Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a636166653a3a2f34382d3438203d3e203234323036.roa
File:                     323430323a616230303a636166653a3a2f34382d3438203d3e203234323036.roa (raw, json)
Hash identifier:          wpVzn1honMDVQr8HMkP5qTCVSuTigcxG/uaNfvoG758=
Subject key identifier:   AB:EA:0E:E9:84:AC:3C:3C:76:3F:F5:D3:6E:BB:24:13:79:18:4C:ED
Certificate issuer:       /CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
Certificate serial:       3C6A4B24D7DF0CA8D154715BDF5C233C17704B4A
Authority key identifier: 98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a636166653a3a2f34382d3438203d3e203234323036.roa
Signing time:             Fri 18 Aug 2023 16:00:00 +0000
ROA not before:           Fri 18 Aug 2023 15:55:00 +0000
ROA not after:            Fri 16 Aug 2024 16:00:00 +0000
asID:                     24206
IP address blocks:        2402:ab00:cafe::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl
                          rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:6a:4b:24:d7:df:0c:a8:d1:54:71:5b:df:5c:23:3c:17:70:4b:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
        Validity
            Not Before: Aug 18 15:55:00 2023 GMT
            Not After : Aug 16 16:00:00 2024 GMT
        Subject: CN=ABEA0EE984AC3C3C763FF5D36EBB241379184CED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:38:06:06:cb:65:64:43:4f:34:f6:9c:01:4a:
                    bf:27:36:d9:ae:cb:c5:3c:b1:fa:63:cd:8e:8d:aa:
                    78:f2:0d:83:45:94:96:df:93:f8:1d:0a:76:8c:3d:
                    db:b4:b8:d9:bd:5c:09:07:f1:e2:99:a8:89:7c:a6:
                    30:3b:ce:38:9d:82:b7:b5:e6:5f:7c:19:62:9f:d2:
                    a1:d7:51:a4:59:b4:56:28:7d:ed:3e:5a:17:93:ff:
                    e4:97:d4:6e:65:01:2f:ea:00:f6:59:06:02:31:9e:
                    ef:24:46:95:a2:54:c0:6d:f6:ec:2a:42:02:5d:9d:
                    38:b7:ba:95:39:78:58:d2:60:bb:96:6f:f8:05:87:
                    0e:bc:75:f3:ca:ab:fc:e1:64:12:06:4a:23:54:eb:
                    60:65:4c:8a:0a:f2:58:87:32:0d:ed:47:29:6d:a1:
                    f6:d2:c1:ad:28:df:1c:80:02:eb:ad:75:63:d9:29:
                    4e:9f:4c:61:e9:1e:12:30:ed:23:f7:51:44:3d:fa:
                    8e:b0:76:0b:6f:ef:6f:65:42:41:50:9f:30:1f:df:
                    34:96:a2:46:34:1c:5d:13:1e:5c:26:dd:eb:70:61:
                    9e:46:5e:d6:2a:82:e8:ac:a9:d7:62:df:fe:9c:4d:
                    ee:a5:28:0a:0a:f3:de:38:4e:e8:6d:0c:d9:ca:a7:
                    82:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:EA:0E:E9:84:AC:3C:3C:76:3F:F5:D3:6E:BB:24:13:79:18:4C:ED
            X509v3 Authority Key Identifier:
                keyid:98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a636166653a3a2f34382d3438203d3e203234323036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:ab00:cafe::/48

