Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/6a9e2898-023b-4741-8735-a0718cc6cf2b/0/323030313a6466303a376334303a3a2f34382d3438203d3e20313437313534.roa
File:                     323030313a6466303a376334303a3a2f34382d3438203d3e20313437313534.roa (raw, json)
Hash identifier:          8KRn4+ZAQVWoieg2jcJ7wMezo/mXmeuvVwQM5l5aBBM=
Subject key identifier:   F9:C3:90:41:AA:D7:40:06:7C:E9:3B:80:15:F8:B2:86:80:53:2E:F7
Certificate issuer:       /CN=B152586AE46FCAB640629D941147319E05FCF34B
Certificate serial:       74D49D6959921370821100496058B58F78C27630
Authority key identifier: B1:52:58:6A:E4:6F:CA:B6:40:62:9D:94:11:47:31:9E:05:FC:F3:4B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B152586AE46FCAB640629D941147319E05FCF34B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/6a9e2898-023b-4741-8735-a0718cc6cf2b/0/323030313a6466303a376334303a3a2f34382d3438203d3e20313437313534.roa
Signing time:             Thu 18 Jan 2024 11:00:01 +0000
ROA not before:           Thu 18 Jan 2024 10:55:01 +0000
ROA not after:            Thu 16 Jan 2025 11:00:01 +0000
asID:                     147154
IP address blocks:        2001:df0:7c40::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/6a9e2898-023b-4741-8735-a0718cc6cf2b/0/B152586AE46FCAB640629D941147319E05FCF34B.crl
                          rsync://repo-rpki.idnic.net/repo/6a9e2898-023b-4741-8735-a0718cc6cf2b/0/B152586AE46FCAB640629D941147319E05FCF34B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B152586AE46FCAB640629D941147319E05FCF34B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 11:47:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:d4:9d:69:59:92:13:70:82:11:00:49:60:58:b5:8f:78:c2:76:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B152586AE46FCAB640629D941147319E05FCF34B
        Validity
            Not Before: Jan 18 10:55:01 2024 GMT
            Not After : Jan 16 11:00:01 2025 GMT
        Subject: CN=F9C39041AAD740067CE93B8015F8B28680532EF7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:20:21:56:cf:b2:79:24:dc:1f:bf:3a:73:47:
                    2f:4e:9e:fd:76:d0:95:64:93:e6:17:2c:d4:af:5f:
                    75:83:4e:41:89:3c:e6:7f:2f:57:a0:8d:96:cf:2e:
                    10:09:71:7c:c4:56:29:fd:a4:97:03:e0:65:fa:ec:
                    7a:36:12:b2:10:46:c3:9b:a5:45:35:32:99:fb:b4:
                    b1:27:16:1b:34:59:f9:5a:a2:47:09:93:aa:47:06:
                    ff:5e:83:d3:e8:86:92:af:d7:7f:23:78:ad:25:ac:
                    ef:35:e3:76:60:90:75:c9:1b:c2:a8:98:66:24:b2:
                    0d:83:84:bb:3e:48:f1:b3:a9:5e:f7:18:9e:74:71:
                    b7:93:e6:d8:ab:02:af:9b:60:4f:10:db:8a:e8:79:
                    a6:12:35:87:41:c8:61:69:e0:f5:13:ca:69:f6:27:
                    ee:07:bf:66:64:2d:1d:52:01:19:00:cd:f5:5e:99:
                    f1:54:e0:6c:26:97:30:c2:b6:6a:0e:e8:b6:aa:5c:
                    2c:5d:ef:e3:40:a5:c8:21:f4:e5:b4:8a:a7:bf:da:
                    6a:df:a0:31:bf:26:6c:f8:aa:de:37:4f:ff:3a:df:
                    be:d5:8d:90:e4:0a:f3:1b:01:20:8a:14:9a:9e:18:
                    e0:f3:d1:4b:7a:5b:6d:02:ec:b5:d6:d6:58:35:70:
                    db:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:C3:90:41:AA:D7:40:06:7C:E9:3B:80:15:F8:B2:86:80:53:2E:F7
            X509v3 Authority Key Identifier:
                keyid:B1:52:58:6A:E4:6F:CA:B6:40:62:9D:94:11:47:31:9E:05:FC:F3:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/6a9e2898-023b-4741-8735-a0718cc6cf2b/0/B152586AE46FCAB640629D941147319E05FCF34B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B152586AE46FCAB640629D941147319E05FCF34B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6a9e2898-023b-4741-8735-a0718cc6cf2b/0/323030313a6466303a376334303a3a2f34382d3438203d3e20313437313534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:7c40::/48

    Signature Algorithm: sha256WithRSAEncryption
         96:69:94:c9:81:ca:2d:3d:e0:a5:69:6d:6a:1e:99:fc:e7:c4:
         1c:19:ab:85:00:bd:06:f2:20:bb:42:1b:7b:cc:30:92:60:ae:
         b4:ad:fd:29:04:2c:6c:84:88:0d:d1:7b:98:ff:09:22:03:c1:
         61:05:84:21:5f:86:68:7e:48:93:d7:6f:9f:ae:b8:84:9b:d7:
         09:7f:06:fd:5f:eb:fe:25:ea:59:7e:6f:aa:de:2b:37:5d:3d:
         81:4b:b6:86:4b:9b:f4:0a:1a:38:68:c2:fd:62:d7:7e:dd:a1:
         4c:06:58:d1:20:6b:8d:e9:21:fc:32:89:41:9b:d0:ce:39:17:
         78:59:a3:be:31:f8:e0:af:ce:8c:4d:d5:ba:0b:7e:fb:68:67:
         ac:ac:b9:90:d4:bc:c5:8c:32:a6:ff:8e:c0:4e:b5:94:1b:51:
         25:81:da:f5:94:3c:2a:34:0b:d8:7c:07:bc:cc:db:a0:f9:4c:
         4f:52:e7:26:1f:ae:d8:f6:df:68:1c:f3:34:a1:30:f7:6e:c3:
         77:ae:3f:1d:f0:59:50:6f:c4:c8:12:b6:af:7d:68:7c:42:a2:
         65:78:45:38:09:dd:cb:77:57:1a:3d:59:ca:b9:59:71:e3:b0:
         dc:46:06:90:1e:bc:e1:43:cf:48:85:b3:21:48:d3:eb:18:ab:
         bc:81:b2:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdNSdaVmSE3CCEQBJYFi1j3jCdjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjE1MjU4NkFFNDZGQ0FCNjQwNjI5RDk0MTE0NzMxOUUw
NUZDRjM0QjAeFw0yNDAxMTgxMDU1MDFaFw0yNTAxMTYxMTAwMDFaMDMxMTAvBgNV
BAMTKEY5QzM5MDQxQUFENzQwMDY3Q0U5M0I4MDE1RjhCMjg2ODA1MzJFRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwICFWz7J5JNwfvzpzRy9Onv12
0JVkk+YXLNSvX3WDTkGJPOZ/L1egjZbPLhAJcXzEVin9pJcD4GX67Ho2ErIQRsOb
pUU1Mpn7tLEnFhs0WflaokcJk6pHBv9eg9PohpKv138jeK0lrO8143ZgkHXJG8Ko
mGYksg2DhLs+SPGzqV73GJ50cbeT5tirAq+bYE8Q24roeaYSNYdByGFp4PUTymn2
J+4Hv2ZkLR1SARkAzfVemfFU4GwmlzDCtmoO6LaqXCxd7+NApcgh9OW0iqe/2mrf
oDG/Jmz4qt43T/86377VjZDkCvMbASCKFJqeGODz0Ut6W20C7LXW1lg1cNtxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU+cOQQarXQAZ86TuAFfiyhoBTLvcwHwYDVR0j
BBgwFoAUsVJYauRvyrZAYp2UEUcxngX880swDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
YTllMjg5OC0wMjNiLTQ3NDEtODczNS1hMDcxOGNjNmNmMmIvMC9CMTUyNTg2QUU0
NkZDQUI2NDA2MjlEOTQxMTQ3MzE5RTA1RkNGMzRCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjE1MjU4NkFFNDZGQ0FCNjQwNjI5RDk0MTE0NzMxOUUwNUZD
RjM0Qi5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZhOWUyODk4LTAyM2ItNDc0MS04
NzM1LWEwNzE4Y2M2Y2YyYi8wLzMyMzAzMDMxM2E2NDY2MzAzYTM3NjMzNDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzEzNDM3MzEzNTM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEN
8HxAMA0GCSqGSIb3DQEBCwUAA4IBAQCWaZTJgcotPeClaW1qHpn858QcGauFAL0G
8iC7Qht7zDCSYK60rf0pBCxshIgN0XuY/wkiA8FhBYQhX4ZofkiT12+frriEm9cJ
fwb9X+v+JepZfm+q3is3XT2BS7aGS5v0Cho4aML9Ytd+3aFMBljRIGuN6SH8MolB
m9DOORd4WaO+Mfjgr86MTdW6C377aGesrLmQ1LzFjDKm/47ATrWUG1Elgdr1lDwq
NAvYfAe8zNug+UxPUucmH67Y9t9oHPM0oTD3bsN3rj8d8FlQb8TIEravfWh8QqJl
eEU4Cd3Ld1caPVnKuVlx47DcRgaQHrzhQ89IhbMhSNPrGKu8gbIi
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:50:41 2024 by rpki-client on console-fra.rpki-client.org