Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/323430353a613534303a313030313a3a2f34382d3438203d3e203338313536.roa
File:                     323430353a613534303a313030313a3a2f34382d3438203d3e203338313536.roa (raw, json)
Hash identifier:          ViWxAg4dDmp7tdK/UXL19AnA7BqA6a/NN9oUJr0aonw=
Subject key identifier:   20:5B:9C:36:89:42:8F:34:89:1F:44:06:F7:BB:94:0A:A9:9D:EC:5D
Certificate issuer:       /CN=5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4
Certificate serial:       145C64A8F1E11C2163D1C66128C8446801400C14
Authority key identifier: 5B:D0:FD:00:EB:8A:CC:F5:09:29:F6:B0:F5:6C:75:00:6A:4D:58:C4
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/323430353a613534303a313030313a3a2f34382d3438203d3e203338313536.roa
Signing time:             Mon 31 Jul 2023 00:08:32 +0000
ROA not before:           Mon 31 Jul 2023 00:03:32 +0000
ROA not after:            Mon 29 Jul 2024 00:08:32 +0000
asID:                     38156
IP address blocks:        2405:a540:1001::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.crl
                          rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:5c:64:a8:f1:e1:1c:21:63:d1:c6:61:28:c8:44:68:01:40:0c:14
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4
        Validity
            Not Before: Jul 31 00:03:32 2023 GMT
            Not After : Jul 29 00:08:32 2024 GMT
        Subject: CN=205B9C3689428F34891F4406F7BB940AA99DEC5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:42:7c:2f:3d:d7:7c:86:34:ea:f7:9e:a4:de:
                    d9:e5:de:05:c2:89:eb:6c:9d:c6:f5:53:c2:2a:b5:
                    19:50:64:e4:0a:0a:9b:14:a8:07:e7:f9:3f:bf:54:
                    72:3e:e0:4f:78:fe:3f:c0:f2:b8:29:26:dc:8f:de:
                    25:ae:66:fe:e4:c0:42:11:32:46:61:12:f0:9d:da:
                    be:df:e3:03:51:53:5e:86:44:32:37:51:4d:96:8e:
                    54:b9:39:2e:64:ad:8e:59:f3:08:76:42:17:97:88:
                    3c:ca:b3:23:52:c2:39:68:c3:79:15:74:d9:bd:95:
                    8e:7d:cf:2d:17:7c:79:ad:6c:9c:25:ca:9f:c9:2c:
                    6f:63:d7:b6:00:b5:9c:9b:c0:70:17:46:1c:90:e8:
                    0b:fc:0f:75:0f:21:16:aa:7e:65:36:18:66:a6:f4:
                    62:8e:bd:0d:2e:15:dc:f3:93:48:e7:4c:9f:17:c4:
                    54:2e:9e:c1:fa:f5:15:b3:dc:b0:72:44:56:50:94:
                    fe:01:ce:05:db:b8:32:4a:c0:1e:5a:ac:c4:cb:f8:
                    1f:0a:28:91:d2:ab:3c:20:85:b7:e3:03:ba:d1:bc:
                    d3:8a:68:3d:d4:a1:93:d5:e3:65:96:46:bb:93:0f:
                    87:ee:ed:56:14:79:3b:e7:56:2a:54:28:5a:16:db:
                    b5:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:5B:9C:36:89:42:8F:34:89:1F:44:06:F7:BB:94:0A:A9:9D:EC:5D
            X509v3 Authority Key Identifier:
                keyid:5B:D0:FD:00:EB:8A:CC:F5:09:29:F6:B0:F5:6C:75:00:6A:4D:58:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5BD0FD00EB8ACCF50929F6B0F56C75006A4D58C4.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c5d3d22a-338b-4302-93f4-c021ea6ad548/0/323430353a613534303a313030313a3a2f34382d3438203d3e203338313536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2405:a540:1001::/48

