Route Origin Authorization

$ rpki-client -vvf ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133382e302f32332d3233203d3e203332353139.roa
File:                     32332e3234372e3133382e302f32332d3233203d3e203332353139.roa (raw, json)
Hash identifier:          aDCDgbF3acFUZTEwWEAy4x15vIXaA6MvpA2f3ooTNBY=
Subject key identifier:   76:9B:B9:83:3B:A5:54:5E:DF:86:2B:00:D4:13:B9:C0:BD:94:DD:58
Certificate issuer:       /CN=5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18
Certificate serial:       7008296579AB26568AF3283163EEAE816C5FEEDA
Authority key identifier: 16:25:7C:19:66:8C:67:13:C4:01:2B:10:1E:64:62:66:CD:77:B5:0D
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer
Subject info access:      rsync://ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133382e302f32332d3233203d3e203332353139.roa
Signing time:             Fri 29 Mar 2024 15:49:51 +0000
ROA not before:           Fri 29 Mar 2024 15:44:51 +0000
ROA not after:            Fri 28 Mar 2025 15:49:51 +0000
asID:                     32519
IP address blocks:        23.247.138.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://ca.nat.moe/repo/NATOLAB/2/16257C19668C6713C4012B101E646266CD77B50D.crl
                          rsync://ca.nat.moe/repo/NATOLAB/2/16257C19668C6713C4012B101E646266CD77B50D.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/04c12c6c-ab0e-4d03-b9c8-6c3592368c77.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/04c12c6c-ab0e-4d03-b9c8-6c3592368c77.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/f60c9f32-a87c-4339-a2f3-6299a3b02e29.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Tue 26 Nov 2024 08:23:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:08:29:65:79:ab:26:56:8a:f3:28:31:63:ee:ae:81:6c:5f:ee:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18
        Validity
            Not Before: Mar 29 15:44:51 2024 GMT
            Not After : Mar 28 15:49:51 2025 GMT
        Subject: CN=769BB9833BA5545EDF862B00D413B9C0BD94DD58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:ca:08:f2:92:ea:38:24:9f:ea:2b:38:f6:1c:
                    16:51:2b:b7:46:97:70:a9:b8:23:c4:84:ca:0a:07:
                    93:ec:8b:8d:23:7d:93:88:53:fd:53:9b:dd:d1:b3:
                    99:67:74:2e:66:3f:bc:cf:dc:54:cf:e0:d7:09:b6:
                    80:60:e5:08:de:c9:df:4a:c3:ee:12:b9:21:5c:e7:
                    ea:74:06:e3:18:b0:de:31:7b:53:65:80:eb:d5:e7:
                    c0:ca:7c:74:9d:8b:a8:3e:b5:74:4b:a8:52:83:a1:
                    77:b9:8a:2b:28:3f:72:3e:7b:6a:e7:d8:11:27:f8:
                    a6:0d:5f:2b:fc:57:ee:ce:fe:d4:7a:73:b1:87:4d:
                    25:64:86:02:e4:f5:ce:fd:15:de:1e:8e:9a:ec:24:
                    96:45:20:7c:17:33:ff:06:5d:5c:1b:ca:41:3e:ed:
                    0e:bd:4b:8c:4c:25:78:2e:cc:86:8e:42:6f:db:1a:
                    66:0b:0b:2f:3f:29:45:3b:1b:dd:a1:92:db:b4:5d:
                    1b:e8:88:2f:dd:19:d6:26:56:1b:b4:60:8b:d7:2d:
                    0d:bb:0a:50:e0:dd:fc:66:85:77:7b:59:39:0b:67:
                    bd:e4:23:ee:ce:69:8c:1e:1d:3f:99:2f:62:cb:19:
                    75:ce:b7:74:b5:ca:af:12:0a:cc:67:0a:04:10:3e:
                    a2:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:9B:B9:83:3B:A5:54:5E:DF:86:2B:00:D4:13:B9:C0:BD:94:DD:58
            X509v3 Authority Key Identifier:
                keyid:16:25:7C:19:66:8C:67:13:C4:01:2B:10:1E:64:62:66:CD:77:B5:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://ca.nat.moe/repo/NATOLAB/2/16257C19668C6713C4012B101E646266CD77B50D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/f60c9f32-a87c-4339-a2f3-6299a3b02e29/04c12c6c-ab0e-4d03-b9c8-6c3592368c77/5093cbb46f69901c119a2be1083df2aa2b433bba3f960fbc18.cer

            Subject Information Access:
                Signed Object - URI:rsync://ca.nat.moe/repo/NATOLAB/2/32332e3234372e3133382e302f32332d3233203d3e203332353139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  23.247.138.0/23

