Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234342e302f32332d3233203d3e203338373738.roa
File:                     3230322e39332e3234342e302f32332d3233203d3e203338373738.roa (raw, json)
Hash identifier:          G2bv3qpu58XEL4oDUx53AmRP5ZhF/h9Qe4Z0uPbcjrE=
Subject key identifier:   3D:F1:E6:84:7D:51:0E:5B:2E:0A:44:24:19:50:F0:83:16:03:F5:41
Certificate issuer:       /CN=F38DFF094E16843854EAC1403C69FD7F77809D02
Certificate serial:       53FFA31E0FB051FB44BD53822C6A25A1FD79E232
Authority key identifier: F3:8D:FF:09:4E:16:84:38:54:EA:C1:40:3C:69:FD:7F:77:80:9D:02
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234342e302f32332d3233203d3e203338373738.roa
Signing time:             Fri 02 Jun 2023 03:00:00 +0000
ROA not before:           Fri 02 Jun 2023 02:55:00 +0000
ROA not after:            Fri 31 May 2024 03:00:00 +0000
asID:                     38778
IP address blocks:        202.93.244.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.crl
                          rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 11:47:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:ff:a3:1e:0f:b0:51:fb:44:bd:53:82:2c:6a:25:a1:fd:79:e2:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F38DFF094E16843854EAC1403C69FD7F77809D02
        Validity
            Not Before: Jun  2 02:55:00 2023 GMT
            Not After : May 31 03:00:00 2024 GMT
        Subject: CN=3DF1E6847D510E5B2E0A44241950F0831603F541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:36:9b:34:69:b1:01:7a:a1:69:c7:11:c0:f8:
                    c8:12:c1:29:6d:d7:0b:2b:91:c0:4c:f2:88:90:fa:
                    61:d7:a1:67:3d:96:31:8c:02:6f:38:d6:e8:3b:d2:
                    9b:a4:74:67:ff:77:dd:5e:26:ee:d7:05:5e:ce:51:
                    ad:66:1e:47:fa:c9:7e:61:4d:d7:7f:f5:64:83:52:
                    24:ff:31:5b:f3:3b:32:fc:c6:cc:be:6d:47:7f:67:
                    b2:0d:3e:37:6d:68:1e:9d:c5:87:99:fa:6f:41:6f:
                    88:c3:33:ec:75:f3:4c:b4:31:43:21:0c:63:1f:75:
                    be:09:6f:97:fa:f8:02:02:b1:08:2f:c6:dc:89:21:
                    27:e2:ef:60:8f:77:e1:02:49:45:da:53:e8:d8:4b:
                    49:74:b8:48:2f:0c:be:a4:1c:dc:0e:1c:e5:30:7d:
                    e2:8f:f2:90:3c:2f:7c:c0:9d:c5:e3:5d:03:67:60:
                    84:3f:b4:b3:6f:93:d3:39:22:c0:f2:54:be:85:08:
                    75:2f:63:b8:5b:99:44:d9:c0:02:49:73:87:df:e1:
                    81:c6:a2:24:97:2e:49:47:7a:40:9b:52:c4:54:61:
                    99:4e:f7:6c:f3:fa:5b:ae:19:6d:a6:62:a5:6e:b2:
                    f3:3b:f1:fb:02:ce:ec:12:b2:c2:72:9c:0c:19:99:
                    aa:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:F1:E6:84:7D:51:0E:5B:2E:0A:44:24:19:50:F0:83:16:03:F5:41
            X509v3 Authority Key Identifier:
