Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/3131302e34342e3137322e302f32342d3234203d3e203234323036.roa
File:                     3131302e34342e3137322e302f32342d3234203d3e203234323036.roa (raw, json)
Hash identifier:          R+ozWxk+7sExWheW1vnTIQCe+RuSY1MGhHGXKfR/7PM=
Subject key identifier:   7B:25:DF:73:70:2B:97:76:78:69:5E:F6:13:FD:CE:75:45:5C:A4:E0
Certificate issuer:       /CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
Certificate serial:       32DFD42CBC70F7C00DD77A33665212D86549BF7E
Authority key identifier: 98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/3131302e34342e3137322e302f32342d3234203d3e203234323036.roa
Signing time:             Sun 13 Aug 2023 11:00:00 +0000
ROA not before:           Sun 13 Aug 2023 10:55:00 +0000
ROA not after:            Sun 11 Aug 2024 11:00:00 +0000
asID:                     24206
IP address blocks:        110.44.172.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl
                          rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:df:d4:2c:bc:70:f7:c0:0d:d7:7a:33:66:52:12:d8:65:49:bf:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
        Validity
            Not Before: Aug 13 10:55:00 2023 GMT
            Not After : Aug 11 11:00:00 2024 GMT
        Subject: CN=7B25DF73702B977678695EF613FDCE75455CA4E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:ff:b5:7c:2c:c9:27:62:1d:0b:62:68:85:d6:
                    ad:ae:2a:0a:ce:25:b7:c7:15:ab:34:c7:6b:86:ae:
                    09:e8:0b:c2:3d:0a:fc:65:1f:21:66:dc:a7:46:8e:
                    57:cc:de:79:e8:7c:e9:7a:5d:95:3d:d8:c0:45:f2:
                    42:01:51:de:37:fc:1f:1f:66:f4:8e:10:1b:58:47:
                    b9:49:74:84:1d:41:47:f8:55:30:ac:fb:86:2f:69:
                    cd:f9:78:ce:1c:be:df:bc:41:e8:30:d9:d6:a5:8b:
                    52:00:62:5b:5c:2a:a3:ab:44:43:8f:87:d7:53:41:
                    5b:31:e2:37:54:02:e8:9c:0d:ad:f4:1d:52:16:0d:
                    69:80:83:1a:54:ef:99:44:89:54:db:bc:04:63:95:
                    9b:b6:7e:93:1e:c2:2f:cf:9a:7d:50:6f:3a:4e:f4:
                    29:18:ed:17:7d:61:aa:0a:71:ec:b8:02:14:e9:34:
                    84:01:cf:36:32:85:c7:14:73:8f:5f:ee:82:b7:f2:
                    d3:a0:14:69:69:f7:17:3c:d2:0f:7e:96:c9:2d:d9:
                    36:3a:bd:e1:98:cd:22:44:a1:91:52:79:dc:43:c9:
                    03:37:20:67:c2:1b:43:68:be:84:8f:58:04:65:32:
                    f5:ec:ad:80:d3:fc:35:6a:d1:a1:b7:b3:af:4c:d6:
                    47:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:25:DF:73:70:2B:97:76:78:69:5E:F6:13:FD:CE:75:45:5C:A4:E0
            X509v3 Authority Key Identifier:
                keyid:98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/3131302e34342e3137322e302f32342d3234203d3e203234323036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  110.44.172.0/24