    Signature Algorithm: sha256WithRSAEncryption
         68:c3:8e:cc:34:2f:26:c6:80:32:a4:0f:e6:7b:34:8d:57:cb:
         cf:50:fc:a5:8f:62:9a:fb:54:f1:93:70:d7:5f:aa:eb:9b:ad:
         0a:ee:cb:a3:2d:e0:59:53:36:bf:ec:17:0d:6f:79:71:b9:3b:
         de:7f:63:99:07:1e:18:51:df:2b:7a:62:0b:38:8f:43:bf:19:
         ca:fa:80:27:48:22:4d:e7:f7:d2:48:33:4f:33:59:5f:d9:bd:
         46:a4:28:02:13:f3:78:ab:d4:6d:1e:9b:a2:49:fb:f7:be:27:
         71:a3:e9:63:37:93:db:0b:4d:1c:1f:c6:cd:59:0a:03:cd:de:
         e0:ad:07:3b:ea:7f:73:b3:3a:c4:0c:77:80:9e:fb:90:29:46:
         71:fe:18:8a:5d:21:6e:ce:37:88:8b:dd:0c:50:38:d7:54:99:
         36:5f:1c:42:78:fc:51:f3:2c:6f:6c:be:23:e0:7f:59:4c:4e:
         d3:94:15:9b:9b:40:09:34:85:61:2b:15:f4:b0:68:33:61:f9:
         af:18:74:f6:49:23:a9:e2:38:f9:c0:94:97:06:3c:f9:f3:b3:
         69:ec:90:57:62:c3:6e:dd:4a:89:1d:23:95:87:6a:80:64:04:
         59:38:8f:d8:94:e7:c2:57:2c:25:92:15:fd:39:f3:e9:f4:0f:
         61:5a:fd:8c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcAgpZXmrJlaK8ygxY+6ugWxf7towDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNTA5M2NiYjQ2ZjY5OTAxYzExOWEyYmUxMDgzZGYyYWEy
YjQzM2JiYTNmOTYwZmJjMTgwHhcNMjQwMzI5MTU0NDUxWhcNMjUwMzI4MTU0OTUx
WjAzMTEwLwYDVQQDEyg3NjlCQjk4MzNCQTU1NDVFREY4NjJCMDBENDEzQjlDMEJE
OTRERDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA68oI8pLqOCSf
6is49hwWUSu3RpdwqbgjxITKCgeT7IuNI32TiFP9U5vd0bOZZ3QuZj+8z9xUz+DX
CbaAYOUI3snfSsPuErkhXOfqdAbjGLDeMXtTZYDr1efAynx0nYuoPrV0S6hSg6F3
uYorKD9yPntq59gRJ/imDV8r/Ffuzv7UenOxh00lZIYC5PXO/RXeHo6a7CSWRSB8
FzP/Bl1cG8pBPu0OvUuMTCV4LsyGjkJv2xpmCwsvPylFOxvdoZLbtF0b6Igv3RnW
JlYbtGCL1y0NuwpQ4N38ZoV3e1k5C2e95CPuzmmMHh0/mS9iyxl1zrd0tcqvEgrM
ZwoEED6i2wIDAQABo4ICYDCCAlwwHQYDVR0OBBYEFHabuYM7pVRe34YrANQTucC9
lN1YMB8GA1UdIwQYMBaAFBYlfBlmjGcTxAErEB5kYmbNd7UNMA4GA1UdDwEB/wQE
AwIHgDBfBgNVHR8EWDBWMFSgUqBQhk5yc3luYzovL2NhLm5hdC5tb2UvcmVwby9O
QVRPTEFCLzIvMTYyNTdDMTk2NjhDNjcxM0M0MDEyQjEwMUU2NDYyNjZDRDc3QjUw
RC5jcmwwgfMGCCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8v
cnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1l
ODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMvZjYwYzlmMzItYTg3Yy00MzM5LWEy
ZjMtNjI5OWEzYjAyZTI5LzA0YzEyYzZjLWFiMGUtNGQwMy1iOWM4LTZjMzU5MjM2
OGM3Ny81MDkzY2JiNDZmNjk5MDFjMTE5YTJiZTEwODNkZjJhYTJiNDMzYmJhM2Y5
NjBmYmMxOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzov
L2NhLm5hdC5tb2UvcmVwby9OQVRPTEFCLzIvMzIzMzJlMzIzNDM3MmUzMTMzMzgy
ZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMzMyMzUzMTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBF/eK
MA0GCSqGSIb3DQEBCwUAA4IBAQBow47MNC8mxoAypA/mezSNV8vPUPylj2Ka+1Tx
k3DXX6rrm60K7sujLeBZUza/7BcNb3lxuTvef2OZBx4YUd8remILOI9DvxnK+oAn
SCJN5/fSSDNPM1lf2b1GpCgCE/N4q9RtHpuiSfv3vidxo+ljN5PbC00cH8bNWQoD
zd7grQc76n9zszrEDHeAnvuQKUZx/hiKXSFuzjeIi90MUDjXVJk2XxxCePxR8yxv
bL4j4H9ZTE7TlBWbm0AJNIVhKxX0sGgzYfmvGHT2SSOp4jj5wJSXBjz587Np7JBX
YsNu3UqJHSOVh2qAZARZOI/YlOfCVywlkhX9OfPp9A9hWv2M
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:00:37 2024 by rpki-client on console-fra.rpki-client.org