Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a343030363a3a2f34382d3438203d3e20313333383430.roa
File:                     323430343a653130303a343030363a3a2f34382d3438203d3e20313333383430.roa (raw, json)
Hash identifier:          VHPzz4rBBvj4Cs7FMYdrvNSk03L1UP/t8s7PtcEC/08=
Subject key identifier:   B7:29:BF:97:80:A1:24:BC:B3:88:99:B9:D5:93:60:1C:64:02:96:44
Certificate issuer:       /CN=B6F0131510E62F73E5F29246F9C8F691811A704D
Certificate serial:       36B7CA65B259C78D21E408788327903D58B2A4A9
Authority key identifier: B6:F0:13:15:10:E6:2F:73:E5:F2:92:46:F9:C8:F6:91:81:1A:70:4D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6F0131510E62F73E5F29246F9C8F691811A704D.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a343030363a3a2f34382d3438203d3e20313333383430.roa
Signing time:             Mon 31 Jul 2023 00:13:04 +0000
ROA not before:           Mon 31 Jul 2023 00:08:04 +0000
ROA not after:            Mon 29 Jul 2024 00:13:04 +0000
asID:                     133840
IP address blocks:        2404:e100:4006::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/B6F0131510E62F73E5F29246F9C8F691811A704D.crl
                          rsync://repo-rpki.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/B6F0131510E62F73E5F29246F9C8F691811A704D.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6F0131510E62F73E5F29246F9C8F691811A704D.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:b7:ca:65:b2:59:c7:8d:21:e4:08:78:83:27:90:3d:58:b2:a4:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B6F0131510E62F73E5F29246F9C8F691811A704D
        Validity
            Not Before: Jul 31 00:08:04 2023 GMT
            Not After : Jul 29 00:13:04 2024 GMT
        Subject: CN=B729BF9780A124BCB38899B9D593601C64029644
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:17:d3:34:a4:79:f1:a0:d3:2b:33:0c:c7:6c:
                    9d:19:d6:d1:c7:19:6d:4d:fc:d7:a8:7c:94:b3:99:
                    27:4d:a6:07:16:1e:0b:39:86:b2:6f:1b:03:df:87:
                    49:c3:69:7a:71:de:1d:08:62:ad:4a:e0:26:7e:d1:
                    e1:98:86:7b:58:30:05:c6:11:74:74:94:e7:59:74:
                    71:d3:9a:96:cc:74:35:4b:1c:09:66:c4:c0:bf:41:
                    ab:15:6f:89:2d:1d:21:7a:1c:ef:d8:f2:21:da:d0:
                    92:a8:8f:e6:da:30:b0:f8:47:39:3e:61:0c:af:aa:
                    94:95:47:ba:4f:8e:7b:48:a3:d0:f0:fb:a6:6c:5c:
                    41:3a:2a:41:e2:0c:73:8e:7f:97:98:d9:2a:8d:c9:
                    93:9e:3d:7b:45:62:9d:32:69:ef:1e:e9:b7:a3:5c:
                    88:2a:6e:f1:7b:da:72:d0:98:f1:15:76:e9:52:22:
                    74:d9:c1:db:07:a7:2f:18:20:a3:f2:62:c1:3e:7e:
                    c0:4b:37:cc:6c:f0:14:db:09:68:a0:f5:0c:90:2e:
                    a8:44:87:d4:2f:73:96:f0:cc:a8:5b:c9:2d:7f:df:
                    46:fc:7a:08:0f:27:48:17:6f:16:4a:a7:35:e0:f1:
                    d1:0f:47:08:6c:c9:27:38:e1:70:af:43:d0:e7:0e:
                    90:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:29:BF:97:80:A1:24:BC:B3:88:99:B9:D5:93:60:1C:64:02:96:44
            X509v3 Authority Key Identifier:
                keyid:B6:F0:13:15:10:E6:2F:73:E5:F2:92:46:F9:C8:F6:91:81:1A:70:4D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/B6F0131510E62F73E5F29246F9C8F691811A704D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B6F0131510E62F73E5F29246F9C8F691811A704D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/85d8dab4-8bb6-4ed0-8dab-5a406167b99d/0/323430343a653130303a343030363a3a2f34382d3438203d3e20313333383430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:e100:4006::/48

    Signature Algorithm: sha256WithRSAEncryption
         9f:2c:6a:86:1d:18:e3:e5:78:1d:51:6f:06:33:e0:17:44:fb:
         d6:41:54:8b:8b:df:cb:c0:38:da:d7:cf:31:63:4e:8b:f8:10:
         02:4a:6c:08:5b:e5:ae:1f:12:f9:58:7c:41:8a:40:d2:28:85:
         b2:76:39:cf:1b:1a:91:a2:d4:e9:a4:74:22:2a:80:d7:5e:74:
         3d:77:25:5d:ed:04:e9:1b:26:9d:1d:40:0d:a9:43:54:e5:d5:
         7d:69:4b:2a:da:2f:17:e0:bf:82:1a:a5:52:31:ce:1a:cf:98:
         66:2a:ff:63:40:70:77:b3:22:4a:38:ab:6b:98:d1:da:23:30:
         94:12:d9:ae:aa:e7:fe:f9:03:95:38:10:1e:2a:7e:18:3a:f2:
         8f:da:65:81:ea:2d:5c:57:df:2c:08:be:6b:32:59:eb:c3:a5:
         67:fd:d7:d0:a3:58:f7:49:6e:51:8f:be:79:c2:89:3c:97:d3:
         7c:10:a0:00:ba:ed:7e:d1:13:f5:32:14:3f:de:58:f0:1a:11:
         0f:2c:da:b4:9f:26:a1:a9:96:f2:54:1b:29:bc:12:1a:b5:cf:
         db:06:9c:46:ba:e4:6f:52:1c:d7:ba:15:9d:38:ad:ec:d2:47:
         aa:a9:26:29:b1:4f:1f:b0:a5:92:4b:ac:79:80:42:63:ea:f5:
         ba:41:ad:99
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNrfKZbJZx40h5Ah4gyeQPViypKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjZGMDEzMTUxMEU2MkY3M0U1RjI5MjQ2RjlDOEY2OTE4
MTFBNzA0RDAeFw0yMzA3MzEwMDA4MDRaFw0yNDA3MjkwMDEzMDRaMDMxMTAvBgNV
BAMTKEI3MjlCRjk3ODBBMTI0QkNCMzg4OTlCOUQ1OTM2MDFDNjQwMjk2NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNF9M0pHnxoNMrMwzHbJ0Z1tHH
GW1N/NeofJSzmSdNpgcWHgs5hrJvGwPfh0nDaXpx3h0IYq1K4CZ+0eGYhntYMAXG
EXR0lOdZdHHTmpbMdDVLHAlmxMC/QasVb4ktHSF6HO/Y8iHa0JKoj+baMLD4Rzk+
YQyvqpSVR7pPjntIo9Dw+6ZsXEE6KkHiDHOOf5eY2SqNyZOePXtFYp0yae8e6bej
XIgqbvF72nLQmPEVdulSInTZwdsHpy8YIKPyYsE+fsBLN8xs8BTbCWig9QyQLqhE
h9Qvc5bwzKhbyS1/30b8eggPJ0gXbxZKpzXg8dEPRwhsySc44XCvQ9DnDpAJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUtym/l4ChJLyziJm51ZNgHGQClkQwHwYDVR0j
BBgwFoAUtvATFRDmL3Pl8pJG+cj2kYEacE0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
NWQ4ZGFiNC04YmI2LTRlZDAtOGRhYi01YTQwNjE2N2I5OWQvMC9CNkYwMTMxNTEw
RTYyRjczRTVGMjkyNDZGOUM4RjY5MTgxMUE3MDRELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjZGMDEzMTUxMEU2MkY3M0U1RjI5MjQ2RjlDOEY2OTE4MTFB
NzA0RC5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg1ZDhkYWI0LThiYjYtNGVkMC04
ZGFiLTVhNDA2MTY3Yjk5ZC8wLzMyMzQzMDM0M2E2NTMxMzAzMDNhMzQzMDMwMzYz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzMzODM0MzAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
BOEAQAYwDQYJKoZIhvcNAQELBQADggEBAJ8saoYdGOPleB1RbwYz4BdE+9ZBVIuL
38vAONrXzzFjTov4EAJKbAhb5a4fEvlYfEGKQNIohbJ2Oc8bGpGi1OmkdCIqgNde
dD13JV3tBOkbJp0dQA2pQ1Tl1X1pSyraLxfgv4IapVIxzhrPmGYq/2NAcHezIko4
q2uY0dojMJQS2a6q5/75A5U4EB4qfhg68o/aZYHqLVxX3ywIvmsyWevDpWf919Cj
WPdJblGPvnnCiTyX03wQoAC67X7RE/UyFD/eWPAaEQ8s2rSfJqGplvJUGym8Ehq1
z9sGnEa65G9SHNe6FZ04rezSR6qpJimxTx+wpZJLrHmAQmPq9bpBrZk=
-----END CERTIFICATE-----
Generated at Wed Mar 27 18:48:30 2024 by rpki-client on console-fra.rpki-client.org