Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234372e302f32342d3234203d3e203338373738.roa
File:                     3230322e39332e3234372e302f32342d3234203d3e203338373738.roa (raw, json)
Hash identifier:          bZ2V+P7VWHiROvvyEviMeLsUf03USNSMZyYWX6E0jgg=
Subject key identifier:   1B:6E:0F:EA:4C:77:EA:F2:5E:7D:72:D1:8E:78:8F:C9:E3:4F:22:BD
Certificate issuer:       /CN=F38DFF094E16843854EAC1403C69FD7F77809D02
Certificate serial:       73D8CF47714DF150842F97805702285DBAA36F9C
Authority key identifier: F3:8D:FF:09:4E:16:84:38:54:EA:C1:40:3C:69:FD:7F:77:80:9D:02
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234372e302f32342d3234203d3e203338373738.roa
Signing time:             Mon 31 Jul 2023 00:05:30 +0000
ROA not before:           Mon 31 Jul 2023 00:00:30 +0000
ROA not after:            Mon 29 Jul 2024 00:05:30 +0000
asID:                     38778
IP address blocks:        202.93.247.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.crl
                          rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 14:57:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:d8:cf:47:71:4d:f1:50:84:2f:97:80:57:02:28:5d:ba:a3:6f:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F38DFF094E16843854EAC1403C69FD7F77809D02
        Validity
            Not Before: Jul 31 00:00:30 2023 GMT
            Not After : Jul 29 00:05:30 2024 GMT
        Subject: CN=1B6E0FEA4C77EAF25E7D72D18E788FC9E34F22BD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:a6:e7:fc:f9:5a:c0:43:8d:c7:e6:3e:a0:db:
                    7a:26:5d:cb:9d:4b:3e:d3:a4:de:f7:40:bc:6e:82:
                    be:3e:4e:9f:d6:de:97:20:20:71:8f:12:d2:b4:ef:
                    b9:21:86:65:40:ec:d9:20:4f:d3:e6:52:69:9e:84:
                    70:40:ca:8a:2f:1a:2b:fb:bc:6d:46:59:8d:d2:f8:
                    14:94:00:9e:d6:a1:46:5b:11:2a:b0:33:7b:80:9e:
                    9d:2e:eb:b2:48:9d:85:f7:2b:f0:d5:1b:26:4c:f0:
                    32:01:19:fc:9f:35:8d:3e:9e:9f:bc:e9:e2:64:19:
                    06:45:17:87:1a:5b:4e:17:2a:02:13:91:76:15:2f:
                    1b:8a:7b:0c:f2:71:2c:c2:fd:96:b0:c2:1a:6b:fb:
                    8e:9f:d4:fb:4b:02:e9:34:73:9f:0d:a5:2b:17:87:
                    ae:ab:57:f0:16:7f:8a:6b:26:76:eb:6b:30:5d:2f:
                    e0:ad:3d:3d:da:62:90:7d:ba:64:9b:05:f2:5c:27:
                    07:c2:7e:61:9d:6c:57:b7:52:53:df:69:42:0f:b3:
                    06:23:af:a9:7b:11:69:a4:92:d4:b6:df:26:67:94:
                    5a:33:5f:83:3a:84:0f:94:1c:05:33:0f:92:aa:67:
                    59:14:81:6b:3e:fb:80:20:ae:ec:4c:84:ec:c4:c8:
                    3a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:6E:0F:EA:4C:77:EA:F2:5E:7D:72:D1:8E:78:8F:C9:E3:4F:22:BD
            X509v3 Authority Key Identifier:
                keyid:F3:8D:FF:09:4E:16:84:38:54:EA:C1:40:3C:69:FD:7F:77:80:9D:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/F38DFF094E16843854EAC1403C69FD7F77809D02.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F38DFF094E16843854EAC1403C69FD7F77809D02.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ad6dcc9-1700-48eb-9099-6678f91bf44e/0/3230322e39332e3234372e302f32342d3234203d3e203338373738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.93.247.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:08:23:d9:4c:88:97:19:b9:ea:b9:1e:f0:66:0b:2b:5c:7c:
         d8:82:7d:e2:cb:b4:15:45:89:25:b5:11:51:15:75:f3:d8:3c:
         c8:65:f4:85:83:38:1f:08:73:93:5d:2f:b8:3d:b3:3a:43:15:
         9c:52:7a:25:32:63:ef:8c:d7:85:ee:52:a5:53:b5:19:e2:c5:
         bf:8e:ed:7c:3f:c9:67:52:34:14:9d:a3:0e:cc:22:da:37:db:
         4c:24:ed:16:53:18:d2:09:8c:ee:a2:86:25:a4:40:fa:e3:4c:
         57:ce:c0:66:98:12:59:4e:77:ae:12:23:de:f1:e3:03:65:d7:
         bb:d2:95:c1:90:f5:f5:a1:59:ac:d3:55:00:6a:51:d2:39:e2:
         a2:2e:5d:ab:6b:7c:9c:9c:8c:59:81:e3:40:c9:25:cd:b7:67:
         4f:5c:d1:b4:3f:60:47:3e:6e:66:34:0f:67:f2:4f:f6:3c:88:
         1b:43:d9:35:32:45:6c:7d:41:71:4a:06:c4:a8:80:f7:05:87:
         a6:16:66:0f:b7:14:76:90:0f:7a:29:b7:8a:10:4b:de:25:55:
         92:f6:04:6a:6a:72:96:4a:22:94:71:92:d9:41:61:a2:db:3a:
         ad:97:cb:b6:42:8a:e5:f6:d8:11:b8:4e:4f:47:6f:65:16:64:
         28:7f:96:a4
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUc9jPR3FN8VCEL5eAVwIoXbqjb5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjM4REZGMDk0RTE2ODQzODU0RUFDMTQwM0M2OUZEN0Y3
NzgwOUQwMjAeFw0yMzA3MzEwMDAwMzBaFw0yNDA3MjkwMDA1MzBaMDMxMTAvBgNV
BAMTKDFCNkUwRkVBNEM3N0VBRjI1RTdENzJEMThFNzg4RkM5RTM0RjIyQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6puf8+VrAQ43H5j6g23omXcud
Sz7TpN73QLxugr4+Tp/W3pcgIHGPEtK077khhmVA7NkgT9PmUmmehHBAyoovGiv7
vG1GWY3S+BSUAJ7WoUZbESqwM3uAnp0u67JInYX3K/DVGyZM8DIBGfyfNY0+np+8
6eJkGQZFF4caW04XKgITkXYVLxuKewzycSzC/Zawwhpr+46f1PtLAuk0c58NpSsX
h66rV/AWf4prJnbrazBdL+CtPT3aYpB9umSbBfJcJwfCfmGdbFe3UlPfaUIPswYj
r6l7EWmkktS23yZnlFozX4M6hA+UHAUzD5KqZ1kUgWs++4AgruxMhOzEyDqdAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUG24P6kx36vJefXLRjniPyeNPIr0wHwYDVR0j
BBgwFoAU843/CU4WhDhU6sFAPGn9f3eAnQIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YWQ2ZGNjOS0xNzAwLTQ4ZWItOTA5OS02Njc4ZjkxYmY0NGUvMC9GMzhERkYwOTRF
MTY4NDM4NTRFQUMxNDAzQzY5RkQ3Rjc3ODA5RDAyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjM4REZGMDk0RTE2ODQzODU0RUFDMTQwM0M2OUZEN0Y3Nzgw
OUQwMi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhZDZkY2M5LTE3MDAtNDhlYi05
MDk5LTY2NzhmOTFiZjQ0ZS8wLzMyMzAzMjJlMzkzMzJlMzIzNDM3MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODM3MzczOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMpd9zANBgkqhkiG
9w0BAQsFAAOCAQEAFAgj2UyIlxm56rke8GYLK1x82IJ94su0FUWJJbURURV189g8
yGX0hYM4Hwhzk10vuD2zOkMVnFJ6JTJj74zXhe5SpVO1GeLFv47tfD/JZ1I0FJ2j
Dswi2jfbTCTtFlMY0gmM7qKGJaRA+uNMV87AZpgSWU53rhIj3vHjA2XXu9KVwZD1
9aFZrNNVAGpR0jnioi5dq2t8nJyMWYHjQMklzbdnT1zRtD9gRz5uZjQPZ/JP9jyI
G0PZNTJFbH1BcUoGxKiA9wWHphZmD7cUdpAPeim3ihBL3iVVkvYEampylkoilHGS
2UFhots6rZfLtkKK5fbYEbhOT0dvZRZkKH+WpA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:27:26 2024 by rpki-client on console-ams.rpki-client.org