Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/891d3c30-95dc-4b72-ae1b-ad1e98b0e179/1/3231322e3131372e34382e302f32302d3234203d3e203538333736.roa
File:                     3231322e3131372e34382e302f32302d3234203d3e203538333736.roa (raw, json)
Hash identifier:          vpT3+iZ/tM2YC50vLU+bkdH4iqBiTj57bNJbxHAxrfs=
Subject key identifier:   A7:9B:42:20:F6:E9:10:24:76:4D:3B:94:D8:EE:C9:26:47:17:69:5E
Certificate issuer:       /CN=55E79C1D60B12E58D121B265CA67C0BD60D4CF92
Certificate serial:       29740CC3880F451EB4AC386C8B922B78715C6553
Authority key identifier: 55:E7:9C:1D:60:B1:2E:58:D1:21:B2:65:CA:67:C0:BD:60:D4:CF:92
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/0/55E79C1D60B12E58D121B265CA67C0BD60D4CF92.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/891d3c30-95dc-4b72-ae1b-ad1e98b0e179/1/3231322e3131372e34382e302f32302d3234203d3e203538333736.roa
Signing time:             Mon 31 Jul 2023 00:07:27 +0000
ROA not before:           Mon 31 Jul 2023 00:02:27 +0000
ROA not after:            Mon 29 Jul 2024 00:07:27 +0000
asID:                     58376
IP address blocks:        212.117.48.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/891d3c30-95dc-4b72-ae1b-ad1e98b0e179/1/55E79C1D60B12E58D121B265CA67C0BD60D4CF92.crl
                          rsync://repo-rpki.idnic.net/repo/891d3c30-95dc-4b72-ae1b-ad1e98b0e179/1/55E79C1D60B12E58D121B265CA67C0BD60D4CF92.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/0/55E79C1D60B12E58D121B265CA67C0BD60D4CF92.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/0/12345F115AC4B62A51F5274C54C81E86463BD0BA.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/0/12345F115AC4B62A51F5274C54C81E86463BD0BA.mft
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/EjRfEVrEtipR9SdMVMgehkY70Lo.cer
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl
                          rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 10:47:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:74:0c:c3:88:0f:45:1e:b4:ac:38:6c:8b:92:2b:78:71:5c:65:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=55E79C1D60B12E58D121B265CA67C0BD60D4CF92
        Validity
            Not Before: Jul 31 00:02:27 2023 GMT
            Not After : Jul 29 00:07:27 2024 GMT
        Subject: CN=A79B4220F6E91024764D3B94D8EEC9264717695E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:8d:d1:31:4f:ca:5d:75:f6:6e:e2:42:98:e6:
                    9f:a6:88:86:be:ae:7f:00:4d:b0:1d:96:3b:57:8f:
                    f3:79:99:f0:2d:56:34:cd:68:14:ea:7c:84:4b:9d:
                    88:83:12:96:f2:cf:f1:b3:2c:6d:b6:cd:d4:e5:87:
                    e6:d4:ea:c7:18:65:ef:49:c9:13:c0:28:ab:3a:d3:
                    76:6f:bc:23:4d:fa:fb:31:62:fd:fe:60:07:6a:13:
                    4f:a3:93:bd:67:01:f2:de:d4:66:39:1c:61:48:54:
                    cd:d9:c6:ec:e5:56:a8:02:da:09:50:31:2c:e2:5a:
                    fd:b9:66:12:3e:6c:68:7d:79:4b:3d:b3:63:9d:05:
                    72:4e:4f:8a:32:3f:72:7d:8c:3d:72:75:85:1d:5d:
                    0d:38:4c:7f:8f:15:96:29:8c:9e:6c:6a:d9:1e:97:
                    35:aa:1a:3f:a9:ed:a9:92:d1:fc:f3:a4:3b:2a:81:
                    91:c2:ec:0e:d0:f7:61:08:f6:93:f2:90:e2:01:e6:
                    3f:a9:c9:f1:9c:ec:2b:f1:72:e4:53:fe:34:14:5a:
                    63:c7:6f:85:ca:b1:dd:35:2b:b3:2f:1f:13:7c:36:
                    76:98:72:85:5a:9b:c9:2d:f7:04:2e:a5:32:41:05:
                    7f:ae:96:c3:31:b6:b0:83:85:2a:db:d9:9b:fd:06:
