Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3131392e31352e3133352e302f32342d3234203d3e203435333036.roa
File:                     3131392e31352e3133352e302f32342d3234203d3e203435333036.roa (raw, json)
Hash identifier:          C89Nj2SgtW/Dq6dpcLjR/Ja0X+mRfhCiSEVzBdp+lWk=
Subject key identifier:   52:B9:2B:C8:2B:20:73:6F:8A:4C:E9:B2:A0:4F:04:3C:A7:E8:B5:AE
Certificate issuer:       /CN=F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A
Certificate serial:       7996652A3B03B7ECB021C2221A40E9A074A5E22E
Authority key identifier: F1:85:3A:1C:5C:1E:CA:FE:10:76:F9:4A:61:FA:77:96:DD:3C:67:1A
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3131392e31352e3133352e302f32342d3234203d3e203435333036.roa
Signing time:             Sun 16 Jun 2024 05:00:01 +0000
ROA not before:           Sun 16 Jun 2024 04:55:01 +0000
ROA not after:            Sun 15 Jun 2025 05:00:01 +0000
asID:                     45306
IP address blocks:        119.15.135.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.crl
                          rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 03:03:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:96:65:2a:3b:03:b7:ec:b0:21:c2:22:1a:40:e9:a0:74:a5:e2:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A
        Validity
            Not Before: Jun 16 04:55:01 2024 GMT
            Not After : Jun 15 05:00:01 2025 GMT
        Subject: CN=52B92BC82B20736F8A4CE9B2A04F043CA7E8B5AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:9f:8a:2e:3f:6e:c1:88:46:25:a9:fd:7f:a1:
                    ac:7f:45:9d:c2:4b:91:ce:06:79:6d:23:d5:73:57:
                    d0:fd:ea:51:f1:6f:ac:e8:d2:f9:2b:e2:10:9c:58:
                    e2:24:51:07:ff:61:a6:40:bc:45:ee:b4:fd:a7:9e:
                    01:2f:27:f8:e1:7f:c6:f5:61:da:36:25:a9:3e:ca:
                    8d:3e:0c:dd:64:d1:d9:7d:7d:9b:c7:a1:74:22:fc:
                    17:9b:08:1b:fd:df:c6:ef:47:12:70:89:19:88:d8:
                    60:53:e7:40:c2:0e:0a:4a:9c:ab:6f:42:9b:cc:d3:
                    08:1d:da:f7:66:1e:99:9e:01:9f:ec:11:83:d6:c3:
                    31:c0:95:97:f0:61:6b:0c:6a:2a:88:d5:1e:b6:16:
                    e1:c5:17:60:19:d7:fd:21:cf:d3:76:f2:59:2b:0f:
                    8a:68:48:92:b2:1f:a0:36:67:b2:65:0d:12:06:73:
                    1c:ce:0c:e8:78:c2:7c:54:d7:fe:98:83:a7:f9:ea:
                    53:d4:75:e6:cc:ef:3b:c1:3b:72:68:e2:38:1c:c9:
                    55:fd:35:83:40:0a:c9:17:ed:bf:27:b3:5b:25:d7:
                    5a:d5:9c:66:db:cd:7b:65:ec:28:19:a7:06:40:3a:
                    73:aa:b1:4d:23:e0:b6:b6:9d:33:ed:d6:94:e3:93:
                    51:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:B9:2B:C8:2B:20:73:6F:8A:4C:E9:B2:A0:4F:04:3C:A7:E8:B5:AE
            X509v3 Authority Key Identifier:
                keyid:F1:85:3A:1C:5C:1E:CA:FE:10:76:F9:4A:61:FA:77:96:DD:3C:67:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F1853A1C5C1ECAFE1076F94A61FA7796DD3C671A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/29ab60b1-a244-4a78-b31b-feca3d14ed9f/0/3131392e31352e3133352e302f32342d3234203d3e203435333036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.15.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         e0:1a:47:9c:17:2b:e8:87:8b:04:f4:64:49:f2:fd:e6:97:d8:
         50:5b:60:92:9e:2d:48:e0:82:a0:09:43:11:45:1b:24:28:37:
         4a:74:3f:c2:08:4e:0b:5a:3c:de:ae:ec:91:10:3d:1e:42:8f:
         b9:ee:60:e6:1a:a3:a0:e8:fc:c6:c7:cd:b7:19:11:f2:f7:5a:
         59:22:dd:2a:ca:8f:6e:89:c8:be:3b:0d:73:4c:38:74:ef:be:
         20:1c:2c:9b:02:34:2c:80:36:3c:62:f2:0a:79:6c:2c:bc:08:
         57:82:92:b2:c5:95:53:38:5e:84:3f:b2:d1:6d:6c:15:fb:da:
         9c:95:28:b1:1c:a3:58:5a:34:0e:30:3d:3b:3c:cc:1b:72:be:
         e5:01:4f:1b:66:44:15:4d:a0:0a:7e:dd:58:58:ca:6a:91:9e:
         3b:20:ca:d6:27:c9:97:a1:46:06:19:0b:21:f0:26:3e:c1:e5:
         c9:5c:99:02:09:ae:38:81:bd:a5:ab:b0:7a:c2:9d:6a:4d:a1:
         ec:9d:b5:94:75:d4:4e:9a:e6:e1:c0:22:5e:91:c5:4a:77:e3:
         27:40:9b:db:f7:de:3b:58:2c:b7:40:81:61:56:1d:e0:54:45:
         28:da:24:b0:b7:e2:39:bf:e9:27:f2:7e:c6:9b:38:88:1e:59:
         70:f9:b1:c9
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUeZZlKjsDt+ywIcIiGkDpoHSl4i4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjE4NTNBMUM1QzFFQ0FGRTEwNzZGOTRBNjFGQTc3OTZE
RDNDNjcxQTAeFw0yNDA2MTYwNDU1MDFaFw0yNTA2MTUwNTAwMDFaMDMxMTAvBgNV
BAMTKDUyQjkyQkM4MkIyMDczNkY4QTRDRTlCMkEwNEYwNDNDQTdFOEI1QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3n4ouP27BiEYlqf1/oax/RZ3C
S5HOBnltI9VzV9D96lHxb6zo0vkr4hCcWOIkUQf/YaZAvEXutP2nngEvJ/jhf8b1
Ydo2Jak+yo0+DN1k0dl9fZvHoXQi/BebCBv938bvRxJwiRmI2GBT50DCDgpKnKtv
QpvM0wgd2vdmHpmeAZ/sEYPWwzHAlZfwYWsMaiqI1R62FuHFF2AZ1/0hz9N28lkr
D4poSJKyH6A2Z7JlDRIGcxzODOh4wnxU1/6Yg6f56lPUdebM7zvBO3Jo4jgcyVX9
NYNACskX7b8ns1sl11rVnGbbzXtl7CgZpwZAOnOqsU0j4La2nTPt1pTjk1FvAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUUrkryCsgc2+KTOmyoE8EPKfota4wHwYDVR0j
BBgwFoAU8YU6HFweyv4QdvlKYfp3lt08ZxowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
OWFiNjBiMS1hMjQ0LTRhNzgtYjMxYi1mZWNhM2QxNGVkOWYvMC9GMTg1M0ExQzVD
MUVDQUZFMTA3NkY5NEE2MUZBNzc5NkREM0M2NzFBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjE4NTNBMUM1QzFFQ0FGRTEwNzZGOTRBNjFGQTc3OTZERDND
NjcxQS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI5YWI2MGIxLWEyNDQtNGE3OC1i
MzFiLWZlY2EzZDE0ZWQ5Zi8wLzMxMzEzOTJlMzEzNTJlMzEzMzM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzNTMzMzAzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHcPhzANBgkqhkiG
9w0BAQsFAAOCAQEA4BpHnBcr6IeLBPRkSfL95pfYUFtgkp4tSOCCoAlDEUUbJCg3
SnQ/wghOC1o83q7skRA9HkKPue5g5hqjoOj8xsfNtxkR8vdaWSLdKsqPbonIvjsN
c0w4dO++IBwsmwI0LIA2PGLyCnlsLLwIV4KSssWVUzhehD+y0W1sFfvanJUosRyj
WFo0DjA9OzzMG3K+5QFPG2ZEFU2gCn7dWFjKapGeOyDK1ifJl6FGBhkLIfAmPsHl
yVyZAgmuOIG9pauwesKdak2h7J21lHXUTprm4cAiXpHFSnfjJ0Cb2/feO1gst0CB
YVYd4FRFKNoksLfiOb/pJ/J+xps4iB5ZcPmxyQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:24:16 2024 by rpki-client on console-ams.rpki-client.org