Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/9c370e6f-f0c7-4f40-8ba4-a01e5d0c74e4/0/323030313a6466353a393630303a3a2f34382d3438203d3e20313335343830.roa
File:                     323030313a6466353a393630303a3a2f34382d3438203d3e20313335343830.roa (raw, json)
Hash identifier:          PIJevugYAL+yM2TU9iZpO3TkxS4ks24P4h7KXhEPzXU=
Subject key identifier:   68:A0:2C:7A:49:69:23:06:82:72:C1:F1:B9:6F:FE:B2:BE:09:E4:E8
Certificate issuer:       /CN=0FEDA288F7275DEA469AEF4C238DCA9A61A1615C
Certificate serial:       4408F6FE497C2D14D8DE58ADE812B772211C2974
Authority key identifier: 0F:ED:A2:88:F7:27:5D:EA:46:9A:EF:4C:23:8D:CA:9A:61:A1:61:5C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0FEDA288F7275DEA469AEF4C238DCA9A61A1615C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/9c370e6f-f0c7-4f40-8ba4-a01e5d0c74e4/0/323030313a6466353a393630303a3a2f34382d3438203d3e20313335343830.roa
Signing time:             Mon 31 Jul 2023 00:07:29 +0000
ROA not before:           Mon 31 Jul 2023 00:02:29 +0000
ROA not after:            Mon 29 Jul 2024 00:07:29 +0000
asID:                     135480
IP address blocks:        2001:df5:9600::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/9c370e6f-f0c7-4f40-8ba4-a01e5d0c74e4/0/0FEDA288F7275DEA469AEF4C238DCA9A61A1615C.crl
                          rsync://repo-rpki.idnic.net/repo/9c370e6f-f0c7-4f40-8ba4-a01e5d0c74e4/0/0FEDA288F7275DEA469AEF4C238DCA9A61A1615C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0FEDA288F7275DEA469AEF4C238DCA9A61A1615C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:08:f6:fe:49:7c:2d:14:d8:de:58:ad:e8:12:b7:72:21:1c:29:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0FEDA288F7275DEA469AEF4C238DCA9A61A1615C
        Validity
            Not Before: Jul 31 00:02:29 2023 GMT
            Not After : Jul 29 00:07:29 2024 GMT
        Subject: CN=68A02C7A496923068272C1F1B96FFEB2BE09E4E8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:17:27:84:30:f3:77:e6:fc:ee:d5:c8:82:6e:
                    ed:04:d0:e7:47:3d:1b:db:ef:54:e4:20:d1:4c:7b:
                    3c:f6:ee:84:4c:35:36:5e:0f:c7:8e:5f:4d:d0:54:
                    23:af:e7:ae:d7:3d:e1:1b:f4:90:04:3e:eb:93:bc:
                    5c:58:06:e1:70:03:bd:e0:d4:b9:70:9f:e1:31:c4:
                    b3:ee:60:75:5f:8f:42:57:29:7f:51:6e:2c:7e:91:
                    8f:1f:ed:83:6f:75:d5:8e:bf:a3:70:7e:2e:0d:ad:
                    e9:6f:de:f7:2d:26:2c:61:c9:92:c1:e2:cc:8d:23:
                    e9:d8:b4:f0:d3:9b:07:fa:51:e0:03:2c:3e:3a:5c:
                    16:b3:8b:fd:12:d4:cb:b8:1b:37:ce:90:60:78:69:
                    49:da:13:27:2e:91:39:8f:99:06:e9:7b:cd:b8:fe:
                    75:13:d7:47:37:1b:77:20:7f:cf:1c:53:dc:66:5b:
                    a0:98:33:1f:a7:50:24:ab:9c:64:da:36:5a:f7:8a:
                    77:df:df:cd:6e:04:e8:40:fd:f7:8d:1a:5c:d8:9e:
                    3b:e3:cf:f1:87:99:dd:3c:ff:5e:61:d8:ca:73:e0:
                    1f:84:21:7b:8c:33:cf:9f:e6:a2:dd:86:43:ba:1e:
                    9a:d4:be:a9:c9:a1:a5:0d:3a:af:da:5f:e3:fb:cd:
                    8a:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:A0:2C:7A:49:69:23:06:82:72:C1:F1:B9:6F:FE:B2:BE:09:E4:E8
            X509v3 Authority Key Identifier:
                keyid:0F:ED:A2:88:F7:27:5D:EA:46:9A:EF:4C:23:8D:CA:9A:61:A1:61:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/9c370e6f-f0c7-4f40-8ba4-a01e5d0c74e4/0/0FEDA288F7275DEA469AEF4C238DCA9A61A1615C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0FEDA288F7275DEA469AEF4C238DCA9A61A1615C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9c370e6f-f0c7-4f40-8ba4-a01e5d0c74e4/0/323030313a6466353a393630303a3a2f34382d3438203d3e20313335343830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df5:9600::/48

    Signature Algorithm: sha256WithRSAEncryption
         ba:ab:d9:1b:eb:73:f1:d9:05:da:cd:96:c9:25:b3:6a:1d:df:
         d9:2a:d3:ff:bd:42:57:eb:8d:2d:18:78:2c:24:55:9b:db:9c:
         3f:9e:51:91:f4:19:5b:f2:7b:5b:d7:df:51:48:e9:02:63:2e:
         5b:c3:8d:6f:9c:2f:31:f4:d1:00:04:22:e5:45:b6:2f:02:52:
         c9:d1:e2:a3:49:cb:30:34:63:b5:4b:7a:22:61:85:9e:08:c2:
         1d:77:c5:5a:59:01:9f:25:d7:f9:0b:5d:2b:e8:03:dd:c6:c4:
         67:be:2a:8b:6b:3b:93:34:f3:83:71:6f:69:d4:6b:51:40:00:
         61:a2:38:0d:f7:1b:21:87:cb:24:41:15:b2:a0:28:af:9b:e0:
         7a:80:9d:27:93:0b:e3:67:16:4b:93:0f:64:d9:bb:fc:5c:f5:
         98:38:01:42:e7:c7:52:6b:73:26:4f:f6:25:0b:a5:14:f8:34:
         4a:41:23:82:76:a8:bd:67:76:bb:8b:08:f8:04:a3:30:c2:c6:
         07:eb:02:03:e9:b5:04:af:7f:e7:41:d7:16:3c:59:bc:e7:f3:
         7d:e8:ef:3f:57:e3:32:50:f0:5c:85:e6:57:32:0e:45:91:2c:
         5d:97:cc:c1:69:e9:71:25:6c:f5:b1:a1:73:e8:bd:72:e5:92:
         0b:67:6a:fc
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIURAj2/kl8LRTY3lit6BK3ciEcKXQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEZFREEyODhGNzI3NURFQTQ2OUFFRjRDMjM4RENBOUE2
MUExNjE1QzAeFw0yMzA3MzEwMDAyMjlaFw0yNDA3MjkwMDA3MjlaMDMxMTAvBgNV
BAMTKDY4QTAyQzdBNDk2OTIzMDY4MjcyQzFGMUI5NkZGRUIyQkUwOUU0RTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGFyeEMPN35vzu1ciCbu0E0OdH
PRvb71TkINFMezz27oRMNTZeD8eOX03QVCOv567XPeEb9JAEPuuTvFxYBuFwA73g
1Llwn+ExxLPuYHVfj0JXKX9Rbix+kY8f7YNvddWOv6Nwfi4Nrelv3vctJixhyZLB
4syNI+nYtPDTmwf6UeADLD46XBazi/0S1Mu4GzfOkGB4aUnaEycukTmPmQbpe824
/nUT10c3G3cgf88cU9xmW6CYMx+nUCSrnGTaNlr3inff381uBOhA/feNGlzYnjvj
z/GHmd08/15h2Mpz4B+EIXuMM8+f5qLdhkO6HprUvqnJoaUNOq/aX+P7zYoXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUaKAseklpIwaCcsHxuW/+sr4J5OgwHwYDVR0j
BBgwFoAUD+2iiPcnXepGmu9MI43KmmGhYVwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
YzM3MGU2Zi1mMGM3LTRmNDAtOGJhNC1hMDFlNWQwYzc0ZTQvMC8wRkVEQTI4OEY3
Mjc1REVBNDY5QUVGNEMyMzhEQ0E5QTYxQTE2MTVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMEZFREEyODhGNzI3NURFQTQ2OUFFRjRDMjM4RENBOUE2MUEx
NjE1Qy5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzljMzcwZTZmLWYwYzctNGY0MC04
YmE0LWEwMWU1ZDBjNzRlNC8wLzMyMzAzMDMxM2E2NDY2MzUzYTM5MzYzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzMzM1MzQzODMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
9ZYAMA0GCSqGSIb3DQEBCwUAA4IBAQC6q9kb63Px2QXazZbJJbNqHd/ZKtP/vUJX
640tGHgsJFWb25w/nlGR9Blb8ntb199RSOkCYy5bw41vnC8x9NEABCLlRbYvAlLJ
0eKjScswNGO1S3oiYYWeCMIdd8VaWQGfJdf5C10r6APdxsRnviqLazuTNPODcW9p
1GtRQABhojgN9xshh8skQRWyoCivm+B6gJ0nkwvjZxZLkw9k2bv8XPWYOAFC58dS
a3MmT/YlC6UU+DRKQSOCdqi9Z3a7iwj4BKMwwsYH6wID6bUEr3/nQdcWPFm85/N9
6O8/V+MyUPBcheZXMg5FkSxdl8zBaelxJWz1saFz6L1y5ZILZ2r8
-----END CERTIFICATE-----
Generated at Wed Mar 27 01:50:19 2024 by rpki-client on console-ams.rpki-client.org