    Signature Algorithm: sha256WithRSAEncryption
         71:c3:f6:97:ff:a9:5a:bd:a4:21:cc:59:17:c6:da:e4:4c:ea:
         83:01:73:32:e2:03:89:77:a3:09:85:e8:62:b8:3c:dc:a4:60:
         64:05:ff:78:2f:68:9e:09:78:a1:2b:ad:5e:40:10:99:dd:79:
         68:66:cf:58:3e:c8:0f:26:d6:56:f5:da:3c:fe:ac:5a:a7:12:
         34:13:b5:eb:c3:2a:41:8c:4e:ce:3f:9a:0f:e0:53:5b:be:9f:
         6e:12:97:70:3b:bb:35:17:00:a1:7d:b0:f1:41:31:9c:f3:b9:
         ba:80:10:82:65:2b:d6:d5:7c:6f:0b:87:dd:31:86:ce:56:e0:
         bb:91:1a:71:d2:9d:08:0f:d6:de:d0:51:1a:c1:9a:85:6c:96:
         b4:e3:c9:7a:76:bc:0d:fa:f3:b1:09:9e:e5:7b:ae:c2:cb:59:
         ba:fb:02:45:c9:42:38:02:9e:c8:c8:17:75:04:a2:b4:b4:bb:
         5e:14:38:97:f8:83:f5:40:79:49:ff:a6:ec:20:32:22:f2:29:
         44:34:22:fd:8f:5c:03:08:dc:6d:de:42:f7:86:77:8c:5a:eb:
         c5:2c:85:06:47:a0:18:2c:30:69:70:b3:f4:19:9f:84:08:cd:
         28:26:d5:59:c4:63:eb:27:9c:f6:08:5c:21:19:77:7d:6b:cd:
         d5:34:f6:fa
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUMt/ULLxw98AN13ozZlIS2GVJv34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NC
MEMxMDhBOTAeFw0yMzA4MTMxMDU1MDBaFw0yNDA4MTExMTAwMDBaMDMxMTAvBgNV
BAMTKDdCMjVERjczNzAyQjk3NzY3ODY5NUVGNjEzRkRDRTc1NDU1Q0E0RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu/7V8LMknYh0LYmiF1q2uKgrO
JbfHFas0x2uGrgnoC8I9CvxlHyFm3KdGjlfM3nnofOl6XZU92MBF8kIBUd43/B8f
ZvSOEBtYR7lJdIQdQUf4VTCs+4Yvac35eM4cvt+8Qegw2dali1IAYltcKqOrREOP
h9dTQVsx4jdUAuicDa30HVIWDWmAgxpU75lEiVTbvARjlZu2fpMewi/Pmn1QbzpO
9CkY7Rd9YaoKcey4AhTpNIQBzzYyhccUc49f7oK38tOgFGlp9xc80g9+lskt2TY6
veGYzSJEoZFSedxDyQM3IGfCG0NovoSPWARlMvXsrYDT/DVq0aG3s69M1kcnAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUeyXfc3Arl3Z4aV72E/3OdUVcpOAwHwYDVR0j
BBgwFoAUmB5Wd6xgKVCr4aRCwneefLDBCKkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NzkyMmY4OS0zZTliLTRiMjEtOTE4Ni1hNjQ4YzJkYTNmN2IvMC85ODFFNTY3N0FD
NjAyOTUwQUJFMUE0NDJDMjc3OUU3Q0IwQzEwOEE5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NCMEMx
MDhBOS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E3OTIyZjg5LTNlOWItNGIyMS05
MTg2LWE2NDhjMmRhM2Y3Yi8wLzMxMzEzMDJlMzQzNDJlMzEzNzMyMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzIzNDMyMzAzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG4srDANBgkqhkiG
9w0BAQsFAAOCAQEAccP2l/+pWr2kIcxZF8ba5EzqgwFzMuIDiXejCYXoYrg83KRg
ZAX/eC9ongl4oSutXkAQmd15aGbPWD7IDybWVvXaPP6sWqcSNBO168MqQYxOzj+a
D+BTW76fbhKXcDu7NRcAoX2w8UExnPO5uoAQgmUr1tV8bwuH3TGGzlbgu5EacdKd
CA/W3tBRGsGahWyWtOPJena8DfrzsQme5XuuwstZuvsCRclCOAKeyMgXdQSitLS7
XhQ4l/iD9UB5Sf+m7CAyIvIpRDQi/Y9cAwjcbd5C94Z3jFrrxSyFBkegGCwwaXCz
9BmfhAjNKCbVWcRj6yec9ghcIRl3fWvN1TT2+g==
-----END CERTIFICATE-----
Generated at Tue Mar 26 18:22:48 2024 by rpki-client on console-fra.rpki-client.org