Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a3a2f34382d3438203d3e203234323036.roa
File:                     323430323a616230303a3a2f34382d3438203d3e203234323036.roa (raw, json)
Hash identifier:          eNRwSRFLy6fQiJr5peK6rnKVifmXHbqXvA3VriBxnEM=
Subject key identifier:   17:86:C7:A3:2C:51:6F:1E:A8:C2:B0:1B:14:F5:F4:A5:D8:0B:53:73
Certificate issuer:       /CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
Certificate serial:       5068DF2F933EC48BDEFD6D8ADEDBB20098D47246
Authority key identifier: 98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a3a2f34382d3438203d3e203234323036.roa
Signing time:             Thu 10 Aug 2023 08:00:49 +0000
ROA not before:           Thu 10 Aug 2023 07:55:49 +0000
ROA not after:            Thu 08 Aug 2024 08:00:49 +0000
asID:                     24206
IP address blocks:        2402:ab00::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl
                          rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:68:df:2f:93:3e:c4:8b:de:fd:6d:8a:de:db:b2:00:98:d4:72:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
        Validity
            Not Before: Aug 10 07:55:49 2023 GMT
            Not After : Aug  8 08:00:49 2024 GMT
        Subject: CN=1786C7A32C516F1EA8C2B01B14F5F4A5D80B5373
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a2:ae:78:f5:2d:27:31:6f:01:b4:c1:d0:21:
                    b2:78:10:03:44:44:1c:5c:6c:f7:5e:cf:6b:82:d6:
                    dc:ed:06:18:65:1c:98:99:ae:a4:0d:77:df:16:18:
                    66:33:46:a9:f8:0c:63:01:bd:79:11:ad:3f:5d:4f:
                    35:e2:81:b4:35:d9:d0:e9:e4:06:73:35:b4:33:8a:
                    b6:fc:b2:d5:f4:88:0c:4a:4a:76:7a:f7:c8:9c:ef:
                    1a:dd:4f:99:cf:5b:80:92:1a:d0:52:dd:43:f2:f0:
                    f1:f2:76:03:12:12:35:48:90:4a:f2:25:73:7d:1a:
                    8a:f6:3d:80:9a:9d:21:f1:c3:fe:01:84:29:5c:eb:
                    c3:66:03:b5:81:c6:28:43:5d:d1:28:9f:41:c8:68:
                    df:88:2a:8e:f1:45:4c:96:97:53:3d:ed:d5:ea:4b:
                    59:5a:00:0a:6c:ff:ab:8b:20:af:61:22:f7:48:5f:
                    de:a4:c0:cd:7f:9a:b6:6e:08:9d:7a:5b:53:ee:6f:
                    e2:6d:d9:ba:9c:18:9d:ed:69:d3:d8:1e:c0:62:99:
                    da:f3:c1:fd:ab:32:23:8b:e8:d1:ed:c1:bf:09:32:
                    40:58:aa:06:b1:7f:ed:d1:a0:04:6c:16:92:07:c4:
                    15:2d:72:b0:bf:e3:97:29:ec:91:74:97:81:25:9c:
                    b0:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:86:C7:A3:2C:51:6F:1E:A8:C2:B0:1B:14:F5:F4:A5:D8:0B:53:73
            X509v3 Authority Key Identifier:
                keyid:98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a3a2f34382d3438203d3e203234323036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:ab00::/48

