Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/3230332e3137312e3232312e302f32342d3234203d3e203435323938.roa
File:                     3230332e3137312e3232312e302f32342d3234203d3e203435323938.roa (raw, json)
Hash identifier:          n0fq68IAj8bijRfEEOZL0ru6pfY4u5X/uTNk6senQ/U=
Subject key identifier:   AC:B6:28:72:78:B2:D6:9C:4E:1B:D9:C7:82:3C:62:B0:9F:18:6C:E2
Certificate issuer:       /CN=483F366E1FE9C068ED4417FD71D5B18420D56B62
Certificate serial:       8B22B6E81D2A3F557CDE467510CF676C9F56FD
Authority key identifier: 48:3F:36:6E:1F:E9:C0:68:ED:44:17:FD:71:D5:B1:84:20:D5:6B:62
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/483F366E1FE9C068ED4417FD71D5B18420D56B62.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/3230332e3137312e3232312e302f32342d3234203d3e203435323938.roa
Signing time:             Tue 30 Apr 2024 10:00:01 +0000
ROA not before:           Tue 30 Apr 2024 09:55:01 +0000
ROA not after:            Tue 29 Apr 2025 10:00:01 +0000
asID:                     45298
IP address blocks:        203.171.221.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/483F366E1FE9C068ED4417FD71D5B18420D56B62.crl
                          rsync://repo-rpki.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/483F366E1FE9C068ED4417FD71D5B18420D56B62.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/483F366E1FE9C068ED4417FD71D5B18420D56B62.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 05:19:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            8b:22:b6:e8:1d:2a:3f:55:7c:de:46:75:10:cf:67:6c:9f:56:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=483F366E1FE9C068ED4417FD71D5B18420D56B62
        Validity
            Not Before: Apr 30 09:55:01 2024 GMT
            Not After : Apr 29 10:00:01 2025 GMT
        Subject: CN=ACB6287278B2D69C4E1BD9C7823C62B09F186CE2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:2b:9b:01:11:16:0b:c2:63:36:48:f6:0a:fd:
                    fe:66:5c:c7:97:52:33:1e:91:8d:64:3e:44:c4:7a:
                    b4:4c:6e:f7:c0:2a:a1:40:48:6e:2c:29:82:f0:e7:
                    93:b6:0c:5c:50:7a:e0:85:3b:ab:cf:46:c9:60:93:
                    bc:6c:d2:00:25:48:a8:11:8a:d3:9f:d6:df:8f:ae:
                    4c:fc:18:d7:4d:5e:ab:82:2a:fa:2b:d4:6a:4d:9c:
                    5c:06:01:04:36:95:22:95:98:66:cd:9a:a0:bd:6e:
                    c5:b2:46:38:c8:ef:a1:0d:f8:e7:6a:ba:76:bf:cc:
                    a9:a4:4e:4b:c5:d2:69:24:d5:20:91:2a:48:f4:eb:
                    10:05:3c:fa:fd:c2:d7:aa:98:66:a2:36:a9:20:e9:
                    db:fa:25:03:4c:c6:47:5e:96:11:80:e3:53:74:bb:
                    8f:c1:d2:3a:73:ce:74:69:1b:ec:4f:31:e3:dd:02:
                    e2:83:d5:cb:f7:5f:a9:af:ad:a9:dc:30:d7:55:29:
                    c0:a2:c2:32:7a:f8:13:81:ef:20:d6:84:8b:4f:f1:
                    de:81:0b:c2:15:fb:af:07:c0:c6:84:91:e1:20:a9:
                    e7:73:95:82:a9:36:f5:17:6c:3f:e9:90:3c:5d:ca:
                    f2:c8:5a:77:e6:18:32:58:c4:c9:f4:28:b5:1d:d2:
                    bd:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:B6:28:72:78:B2:D6:9C:4E:1B:D9:C7:82:3C:62:B0:9F:18:6C:E2
            X509v3 Authority Key Identifier:
                keyid:48:3F:36:6E:1F:E9:C0:68:ED:44:17:FD:71:D5:B1:84:20:D5:6B:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/483F366E1FE9C068ED4417FD71D5B18420D56B62.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/483F366E1FE9C068ED4417FD71D5B18420D56B62.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4bf2ad4f-a72a-46d1-bd7d-a560c31efcad/0/3230332e3137312e3232312e302f32342d3234203d3e203435323938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.171.221.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:65:74:90:ca:da:d4:4b:e8:7d:f4:b0:52:cd:6b:63:ec:73:
         3f:e3:56:2b:99:1e:ef:7c:af:38:d1:d6:e8:f7:ec:c0:60:b6:
         ee:b1:4c:a8:bd:af:5c:c4:36:e2:cb:61:3c:69:c2:88:1c:f0:
         08:3b:90:de:4c:7c:a8:f0:ee:9e:f9:c4:6a:db:a7:40:eb:92:
         c7:d4:da:e1:ca:9d:86:4c:4c:35:c6:b7:c9:1f:d5:2b:68:1a:
         7b:08:ca:34:e9:9d:49:1b:a9:83:4c:eb:a4:bc:b9:5a:e9:41:
         00:d5:1d:1c:79:87:29:67:1f:46:2c:ea:53:77:df:ca:19:05:
         5a:de:de:b5:bc:fb:ff:c0:a7:08:b3:83:0a:90:5e:ae:9d:6a:
         ce:90:62:36:19:73:48:6d:32:de:5a:0a:b4:2c:6e:36:df:89:
         12:b3:d6:f3:bb:57:eb:21:db:0d:e4:23:52:99:2a:55:aa:49:
         15:a0:9a:91:8d:cd:8d:a6:8e:a3:fe:41:5e:f6:80:78:a1:2f:
         64:06:2f:ef:ed:1f:95:41:82:35:48:68:ff:c4:1b:75:bf:e4:
         6e:62:ae:bf:6d:30:cf:7f:c0:03:20:86:f7:7d:cf:a1:3a:fd:
         cc:09:f2:0a:bc:92:79:57:7e:24:2f:79:58:27:5c:b0:b5:18:
         ff:ba:23:c4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUAIsitugdKj9VfN5GdRDPZ2yfVv0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDgzRjM2NkUxRkU5QzA2OEVENDQxN0ZENzFENUIxODQy
MEQ1NkI2MjAeFw0yNDA0MzAwOTU1MDFaFw0yNTA0MjkxMDAwMDFaMDMxMTAvBgNV
BAMTKEFDQjYyODcyNzhCMkQ2OUM0RTFCRDlDNzgyM0M2MkIwOUYxODZDRTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAK5sBERYLwmM2SPYK/f5mXMeX
UjMekY1kPkTEerRMbvfAKqFASG4sKYLw55O2DFxQeuCFO6vPRslgk7xs0gAlSKgR
itOf1t+Prkz8GNdNXquCKvor1GpNnFwGAQQ2lSKVmGbNmqC9bsWyRjjI76EN+Odq
una/zKmkTkvF0mkk1SCRKkj06xAFPPr9wteqmGaiNqkg6dv6JQNMxkdelhGA41N0
u4/B0jpzznRpG+xPMePdAuKD1cv3X6mvrancMNdVKcCiwjJ6+BOB7yDWhItP8d6B
C8IV+68HwMaEkeEgqedzlYKpNvUXbD/pkDxdyvLIWnfmGDJYxMn0KLUd0r2VAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUrLYocniy1pxOG9nHgjxisJ8YbOIwHwYDVR0j
BBgwFoAUSD82bh/pwGjtRBf9cdWxhCDVa2IwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YmYyYWQ0Zi1hNzJhLTQ2ZDEtYmQ3ZC1hNTYwYzMxZWZjYWQvMC80ODNGMzY2RTFG
RTlDMDY4RUQ0NDE3RkQ3MUQ1QjE4NDIwRDU2QjYyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDgzRjM2NkUxRkU5QzA2OEVENDQxN0ZENzFENUIxODQyMEQ1
NkI2Mi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiZjJhZDRmLWE3MmEtNDZkMS1i
ZDdkLWE1NjBjMzFlZmNhZC8wLzMyMzAzMzJlMzEzNzMxMmUzMjMyMzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNDM1MzIzOTM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAy6vdMA0GCSqG
SIb3DQEBCwUAA4IBAQB2ZXSQytrUS+h99LBSzWtj7HM/41YrmR7vfK840dbo9+zA
YLbusUyova9cxDbiy2E8acKIHPAIO5DeTHyo8O6e+cRq26dA65LH1Nrhyp2GTEw1
xrfJH9UraBp7CMo06Z1JG6mDTOukvLla6UEA1R0ceYcpZx9GLOpTd9/KGQVa3t61
vPv/wKcIs4MKkF6unWrOkGI2GXNIbTLeWgq0LG4234kSs9bzu1frIdsN5CNSmSpV
qkkVoJqRjc2Npo6j/kFe9oB4oS9kBi/v7R+VQYI1SGj/xBt1v+RuYq6/bTDPf8AD
IIb3fc+hOv3MCfIKvJJ5V34kL3lYJ1ywtRj/uiPE
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:00:08 2024 by rpki-client on console-ams.rpki-client.org