Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/7ff969fc-39c7-44cd-8716-9ce4c6d5ac91/0/323430313a646538303a313a3a2f34382d3438203d3e203338353234.roa
File:                     323430313a646538303a313a3a2f34382d3438203d3e203338353234.roa (raw, json)
Hash identifier:          8vbmhm0Hi8cXLCEcJYJ3QRvz7io7q5ick/x4jO0CL3o=
Subject key identifier:   93:38:C0:98:72:96:EE:E3:07:C7:6A:18:C3:C5:0B:49:B7:E7:4A:6C
Certificate issuer:       /CN=6B33A08D6452492D38FE5FC6560DF750CD283E9A
Certificate serial:       12B463100E19D9B4090CC597A1B598586B8D263F
Authority key identifier: 6B:33:A0:8D:64:52:49:2D:38:FE:5F:C6:56:0D:F7:50:CD:28:3E:9A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6B33A08D6452492D38FE5FC6560DF750CD283E9A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7ff969fc-39c7-44cd-8716-9ce4c6d5ac91/0/323430313a646538303a313a3a2f34382d3438203d3e203338353234.roa
Signing time:             Wed 09 Aug 2023 00:00:01 +0000
ROA not before:           Tue 08 Aug 2023 23:55:01 +0000
ROA not after:            Wed 07 Aug 2024 00:00:01 +0000
asID:                     38524
IP address blocks:        2401:de80:1::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7ff969fc-39c7-44cd-8716-9ce4c6d5ac91/0/6B33A08D6452492D38FE5FC6560DF750CD283E9A.crl
                          rsync://repo-rpki.idnic.net/repo/7ff969fc-39c7-44cd-8716-9ce4c6d5ac91/0/6B33A08D6452492D38FE5FC6560DF750CD283E9A.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6B33A08D6452492D38FE5FC6560DF750CD283E9A.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 12:15:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:b4:63:10:0e:19:d9:b4:09:0c:c5:97:a1:b5:98:58:6b:8d:26:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6B33A08D6452492D38FE5FC6560DF750CD283E9A
        Validity
            Not Before: Aug  8 23:55:01 2023 GMT
            Not After : Aug  7 00:00:01 2024 GMT
        Subject: CN=9338C0987296EEE307C76A18C3C50B49B7E74A6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:4a:32:69:7b:cf:75:9e:32:a0:0a:0e:dc:5e:
                    84:92:bb:07:14:3d:9b:42:bb:0b:ce:bb:7e:16:e9:
                    21:93:7c:d1:48:47:51:04:57:a8:89:a6:35:0f:74:
                    b7:f8:e1:42:a8:90:24:7e:bb:b3:a2:1a:0f:74:9b:
                    1a:ad:47:8a:d7:20:64:0b:8a:b4:52:94:f5:ae:a6:
                    b2:a9:59:1b:9f:15:7d:24:cc:12:d6:a1:0a:85:1a:
                    15:3d:b9:9b:8f:35:9c:0a:34:86:87:d2:9c:c6:0b:
                    29:80:b4:a3:99:68:d0:9b:ef:96:6b:e7:5c:9e:ad:
                    02:82:97:f0:30:8d:02:fa:7d:52:18:95:d9:1e:5f:
                    a9:98:4e:58:db:68:a6:eb:ef:fc:20:75:a3:2f:af:
                    90:28:ad:b6:e4:64:d0:77:87:16:f6:32:83:75:99:
                    b2:79:9c:5a:42:60:f0:79:91:fb:b6:1c:16:43:50:
                    62:6d:12:e0:91:81:4a:30:70:19:b9:a0:56:00:1b:
                    24:cb:9e:5c:c5:e6:43:ee:9e:04:48:97:1d:92:d4:
                    2d:56:26:22:4e:70:46:7f:40:da:3a:f9:12:f9:66:
                    83:15:1d:29:7a:57:02:0a:25:db:48:08:ba:0e:44:
                    ac:f5:c6:b5:0d:7f:79:92:29:ec:31:03:e3:83:c2:
                    35:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:38:C0:98:72:96:EE:E3:07:C7:6A:18:C3:C5:0B:49:B7:E7:4A:6C
            X509v3 Authority Key Identifier:
                keyid:6B:33:A0:8D:64:52:49:2D:38:FE:5F:C6:56:0D:F7:50:CD:28:3E:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7ff969fc-39c7-44cd-8716-9ce4c6d5ac91/0/6B33A08D6452492D38FE5FC6560DF750CD283E9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6B33A08D6452492D38FE5FC6560DF750CD283E9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7ff969fc-39c7-44cd-8716-9ce4c6d5ac91/0/323430313a646538303a313a3a2f34382d3438203d3e203338353234.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:de80:1::/48

    Signature Algorithm: sha256WithRSAEncryption
         0a:6c:59:4a:bf:f7:cc:87:ea:1b:79:5a:62:38:6a:f9:5b:86:
         fc:17:5d:d9:61:23:ad:f3:c1:d2:8d:f1:50:e1:7b:fc:af:47:
         22:a7:4e:03:b3:c0:23:c3:ea:da:68:3d:93:d4:73:b8:1e:6c:
         97:9f:8c:b4:85:4f:42:19:6d:2e:63:8e:66:96:b3:23:e5:a7:
         31:ac:cf:78:15:01:88:4f:30:d8:3a:a7:b2:67:8c:55:f0:90:
         8e:a7:06:c2:a9:9f:91:8e:c6:52:6c:58:48:be:75:b7:fb:8d:
         21:64:2a:f1:14:fa:ee:cd:f7:94:5b:4e:f7:aa:22:60:42:6f:
         dc:82:6f:64:84:49:a4:46:16:54:89:52:22:cd:8c:99:3f:52:
         c1:98:a8:69:93:6f:1e:1d:44:86:c1:ac:e6:56:5b:92:b8:03:
         f1:d8:c1:0e:35:dc:b0:dd:c0:dd:d4:65:d0:30:d4:ca:8d:c7:
         55:98:ec:5e:36:33:89:e8:cf:3f:64:82:f2:b8:17:23:c4:16:
         9e:f2:44:8d:3c:d6:83:49:4f:c9:00:a2:c6:f6:4c:8d:b3:68:
         29:d0:f1:e2:bf:7b:85:7f:c1:c6:60:90:56:f5:42:15:8e:31:
         b0:8e:8f:6a:1b:84:71:e7:3f:bd:c0:85:8e:39:83:fd:85:0a:
         9e:6d:7e:4e
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUErRjEA4Z2bQJDMWXobWYWGuNJj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkIzM0EwOEQ2NDUyNDkyRDM4RkU1RkM2NTYwREY3NTBD
RDI4M0U5QTAeFw0yMzA4MDgyMzU1MDFaFw0yNDA4MDcwMDAwMDFaMDMxMTAvBgNV
BAMTKDkzMzhDMDk4NzI5NkVFRTMwN0M3NkExOEMzQzUwQjQ5QjdFNzRBNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3SjJpe891njKgCg7cXoSSuwcU
PZtCuwvOu34W6SGTfNFIR1EEV6iJpjUPdLf44UKokCR+u7OiGg90mxqtR4rXIGQL
irRSlPWuprKpWRufFX0kzBLWoQqFGhU9uZuPNZwKNIaH0pzGCymAtKOZaNCb75Zr
51yerQKCl/AwjQL6fVIYldkeX6mYTljbaKbr7/wgdaMvr5AorbbkZNB3hxb2MoN1
mbJ5nFpCYPB5kfu2HBZDUGJtEuCRgUowcBm5oFYAGyTLnlzF5kPungRIlx2S1C1W
JiJOcEZ/QNo6+RL5ZoMVHSl6VwIKJdtICLoORKz1xrUNf3mSKewxA+ODwjWnAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUkzjAmHKW7uMHx2oYw8ULSbfnSmwwHwYDVR0j
BBgwFoAUazOgjWRSSS04/l/GVg33UM0oPpowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
ZmY5NjlmYy0zOWM3LTQ0Y2QtODcxNi05Y2U0YzZkNWFjOTEvMC82QjMzQTA4RDY0
NTI0OTJEMzhGRTVGQzY1NjBERjc1MENEMjgzRTlBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkIzM0EwOEQ2NDUyNDkyRDM4RkU1RkM2NTYwREY3NTBDRDI4
M0U5QS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdmZjk2OWZjLTM5YzctNDRjZC04
NzE2LTljZTRjNmQ1YWM5MS8wLzMyMzQzMDMxM2E2NDY1MzgzMDNhMzEzYTNhMmYz
NDM4MmQzNDM4MjAzZDNlMjAzMzM4MzUzMjM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAHegAABMA0G
CSqGSIb3DQEBCwUAA4IBAQAKbFlKv/fMh+obeVpiOGr5W4b8F13ZYSOt88HSjfFQ
4Xv8r0cip04Ds8Ajw+raaD2T1HO4HmyXn4y0hU9CGW0uY45mlrMj5acxrM94FQGI
TzDYOqeyZ4xV8JCOpwbCqZ+RjsZSbFhIvnW3+40hZCrxFPruzfeUW073qiJgQm/c
gm9khEmkRhZUiVIizYyZP1LBmKhpk28eHUSGwazmVluSuAPx2MEONdyw3cDd1GXQ
MNTKjcdVmOxeNjOJ6M8/ZILyuBcjxBae8kSNPNaDSU/JAKLG9kyNs2gp0PHiv3uF
f8HGYJBW9UIVjjGwjo9qG4Rx5z+9wIWOOYP9hQqebX5O
-----END CERTIFICATE-----
Generated at Wed Mar 27 10:38:31 2024 by rpki-client on console-fra.rpki-client.org