Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/defe8f9b-8c34-4342-a0fe-ca1075fba5ff/0/3131352e3137382e35342e302f32342d3234203d3e20313331373137.roa
File:                     3131352e3137382e35342e302f32342d3234203d3e20313331373137.roa (raw, json)
Hash identifier:          7pRwzZMRag4OikIUo8Qb9ZKoX6LGLBT0M3Z3fDI9l5s=
Subject key identifier:   67:C2:21:91:FC:62:7B:F7:FF:CA:0F:AA:3B:CB:A7:F4:1D:58:6B:F4
Certificate issuer:       /CN=B605E2C01C5BDC6CEE49545C80501360234DC910
Certificate serial:       2FE43B7F0ED6207A3F048EAEB613AAAB623EB6F4
Authority key identifier: B6:05:E2:C0:1C:5B:DC:6C:EE:49:54:5C:80:50:13:60:23:4D:C9:10
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B605E2C01C5BDC6CEE49545C80501360234DC910.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/defe8f9b-8c34-4342-a0fe-ca1075fba5ff/0/3131352e3137382e35342e302f32342d3234203d3e20313331373137.roa
Signing time:             Mon 31 Jul 2023 00:07:38 +0000
ROA not before:           Mon 31 Jul 2023 00:02:38 +0000
ROA not after:            Mon 29 Jul 2024 00:07:38 +0000
asID:                     131717
IP address blocks:        115.178.54.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/defe8f9b-8c34-4342-a0fe-ca1075fba5ff/0/B605E2C01C5BDC6CEE49545C80501360234DC910.crl
                          rsync://repo-rpki.idnic.net/repo/defe8f9b-8c34-4342-a0fe-ca1075fba5ff/0/B605E2C01C5BDC6CEE49545C80501360234DC910.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B605E2C01C5BDC6CEE49545C80501360234DC910.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 13:56:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:e4:3b:7f:0e:d6:20:7a:3f:04:8e:ae:b6:13:aa:ab:62:3e:b6:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B605E2C01C5BDC6CEE49545C80501360234DC910
        Validity
            Not Before: Jul 31 00:02:38 2023 GMT
            Not After : Jul 29 00:07:38 2024 GMT
        Subject: CN=67C22191FC627BF7FFCA0FAA3BCBA7F41D586BF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0d:81:9e:d0:c9:db:a9:51:94:84:8d:61:7f:
                    f9:52:d8:aa:50:d0:38:42:ae:5a:18:fa:39:6b:45:
                    49:6a:7c:dd:83:ee:20:89:55:95:63:88:46:6a:92:
                    ac:c0:4c:ff:8d:7c:84:24:26:6d:74:97:db:2d:f0:
                    69:5e:15:47:2b:f0:c4:1e:a6:43:b5:be:db:d4:66:
                    3a:17:58:fc:f2:3b:20:eb:08:4e:82:3f:c9:43:b4:
                    06:b6:9d:4a:8f:03:ce:34:81:b9:14:e6:63:c8:1d:
                    d8:b6:3f:67:19:1e:3d:f4:2c:3e:ce:5a:40:71:42:
                    17:a4:bf:48:ff:d2:ff:96:44:5e:9b:7c:78:f7:7d:
                    f0:56:b1:cd:07:5a:dc:ac:b1:6c:31:b7:e4:f7:50:
                    ad:10:99:95:f3:81:74:0e:d8:2b:24:7c:91:bf:86:
                    c7:19:6e:2e:07:cd:eb:ec:b1:da:14:13:bc:ed:60:
                    ce:f5:32:62:57:72:02:0e:44:67:41:af:d0:0b:98:
                    c4:42:cc:f3:62:ac:8d:d2:4e:ab:d1:49:ac:ec:3d:
                    21:51:f3:87:e2:26:e9:b6:ec:07:50:8b:be:c6:61:
                    ab:6a:7c:15:d9:e4:be:14:0e:be:9b:c7:ee:e3:29:
                    d3:f2:fe:2b:2a:d9:0b:8f:af:4c:9e:18:88:62:14:
                    0d:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:C2:21:91:FC:62:7B:F7:FF:CA:0F:AA:3B:CB:A7:F4:1D:58:6B:F4
            X509v3 Authority Key Identifier:
                keyid:B6:05:E2:C0:1C:5B:DC:6C:EE:49:54:5C:80:50:13:60:23:4D:C9:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/defe8f9b-8c34-4342-a0fe-ca1075fba5ff/0/B605E2C01C5BDC6CEE49545C80501360234DC910.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B605E2C01C5BDC6CEE49545C80501360234DC910.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/defe8f9b-8c34-4342-a0fe-ca1075fba5ff/0/3131352e3137382e35342e302f32342d3234203d3e20313331373137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  115.178.54.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:a9:08:a3:a6:a9:b9:7d:7c:64:5d:c2:c7:63:27:4d:c7:ec:
         cf:5c:41:f3:91:85:97:5c:dd:e3:ad:c9:d3:af:d4:5e:51:12:
         34:e8:63:48:a4:26:dc:ce:f3:a5:11:42:ac:cb:12:77:19:4c:
         8e:36:12:4c:bd:6d:c8:bb:9e:2d:d3:e7:90:18:01:04:98:04:
         fe:ee:d7:9c:82:da:9c:0c:11:14:66:b6:2b:89:95:83:16:d3:
         3b:14:e1:8d:6f:b6:d8:58:6a:88:0a:67:07:8e:a4:1c:0e:be:
         0d:cb:cb:62:99:4d:16:6f:ff:4a:11:85:1d:38:77:54:3e:a3:
         e2:03:87:06:65:a3:99:9d:ec:6f:8e:d6:da:2e:ae:9e:62:6f:
         75:79:74:84:80:e0:8d:f9:45:d3:be:da:5d:10:df:5d:8d:6b:
         6b:88:23:81:29:68:8f:b3:19:99:25:0f:9e:94:e5:c0:67:a1:
         ef:6f:95:69:a6:07:3f:fb:ef:64:f0:1c:ce:14:8e:bc:06:b9:
         ef:16:00:a7:c3:6a:26:90:36:98:be:8e:1d:26:2c:ea:9d:c6:
         aa:5a:c0:ca:7a:db:77:5f:ba:20:97:f6:cd:72:63:ae:81:17:
         ae:be:ef:b0:b9:fd:00:78:39:f3:f2:68:e5:8c:de:24:09:9f:
         1c:94:6b:41
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUL+Q7fw7WIHo/BI6uthOqq2I+tvQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjYwNUUyQzAxQzVCREM2Q0VFNDk1NDVDODA1MDEzNjAy
MzREQzkxMDAeFw0yMzA3MzEwMDAyMzhaFw0yNDA3MjkwMDA3MzhaMDMxMTAvBgNV
BAMTKDY3QzIyMTkxRkM2MjdCRjdGRkNBMEZBQTNCQ0JBN0Y0MUQ1ODZCRjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5DYGe0MnbqVGUhI1hf/lS2KpQ
0DhCrloY+jlrRUlqfN2D7iCJVZVjiEZqkqzATP+NfIQkJm10l9st8GleFUcr8MQe
pkO1vtvUZjoXWPzyOyDrCE6CP8lDtAa2nUqPA840gbkU5mPIHdi2P2cZHj30LD7O
WkBxQhekv0j/0v+WRF6bfHj3ffBWsc0HWtyssWwxt+T3UK0QmZXzgXQO2CskfJG/
hscZbi4HzevssdoUE7ztYM71MmJXcgIORGdBr9ALmMRCzPNirI3STqvRSazsPSFR
84fiJum27AdQi77GYatqfBXZ5L4UDr6bx+7jKdPy/isq2QuPr0yeGIhiFA0/AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUZ8Ihkfxie/f/yg+qO8un9B1Ya/QwHwYDVR0j
BBgwFoAUtgXiwBxb3GzuSVRcgFATYCNNyRAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
ZWZlOGY5Yi04YzM0LTQzNDItYTBmZS1jYTEwNzVmYmE1ZmYvMC9CNjA1RTJDMDFD
NUJEQzZDRUU0OTU0NUM4MDUwMTM2MDIzNERDOTEwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjYwNUUyQzAxQzVCREM2Q0VFNDk1NDVDODA1MDEzNjAyMzRE
QzkxMC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2RlZmU4ZjliLThjMzQtNDM0Mi1h
MGZlLWNhMTA3NWZiYTVmZi8wLzMxMzEzNTJlMzEzNzM4MmUzNTM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMxMzczMTM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAc7I2MA0GCSqG
SIb3DQEBCwUAA4IBAQAhqQijpqm5fXxkXcLHYydNx+zPXEHzkYWXXN3jrcnTr9Re
URI06GNIpCbczvOlEUKsyxJ3GUyONhJMvW3Iu54t0+eQGAEEmAT+7tecgtqcDBEU
ZrYriZWDFtM7FOGNb7bYWGqICmcHjqQcDr4Ny8timU0Wb/9KEYUdOHdUPqPiA4cG
ZaOZnexvjtbaLq6eYm91eXSEgOCN+UXTvtpdEN9djWtriCOBKWiPsxmZJQ+elOXA
Z6Hvb5Vppgc/++9k8BzOFI68BrnvFgCnw2omkDaYvo4dJizqncaqWsDKett3X7og
l/bNcmOugReuvu+wuf0AeDnz8mjljN4kCZ8clGtB
-----END CERTIFICATE-----
Generated at Wed Mar 27 07:57:23 2024 by rpki-client on console-fra.rpki-client.org