Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/323430313a313063303a633030303a3a2f33342d3334203d3e20313331373137.roa
File:                     323430313a313063303a633030303a3a2f33342d3334203d3e20313331373137.roa (raw, json)
Hash identifier:          V2Dp0ijNWpuMgZ76JHxOBz9Hg+9DAI6s8ylR7gkPLBA=
Subject key identifier:   E4:91:62:4B:3A:E9:2C:27:BF:A5:DC:A8:72:F0:FF:8E:45:FC:49:DA
Certificate issuer:       /CN=882209E37356E0512FBE4E81B00E4F2481865087
Certificate serial:       39E1F7D4F1B3CAC4B00EE897BEE11CDCFBF18402
Authority key identifier: 88:22:09:E3:73:56:E0:51:2F:BE:4E:81:B0:0E:4F:24:81:86:50:87
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/882209E37356E0512FBE4E81B00E4F2481865087.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/323430313a313063303a633030303a3a2f33342d3334203d3e20313331373137.roa
Signing time:             Mon 31 Jul 2023 00:03:13 +0000
ROA not before:           Sun 30 Jul 2023 23:58:13 +0000
ROA not after:            Mon 29 Jul 2024 00:03:13 +0000
asID:                     131717
IP address blocks:        2401:10c0:c000::/34 maxlen: 34

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/882209E37356E0512FBE4E81B00E4F2481865087.crl
                          rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/882209E37356E0512FBE4E81B00E4F2481865087.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/882209E37356E0512FBE4E81B00E4F2481865087.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:e1:f7:d4:f1:b3:ca:c4:b0:0e:e8:97:be:e1:1c:dc:fb:f1:84:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=882209E37356E0512FBE4E81B00E4F2481865087
        Validity
            Not Before: Jul 30 23:58:13 2023 GMT
            Not After : Jul 29 00:03:13 2024 GMT
        Subject: CN=E491624B3AE92C27BFA5DCA872F0FF8E45FC49DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:b0:15:ae:88:ef:b7:ae:2c:84:88:08:f9:fc:
                    20:a2:65:1c:af:c9:6c:e3:bf:92:d7:02:f7:5c:c5:
                    7a:fa:e2:f5:4c:a9:53:e0:78:a6:56:b1:57:4c:b1:
                    a9:54:c6:fa:10:16:af:52:eb:d1:b7:67:57:51:99:
                    ef:5f:9f:07:9d:10:85:1f:e5:3a:82:93:34:35:97:
                    26:fe:43:20:46:21:71:cf:d9:5e:6b:c7:76:6b:a7:
                    5c:cd:49:6b:57:4c:a6:fa:64:60:15:aa:33:fb:de:
                    f1:9a:59:f4:51:50:70:be:d4:d1:a2:eb:80:ee:7f:
                    cf:bc:9b:ab:b5:f1:c3:ec:da:ac:2e:8a:ec:05:ae:
                    2e:6e:d4:3f:9f:28:70:af:8f:a1:67:d8:da:ef:ea:
                    9b:48:c6:44:03:80:aa:4e:de:95:b9:b4:9f:98:ac:
                    6f:01:ad:15:8a:55:c3:69:bd:f7:e6:17:5d:02:36:
                    86:29:05:cd:3d:cc:25:0c:b9:0e:b0:1d:7b:44:1b:
                    f7:2f:2f:c1:7b:80:23:df:f5:f3:a2:30:5f:fd:8c:
                    01:f9:3e:b0:75:a4:ec:8c:19:b4:09:e1:a5:c5:8e:
                    fb:32:fe:8c:7f:9d:dc:0f:42:5f:86:00:d9:43:82:
                    64:d3:fb:e8:0e:66:90:c6:dc:0e:4e:d0:29:9b:11:
                    5d:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:91:62:4B:3A:E9:2C:27:BF:A5:DC:A8:72:F0:FF:8E:45:FC:49:DA
            X509v3 Authority Key Identifier:
                keyid:88:22:09:E3:73:56:E0:51:2F:BE:4E:81:B0:0E:4F:24:81:86:50:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/882209E37356E0512FBE4E81B00E4F2481865087.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/882209E37356E0512FBE4E81B00E4F2481865087.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d07471a3-ee53-499c-9f2d-cf16b1e4a353/0/323430313a313063303a633030303a3a2f33342d3334203d3e20313331373137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:10c0:c000::/34

    Signature Algorithm: sha256WithRSAEncryption
         93:62:27:0a:71:bd:05:15:8a:c7:1c:d4:a0:b4:ed:40:58:d2:
         e1:82:ec:bd:b3:68:56:02:1a:29:97:ef:b7:7f:ef:d1:74:23:
         45:82:bc:bd:63:44:c7:f8:7b:4b:64:dc:ad:64:39:d0:34:a3:
         b9:6c:8f:c7:a2:a4:3e:60:79:62:0b:ce:aa:a1:04:89:af:41:
         47:18:87:77:1b:cf:5b:49:56:c6:75:b6:3e:39:24:bb:e0:7e:
         ef:bc:c9:e2:3e:d9:a1:30:c5:06:41:c0:80:e1:6a:0e:30:fc:
         89:9f:a7:1b:17:f6:a4:6b:9d:31:59:30:91:e5:57:8f:95:2b:
         fe:04:3c:13:d1:4b:01:2e:d4:8f:d3:e8:49:07:c0:ee:b6:68:
         52:41:16:0b:d6:dc:3b:6e:f9:4d:a5:f4:67:d0:3e:37:ee:c4:
         e6:4e:52:3b:d1:66:76:7c:2c:6e:a6:91:56:cc:c1:49:8b:5e:
         5f:bc:33:47:45:5f:4a:cd:a0:fe:c4:fd:16:6e:62:d7:bd:9f:
         17:7f:62:ab:d4:06:78:f5:b9:0c:77:92:18:f4:3b:ba:9c:8a:
         60:40:7f:cd:9e:af:9c:94:6b:c7:15:cb:4f:9b:57:db:a8:d4:
         b3:0f:46:16:eb:f6:85:9e:f9:00:e7:c4:7c:97:1d:c4:8e:8e:
         a7:0d:ba:6d
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUOeH31PGzysSwDuiXvuEc3PvxhAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODgyMjA5RTM3MzU2RTA1MTJGQkU0RTgxQjAwRTRGMjQ4
MTg2NTA4NzAeFw0yMzA3MzAyMzU4MTNaFw0yNDA3MjkwMDAzMTNaMDMxMTAvBgNV
BAMTKEU0OTE2MjRCM0FFOTJDMjdCRkE1RENBODcyRjBGRjhFNDVGQzQ5REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUsBWuiO+3riyEiAj5/CCiZRyv
yWzjv5LXAvdcxXr64vVMqVPgeKZWsVdMsalUxvoQFq9S69G3Z1dRme9fnwedEIUf
5TqCkzQ1lyb+QyBGIXHP2V5rx3Zrp1zNSWtXTKb6ZGAVqjP73vGaWfRRUHC+1NGi
64Duf8+8m6u18cPs2qwuiuwFri5u1D+fKHCvj6Fn2Nrv6ptIxkQDgKpO3pW5tJ+Y
rG8BrRWKVcNpvffmF10CNoYpBc09zCUMuQ6wHXtEG/cvL8F7gCPf9fOiMF/9jAH5
PrB1pOyMGbQJ4aXFjvsy/ox/ndwPQl+GANlDgmTT++gOZpDG3A5O0CmbEV0rAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQU5JFiSzrpLCe/pdyocvD/jkX8SdowHwYDVR0j
BBgwFoAUiCIJ43NW4FEvvk6BsA5PJIGGUIcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
MDc0NzFhMy1lZTUzLTQ5OWMtOWYyZC1jZjE2YjFlNGEzNTMvMC84ODIyMDlFMzcz
NTZFMDUxMkZCRTRFODFCMDBFNEYyNDgxODY1MDg3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODgyMjA5RTM3MzU2RTA1MTJGQkU0RTgxQjAwRTRGMjQ4MTg2
NTA4Ny5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2QwNzQ3MWEzLWVlNTMtNDk5Yy05
ZjJkLWNmMTZiMWU0YTM1My8wLzMyMzQzMDMxM2EzMTMwNjMzMDNhNjMzMDMwMzAz
YTNhMmYzMzM0MmQzMzM0MjAzZDNlMjAzMTMzMzEzNzMxMzcucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgYk
ARDAwDANBgkqhkiG9w0BAQsFAAOCAQEAk2InCnG9BRWKxxzUoLTtQFjS4YLsvbNo
VgIaKZfvt3/v0XQjRYK8vWNEx/h7S2TcrWQ50DSjuWyPx6KkPmB5YgvOqqEEia9B
RxiHdxvPW0lWxnW2Pjkku+B+77zJ4j7ZoTDFBkHAgOFqDjD8iZ+nGxf2pGudMVkw
keVXj5Ur/gQ8E9FLAS7Uj9PoSQfA7rZoUkEWC9bcO275TaX0Z9A+N+7E5k5SO9Fm
dnwsbqaRVszBSYteX7wzR0VfSs2g/sT9Fm5i172fF39iq9QGePW5DHeSGPQ7upyK
YEB/zZ6vnJRrxxXLT5tX26jUsw9GFuv2hZ75AOfEfJcdxI6Opw26bQ==
-----END CERTIFICATE-----
Generated at Wed Mar 27 18:21:23 2024 by rpki-client on console-ams.rpki-client.org