Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a64663a3a2f34382d3438203d3e203234323036.roa
File:                     323430323a616230303a64663a3a2f34382d3438203d3e203234323036.roa (raw, json)
Hash identifier:          KOByftDafzz4hWsgaMD4eSzVZRhQ3e77isk2vHMu1p0=
Subject key identifier:   6E:4B:17:24:D6:B1:D6:5D:05:74:1D:86:9A:6D:0C:1C:47:68:BB:A6
Certificate issuer:       /CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
Certificate serial:       3CFF5401661DF4AC0DC51334AC1723D58FECC4D3
Authority key identifier: 98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a64663a3a2f34382d3438203d3e203234323036.roa
Signing time:             Thu 10 Aug 2023 08:00:48 +0000
ROA not before:           Thu 10 Aug 2023 07:55:48 +0000
ROA not after:            Thu 08 Aug 2024 08:00:48 +0000
asID:                     24206
IP address blocks:        2402:ab00:df::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl
                          rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 19 Apr 2024 14:14:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:ff:54:01:66:1d:f4:ac:0d:c5:13:34:ac:17:23:d5:8f:ec:c4:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=981E5677AC602950ABE1A442C2779E7CB0C108A9
        Validity
            Not Before: Aug 10 07:55:48 2023 GMT
            Not After : Aug  8 08:00:48 2024 GMT
        Subject: CN=6E4B1724D6B1D65D05741D869A6D0C1C4768BBA6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:56:ea:e3:bf:4f:6a:d9:c3:27:81:58:d3:00:
                    1b:9a:cf:6f:ac:a5:7c:d4:8a:b4:33:b1:9d:55:83:
                    d9:38:fd:c1:80:2f:de:fa:ae:d5:31:7a:b7:7d:d1:
                    01:8e:29:24:7f:68:1f:89:8d:78:e8:cb:21:1e:95:
                    32:fe:9a:ec:04:f8:5b:97:b6:d4:18:15:7f:5e:7e:
                    13:ec:9f:a0:da:79:d4:c6:45:a2:c1:ec:5f:f4:19:
                    26:e6:2a:39:ec:24:b0:a2:02:97:16:4b:64:a0:b0:
                    d0:d1:8c:bd:50:26:23:4e:92:67:0c:38:b6:63:29:
                    29:87:68:45:6a:d0:03:01:51:17:3d:ca:ce:af:3b:
                    04:da:85:3f:82:b4:0c:8a:49:a8:50:38:68:43:0f:
                    8f:cd:02:1e:c8:2b:46:28:4f:4b:57:ab:1f:b2:d1:
                    7d:7b:0f:6d:4a:02:68:e5:ed:93:a5:b4:84:4f:e6:
                    24:3c:6b:f0:0f:44:3e:1b:1c:d5:ff:97:9d:0c:02:
                    87:fb:58:7f:e6:25:2a:a8:82:11:c7:9d:18:d1:39:
                    34:b1:7e:ac:87:fd:9b:9b:33:9b:50:34:91:e4:3c:
                    3d:54:dd:36:d4:e1:c4:ef:a8:01:b9:a4:37:18:96:
                    dd:f1:31:96:6c:80:a6:93:65:d8:c4:5a:82:1e:26:
                    e9:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:4B:17:24:D6:B1:D6:5D:05:74:1D:86:9A:6D:0C:1C:47:68:BB:A6
            X509v3 Authority Key Identifier:
                keyid:98:1E:56:77:AC:60:29:50:AB:E1:A4:42:C2:77:9E:7C:B0:C1:08:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/981E5677AC602950ABE1A442C2779E7CB0C108A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/981E5677AC602950ABE1A442C2779E7CB0C108A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a7922f89-3e9b-4b21-9186-a648c2da3f7b/0/323430323a616230303a64663a3a2f34382d3438203d3e203234323036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2402:ab00:df::/48

