Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a32373a3a2f34382d3438203d3e20313437313337.roa
File:                     323430303a343661303a32373a3a2f34382d3438203d3e20313437313337.roa (raw, json)
Hash identifier:          etyOuhfYBVECtQ/Qz2r+3sZxyQO2aYeJcbImziDt+iQ=
Subject key identifier:   CE:D7:73:38:42:79:F2:B0:94:5E:90:3C:03:2D:C6:BA:E8:4C:DF:06
Certificate issuer:       /CN=9A52B6405ED406A7B17C4478D516DF3E37282980
Certificate serial:       7E9C7F15030DC380FD3B91BEF54BEF8DFCC74FCB
Authority key identifier: 9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a32373a3a2f34382d3438203d3e20313437313337.roa
Signing time:             Fri 09 Aug 2024 08:47:23 +0000
ROA not before:           Fri 09 Aug 2024 08:42:23 +0000
ROA not after:            Fri 08 Aug 2025 08:47:23 +0000
asID:                     147137
IP address blocks:        2400:46a0:27::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.crl
                          rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 15:09:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:9c:7f:15:03:0d:c3:80:fd:3b:91:be:f5:4b:ef:8d:fc:c7:4f:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9A52B6405ED406A7B17C4478D516DF3E37282980
        Validity
            Not Before: Aug  9 08:42:23 2024 GMT
            Not After : Aug  8 08:47:23 2025 GMT
        Subject: CN=CED773384279F2B0945E903C032DC6BAE84CDF06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:0e:47:93:f8:23:28:8a:ed:33:a4:06:1e:26:
                    0b:5b:25:f5:53:bb:24:5d:ae:85:59:56:19:b9:36:
                    f2:34:dd:cf:8d:c3:86:1b:6e:98:c3:d7:1d:d7:a7:
                    54:2b:18:5c:09:69:7f:5c:7c:a8:af:c5:94:0d:c8:
                    6a:39:dc:26:42:6c:f9:fa:98:e4:45:c9:a5:b1:c9:
                    cf:b3:69:54:ff:ad:38:09:4f:c9:33:21:3f:c4:85:
                    3e:7e:04:a3:5d:09:e7:dd:6d:7c:e5:2e:77:e8:4e:
                    f1:e8:05:6e:fd:cb:5d:42:e9:84:f4:3e:bf:5b:1a:
                    d0:8b:93:24:84:b3:25:68:93:0f:96:91:55:eb:09:
                    fc:40:06:5d:21:da:ed:c4:05:e6:76:be:8e:49:55:
                    84:b3:8b:e0:6d:1e:45:cd:95:83:49:57:ec:5d:6d:
                    c0:ea:fb:4d:47:81:58:58:05:cb:7e:27:ec:e1:45:
                    62:ce:cb:be:74:7c:e8:75:43:fd:e2:6d:d5:1f:99:
                    28:27:41:5a:b6:c7:6b:a7:85:02:b0:56:bb:d8:d0:
                    00:c1:93:2e:82:3a:d9:1a:3e:0a:44:b0:3e:e6:f5:
                    3e:26:57:65:db:13:75:17:07:19:25:ef:5b:00:83:
                    64:e6:c6:0c:49:e6:db:ae:7d:e2:bc:0d:0d:64:37:
                    67:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:D7:73:38:42:79:F2:B0:94:5E:90:3C:03:2D:C6:BA:E8:4C:DF:06
            X509v3 Authority Key Identifier:
                keyid:9A:52:B6:40:5E:D4:06:A7:B1:7C:44:78:D5:16:DF:3E:37:28:29:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/9A52B6405ED406A7B17C4478D516DF3E37282980.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/9A52B6405ED406A7B17C4478D516DF3E37282980.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3a665c32-6daf-472b-bce6-317d5d6c789e/0/323430303a343661303a32373a3a2f34382d3438203d3e20313437313337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:46a0:27::/48

