Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3230332e3137362e3138302e302f32322d3234203d3e20313331313131.roa
File:                     3230332e3137362e3138302e302f32322d3234203d3e20313331313131.roa (raw, json)
Hash identifier:          KnIKjt5pGOnb6FbahaUXUZtBNkMWL8GfzIrsWuyRPtY=
Subject key identifier:   E2:63:48:4F:C5:1F:25:76:CC:54:70:C8:6E:A8:47:36:DD:21:97:50
Certificate issuer:       /CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
Certificate serial:       7B1440F243F836E74423F7A8FB937F9F33C37A9B
Authority key identifier: C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3230332e3137362e3138302e302f32322d3234203d3e20313331313131.roa
Signing time:             Tue 15 Aug 2023 17:00:01 +0000
ROA not before:           Tue 15 Aug 2023 16:55:01 +0000
ROA not after:            Tue 13 Aug 2024 17:00:01 +0000
asID:                     131111
IP address blocks:        203.176.180.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl
                          rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:14:40:f2:43:f8:36:e7:44:23:f7:a8:fb:93:7f:9f:33:c3:7a:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
        Validity
            Not Before: Aug 15 16:55:01 2023 GMT
            Not After : Aug 13 17:00:01 2024 GMT
        Subject: CN=E263484FC51F2576CC5470C86EA84736DD219750
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:50:f7:b1:bd:4c:db:79:e6:11:38:08:e0:56:
                    51:77:71:d0:8e:6f:e6:2c:c1:cc:a7:22:70:a2:fd:
                    4b:f9:4b:7c:26:b2:fb:0d:52:c8:43:c8:0d:a0:27:
                    49:fa:27:60:17:27:09:1a:dd:3f:08:c0:48:f5:2d:
                    d6:8f:a6:4d:5f:8d:41:c9:98:e2:08:0b:64:27:fb:
                    d1:e0:5b:9b:31:c4:df:8c:c2:c0:95:30:92:90:e3:
                    9e:e4:03:eb:5d:b8:b5:3e:4f:92:c3:29:a1:93:ca:
                    99:ab:9d:fb:ba:b7:d0:10:a7:85:cb:b9:6b:f6:10:
                    44:64:6e:1a:53:3c:e8:54:51:79:99:50:29:53:6b:
                    b4:6d:79:45:eb:9f:5f:d5:4c:b5:0d:5e:e3:0e:f5:
                    3f:f2:fe:fc:ff:94:0a:f7:28:58:7d:2d:29:ef:3a:
                    ff:a2:ab:83:cd:43:2b:51:39:5a:e3:6c:73:f0:24:
                    a8:f0:4b:13:07:87:a1:f3:19:dc:4d:1b:89:cc:82:
                    51:64:25:9d:91:39:2c:22:c0:99:b6:5d:18:c5:bf:
                    b1:d3:b5:28:0f:71:bf:0b:ff:c0:75:64:b9:fc:84:
                    1a:04:f7:1d:1f:68:66:c8:7e:df:38:9c:02:70:57:
                    7d:e9:39:dc:21:50:4d:09:e6:04:2b:fa:0b:be:f7:
                    f9:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:63:48:4F:C5:1F:25:76:CC:54:70:C8:6E:A8:47:36:DD:21:97:50
            X509v3 Authority Key Identifier:
                keyid:C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3230332e3137362e3138302e302f32322d3234203d3e20313331313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.176.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:aa:72:cb:4e:6d:af:24:99:3b:03:82:83:78:5d:bc:fa:6a:
         b0:ea:d5:26:76:76:ac:95:5a:f4:08:9c:1b:24:d8:36:58:bb:
         18:b2:2b:ff:fd:c7:f5:f3:bf:1c:26:95:31:cb:18:fc:2f:4c:
         19:67:d6:88:59:4f:18:09:3f:fd:0b:0a:d2:d0:69:f0:98:7a:
         89:34:ff:c3:33:0b:f8:f4:87:6d:2e:9c:2f:f3:14:90:52:96:
         93:8c:aa:2c:e0:b2:8d:49:da:e1:e6:4d:22:d8:d9:26:8e:12:
         ba:8b:0f:2b:4b:70:15:1b:6b:17:14:d8:bc:33:2b:08:d2:19:
         63:9c:7b:1c:d3:8c:44:09:27:aa:f3:45:5c:63:cf:5a:93:e7:
         f0:06:a3:50:56:7f:ea:3e:a8:01:2b:67:de:99:7e:c7:4b:04:
         02:13:3e:f7:dd:df:14:70:87:7d:d8:a5:33:08:26:64:ce:de:
         62:1f:21:84:9a:19:74:ca:2a:8e:c2:63:ce:e0:96:12:ba:64:
         d7:03:5e:6f:a8:ec:e5:90:ac:e0:fe:99:0d:8f:69:6b:0b:2c:
         cf:47:3e:65:f0:09:dd:fe:7b:a8:95:fa:00:6a:a4:4a:7f:42:
         57:89:7f:85:0a:65:a5:76:8b:07:fa:0c:e4:fc:4b:ec:ed:47:
         17:bc:ef:c4
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUexRA8kP4NudEI/eo+5N/nzPDepswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4
NzE2REMyRjAeFw0yMzA4MTUxNjU1MDFaFw0yNDA4MTMxNzAwMDFaMDMxMTAvBgNV
BAMTKEUyNjM0ODRGQzUxRjI1NzZDQzU0NzBDODZFQTg0NzM2REQyMTk3NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgUPexvUzbeeYROAjgVlF3cdCO
b+YswcynInCi/Uv5S3wmsvsNUshDyA2gJ0n6J2AXJwka3T8IwEj1LdaPpk1fjUHJ
mOIIC2Qn+9HgW5sxxN+MwsCVMJKQ457kA+tduLU+T5LDKaGTypmrnfu6t9AQp4XL
uWv2EERkbhpTPOhUUXmZUClTa7RteUXrn1/VTLUNXuMO9T/y/vz/lAr3KFh9LSnv
Ov+iq4PNQytROVrjbHPwJKjwSxMHh6HzGdxNG4nMglFkJZ2ROSwiwJm2XRjFv7HT
tSgPcb8L/8B1ZLn8hBoE9x0faGbIft84nAJwV33pOdwhUE0J5gQr+gu+9/kRAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU4mNIT8UfJXbMVHDIbqhHNt0hl1AwHwYDVR0j
BBgwFoAUwa+MmZ6dBtrevDh9eLMFq4cW3C8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
OTIwNWU3Yy1hODgxLTQ4NzMtOTE4OC1lNTIxYjZhZjUyOWMvMC9DMUFGOEM5OTlF
OUQwNkRBREVCQzM4N0Q3OEIzMDVBQjg3MTZEQzJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4NzE2
REMyRi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE5MjA1ZTdjLWE4ODEtNDg3My05
MTg4LWU1MjFiNmFmNTI5Yy8wLzMyMzAzMzJlMzEzNzM2MmUzMTM4MzAyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzEzMTMxMzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBALLsLQwDQYJ
KoZIhvcNAQELBQADggEBACCqcstOba8kmTsDgoN4Xbz6arDq1SZ2dqyVWvQInBsk
2DZYuxiyK//9x/XzvxwmlTHLGPwvTBln1ohZTxgJP/0LCtLQafCYeok0/8MzC/j0
h20unC/zFJBSlpOMqizgso1J2uHmTSLY2SaOErqLDytLcBUbaxcU2LwzKwjSGWOc
exzTjEQJJ6rzRVxjz1qT5/AGo1BWf+o+qAErZ96ZfsdLBAITPvfd3xRwh33YpTMI
JmTO3mIfIYSaGXTKKo7CY87glhK6ZNcDXm+o7OWQrOD+mQ2PaWsLLM9HPmXwCd3+
e6iV+gBqpEp/QleJf4UKZaV2iwf6DOT8S+ztRxe878Q=
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:57:44 2024 by rpki-client on console-fra.rpki-client.org