Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/3230322e37322e3230342e302f32342d3234203d3e203538353532.roa
File:                     3230322e37322e3230342e302f32342d3234203d3e203538353532.roa (raw, json)
Hash identifier:          c+ESOeiTUHpwv1cs5v3PVXF9s1w+zWvQV/lFUvsfDpg=
Subject key identifier:   1F:43:24:C6:5B:93:BE:A5:37:44:1E:48:5E:70:E6:2D:DB:C7:DA:E8
Certificate issuer:       /CN=9EDE64DBC4098881F11B70123DF514D38F7881EE
Certificate serial:       78119616863396106EB3E02C0F496CF985ACE939
Authority key identifier: 9E:DE:64:DB:C4:09:88:81:F1:1B:70:12:3D:F5:14:D3:8F:78:81:EE
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9EDE64DBC4098881F11B70123DF514D38F7881EE.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/3230322e37322e3230342e302f32342d3234203d3e203538353532.roa
Signing time:             Mon 31 Jul 2023 00:05:45 +0000
ROA not before:           Mon 31 Jul 2023 00:00:45 +0000
ROA not after:            Mon 29 Jul 2024 00:05:45 +0000
asID:                     58552
IP address blocks:        202.72.204.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/9EDE64DBC4098881F11B70123DF514D38F7881EE.crl
                          rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/9EDE64DBC4098881F11B70123DF514D38F7881EE.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9EDE64DBC4098881F11B70123DF514D38F7881EE.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:11:96:16:86:33:96:10:6e:b3:e0:2c:0f:49:6c:f9:85:ac:e9:39
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9EDE64DBC4098881F11B70123DF514D38F7881EE
        Validity
            Not Before: Jul 31 00:00:45 2023 GMT
            Not After : Jul 29 00:05:45 2024 GMT
        Subject: CN=1F4324C65B93BEA537441E485E70E62DDBC7DAE8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:d1:a8:da:30:94:62:8e:a9:cf:8c:5d:b8:e9:
                    3a:84:f8:85:65:21:85:5b:a8:84:15:80:6f:fc:90:
                    de:70:64:9c:15:59:7b:1a:ab:50:35:3c:e6:f1:22:
                    22:c8:2c:b3:74:c9:c8:04:f6:f4:1c:04:57:a1:4a:
                    06:b5:1f:d7:6d:94:60:2b:61:01:84:3d:a7:3d:01:
                    25:0a:4e:4e:e4:f3:b3:e1:bb:e6:da:1f:bd:d8:db:
                    d1:a1:79:83:cb:6e:c7:42:39:96:d4:0b:f2:89:07:
                    91:76:f9:bc:35:80:11:1e:3c:e0:e9:91:0a:3a:dd:
                    f3:7f:44:e1:15:31:1d:32:a6:11:3e:86:00:89:31:
                    5f:fa:71:9c:96:ba:39:51:1d:22:85:06:fc:9c:c2:
                    cb:48:8b:f7:25:44:97:8b:72:22:f2:9b:c0:7e:db:
                    76:8e:a9:40:1e:b6:9b:29:fb:7f:8d:22:75:bf:b2:
                    7f:2e:11:fa:3a:7b:83:c8:69:0a:62:cb:d4:61:6a:
                    d4:36:27:bb:40:45:1d:49:d3:6c:ca:74:83:a6:e3:
                    8c:c4:c4:68:2d:ac:a4:8d:06:7c:2e:6e:f8:26:22:
                    5e:97:9b:ce:7b:e7:fd:2f:81:c1:75:94:85:18:f5:
                    12:ec:11:3d:5a:9b:13:ea:ec:26:b5:47:dc:99:6f:
                    9d:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:43:24:C6:5B:93:BE:A5:37:44:1E:48:5E:70:E6:2D:DB:C7:DA:E8
            X509v3 Authority Key Identifier:
                keyid:9E:DE:64:DB:C4:09:88:81:F1:1B:70:12:3D:F5:14:D3:8F:78:81:EE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/9EDE64DBC4098881F11B70123DF514D38F7881EE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9EDE64DBC4098881F11B70123DF514D38F7881EE.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/69acb4a8-7804-4526-84d2-869b91a6719d/0/3230322e37322e3230342e302f32342d3234203d3e203538353532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.72.204.0/24

    Signature Algorithm: sha256WithRSAEncryption
         86:fe:a5:c0:2d:05:92:05:1a:c3:62:b3:a5:32:a2:49:4d:91:
         f4:33:d2:48:07:50:9e:b1:de:15:65:7f:56:aa:32:f2:f0:66:
         ea:02:1e:20:35:9e:c5:03:29:67:d4:f4:12:ed:ae:d7:48:65:
         c6:bc:02:31:81:1a:c2:b0:9d:cd:6c:b3:06:08:6c:a8:dd:88:
         16:ec:18:7f:cc:b2:52:47:61:3a:6b:6c:1f:ff:37:33:ef:7e:
         1c:69:10:69:7c:35:a0:34:b4:8f:25:73:e4:54:93:fc:a1:4d:
         c4:1e:38:f8:2d:29:96:30:c1:82:e0:dc:21:7e:ec:6d:a4:29:
         e5:5e:3d:c6:5e:58:4f:ad:9d:e0:16:65:56:30:ab:b5:ce:e7:
         43:47:7e:cf:d6:0b:d7:27:e1:38:d1:90:0c:8c:c9:97:1e:00:
         89:b2:cb:cc:fd:95:c4:e7:a7:9e:dc:45:43:e3:51:71:53:9d:
         2e:e3:05:4c:f0:e9:43:f6:bd:d1:19:9d:fc:fc:ea:aa:3f:72:
         3e:a6:55:71:c7:30:07:84:13:66:d3:60:95:51:ef:e6:b0:ec:
         22:de:6a:e9:97:84:31:c3:48:9e:80:30:a5:27:6e:32:21:70:
         6f:c6:84:61:59:f4:9c:16:0b:9f:4b:bf:6d:d8:cb:7c:f6:2d:
         78:d2:23:84
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUeBGWFoYzlhBus+AsD0ls+YWs6TkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUVERTY0REJDNDA5ODg4MUYxMUI3MDEyM0RGNTE0RDM4
Rjc4ODFFRTAeFw0yMzA3MzEwMDAwNDVaFw0yNDA3MjkwMDA1NDVaMDMxMTAvBgNV
BAMTKDFGNDMyNEM2NUI5M0JFQTUzNzQ0MUU0ODVFNzBFNjJEREJDN0RBRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG0ajaMJRijqnPjF246TqE+IVl
IYVbqIQVgG/8kN5wZJwVWXsaq1A1PObxIiLILLN0ycgE9vQcBFehSga1H9dtlGAr
YQGEPac9ASUKTk7k87Phu+baH73Y29GheYPLbsdCOZbUC/KJB5F2+bw1gBEePODp
kQo63fN/ROEVMR0yphE+hgCJMV/6cZyWujlRHSKFBvycwstIi/clRJeLciLym8B+
23aOqUAetpsp+3+NInW/sn8uEfo6e4PIaQpiy9RhatQ2J7tARR1J02zKdIOm44zE
xGgtrKSNBnwubvgmIl6Xm8575/0vgcF1lIUY9RLsET1amxPq7Ca1R9yZb51dAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUH0MkxluTvqU3RB5IXnDmLdvH2ugwHwYDVR0j
BBgwFoAUnt5k28QJiIHxG3ASPfUU0494ge4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
OWFjYjRhOC03ODA0LTQ1MjYtODRkMi04NjliOTFhNjcxOWQvMC85RURFNjREQkM0
MDk4ODgxRjExQjcwMTIzREY1MTREMzhGNzg4MUVFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUVERTY0REJDNDA5ODg4MUYxMUI3MDEyM0RGNTE0RDM4Rjc4
ODFFRS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY5YWNiNGE4LTc4MDQtNDUyNi04
NGQyLTg2OWI5MWE2NzE5ZC8wLzMyMzAzMjJlMzczMjJlMzIzMDM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzUzODM1MzUzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMpIzDANBgkqhkiG
9w0BAQsFAAOCAQEAhv6lwC0FkgUaw2KzpTKiSU2R9DPSSAdQnrHeFWV/Vqoy8vBm
6gIeIDWexQMpZ9T0Eu2u10hlxrwCMYEawrCdzWyzBghsqN2IFuwYf8yyUkdhOmts
H/83M+9+HGkQaXw1oDS0jyVz5FST/KFNxB44+C0pljDBguDcIX7sbaQp5V49xl5Y
T62d4BZlVjCrtc7nQ0d+z9YL1yfhONGQDIzJlx4AibLLzP2VxOenntxFQ+NRcVOd
LuMFTPDpQ/a90Rmd/Pzqqj9yPqZVcccwB4QTZtNglVHv5rDsIt5q6ZeEMcNInoAw
pSduMiFwb8aEYVn0nBYLn0u/bdjLfPYteNIjhA==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:32:00 2024 by rpki-client on console-fra.rpki-client.org