Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa
File:                     323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa (raw, json)
Hash identifier:          Di4ceC00swYAY2ajmt6nL1ON1wrElmI+FqxcAs1Tl0I=
Subject key identifier:   A4:F5:25:AF:02:54:6A:DD:3D:BC:3B:E4:D4:42:65:B1:01:ED:3E:2C
Certificate issuer:       /CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
Certificate serial:       46C45BA3C7222AB5D6C335FC6008A6C2D285B0E2
Authority key identifier: D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa
Signing time:             Mon 31 Jul 2023 00:07:16 +0000
ROA not before:           Mon 31 Jul 2023 00:02:16 +0000
ROA not after:            Mon 29 Jul 2024 00:07:16 +0000
asID:                     136088
IP address blocks:        2400:d940:60::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl
                          rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 17:21:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:c4:5b:a3:c7:22:2a:b5:d6:c3:35:fc:60:08:a6:c2:d2:85:b0:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
        Validity
            Not Before: Jul 31 00:02:16 2023 GMT
            Not After : Jul 29 00:07:16 2024 GMT
        Subject: CN=A4F525AF02546ADD3DBC3BE4D44265B101ED3E2C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:86:e9:75:ba:3c:9f:ec:be:9a:6c:6f:34:2b:
                    c9:57:fd:9d:a0:9e:a4:2f:b1:4d:37:5d:d8:a0:c7:
                    5e:7b:63:f8:b0:a5:ac:85:fe:4a:6f:93:66:ae:e5:
                    3f:31:19:60:3f:ad:19:d6:21:7a:15:bc:39:90:d4:
                    d1:d3:1f:79:24:b8:e1:1d:2a:0c:8e:c3:0c:02:73:
                    14:f6:a9:91:6d:f0:80:ad:b4:27:64:25:ee:d1:29:
                    44:a2:02:f3:0c:93:cf:ee:7c:2c:dd:90:e0:f8:82:
                    34:b1:69:3e:86:e3:50:83:63:83:de:d8:6a:a3:b2:
                    32:3d:9c:9d:8a:ba:10:6b:5a:d4:17:99:56:b2:7f:
                    5b:95:27:e7:1f:a4:6d:b5:93:b6:98:f3:c2:38:df:
                    17:76:c9:32:68:2b:63:88:02:dd:d6:9a:eb:0e:f3:
                    a5:9a:63:30:5e:85:a2:0b:a5:20:20:fd:68:f5:c4:
                    91:ae:55:80:51:17:d8:37:f1:4a:f7:9f:f6:10:43:
                    d9:48:1e:e3:d7:57:32:c0:8e:53:34:c2:dd:df:83:
                    aa:36:f7:69:fc:17:fa:5f:b7:66:03:1e:67:c8:72:
                    4d:3c:64:3e:20:6e:27:95:21:98:4d:e4:7b:17:4e:
                    10:0a:cf:c3:33:8b:88:44:41:35:aa:85:a9:70:5b:
                    30:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:F5:25:AF:02:54:6A:DD:3D:BC:3B:E4:D4:42:65:B1:01:ED:3E:2C
            X509v3 Authority Key Identifier:
                keyid:D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a36303a3a2f34382d3438203d3e20313336303838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d940:60::/48

