Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136392e302f32342d3234203d3e203436303534.roa
File:                     35382e3134352e3136392e302f32342d3234203d3e203436303534.roa (raw, json)
Hash identifier:          9/RRwI5l/NtYziLvL1Tovl6lPdp6toGo7gvjHA/JNLU=
Subject key identifier:   72:C7:3C:8D:C7:5C:C7:90:6A:62:EB:2F:C9:DE:D4:29:AB:0D:EA:8B
Certificate issuer:       /CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
Certificate serial:       578FF9F3358AA0B082C70E4F0280A9A582EC7C9D
Authority key identifier: 26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136392e302f32342d3234203d3e203436303534.roa
Signing time:             Mon 01 Jul 2024 01:05:43 +0000
ROA not before:           Mon 01 Jul 2024 01:00:43 +0000
ROA not after:            Mon 30 Jun 2025 01:05:43 +0000
asID:                     46054
IP address blocks:        58.145.169.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.crl
                          rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 21:44:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:8f:f9:f3:35:8a:a0:b0:82:c7:0e:4f:02:80:a9:a5:82:ec:7c:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=26425B70294F98035D38788E597A4A6CEB9C9CE5
        Validity
            Not Before: Jul  1 01:00:43 2024 GMT
            Not After : Jun 30 01:05:43 2025 GMT
        Subject: CN=72C73C8DC75CC7906A62EB2FC9DED429AB0DEA8B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:76:0c:12:15:7c:46:f0:37:6f:8f:e2:7d:0e:
                    1e:17:36:39:85:f8:45:d4:23:14:3a:24:e2:78:4f:
                    6e:f4:3b:5d:2e:74:dd:fd:77:65:6a:2d:23:c0:16:
                    8f:9c:7a:07:d6:6e:98:a5:31:6e:7b:a7:6a:66:22:
                    96:0f:cd:38:2f:42:65:71:ec:1f:3f:36:6c:36:e1:
                    28:43:54:38:44:b2:f7:a3:63:de:d8:0b:53:04:41:
                    23:1c:01:d2:eb:fc:6c:98:9f:5e:6c:70:23:6b:1e:
                    36:72:14:7d:bb:e7:e7:46:47:70:d4:1c:26:ea:cd:
                    74:9a:83:7a:65:58:1a:b8:19:3f:74:10:46:93:ce:
                    24:71:5f:7d:bd:c5:e4:b4:58:a3:0d:dc:cb:1c:ad:
                    b1:f4:0d:72:92:8d:31:a2:db:5c:15:99:75:73:ca:
                    ff:f4:91:13:6c:4e:73:53:b4:34:d9:1f:f9:01:5a:
                    e3:2a:ee:49:32:94:52:13:1f:8a:74:c3:68:c1:1a:
                    4f:d0:24:d5:eb:95:7b:1f:15:f8:f5:6a:51:71:ef:
                    cf:14:53:29:97:ae:05:62:e3:64:dc:b3:a9:7a:8b:
                    32:47:5f:05:f1:74:6b:6e:37:0f:4f:82:84:ef:39:
                    e0:56:f0:d1:e9:d0:59:48:dc:9d:50:b7:4e:15:a1:
                    c2:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:C7:3C:8D:C7:5C:C7:90:6A:62:EB:2F:C9:DE:D4:29:AB:0D:EA:8B
            X509v3 Authority Key Identifier:
                keyid:26:42:5B:70:29:4F:98:03:5D:38:78:8E:59:7A:4A:6C:EB:9C:9C:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/26425B70294F98035D38788E597A4A6CEB9C9CE5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/26425B70294F98035D38788E597A4A6CEB9C9CE5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3cf30936-c750-433b-9c2a-8ff5f38e63d4/0/35382e3134352e3136392e302f32342d3234203d3e203436303534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  58.145.169.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:f5:8d:1e:39:3e:c0:91:ca:d2:71:9b:13:d0:d4:52:96:b8:
         0d:a4:95:d9:42:6a:04:c9:71:1b:67:40:9d:38:e1:7b:86:42:
         dd:7e:3a:4d:4e:f2:36:ab:cd:95:19:37:ca:3d:08:45:21:01:
         03:da:2f:de:ea:ea:c1:da:3d:b7:40:e3:be:b9:ab:ad:f3:84:
         ff:d2:19:75:de:36:2b:53:4a:1c:0c:79:a8:57:4c:07:0c:da:
         0d:15:3a:7a:dc:21:ce:8f:e8:75:95:4d:88:4a:14:8d:3d:ba:
         49:68:bb:47:b9:51:dc:76:d3:cd:cd:85:f5:cd:53:9a:e6:ef:
         95:50:2b:6b:4b:6f:64:64:66:34:4c:93:3a:42:c2:0b:16:ec:
         d9:8e:85:fa:f9:98:ea:a8:99:02:03:86:15:14:4f:37:96:ed:
         4a:c4:9e:fe:af:5b:f5:8f:9e:6a:22:4e:e2:4a:4a:e6:a3:36:
         bb:9a:b9:f8:3d:d7:bc:20:36:e8:3c:9a:05:dc:6e:2d:1e:d7:
         ce:9d:50:f0:9a:97:c6:96:5e:df:ae:8c:9b:ee:b9:14:f5:f5:
         63:28:38:78:e4:76:3e:16:5b:9c:7a:ac:d4:44:e5:c7:83:c7:
         49:d1:93:ee:5d:ef:71:29:81:3e:db:06:1b:56:9f:d8:06:b0:
         81:f6:35:0e
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUV4/58zWKoLCCxw5PAoCppYLsfJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNF
QjlDOUNFNTAeFw0yNDA3MDEwMTAwNDNaFw0yNTA2MzAwMTA1NDNaMDMxMTAvBgNV
BAMTKDcyQzczQzhEQzc1Q0M3OTA2QTYyRUIyRkM5REVENDI5QUIwREVBOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCdgwSFXxG8Ddvj+J9Dh4XNjmF
+EXUIxQ6JOJ4T270O10udN39d2VqLSPAFo+cegfWbpilMW57p2pmIpYPzTgvQmVx
7B8/Nmw24ShDVDhEsvejY97YC1MEQSMcAdLr/GyYn15scCNrHjZyFH275+dGR3DU
HCbqzXSag3plWBq4GT90EEaTziRxX329xeS0WKMN3MscrbH0DXKSjTGi21wVmXVz
yv/0kRNsTnNTtDTZH/kBWuMq7kkylFITH4p0w2jBGk/QJNXrlXsfFfj1alFx788U
UymXrgVi42Tcs6l6izJHXwXxdGtuNw9PgoTvOeBW8NHp0FlI3J1Qt04VocJ5AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUcsc8jcdcx5BqYusvyd7UKasN6oswHwYDVR0j
BBgwFoAUJkJbcClPmANdOHiOWXpKbOucnOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
Y2YzMDkzNi1jNzUwLTQzM2ItOWMyYS04ZmY1ZjM4ZTYzZDQvMC8yNjQyNUI3MDI5
NEY5ODAzNUQzODc4OEU1OTdBNEE2Q0VCOUM5Q0U1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjY0MjVCNzAyOTRGOTgwMzVEMzg3ODhFNTk3QTRBNkNFQjlD
OUNFNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNjZjMwOTM2LWM3NTAtNDMzYi05
YzJhLThmZjVmMzhlNjNkNC8wLzM1MzgyZTMxMzQzNTJlMzEzNjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzNjMwMzUzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEADqRqTANBgkqhkiG
9w0BAQsFAAOCAQEAp/WNHjk+wJHK0nGbE9DUUpa4DaSV2UJqBMlxG2dAnTjhe4ZC
3X46TU7yNqvNlRk3yj0IRSEBA9ov3urqwdo9t0DjvrmrrfOE/9IZdd42K1NKHAx5
qFdMBwzaDRU6etwhzo/odZVNiEoUjT26SWi7R7lR3HbTzc2F9c1TmubvlVAra0tv
ZGRmNEyTOkLCCxbs2Y6F+vmY6qiZAgOGFRRPN5btSsSe/q9b9Y+eaiJO4kpK5qM2
u5q5+D3XvCA26DyaBdxuLR7Xzp1Q8JqXxpZe366Mm+65FPX1Yyg4eOR2PhZbnHqs
1ETlx4PHSdGT7l3vcSmBPtsGG1af2AawgfY1Dg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:09:27 2024 by rpki-client on console-ams.rpki-client.org