    Signature Algorithm: sha256WithRSAEncryption
         86:a3:8e:02:39:85:30:43:86:78:df:c7:04:2f:af:fe:77:d1:
         a7:ff:bf:c7:68:d8:08:13:aa:a3:5c:03:37:75:c8:7c:1b:1a:
         9b:04:d7:b1:96:aa:6c:12:73:d7:af:23:52:30:7b:1d:85:1a:
         36:57:0f:25:cf:dd:11:bc:34:87:0b:0a:c5:83:e9:5f:e6:48:
         9a:8e:66:41:14:5b:7e:52:82:db:19:b0:b2:15:66:75:42:ac:
         e7:9a:6c:74:4d:9f:12:40:e3:4c:a0:8a:e1:e9:75:4b:75:c2:
         4c:9c:13:69:18:3a:02:2d:f0:a3:48:d4:03:53:26:b3:83:4e:
         54:16:48:2d:1b:1e:3d:74:ec:a2:e3:de:a5:50:68:3c:f7:51:
         f8:1a:90:3a:d4:05:82:28:02:bd:38:e0:36:12:04:38:30:0e:
         8c:e8:6b:fe:9c:66:44:3b:8b:b9:a5:8a:8d:61:70:ac:2c:c5:
         fd:92:2a:ed:c0:05:85:6c:7a:6e:66:00:92:60:8c:62:73:39:
         17:6a:82:24:70:6a:f9:e4:93:c1:a6:6d:1f:99:31:7f:f7:74:
         ed:e4:15:df:f2:14:17:65:6d:ee:f1:3d:53:ea:13:a9:e0:5e:
         54:79:8f:ea:97:58:25:3b:bd:0e:f0:08:9d:e9:59:92:8b:fd:
         d9:63:74:a7
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUPP9UAWYd9KwNxRM0rBcj1Y/sxNMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NC
MEMxMDhBOTAeFw0yMzA4MTAwNzU1NDhaFw0yNDA4MDgwODAwNDhaMDMxMTAvBgNV
BAMTKDZFNEIxNzI0RDZCMUQ2NUQwNTc0MUQ4NjlBNkQwQzFDNDc2OEJCQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoVurjv09q2cMngVjTABuaz2+s
pXzUirQzsZ1Vg9k4/cGAL976rtUxerd90QGOKSR/aB+JjXjoyyEelTL+muwE+FuX
ttQYFX9efhPsn6DaedTGRaLB7F/0GSbmKjnsJLCiApcWS2SgsNDRjL1QJiNOkmcM
OLZjKSmHaEVq0AMBURc9ys6vOwTahT+CtAyKSahQOGhDD4/NAh7IK0YoT0tXqx+y
0X17D21KAmjl7ZOltIRP5iQ8a/APRD4bHNX/l50MAof7WH/mJSqoghHHnRjROTSx
fqyH/ZubM5tQNJHkPD1U3TbU4cTvqAG5pDcYlt3xMZZsgKaTZdjEWoIeJumNAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUbksXJNax1l0FdB2Gmm0MHEdou6YwHwYDVR0j
BBgwFoAUmB5Wd6xgKVCr4aRCwneefLDBCKkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NzkyMmY4OS0zZTliLTRiMjEtOTE4Ni1hNjQ4YzJkYTNmN2IvMC85ODFFNTY3N0FD
NjAyOTUwQUJFMUE0NDJDMjc3OUU3Q0IwQzEwOEE5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTgxRTU2NzdBQzYwMjk1MEFCRTFBNDQyQzI3NzlFN0NCMEMx
MDhBOS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E3OTIyZjg5LTNlOWItNGIyMS05
MTg2LWE2NDhjMmRhM2Y3Yi8wLzMyMzQzMDMyM2E2MTYyMzAzMDNhNjQ2NjNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMyMzQzMjMwMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkAqsAAN8w
DQYJKoZIhvcNAQELBQADggEBAIajjgI5hTBDhnjfxwQvr/530af/v8do2AgTqqNc
Azd1yHwbGpsE17GWqmwSc9evI1Iwex2FGjZXDyXP3RG8NIcLCsWD6V/mSJqOZkEU
W35SgtsZsLIVZnVCrOeabHRNnxJA40ygiuHpdUt1wkycE2kYOgIt8KNI1ANTJrOD
TlQWSC0bHj107KLj3qVQaDz3UfgakDrUBYIoAr044DYSBDgwDozoa/6cZkQ7i7ml
io1hcKwsxf2SKu3ABYVsem5mAJJgjGJzORdqgiRwavnkk8GmbR+ZMX/3dO3kFd/y
FBdlbe7xPVPqE6ngXlR5j+qXWCU7vQ7wCJ3pWZKL/dljdKc=
-----END CERTIFICATE-----
Generated at Tue Apr 16 10:33:14 2024 by rpki-client on console-fra.rpki-client.org