                    eb:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A7:9B:42:20:F6:E9:10:24:76:4D:3B:94:D8:EE:C9:26:47:17:69:5E
            X509v3 Authority Key Identifier:
                keyid:55:E7:9C:1D:60:B1:2E:58:D1:21:B2:65:CA:67:C0:BD:60:D4:CF:92

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/891d3c30-95dc-4b72-ae1b-ad1e98b0e179/1/55E79C1D60B12E58D121B265CA67C0BD60D4CF92.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/0/55E79C1D60B12E58D121B265CA67C0BD60D4CF92.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/891d3c30-95dc-4b72-ae1b-ad1e98b0e179/1/3231322e3131372e34382e302f32302d3234203d3e203538333736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.117.48.0/20

    Signature Algorithm: sha256WithRSAEncryption
         05:1f:8d:f2:44:c3:58:49:8f:6e:7a:6f:ed:e0:94:7a:74:95:
         c5:33:9a:07:f2:e6:9f:79:34:8a:fc:77:45:01:12:0c:e0:4b:
         61:12:fc:80:6a:10:c1:a6:d1:02:43:00:b8:71:20:ca:b9:60:
         ab:f9:4c:81:b9:58:26:a6:f8:3c:26:08:42:21:c5:a8:6d:1b:
         69:47:a4:a9:64:59:0c:27:aa:92:62:03:d6:fd:fd:a4:34:7c:
         02:8f:9d:d7:ce:d1:e3:7e:8b:5b:b2:13:40:87:0d:71:81:e5:
         e9:d2:4b:c5:59:11:dc:4b:24:4c:d1:70:77:8b:e9:c0:48:99:
         45:4c:6f:76:40:1f:97:84:7b:b1:a3:be:49:42:f4:b6:fb:52:
         1b:cd:0d:3b:0c:46:af:11:53:71:dc:a4:fb:6c:cb:70:e8:88:
         cd:8e:ab:7c:02:d8:71:4e:ea:75:76:ae:00:9c:ed:99:2e:f2:
         31:dc:12:49:5b:33:2d:17:12:2e:f3:ab:d2:8c:b4:1a:09:6c:
         f2:31:a6:cf:16:f3:b9:77:82:53:05:00:46:3d:80:54:08:fd:
         65:96:48:76:2d:72:5a:c7:d2:58:c9:9a:d6:b8:c6:09:e1:62:
         e5:4c:dc:a4:9d:31:2c:c5:f0:42:2b:ef:11:45:c4:cd:07:61:
         00:df:91:aa
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUKXQMw4gPRR60rDhsi5IreHFcZVMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTVFNzlDMUQ2MEIxMkU1OEQxMjFCMjY1Q0E2N0MwQkQ2
MEQ0Q0Y5MjAeFw0yMzA3MzEwMDAyMjdaFw0yNDA3MjkwMDA3MjdaMDMxMTAvBgNV
BAMTKEE3OUI0MjIwRjZFOTEwMjQ3NjREM0I5NEQ4RUVDOTI2NDcxNzY5NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjjdExT8pddfZu4kKY5p+miIa+
rn8ATbAdljtXj/N5mfAtVjTNaBTqfIRLnYiDEpbyz/GzLG22zdTlh+bU6scYZe9J
yRPAKKs603ZvvCNN+vsxYv3+YAdqE0+jk71nAfLe1GY5HGFIVM3ZxuzlVqgC2glQ
MSziWv25ZhI+bGh9eUs9s2OdBXJOT4oyP3J9jD1ydYUdXQ04TH+PFZYpjJ5satke
lzWqGj+p7amS0fzzpDsqgZHC7A7Q92EI9pPykOIB5j+pyfGc7CvxcuRT/jQUWmPH
b4XKsd01K7MvHxN8NnaYcoVam8kt9wQupTJBBX+ulsMxtrCDhSrb2Zv9BuuRAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUp5tCIPbpECR2TTuU2O7JJkcXaV4wHwYDVR0j
BBgwFoAUVeecHWCxLljRIbJlymfAvWDUz5IwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
OTFkM2MzMC05NWRjLTRiNzItYWUxYi1hZDFlOThiMGUxNzkvMS81NUU3OUMxRDYw
QjEyRTU4RDEyMUIyNjVDQTY3QzBCRDYwRDRDRjkyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzAvNTVFNzlDMUQ2MEIxMkU1OEQxMjFCMjY1Q0E2N0MwQkQ2MEQ0
Q0Y5Mi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg5MWQzYzMwLTk1ZGMtNGI3Mi1h
ZTFiLWFkMWU5OGIwZTE3OS8xLzMyMzEzMjJlMzEzMTM3MmUzNDM4MmUzMDJmMzIz
MDJkMzIzNDIwM2QzZTIwMzUzODMzMzczNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNR1MDANBgkqhkiG
9w0BAQsFAAOCAQEABR+N8kTDWEmPbnpv7eCUenSVxTOaB/Lmn3k0ivx3RQESDOBL
YRL8gGoQwabRAkMAuHEgyrlgq/lMgblYJqb4PCYIQiHFqG0baUekqWRZDCeqkmID
1v39pDR8Ao+d187R436LW7ITQIcNcYHl6dJLxVkR3EskTNFwd4vpwEiZRUxvdkAf
l4R7saO+SUL0tvtSG80NOwxGrxFTcdyk+2zLcOiIzY6rfALYcU7qdXauAJztmS7y
MdwSSVszLRcSLvOr0oy0Ggls8jGmzxbzuXeCUwUARj2AVAj9ZZZIdi1yWsfSWMma
1rjGCeFi5UzcpJ0xLMXwQivvEUXEzQdhAN+Rqg==
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:54:32 2024 by rpki-client on console-fra.rpki-client.org