    Signature Algorithm: sha256WithRSAEncryption
         a6:1e:e1:3b:f4:ca:ea:ea:e0:4d:96:e3:8f:05:2b:e1:10:72:
         7d:54:35:6a:e5:42:e7:51:49:2b:db:7c:e1:3f:7c:2b:4e:6d:
         82:2f:a1:58:fd:db:5b:f9:07:2c:48:3e:29:53:d9:50:f5:3d:
         a1:da:41:34:91:26:9c:4d:d3:c1:91:79:33:4c:7b:d0:4c:54:
         6b:48:52:64:8b:c4:9f:98:2c:b0:72:9f:85:97:79:fc:d2:27:
         b0:89:e9:d2:12:03:84:a3:7e:60:98:2a:6e:96:a9:2d:21:ed:
         01:68:b4:89:f9:39:8f:bb:68:53:b4:d6:60:a0:4f:0a:29:f8:
         0d:5f:22:04:74:20:a8:25:63:50:78:cc:48:4d:1a:b1:3d:61:
         86:c9:40:ad:44:59:35:1e:1d:05:b6:1d:c0:5c:a8:96:dc:54:
         83:1f:04:12:ca:6f:dc:5f:77:d4:f7:3e:34:0f:8b:62:59:af:
         5d:47:b5:22:68:69:6a:06:fc:fd:73:02:f7:5a:4d:64:d0:df:
         ce:05:d1:05:8b:47:44:0c:2e:f9:6e:eb:24:17:6c:cc:26:ea:
         72:ea:1f:b1:7a:2c:cf:34:96:20:ae:ff:9a:25:79:32:bb:02:
         16:e8:b0:e4:e5:2f:e5:bf:3a:34:0d:2a:2b:b0:20:46:2b:1b:
         8a:aa:5b:81
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURsRbo8ciKrXWwzX8YAimwtKFsOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhE
MEJFOTIzRjAeFw0yMzA3MzEwMDAyMTZaFw0yNDA3MjkwMDA3MTZaMDMxMTAvBgNV
BAMTKEE0RjUyNUFGMDI1NDZBREQzREJDM0JFNEQ0NDI2NUIxMDFFRDNFMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnhul1ujyf7L6abG80K8lX/Z2g
nqQvsU03Xdigx157Y/iwpayF/kpvk2au5T8xGWA/rRnWIXoVvDmQ1NHTH3kkuOEd
KgyOwwwCcxT2qZFt8ICttCdkJe7RKUSiAvMMk8/ufCzdkOD4gjSxaT6G41CDY4Pe
2GqjsjI9nJ2KuhBrWtQXmVayf1uVJ+cfpG21k7aY88I43xd2yTJoK2OIAt3WmusO
86WaYzBehaILpSAg/Wj1xJGuVYBRF9g38Ur3n/YQQ9lIHuPXVzLAjlM0wt3fg6o2
92n8F/pft2YDHmfIck08ZD4gbieVIZhN5HsXThAKz8Mzi4hEQTWqhalwWzAlAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUpPUlrwJUat09vDvk1EJlsQHtPiwwHwYDVR0j
BBgwFoAU0/th10akR2fUUY1un9H72NC+kj8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2Y0ZWMxYy05NTM1LTRjYmYtOWM3YS1mZDMyYzgzMGVkYmEvMC9EM0ZCNjFENzQ2
QTQ0NzY3RDQ1MThENkU5RkQxRkJEOEQwQkU5MjNGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhEMEJF
OTIzRi5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05
YzdhLWZkMzJjODMwZWRiYS8wLzMyMzQzMDMwM2E2NDM5MzQzMDNhMzYzMDNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzMzNjMwMzgzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQA2UAA
YDANBgkqhkiG9w0BAQsFAAOCAQEAph7hO/TK6urgTZbjjwUr4RByfVQ1auVC51FJ
K9t84T98K05tgi+hWP3bW/kHLEg+KVPZUPU9odpBNJEmnE3TwZF5M0x70ExUa0hS
ZIvEn5gssHKfhZd5/NInsInp0hIDhKN+YJgqbpapLSHtAWi0ifk5j7toU7TWYKBP
Cin4DV8iBHQgqCVjUHjMSE0asT1hhslArURZNR4dBbYdwFyoltxUgx8EEspv3F93
1Pc+NA+LYlmvXUe1Imhpagb8/XMC91pNZNDfzgXRBYtHRAwu+W7rJBdszCbqcuof
sXoszzSWIK7/miV5MrsCFuiw5OUv5b86NA0qK7AgRisbiqpbgQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:00:46 2024 by rpki-client on console-fra.rpki-client.org