    Signature Algorithm: sha256WithRSAEncryption
         1e:ec:61:95:ff:ec:c0:1a:1a:11:91:39:54:a5:ff:cf:62:2a:
         f0:63:4d:f9:26:e9:6a:ab:f5:bc:0b:bf:4a:0c:f0:2c:3f:07:
         09:5d:f3:e7:ef:d4:32:ba:84:ab:56:a0:50:05:d8:f6:45:1b:
         c3:29:c6:60:9e:e0:5c:d4:0f:38:bb:54:26:e2:d3:9f:2b:69:
         76:2d:41:b3:a6:c3:0d:85:16:d8:79:3a:95:36:91:34:d3:4c:
         6d:a9:76:dd:db:fa:61:5c:a2:34:0a:25:be:70:02:d9:28:91:
         6c:e2:00:c0:e5:6a:9d:8f:30:db:b6:7a:37:37:dd:65:a3:35:
         e3:76:b1:95:12:93:32:37:72:9d:1f:72:8d:81:73:ce:22:d9:
         b1:39:13:38:48:e1:66:7f:09:c2:56:36:f6:af:bc:25:7a:7e:
         77:3e:0c:9a:c1:c3:b1:ca:85:7d:f4:68:2e:2f:0e:d5:7f:e1:
         94:95:0e:77:2d:e9:2a:a2:da:5b:cd:c4:d2:b0:7e:1d:ed:ac:
         e3:10:5e:5b:70:c8:e6:50:b1:fc:97:7a:e2:a2:0e:91:5a:c9:
         94:5c:29:fe:b0:a8:b6:8a:45:27:71:99:99:68:d8:dd:74:d9:
         e3:f7:61:cb:51:f9:fa:1d:6e:e5:5a:4d:b3:c6:51:dc:bc:27:
         ec:2b:27:f9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUFFxkqPHhHCFj0cZhKMhEaAFADBQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUJEMEZEMDBFQjhBQ0NGNTA5MjlGNkIwRjU2Qzc1MDA2
QTRENThDNDAeFw0yMzA3MzEwMDAzMzJaFw0yNDA3MjkwMDA4MzJaMDMxMTAvBgNV
BAMTKDIwNUI5QzM2ODk0MjhGMzQ4OTFGNDQwNkY3QkI5NDBBQTk5REVDNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoQnwvPdd8hjTq956k3tnl3gXC
ietsncb1U8IqtRlQZOQKCpsUqAfn+T+/VHI+4E94/j/A8rgpJtyP3iWuZv7kwEIR
MkZhEvCd2r7f4wNRU16GRDI3UU2WjlS5OS5krY5Z8wh2QheXiDzKsyNSwjlow3kV
dNm9lY59zy0XfHmtbJwlyp/JLG9j17YAtZybwHAXRhyQ6Av8D3UPIRaqfmU2GGam
9GKOvQ0uFdzzk0jnTJ8XxFQunsH69RWz3LByRFZQlP4BzgXbuDJKwB5arMTL+B8K
KJHSqzwghbfjA7rRvNOKaD3UoZPV42WWRruTD4fu7VYUeTvnVipUKFoW27W5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIFucNolCjzSJH0QG97uUCqmd7F0wHwYDVR0j
BBgwFoAUW9D9AOuKzPUJKfaw9Wx1AGpNWMQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NWQzZDIyYS0zMzhiLTQzMDItOTNmNC1jMDIxZWE2YWQ1NDgvMC81QkQwRkQwMEVC
OEFDQ0Y1MDkyOUY2QjBGNTZDNzUwMDZBNEQ1OEM0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNUJEMEZEMDBFQjhBQ0NGNTA5MjlGNkIwRjU2Qzc1MDA2QTRE
NThDNC5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M1ZDNkMjJhLTMzOGItNDMwMi05
M2Y0LWMwMjFlYTZhZDU0OC8wLzMyMzQzMDM1M2E2MTM1MzQzMDNhMzEzMDMwMzEz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMzM4MzEzNTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAJAWl
QBABMA0GCSqGSIb3DQEBCwUAA4IBAQAe7GGV/+zAGhoRkTlUpf/PYirwY035Julq
q/W8C79KDPAsPwcJXfPn79QyuoSrVqBQBdj2RRvDKcZgnuBc1A84u1Qm4tOfK2l2
LUGzpsMNhRbYeTqVNpE000xtqXbd2/phXKI0CiW+cALZKJFs4gDA5WqdjzDbtno3
N91lozXjdrGVEpMyN3KdH3KNgXPOItmxORM4SOFmfwnCVjb2r7wlen53PgyawcOx
yoV99GguLw7Vf+GUlQ53LekqotpbzcTSsH4d7azjEF5bcMjmULH8l3riog6RWsmU
XCn+sKi2ikUncZmZaNjddNnj92HLUfn6HW7lWk2zxlHcvCfsKyf5
-----END CERTIFICATE-----
Generated at Wed Mar 27 01:50:19 2024 by rpki-client on console-ams.rpki-client.org