05:2d:14:85:ea:85:e5:a0:7b:7c:fc:74:8a:f4:2a:
         de:48:a7:bc:16:a0:06:bb:a1:48:9b:d1:c3:cc:e5:dc:d9:8d:
         6f:cb:ee:f8:3f:96:e9:e0:f4:1b:5f:78:5b:e2:d7:ba:0d:21:
         e0:e3:0a:e6:9e:ae:3d:95:27:35:5d:3a:cf:d1:0c:98:82:ed:
         70:5b:5c:f5:85:7a:a6:25:ae:e2:bf:bd:81:85:21:2d:a4:40:
         79:c6:77:68
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUGO3hoGwObc/Bgm5P92aOYW/4cqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUVERTY0REJDNDA5ODg4MUYxMUI3MDEyM0RGNTE0RDM4
Rjc4ODFFRTAeFw0yMzA3MzEwMDAwNDZaFw0yNDA3MjkwMDA1NDZaMDMxMTAvBgNV
BAMTKDFCNzhFOEQ5NkNERDJGQjU4MDMyRTdCNjhDNkQwRjcyRDQ1MzYzMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsHcCgeJj4fnnNQWURM2D+uFig
2Qq0JiLmZZDQXKfpkhiMnkVHp5Ec1vDB2irnq3UYAROo/9DmP5XEBK2WwgGC82d+
QImqExS/0qXr7xBkvSbDg4o2URDbQLT80MHf/EfcokTcIGfoNSQ2XGm7dO3rUM9k
jjI1JUyNs3UGWs5YzC0hDJSGfG/p5Gf3bf/dVGgB+x/jo+XvmOGDdIEVZc6P1zyk
LP4GFjUl8w2HsuHxDo2xAJWaTpSdYx9NvBanfzRT2V3uQh2WgbkXWXzjHIZ0JgUF
Jhbp+Kx0XAUvD4u8F6XDhoK+sXiDHtrSXrWApn1sVvxjLPhm9W8ajfX9W4iLAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUG3jo2WzdL7WAMue2jG0PctRTYy4wHwYDVR0j
BBgwFoAUnt5k28QJiIHxG3ASPfUU0494ge4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
OWFjYjRhOC03ODA0LTQ1MjYtODRkMi04NjliOTFhNjcxOWQvMC85RURFNjREQkM0
MDk4ODgxRjExQjcwMTIzREY1MTREMzhGNzg4MUVFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUVERTY0REJDNDA5ODg4MUYxMUI3MDEyM0RGNTE0RDM4Rjc4
ODFFRS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY5YWNiNGE4LTc4MDQtNDUyNi04
NGQyLTg2OWI5MWE2NzE5ZC8wLzMyMzAzMjJlMzczMjJlMzEzOTMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzODMxMzUzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMpIwDANBgkqhkiG
9w0BAQsFAAOCAQEAuspEsGbUxDFQng+ga2Fy+57+wYq2gtsCI41U4kM7wkAMhLsE
gqH/XfeA1yKOiy8zqfWV1WMREUA+IMPioRHN7XPSSLRTnEDVpvOnKOUUOprP6UMH
n+rwuE1YlgAVulpu5wwBtO6v2XvWe/7eTeFBQhYvNZoIuDYtPYoseQzyqmnC0WqF
a8zMpuIWs4hFluvrGY9Ogz613wwrC1nTNl+tKX8q26yzBS0UheqF5aB7fPx0ivQq
3kinvBagBruhSJvRw8zl3NmNb8vu+D+W6eD0G194W+LXug0h4OMK5p6uPZUnNV06
z9EMmILtcFtc9YV6piWu4r+9gYUhLaRAecZ3aA==
-----END CERTIFICATE-----
Generated at Tue Mar 26 20:38:04 2024 by rpki-client on console-ams.rpki-client.org