Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/31b433a5-72b1-4653-99d3-9469c8b8b762/0/3135372e36362e32392e302f32342d3234203d3e203539323831.roa
File:                     3135372e36362e32392e302f32342d3234203d3e203539323831.roa (raw, json)
Hash identifier:          pqTnPO0Z94iivGsNebtDnglWLxgA2JGfko10d7VKJ5g=
Subject key identifier:   11:3F:B8:35:59:22:E5:C5:CF:65:3F:4F:DF:FE:3A:6C:2C:5D:59:AE
Certificate issuer:       /CN=EAD173629E4F955F44EC781A3739775E738ACCFD
Certificate serial:       2BEA7E2D37C201058E45556194635EA3513296F3
Authority key identifier: EA:D1:73:62:9E:4F:95:5F:44:EC:78:1A:37:39:77:5E:73:8A:CC:FD
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/EAD173629E4F955F44EC781A3739775E738ACCFD.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/31b433a5-72b1-4653-99d3-9469c8b8b762/0/3135372e36362e32392e302f32342d3234203d3e203539323831.roa
Signing time:             Tue 14 May 2024 07:14:28 +0000
ROA not before:           Tue 14 May 2024 07:09:28 +0000
ROA not after:            Tue 13 May 2025 07:14:28 +0000
asID:                     59281
IP address blocks:        157.66.29.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/31b433a5-72b1-4653-99d3-9469c8b8b762/0/EAD173629E4F955F44EC781A3739775E738ACCFD.crl
                          rsync://repo-rpki.idnic.net/repo/31b433a5-72b1-4653-99d3-9469c8b8b762/0/EAD173629E4F955F44EC781A3739775E738ACCFD.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/EAD173629E4F955F44EC781A3739775E738ACCFD.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 23 Nov 2024 14:24:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:ea:7e:2d:37:c2:01:05:8e:45:55:61:94:63:5e:a3:51:32:96:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EAD173629E4F955F44EC781A3739775E738ACCFD
        Validity
            Not Before: May 14 07:09:28 2024 GMT
            Not After : May 13 07:14:28 2025 GMT
        Subject: CN=113FB8355922E5C5CF653F4FDFFE3A6C2C5D59AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:d6:8a:45:35:32:7f:a1:07:75:b8:b7:25:43:
                    7f:3d:42:e5:3b:fb:51:74:4f:66:e6:36:16:ef:a1:
                    42:e1:92:7c:76:31:17:cf:7d:97:38:d4:f5:8e:ba:
                    19:1e:74:aa:ac:53:fb:cf:dd:87:da:e8:93:45:6a:
                    0a:46:9e:9b:65:10:34:60:01:27:1b:08:fa:2d:38:
                    cf:ce:a3:b9:7c:6e:26:35:b4:f0:12:4c:67:cf:71:
                    2a:46:29:de:5f:87:1b:29:ea:78:c5:18:39:5b:50:
                    2c:b4:6c:00:5c:e2:d4:56:ad:14:a1:b8:b1:31:14:
                    cb:96:e3:ce:b5:de:8c:82:cf:df:e6:16:67:a1:a9:
                    9a:11:6c:90:41:31:79:eb:af:50:b7:20:5e:dd:aa:
                    e2:96:9c:d8:c1:29:bc:e5:92:07:33:44:97:2f:62:
                    7b:4a:15:76:36:84:76:79:63:8c:71:c0:59:dd:6e:
                    d8:c5:f5:15:f2:93:2f:79:7f:08:98:3e:09:c6:81:
                    d3:2b:fc:f9:69:61:85:fb:78:60:9a:fe:a0:a4:c5:
                    68:fa:9e:2f:61:1d:ab:95:34:db:02:55:b5:99:b4:
                    94:bd:8f:87:8f:ba:01:b7:3c:bc:d4:77:f5:87:42:
                    65:90:ad:49:0d:6f:ef:8d:80:c7:ff:a7:b1:9b:be:
                    83:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:3F:B8:35:59:22:E5:C5:CF:65:3F:4F:DF:FE:3A:6C:2C:5D:59:AE
            X509v3 Authority Key Identifier:
                keyid:EA:D1:73:62:9E:4F:95:5F:44:EC:78:1A:37:39:77:5E:73:8A:CC:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/31b433a5-72b1-4653-99d3-9469c8b8b762/0/EAD173629E4F955F44EC781A3739775E738ACCFD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/EAD173629E4F955F44EC781A3739775E738ACCFD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/31b433a5-72b1-4653-99d3-9469c8b8b762/0/3135372e36362e32392e302f32342d3234203d3e203539323831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.66.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:d4:00:f4:e2:c5:3c:38:ef:8b:be:3a:2a:19:6c:fb:36:8d:
         f8:23:d2:fe:ca:0a:c3:31:0c:8b:84:42:93:95:04:e6:0c:72:
         1a:2b:23:e7:e8:c6:00:84:91:a9:56:c4:40:8b:72:c0:50:b0:
         c8:ad:cd:e7:1c:d6:41:85:7f:80:20:88:88:3a:2f:de:a5:78:
         52:ec:a1:d0:21:12:30:d4:c5:ea:b2:25:4f:53:81:f4:f5:f5:
         9c:4f:8b:1c:aa:9f:a1:41:f6:52:71:1a:c1:47:8c:75:96:8d:
         86:54:db:a6:a5:fb:d6:61:da:d7:43:7b:ed:d3:89:6f:19:51:
         42:df:22:ba:8e:a8:0c:b8:eb:d1:bf:6a:d9:09:2e:01:93:3c:
         21:91:10:fc:52:08:7d:9e:9a:db:da:83:f9:22:04:f4:a3:73:
         38:4f:bd:d0:94:13:d2:8f:33:69:c1:8c:c2:5f:8f:d1:71:db:
         ca:3d:1a:b7:fb:df:8e:ec:fc:a9:c5:a6:1d:9f:4b:1c:41:c2:
         9f:cd:58:57:05:88:a2:d0:12:c1:3e:df:e7:c5:2b:f5:92:cd:
         7a:33:8e:db:12:ff:ca:19:1d:ae:ef:ce:b9:21:6d:4e:4d:75:
         87:8e:55:30:e5:14:56:e6:89:b8:5a:b2:08:96:ce:75:66:63:
         b5:b9:30:cb
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUK+p+LTfCAQWORVVhlGNeo1EylvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUFEMTczNjI5RTRGOTU1RjQ0RUM3ODFBMzczOTc3NUU3
MzhBQ0NGRDAeFw0yNDA1MTQwNzA5MjhaFw0yNTA1MTMwNzE0MjhaMDMxMTAvBgNV
BAMTKDExM0ZCODM1NTkyMkU1QzVDRjY1M0Y0RkRGRkUzQTZDMkM1RDU5QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO1opFNTJ/oQd1uLclQ389QuU7
+1F0T2bmNhbvoULhknx2MRfPfZc41PWOuhkedKqsU/vP3Yfa6JNFagpGnptlEDRg
AScbCPotOM/Oo7l8biY1tPASTGfPcSpGKd5fhxsp6njFGDlbUCy0bABc4tRWrRSh
uLExFMuW48613oyCz9/mFmehqZoRbJBBMXnrr1C3IF7dquKWnNjBKbzlkgczRJcv
YntKFXY2hHZ5Y4xxwFndbtjF9RXyky95fwiYPgnGgdMr/PlpYYX7eGCa/qCkxWj6
ni9hHauVNNsCVbWZtJS9j4ePugG3PLzUd/WHQmWQrUkNb++NgMf/p7GbvoOfAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUET+4NVki5cXPZT9P3/46bCxdWa4wHwYDVR0j
BBgwFoAU6tFzYp5PlV9E7HgaNzl3XnOKzP0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
MWI0MzNhNS03MmIxLTQ2NTMtOTlkMy05NDY5YzhiOGI3NjIvMC9FQUQxNzM2MjlF
NEY5NTVGNDRFQzc4MUEzNzM5Nzc1RTczOEFDQ0ZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvRUFEMTczNjI5RTRGOTU1RjQ0RUM3ODFBMzczOTc3NUU3MzhB
Q0NGRC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzMxYjQzM2E1LTcyYjEtNDY1My05
OWQzLTk0NjljOGI4Yjc2Mi8wLzMxMzUzNzJlMzYzNjJlMzIzOTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM1MzkzMjM4MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACdQh0wDQYJKoZIhvcN
AQELBQADggEBAAfUAPTixTw474u+OioZbPs2jfgj0v7KCsMxDIuEQpOVBOYMchor
I+foxgCEkalWxECLcsBQsMitzecc1kGFf4AgiIg6L96leFLsodAhEjDUxeqyJU9T
gfT19ZxPixyqn6FB9lJxGsFHjHWWjYZU26al+9Zh2tdDe+3TiW8ZUULfIrqOqAy4
69G/atkJLgGTPCGREPxSCH2emtvag/kiBPSjczhPvdCUE9KPM2nBjMJfj9Fx28o9
Grf7347s/KnFph2fSxxBwp/NWFcFiKLQEsE+3+fFK/WSzXozjtsS/8oZHa7vzrkh
bU5NdYeOVTDlFFbmibhasgiWznVmY7W5MMs=
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:41:50 2024 by rpki-client on console-fra.rpki-client.org