    Signature Algorithm: sha256WithRSAEncryption
         52:d8:81:e2:5a:aa:a8:2b:42:6c:67:d9:a2:79:5d:73:08:b5:
         c7:1d:8f:18:3c:bd:04:84:54:f7:93:71:cb:29:ba:de:9f:b9:
         02:5c:c8:99:13:db:bb:db:c1:06:f7:7b:ac:e0:54:da:1a:eb:
         dd:d3:97:0c:74:8c:36:36:6f:68:f2:dd:e0:df:1e:08:07:25:
         d6:63:ff:21:b9:4e:b6:be:c5:f3:b0:42:4b:6d:21:3d:8d:8e:
         48:cb:27:7e:59:8b:ce:e0:b7:36:c5:cf:ca:69:cb:1d:05:37:
         e8:2f:fd:73:dd:5b:7a:bc:3d:65:ca:4a:c9:4b:b2:ee:a0:25:
         50:d5:33:68:5e:a5:90:a5:5d:89:54:35:f2:dc:64:40:64:80:
         30:a7:bf:51:0c:70:95:86:59:53:87:77:f3:4a:70:a7:78:9b:
         fb:ed:ed:46:65:39:8c:9d:55:4f:35:da:e7:4d:a3:d2:42:63:
         9a:e6:95:d6:8b:7b:fd:dd:94:7c:64:ae:c4:93:6d:d8:c0:70:
         82:06:f9:94:c3:8a:25:44:d9:61:2b:f0:e6:bd:e6:c9:bc:ce:
         0d:6e:0b:0d:8b:21:93:44:b7:a4:b1:aa:be:f7:fb:f0:41:32:
         1e:e2:5d:18:2e:c3:1c:90:de:f4:41:5a:8b:99:c8:1f:0b:b1:
         e8:9e:75:71
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUUGjfL5M+xIve/W2K3tuyAJjUckYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NC
MEMxMDhBOTAeFw0yMzA4MTAwNzU1NDlaFw0yNDA4MDgwODAwNDlaMDMxMTAvBgNV
BAMTKDE3ODZDN0EzMkM1MTZGMUVBOEMyQjAxQjE0RjVGNEE1RDgwQjUzNzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+oq549S0nMW8BtMHQIbJ4EANE
RBxcbPdez2uC1tztBhhlHJiZrqQNd98WGGYzRqn4DGMBvXkRrT9dTzXigbQ12dDp
5AZzNbQzirb8stX0iAxKSnZ698ic7xrdT5nPW4CSGtBS3UPy8PHydgMSEjVIkEry
JXN9Gor2PYCanSHxw/4BhClc68NmA7WBxihDXdEon0HIaN+IKo7xRUyWl1M97dXq
S1laAAps/6uLIK9hIvdIX96kwM1/mrZuCJ16W1Pub+Jt2bqcGJ3tadPYHsBimdrz
wf2rMiOL6NHtwb8JMkBYqgaxf+3RoARsFpIHxBUtcrC/45cp7JF0l4ElnLAxAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUF4bHoyxRbx6owrAbFPX0pdgLU3MwHwYDVR0j
BBgwFoAUmB5Wd6xgKVCr4aRCwneefLDBCKkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NzkyMmY4OS0zZTliLTRiMjEtOTE4Ni1hNjQ4YzJkYTNmN2IvMC85ODFFNTY3N0FD
NjAyOTUwQUJFMUE0NDJDMjc3OUU3Q0IwQzEwOEE5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NCMEMx
MDhBOS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E3OTIyZjg5LTNlOWItNGIyMS05
MTg2LWE2NDhjMmRhM2Y3Yi8wLzMyMzQzMDMyM2E2MTYyMzAzMDNhM2EyZjM0Mzgy
ZDM0MzgyMDNkM2UyMDMyMzQzMjMwMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAqsAAAAwDQYJKoZI
hvcNAQELBQADggEBAFLYgeJaqqgrQmxn2aJ5XXMItccdjxg8vQSEVPeTccsput6f
uQJcyJkT27vbwQb3e6zgVNoa693Tlwx0jDY2b2jy3eDfHggHJdZj/yG5Tra+xfOw
QkttIT2NjkjLJ35Zi87gtzbFz8ppyx0FN+gv/XPdW3q8PWXKSslLsu6gJVDVM2he
pZClXYlUNfLcZEBkgDCnv1EMcJWGWVOHd/NKcKd4m/vt7UZlOYydVU812udNo9JC
Y5rmldaLe/3dlHxkrsSTbdjAcIIG+ZTDiiVE2WEr8Oa95sm8zg1uCw2LIZNEt6Sx
qr73+/BBMh7iXRguwxyQ3vRBWouZyB8LseiedXE=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:23:49 2024 by rpki-client on console-ams.rpki-client.org