    Signature Algorithm: sha256WithRSAEncryption
         47:38:95:24:bc:bf:2e:4e:a5:ad:16:6d:ad:07:19:20:b6:e3:
         6b:32:56:e0:d0:5a:ca:61:27:48:58:eb:59:2b:25:2f:8e:9c:
         c5:a2:2a:dd:29:77:7c:22:fc:f8:f4:d6:8b:c9:43:46:85:3b:
         3c:db:f4:d6:6a:fc:32:e9:02:80:82:bc:11:12:39:8f:c7:ae:
         76:4f:3f:1c:bd:76:6b:b8:20:9c:46:aa:dc:1e:24:d3:6d:05:
         7b:b1:91:fe:f5:d5:8f:18:b6:1d:7d:3f:e6:60:7e:d1:1e:8d:
         17:c1:bc:38:44:1e:9b:0b:a3:b1:ba:ee:a0:8b:eb:f0:d8:e2:
         8a:df:ed:07:06:68:43:02:ee:79:b0:7d:2a:19:c2:62:63:e6:
         17:a9:c1:7f:bf:19:3f:0b:c7:b0:d1:22:c8:8c:28:34:3d:c8:
         b4:41:88:5c:89:3e:d7:b7:c6:7d:09:f4:bd:33:31:92:ec:be:
         7f:b6:45:6d:59:6e:b5:22:c3:ee:c9:18:5f:54:07:3f:86:c6:
         2c:43:70:4d:c8:74:87:b5:f0:f3:bc:f2:48:de:d4:8a:03:7f:
         81:70:13:a8:d8:9e:b7:d3:83:8f:f5:c9:92:fa:3d:94:68:4a:
         06:af:b5:5c:33:d0:9d:62:bd:29:70:49:ff:12:b7:06:c3:00:
         50:b6:2d:de
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUPGpLJNffDKjRVHFb31wjPBdwS0owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NC
MEMxMDhBOTAeFw0yMzA4MTgxNTU1MDBaFw0yNDA4MTYxNjAwMDBaMDMxMTAvBgNV
BAMTKEFCRUEwRUU5ODRBQzNDM0M3NjNGRjVEMzZFQkIyNDEzNzkxODRDRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOOAYGy2VkQ0809pwBSr8nNtmu
y8U8sfpjzY6NqnjyDYNFlJbfk/gdCnaMPdu0uNm9XAkH8eKZqIl8pjA7zjidgre1
5l98GWKf0qHXUaRZtFYofe0+WheT/+SX1G5lAS/qAPZZBgIxnu8kRpWiVMBt9uwq
QgJdnTi3upU5eFjSYLuWb/gFhw68dfPKq/zhZBIGSiNU62BlTIoK8liHMg3tRylt
ofbSwa0o3xyAAuutdWPZKU6fTGHpHhIw7SP3UUQ9+o6wdgtv729lQkFQnzAf3zSW
okY0HF0THlwm3etwYZ5GXtYqguisqddi3/6cTe6lKAoK8944TuhtDNnKp4KnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUq+oO6YSsPDx2P/XTbrskE3kYTO0wHwYDVR0j
BBgwFoAUmB5Wd6xgKVCr4aRCwneefLDBCKkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NzkyMmY4OS0zZTliLTRiMjEtOTE4Ni1hNjQ4YzJkYTNmN2IvMC85ODFFNTY3N0FD
NjAyOTUwQUJFMUE0NDJDMjc3OUU3Q0IwQzEwOEE5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NCMEMx
MDhBOS5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E3OTIyZjg5LTNlOWItNGIyMS05
MTg2LWE2NDhjMmRhM2Y3Yi8wLzMyMzQzMDMyM2E2MTYyMzAzMDNhNjM2MTY2NjUz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjM0MzIzMDM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAKr
AMr+MA0GCSqGSIb3DQEBCwUAA4IBAQBHOJUkvL8uTqWtFm2tBxkgtuNrMlbg0FrK
YSdIWOtZKyUvjpzFoirdKXd8Ivz49NaLyUNGhTs82/TWavwy6QKAgrwREjmPx652
Tz8cvXZruCCcRqrcHiTTbQV7sZH+9dWPGLYdfT/mYH7RHo0Xwbw4RB6bC6Oxuu6g
i+vw2OKK3+0HBmhDAu55sH0qGcJiY+YXqcF/vxk/C8ew0SLIjCg0Pci0QYhciT7X
t8Z9CfS9MzGS7L5/tkVtWW61IsPuyRhfVAc/hsYsQ3BNyHSHtfDzvPJI3tSKA3+B
cBOo2J6304OP9cmS+j2UaEoGr7VcM9CdYr0pcEn/ErcGwwBQti3e
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:42:33 2024 by rpki-client on console-fra.rpki-client.org