Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/6c4c64a9-3537-4bc7-8613-8e981629e4ca/0/3131372e37342e3132312e302f32342d3234203d3e203338353135.roa
File:                     3131372e37342e3132312e302f32342d3234203d3e203338353135.roa (raw, json)
Hash identifier:          U+DhKaCX+eMWoG0BK1JUCp92Kg/SlFMW4W18iDWDPk8=
Subject key identifier:   74:DA:96:2E:88:EA:48:6A:B6:48:08:E8:C9:BB:79:BA:3E:8F:38:AE
Certificate issuer:       /CN=935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3
Certificate serial:       5286453FBEAED248F2048DA5534EE0DE75089040
Authority key identifier: 93:5D:B2:D4:48:8F:AE:2C:11:E1:BF:3B:DF:20:D8:2A:2D:DF:D8:F3
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/6c4c64a9-3537-4bc7-8613-8e981629e4ca/0/3131372e37342e3132312e302f32342d3234203d3e203338353135.roa
Signing time:             Mon 01 Jul 2024 01:03:15 +0000
ROA not before:           Mon 01 Jul 2024 00:58:15 +0000
ROA not after:            Mon 30 Jun 2025 01:03:15 +0000
asID:                     38515
IP address blocks:        117.74.121.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/6c4c64a9-3537-4bc7-8613-8e981629e4ca/0/935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3.crl
                          rsync://repo-rpki.idnic.net/repo/6c4c64a9-3537-4bc7-8613-8e981629e4ca/0/935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 01:21:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:86:45:3f:be:ae:d2:48:f2:04:8d:a5:53:4e:e0:de:75:08:90:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3
        Validity
            Not Before: Jul  1 00:58:15 2024 GMT
            Not After : Jun 30 01:03:15 2025 GMT
        Subject: CN=74DA962E88EA486AB64808E8C9BB79BA3E8F38AE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:30:a9:72:09:ea:2e:86:83:5b:8a:74:06:a0:
                    35:5b:40:c1:cb:55:cb:05:8b:09:30:fd:a8:09:51:
                    81:53:74:f5:78:d1:cc:d1:4f:53:00:83:5c:0d:5a:
                    20:ad:9e:14:32:07:a0:30:f5:f1:09:6f:a6:7f:89:
                    de:10:13:0d:cd:9d:8d:7f:84:a3:65:01:3b:e1:a4:
                    d5:20:81:fe:90:e4:e6:0d:77:d7:dd:15:0e:af:f6:
                    9d:ed:52:36:d0:93:75:ca:12:0f:ba:d1:45:ee:08:
                    1f:16:c7:89:f2:80:f2:41:e0:6e:8a:0f:32:6e:6f:
                    2a:c3:49:9f:16:e4:68:f4:c3:3c:70:fe:10:0d:91:
                    fd:8c:f3:02:15:f2:ae:24:06:5f:a7:99:67:95:b7:
                    b5:d0:95:3b:a7:23:11:e2:72:64:ad:51:77:e7:4d:
                    a9:ac:f9:37:71:6f:d0:b4:b5:39:04:0e:07:37:29:
                    ea:89:f2:38:ae:4f:24:92:dc:97:fb:a7:aa:db:9a:
                    60:9d:1c:71:9d:0f:3d:b2:57:31:d6:01:ee:a6:e9:
                    4e:05:b4:a3:cf:ae:bf:85:96:1e:a3:f3:45:ef:c8:
                    d8:e4:be:ac:45:8f:29:a8:e1:a6:28:71:b5:0f:1e:
                    01:74:8c:47:d4:65:f0:24:3d:91:8d:dc:48:6c:78:
                    b7:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                74:DA:96:2E:88:EA:48:6A:B6:48:08:E8:C9:BB:79:BA:3E:8F:38:AE
            X509v3 Authority Key Identifier:
                keyid:93:5D:B2:D4:48:8F:AE:2C:11:E1:BF:3B:DF:20:D8:2A:2D:DF:D8:F3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/6c4c64a9-3537-4bc7-8613-8e981629e4ca/0/935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/935DB2D4488FAE2C11E1BF3BDF20D82A2DDFD8F3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6c4c64a9-3537-4bc7-8613-8e981629e4ca/0/3131372e37342e3132312e302f32342d3234203d3e203338353135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.74.121.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:8a:04:13:82:45:aa:cb:12:58:98:9b:23:86:18:b2:94:e9:
         37:72:44:77:bd:67:15:7c:76:8c:d6:8e:00:c6:5a:ea:94:2c:
         e5:02:ab:c7:59:68:88:3f:c4:dd:d2:59:3c:ac:72:fe:44:19:
         fb:a5:19:4d:2a:ea:e0:ac:df:ac:39:00:7b:0b:3c:c3:60:a2:
         54:7b:c7:b5:64:08:79:02:32:63:dd:ff:f4:ce:30:a3:d1:23:
         32:7b:87:b2:00:41:b9:2a:76:c7:c9:40:3b:0f:93:2a:d5:2e:
         e1:da:aa:96:31:96:aa:77:d3:5a:c0:cf:28:2b:9e:6e:fb:d3:
         e1:ea:a0:36:01:ac:5d:92:98:36:7b:67:6c:c2:b7:08:41:c7:
         f7:3c:63:6e:01:26:cb:20:6a:0b:a3:12:01:48:b5:5d:18:d2:
         0a:8d:bb:25:0f:32:2d:d7:01:3c:73:78:4f:2b:d7:3f:77:29:
         e4:6a:ba:b3:d7:f0:5a:82:41:4f:2a:cf:2c:a5:f7:ee:47:e8:
         7a:4e:2b:a9:f4:7d:fc:8c:4c:de:64:04:6b:48:8d:50:88:9f:
         41:2a:ff:0e:37:92:49:f7:68:2f:63:dc:15:85:1b:18:87:fc:
         b4:a4:2e:3b:08:ac:ae:2b:f2:2d:67:4f:78:17:b7:e7:2e:71:
         b1:42:ab:06
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUUoZFP76u0kjyBI2lU07g3nUIkEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTM1REIyRDQ0ODhGQUUyQzExRTFCRjNCREYyMEQ4MkEy
RERGRDhGMzAeFw0yNDA3MDEwMDU4MTVaFw0yNTA2MzAwMTAzMTVaMDMxMTAvBgNV
BAMTKDc0REE5NjJFODhFQTQ4NkFCNjQ4MDhFOEM5QkI3OUJBM0U4RjM4QUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcMKlyCeouhoNbinQGoDVbQMHL
VcsFiwkw/agJUYFTdPV40czRT1MAg1wNWiCtnhQyB6Aw9fEJb6Z/id4QEw3NnY1/
hKNlATvhpNUggf6Q5OYNd9fdFQ6v9p3tUjbQk3XKEg+60UXuCB8Wx4nygPJB4G6K
DzJubyrDSZ8W5Gj0wzxw/hANkf2M8wIV8q4kBl+nmWeVt7XQlTunIxHicmStUXfn
Tams+Tdxb9C0tTkEDgc3KeqJ8jiuTySS3Jf7p6rbmmCdHHGdDz2yVzHWAe6m6U4F
tKPPrr+Flh6j80XvyNjkvqxFjymo4aYocbUPHgF0jEfUZfAkPZGN3EhseLdlAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUdNqWLojqSGq2SAjoybt5uj6POK4wHwYDVR0j
BBgwFoAUk12y1EiPriwR4b873yDYKi3f2PMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
YzRjNjRhOS0zNTM3LTRiYzctODYxMy04ZTk4MTYyOWU0Y2EvMC85MzVEQjJENDQ4
OEZBRTJDMTFFMUJGM0JERjIwRDgyQTJEREZEOEYzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTM1REIyRDQ0ODhGQUUyQzExRTFCRjNCREYyMEQ4MkEyRERG
RDhGMy5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZjNGM2NGE5LTM1MzctNGJjNy04
NjEzLThlOTgxNjI5ZTRjYS8wLzMxMzEzNzJlMzczNDJlMzEzMjMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzODM1MzEzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAHVKeTANBgkqhkiG
9w0BAQsFAAOCAQEAGIoEE4JFqssSWJibI4YYspTpN3JEd71nFXx2jNaOAMZa6pQs
5QKrx1loiD/E3dJZPKxy/kQZ+6UZTSrq4KzfrDkAews8w2CiVHvHtWQIeQIyY93/
9M4wo9EjMnuHsgBBuSp2x8lAOw+TKtUu4dqqljGWqnfTWsDPKCuebvvT4eqgNgGs
XZKYNntnbMK3CEHH9zxjbgEmyyBqC6MSAUi1XRjSCo27JQ8yLdcBPHN4TyvXP3cp
5Gq6s9fwWoJBTyrPLKX37kfoek4rqfR9/IxM3mQEa0iNUIifQSr/DjeSSfdoL2Pc
FYUbGIf8tKQuOwisrivyLWdPeBe35y5xsUKrBg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:05:57 2024 by rpki-client on console-fra.rpki-client.org