Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/3231302e3234372e3234372e302f32342d3234203d3e20313331373435.roa
File:                     3231302e3234372e3234372e302f32342d3234203d3e20313331373435.roa (raw, json)
Hash identifier:          BpEHErDFt7nny/jNZu2+w1IAMQj4CzqFqJY1q4f/Q/w=
Subject key identifier:   81:DF:0E:76:AC:F2:94:29:E2:D7:08:4B:49:27:8E:52:E2:14:7D:E2
Certificate issuer:       /CN=8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F
Certificate serial:       7C1BC4264A7AC000660941F6B77DFD94FC746BC9
Authority key identifier: 8A:FE:BB:51:D0:0C:8E:06:AA:EA:84:2E:0C:0C:FF:C2:CA:B9:61:0F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/3231302e3234372e3234372e302f32342d3234203d3e20313331373435.roa
Signing time:             Mon 31 Jul 2023 00:05:28 +0000
ROA not before:           Mon 31 Jul 2023 00:00:28 +0000
ROA not after:            Mon 29 Jul 2024 00:05:28 +0000
asID:                     131745
IP address blocks:        210.247.247.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.crl
                          rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 14:06:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:1b:c4:26:4a:7a:c0:00:66:09:41:f6:b7:7d:fd:94:fc:74:6b:c9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F
        Validity
            Not Before: Jul 31 00:00:28 2023 GMT
            Not After : Jul 29 00:05:28 2024 GMT
        Subject: CN=81DF0E76ACF29429E2D7084B49278E52E2147DE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:7b:40:4e:8b:af:5b:ec:e8:3f:ef:68:8c:1f:
                    44:80:19:6f:bd:44:3b:fe:67:82:66:a3:3c:60:0b:
                    78:6b:56:f7:a2:5b:0f:9a:6e:3c:7c:f6:31:75:d9:
                    b9:01:5f:32:6f:1a:54:54:cc:f6:87:50:76:17:24:
                    68:01:c7:d7:1d:08:30:ef:bb:f8:02:10:eb:7c:eb:
                    c7:4a:78:b1:d8:ab:9b:46:b7:54:77:af:29:4f:81:
                    15:8c:df:34:6a:ba:2b:9d:f1:d7:2f:00:9a:2a:a3:
                    c5:9e:de:8b:89:dd:34:ab:db:17:68:95:48:4d:2d:
                    af:a6:a9:6d:39:4a:76:d5:87:c6:1e:4e:f1:b4:42:
                    e8:45:73:55:3e:f0:b8:46:05:63:ad:3e:aa:41:66:
                    73:37:ba:09:86:fe:95:45:3b:a4:fc:5b:6d:29:22:
                    78:b2:51:f8:16:57:17:a4:c5:73:fa:4a:40:51:75:
                    36:3c:01:5b:82:5c:4f:14:e2:b9:f1:74:63:21:b8:
                    3c:d9:23:e8:e2:a9:7e:a9:ca:1a:da:29:c7:ce:38:
                    b7:bd:eb:8a:06:63:21:a7:6a:a8:a5:08:83:93:9e:
                    72:6d:a6:24:b7:53:c6:8b:b1:22:39:e0:6f:22:84:
                    49:1f:f8:e2:72:bb:b0:a6:6b:60:ed:79:a1:69:cb:
                    82:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:DF:0E:76:AC:F2:94:29:E2:D7:08:4B:49:27:8E:52:E2:14:7D:E2
            X509v3 Authority Key Identifier:
                keyid:8A:FE:BB:51:D0:0C:8E:06:AA:EA:84:2E:0C:0C:FF:C2:CA:B9:61:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8AFEBB51D00C8E06AAEA842E0C0CFFC2CAB9610F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/96124329-ec20-4460-ac31-9c36cf94f3fb/0/3231302e3234372e3234372e302f32342d3234203d3e20313331373435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.247.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:3e:65:e4:90:fb:18:db:d2:4d:dd:98:d1:bb:c4:b1:dd:5e:
         23:19:be:32:3b:0b:de:a6:08:24:e2:4e:68:21:f8:52:df:9e:
         aa:92:3f:90:d3:91:7b:44:fd:ec:40:9e:e2:26:72:e4:1c:b0:
         1a:ad:a7:81:54:ee:b2:13:b0:cd:5b:62:99:c0:a8:82:1b:6b:
         68:88:5d:45:a6:3a:34:91:93:db:96:01:a6:b8:71:2d:91:65:
         e3:fa:f4:d5:ff:59:ed:51:7c:80:7e:de:75:65:19:35:9a:df:
         60:1c:e5:d6:31:9a:25:8f:00:b2:00:71:d5:8c:3b:06:8c:b3:
         04:f1:ca:b7:a2:89:6e:28:f8:4a:9e:fa:1c:26:50:5b:cf:3a:
         06:05:99:59:1a:00:72:18:53:05:a7:57:23:3d:ae:63:a1:1d:
         32:69:48:f0:f4:4d:c9:86:12:5f:51:b0:bf:8d:6f:10:dc:6b:
         7e:43:50:6e:31:d9:ae:c1:20:85:68:5a:0f:84:4b:df:ce:d5:
         2f:bc:92:e9:79:cc:ea:08:e6:56:51:3b:8e:43:dc:b2:4d:4f:
         79:74:e9:fc:4f:7e:2a:2c:52:35:fa:ea:8f:b6:d8:a0:33:f9:
         7d:f7:60:ac:6e:43:5a:cf:43:b7:49:16:62:6c:a5:c6:6e:1b:
         dd:21:2c:be
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUfBvEJkp6wABmCUH2t339lPx0a8kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEFGRUJCNTFEMDBDOEUwNkFBRUE4NDJFMEMwQ0ZGQzJD
QUI5NjEwRjAeFw0yMzA3MzEwMDAwMjhaFw0yNDA3MjkwMDA1MjhaMDMxMTAvBgNV
BAMTKDgxREYwRTc2QUNGMjk0MjlFMkQ3MDg0QjQ5Mjc4RTUyRTIxNDdERTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCge0BOi69b7Og/72iMH0SAGW+9
RDv+Z4JmozxgC3hrVveiWw+abjx89jF12bkBXzJvGlRUzPaHUHYXJGgBx9cdCDDv
u/gCEOt868dKeLHYq5tGt1R3rylPgRWM3zRquiud8dcvAJoqo8We3ouJ3TSr2xdo
lUhNLa+mqW05SnbVh8YeTvG0QuhFc1U+8LhGBWOtPqpBZnM3ugmG/pVFO6T8W20p
IniyUfgWVxekxXP6SkBRdTY8AVuCXE8U4rnxdGMhuDzZI+jiqX6pyhraKcfOOLe9
64oGYyGnaqilCIOTnnJtpiS3U8aLsSI54G8ihEkf+OJyu7Cma2DteaFpy4IfAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUgd8OdqzylCni1whLSSeOUuIUfeIwHwYDVR0j
BBgwFoAUiv67UdAMjgaq6oQuDAz/wsq5YQ8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
NjEyNDMyOS1lYzIwLTQ0NjAtYWMzMS05YzM2Y2Y5NGYzZmIvMC84QUZFQkI1MUQw
MEM4RTA2QUFFQTg0MkUwQzBDRkZDMkNBQjk2MTBGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEFGRUJCNTFEMDBDOEUwNkFBRUE4NDJFMEMwQ0ZGQzJDQUI5
NjEwRi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzk2MTI0MzI5LWVjMjAtNDQ2MC1h
YzMxLTljMzZjZjk0ZjNmYi8wLzMyMzEzMDJlMzIzNDM3MmUzMjM0MzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzEzNzM0MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADS9/cwDQYJ
KoZIhvcNAQELBQADggEBAF8+ZeSQ+xjb0k3dmNG7xLHdXiMZvjI7C96mCCTiTmgh
+FLfnqqSP5DTkXtE/exAnuImcuQcsBqtp4FU7rITsM1bYpnAqIIba2iIXUWmOjSR
k9uWAaa4cS2RZeP69NX/We1RfIB+3nVlGTWa32Ac5dYxmiWPALIAcdWMOwaMswTx
yreiiW4o+Eqe+hwmUFvPOgYFmVkaAHIYUwWnVyM9rmOhHTJpSPD0TcmGEl9RsL+N
bxDca35DUG4x2a7BIIVoWg+ES9/O1S+8kul5zOoI5lZRO45D3LJNT3l06fxPfios
UjX66o+22KAz+X33YKxuQ1rPQ7dJFmJspcZuG90hLL4=
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:00:47 2024 by rpki-client on console-fra.rpki-client.org