    Signature Algorithm: sha256WithRSAEncryption
         71:84:aa:30:14:7a:71:26:db:32:50:5b:c8:e9:64:2d:35:84:
         65:16:e3:e9:e1:45:81:21:f6:d5:18:75:1e:1a:f8:10:5c:db:
         6b:64:c8:5c:16:4b:38:4e:ec:9d:86:2f:8d:8a:47:41:98:96:
         27:15:c1:69:ac:46:fb:48:e9:96:27:9f:06:1d:b9:08:e5:43:
         d1:c5:b1:d2:b4:9b:36:80:55:3b:b8:9d:1e:24:b5:79:65:32:
         e5:b9:97:cd:43:49:b7:10:ae:dc:5e:1c:9e:d9:b7:e4:57:98:
         b8:ac:63:91:35:98:08:96:cd:a0:ce:51:d7:5b:76:4e:33:4b:
         77:f5:d9:2e:3a:4e:68:0f:11:d2:19:e8:83:a7:8b:a8:86:45:
         7d:08:97:2f:72:d5:34:18:f1:8c:1d:6a:14:7d:a6:3b:0c:13:
         45:6c:6e:97:93:a6:9d:bb:0d:92:4e:10:0e:e3:6a:f9:c8:8a:
         3f:b4:c5:26:aa:36:bd:08:81:b5:8c:4b:b6:86:fa:46:10:2b:
         53:76:64:58:54:bd:e1:34:0e:c5:bc:4c:e4:c2:33:f1:52:49:
         73:7b:8d:76:a7:2c:ae:fe:f2:88:cc:1a:42:5d:ca:8e:1b:fc:
         ed:65:69:2c:29:f4:30:b6:2d:63:7b:c6:02:6d:d8:45:d8:83:
         58:ac:d9:f5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUfpx/FQMNw4D9O5G+9UvvjfzHT8swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0Uz
NzI4Mjk4MDAeFw0yNDA4MDkwODQyMjNaFw0yNTA4MDgwODQ3MjNaMDMxMTAvBgNV
BAMTKENFRDc3MzM4NDI3OUYyQjA5NDVFOTAzQzAzMkRDNkJBRTg0Q0RGMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxDkeT+CMoiu0zpAYeJgtbJfVT
uyRdroVZVhm5NvI03c+Nw4YbbpjD1x3Xp1QrGFwJaX9cfKivxZQNyGo53CZCbPn6
mORFyaWxyc+zaVT/rTgJT8kzIT/EhT5+BKNdCefdbXzlLnfoTvHoBW79y11C6YT0
Pr9bGtCLkySEsyVokw+WkVXrCfxABl0h2u3EBeZ2vo5JVYSzi+BtHkXNlYNJV+xd
bcDq+01HgVhYBct+J+zhRWLOy750fOh1Q/3ibdUfmSgnQVq2x2unhQKwVrvY0ADB
ky6COtkaPgpEsD7m9T4mV2XbE3UXBxkl71sAg2TmxgxJ5tuufeK8DQ1kN2cpAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUztdzOEJ58rCUXpA8Ay3GuuhM3wYwHwYDVR0j
BBgwFoAUmlK2QF7UBqexfER41RbfPjcoKYAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YTY2NWMzMi02ZGFmLTQ3MmItYmNlNi0zMTdkNWQ2Yzc4OWUvMC85QTUyQjY0MDVF
RDQwNkE3QjE3QzQ0NzhENTE2REYzRTM3MjgyOTgwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOUE1MkI2NDA1RUQ0MDZBN0IxN0M0NDc4RDUxNkRGM0UzNzI4
Mjk4MC5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNhNjY1YzMyLTZkYWYtNDcyYi1i
Y2U2LTMxN2Q1ZDZjNzg5ZS8wLzMyMzQzMDMwM2EzNDM2NjEzMDNhMzIzNzNhM2Ey
ZjM0MzgyZDM0MzgyMDNkM2UyMDMxMzQzNzMxMzMzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACQARqAA
JzANBgkqhkiG9w0BAQsFAAOCAQEAcYSqMBR6cSbbMlBbyOlkLTWEZRbj6eFFgSH2
1Rh1Hhr4EFzba2TIXBZLOE7snYYvjYpHQZiWJxXBaaxG+0jpliefBh25COVD0cWx
0rSbNoBVO7idHiS1eWUy5bmXzUNJtxCu3F4cntm35FeYuKxjkTWYCJbNoM5R11t2
TjNLd/XZLjpOaA8R0hnog6eLqIZFfQiXL3LVNBjxjB1qFH2mOwwTRWxul5OmnbsN
kk4QDuNq+ciKP7TFJqo2vQiBtYxLtob6RhArU3ZkWFS94TQOxbxM5MIz8VJJc3uN
dqcsrv7yiMwaQl3Kjhv87WVpLCn0MLYtY3vGAm3YRdiDWKzZ9Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:01:43 2024 by rpki-client on console-fra.rpki-client.org