                keyid:F3:8D:FF:09:4E:16:84:38:54:EA:C1:40:3C:69:FD:7F:77:80:9D:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234342e302f32332d3233203d3e203338373738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         12:0c:5b:fb:b6:da:e4:2d:06:19:cc:20:af:4a:83:3d:d1:0b:
         9f:44:2b:cf:9b:62:d3:bb:fb:2a:6c:da:00:5a:18:cb:f6:ca:
         0b:c2:0b:01:dc:3b:09:88:be:af:cf:74:b2:ca:43:e2:e9:f1:
         a9:48:c4:98:f6:5f:4e:63:d7:70:bf:ab:ca:fb:8a:2d:3a:d6:
         c0:ac:77:a7:d0:f0:00:31:92:83:35:3a:62:aa:4c:3f:7e:52:
         d6:2b:d7:3a:56:a2:3d:73:e3:53:46:ad:ef:74:de:d4:c9:7e:
         7c:43:e0:bf:16:dc:3f:e6:fa:64:18:c2:14:7c:a6:c2:ce:3d:
         87:8f:0f:a2:1d:d8:85:79:8b:21:5a:0a:a7:9d:ce:3d:55:6a:
         98:89:72:98:51:fd:d5:d8:d8:49:c9:f7:eb:9c:aa:38:63:0b:
         ac:59:01:6b:ee:2a:26:99:57:9b:2b:5b:db:60:a7:69:4c:a2:
         fd:82:a9:65:79:61:0d:98:d7:f0:82:9d:49:63:51:91:d1:a5:
         25:60:d7:f3:74:95:d6:13:d5:89:1f:a0:73:ad:fb:6e:9e:d9:
         29:fc:b5:76:ac:20:b0:38:ec:9f:c7:01:63:46:fe:36:2d:f1:
         d0:17:e9:7a:03:fa:2a:e5:ff:0d:3d:33:48:bc:37:e7:2a:08:
         93:9d:0b:af
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUU/+jHg+wUftEvVOCLGolof154jIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjM4REZGMDk0RTE2ODQzODU0RUFDMTQwM0M2OUZEN0Y3
NzgwOUQwMjAeFw0yMzA2MDIwMjU1MDBaFw0yNDA1MzEwMzAwMDBaMDMxMTAvBgNV
BAMTKDNERjFFNjg0N0Q1MTBFNUIyRTBBNDQyNDE5NTBGMDgzMTYwM0Y1NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfNps0abEBeqFpxxHA+MgSwSlt
1wsrkcBM8oiQ+mHXoWc9ljGMAm841ug70pukdGf/d91eJu7XBV7OUa1mHkf6yX5h
Tdd/9WSDUiT/MVvzOzL8xsy+bUd/Z7INPjdtaB6dxYeZ+m9Bb4jDM+x180y0MUMh
DGMfdb4Jb5f6+AICsQgvxtyJISfi72CPd+ECSUXaU+jYS0l0uEgvDL6kHNwOHOUw
feKP8pA8L3zAncXjXQNnYIQ/tLNvk9M5IsDyVL6FCHUvY7hbmUTZwAJJc4ff4YHG
oiSXLklHekCbUsRUYZlO92zz+luuGW2mYqVusvM78fsCzuwSssJynAwZmarRAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUPfHmhH1RDlsuCkQkGVDwgxYD9UEwHwYDVR0j
BBgwFoAU843/CU4WhDhU6sFAPGn9f3eAnQIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YWQ2ZGNjOS0xNzAwLTQ4ZWItOTA5OS02Njc4ZjkxYmY0NGUvMC9GMzhERkYwOTRF
MTY4NDM4NTRFQUMxNDAzQzY5RkQ3Rjc3ODA5RDAyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjM4REZGMDk0RTE2ODQzODU0RUFDMTQwM0M2OUZEN0Y3Nzgw
OUQwMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhZDZkY2M5LTE3MDAtNDhlYi05
MDk5LTY2NzhmOTFiZjQ0ZS8wLzMyMzAzMjJlMzkzMzJlMzIzNDM0MmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzMzODM3MzczOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcpd9DANBgkqhkiG
9w0BAQsFAAOCAQEAEgxb+7ba5C0GGcwgr0qDPdELn0Qrz5ti07v7KmzaAFoYy/bK
C8ILAdw7CYi+r890sspD4unxqUjEmPZfTmPXcL+ryvuKLTrWwKx3p9DwADGSgzU6
YqpMP35S1ivXOlaiPXPjU0at73Te1Ml+fEPgvxbcP+b6ZBjCFHymws49h48Poh3Y
hXmLIVoKp53OPVVqmIlymFH91djYScn365yqOGMLrFkBa+4qJplXmytb22CnaUyi
/YKpZXlhDZjX8IKdSWNRkdGlJWDX83SV1hPViR+gc637bp7ZKfy1dqwgsDjsn8cB
Y0b+Ni3x0BfpegP6KuX/DT0zSLw35yoIk50Lrw==
-----END CERTIFICATE-----
Generated at Tue Mar 26 03:18:29 2024 by rpki-client on console-fra.rpki-client.org