Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3230322e35372e32322e302f32332d3234203d3e2039333431.roa
File:                     3230322e35372e32322e302f32332d3234203d3e2039333431.roa (raw, json)
Hash identifier:          kMgDfiDmsQCLmGxuA3NZvszOMk2KWXD/fEyW+1Jw81Q=
Subject key identifier:   F0:07:F1:EA:AD:0B:EC:92:68:79:1F:0E:24:21:66:80:40:8E:54:12
Certificate issuer:       /CN=61566F205F7037962069571320603B274357CC6D
Certificate serial:       31A5B0771DD6C5AC407148E361C9998370488572
Authority key identifier: 61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3230322e35372e32322e302f32332d3234203d3e2039333431.roa
Signing time:             Wed 01 May 2024 08:02:07 +0000
ROA not before:           Wed 01 May 2024 07:57:07 +0000
ROA not after:            Wed 30 Apr 2025 08:02:07 +0000
asID:                     9341
IP address blocks:        202.57.22.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl
                          rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 03:03:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:a5:b0:77:1d:d6:c5:ac:40:71:48:e3:61:c9:99:83:70:48:85:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61566F205F7037962069571320603B274357CC6D
        Validity
            Not Before: May  1 07:57:07 2024 GMT
            Not After : Apr 30 08:02:07 2025 GMT
        Subject: CN=F007F1EAAD0BEC9268791F0E24216680408E5412
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:91:b5:56:ec:2a:3e:e5:84:d3:2d:ca:95:42:
                    2b:93:7c:39:91:86:c8:e8:65:4b:9b:94:4a:a9:5b:
                    7c:25:a5:02:01:43:7d:e2:25:aa:b9:a0:8a:d7:e9:
                    28:89:96:bf:2d:8d:fd:ac:08:7e:19:be:db:8b:db:
                    99:d4:02:45:c4:d1:bc:98:dc:d5:14:87:bd:2b:31:
                    31:33:ef:51:6c:a7:e5:bb:65:44:4e:41:00:2e:1f:
                    89:16:4b:fd:7c:96:52:26:bc:bb:0e:87:88:e5:53:
                    fc:e5:2a:83:44:6f:03:32:3e:43:8a:ca:df:6e:90:
                    1f:a3:0c:d3:54:0d:b0:15:67:ee:d6:b3:d4:ba:8d:
                    cf:a7:ad:58:b9:d5:44:bd:d2:43:7d:8a:30:8f:8d:
                    ec:f0:b0:65:6d:e2:08:68:4d:37:57:da:04:ed:c6:
                    6d:29:81:65:60:bb:f6:65:21:70:e6:d1:71:e3:c8:
                    02:71:43:c8:ca:f9:a1:66:dc:b4:df:3f:17:73:b8:
                    dd:50:9e:96:6c:31:b9:6e:f3:f6:d7:15:1f:90:24:
                    8d:0b:60:6a:dc:46:ed:27:95:0e:64:5c:f0:56:05:
                    17:09:2c:1b:2d:ea:75:94:d6:da:bd:dc:52:7e:23:
                    70:8f:9f:8c:ea:aa:29:21:61:54:44:42:e4:1d:1f:
                    3d:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:07:F1:EA:AD:0B:EC:92:68:79:1F:0E:24:21:66:80:40:8E:54:12
            X509v3 Authority Key Identifier:
                keyid:61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3230322e35372e32322e302f32332d3234203d3e2039333431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.57.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:dc:3f:83:fe:c1:92:7d:93:e2:00:86:7c:76:61:fe:03:32:
         97:18:4d:62:79:d5:90:1c:87:ef:71:65:65:40:bc:4a:82:4e:
         b0:90:c0:1b:8f:65:19:34:62:ee:86:99:cb:e6:71:05:cd:86:
         c8:1f:71:6a:12:e9:2f:ef:a7:a9:0f:91:d7:b5:73:be:a0:a2:
         3f:3b:62:64:ce:ed:50:1a:b4:e9:f7:da:51:d0:81:87:f4:4c:
         f1:b0:cb:88:2d:ff:a1:89:d0:ad:db:b7:a6:97:9a:61:05:96:
         77:2a:3f:eb:de:e9:ea:e0:1e:e3:6d:8d:32:fc:23:d9:a9:cf:
         5e:04:e2:9d:75:d8:c4:3e:7f:1d:25:ea:9c:43:70:4f:08:50:
         f6:21:f4:97:e6:c2:ae:9b:5c:0e:e2:04:d0:77:33:34:21:70:
         ca:73:58:2c:21:84:15:8c:18:79:39:6a:05:f6:5a:95:17:84:
         3b:de:a8:13:7b:a8:f0:f3:76:99:46:4d:c2:5a:ce:b6:2b:bc:
         57:cd:de:2d:d1:97:03:23:0e:3e:bc:bd:19:4c:40:89:a3:9e:
         a8:f5:0c:4d:8a:40:2a:33:2c:52:c4:12:26:9a:64:23:f5:8b:
         e7:8b:3e:93:fd:cc:20:dd:02:8d:62:58:c6:ad:b1:3b:69:47:
         48:f7:81:19
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUMaWwdx3WxaxAcUjjYcmZg3BIhXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0
MzU3Q0M2RDAeFw0yNDA1MDEwNzU3MDdaFw0yNTA0MzAwODAyMDdaMDMxMTAvBgNV
BAMTKEYwMDdGMUVBQUQwQkVDOTI2ODc5MUYwRTI0MjE2NjgwNDA4RTU0MTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5kbVW7Co+5YTTLcqVQiuTfDmR
hsjoZUublEqpW3wlpQIBQ33iJaq5oIrX6SiJlr8tjf2sCH4ZvtuL25nUAkXE0byY
3NUUh70rMTEz71Fsp+W7ZUROQQAuH4kWS/18llImvLsOh4jlU/zlKoNEbwMyPkOK
yt9ukB+jDNNUDbAVZ+7Ws9S6jc+nrVi51US90kN9ijCPjezwsGVt4ghoTTdX2gTt
xm0pgWVgu/ZlIXDm0XHjyAJxQ8jK+aFm3LTfPxdzuN1QnpZsMblu8/bXFR+QJI0L
YGrcRu0nlQ5kXPBWBRcJLBst6nWU1tq93FJ+I3CPn4zqqikhYVREQuQdHz2hAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU8Afx6q0L7JJoeR8OJCFmgECOVBIwHwYDVR0j
BBgwFoAUYVZvIF9wN5YgaVcTIGA7J0NXzG0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2JkY2JhZS0yZTlkLTRmM2YtOGFiOS0zNDI0ZTQ0ODQ4NGUvMC82MTU2NkYyMDVG
NzAzNzk2MjA2OTU3MTMyMDYwM0IyNzQzNTdDQzZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0MzU3
Q0M2RC5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzNiZGNiYWUtMmU5ZC00ZjNmLThh
YjktMzQyNGU0NDg0ODRlLzAvMzIzMDMyMmUzNTM3MmUzMjMyMmUzMDJmMzIzMzJk
MzIzNDIwM2QzZTIwMzkzMzM0MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHKORYwDQYJKoZIhvcNAQEL
BQADggEBACDcP4P+wZJ9k+IAhnx2Yf4DMpcYTWJ51ZAch+9xZWVAvEqCTrCQwBuP
ZRk0Yu6GmcvmcQXNhsgfcWoS6S/vp6kPkde1c76goj87YmTO7VAatOn32lHQgYf0
TPGwy4gt/6GJ0K3bt6aXmmEFlncqP+ve6ergHuNtjTL8I9mpz14E4p112MQ+fx0l
6pxDcE8IUPYh9Jfmwq6bXA7iBNB3MzQhcMpzWCwhhBWMGHk5agX2WpUXhDveqBN7
qPDzdplGTcJazrYrvFfN3i3RlwMjDj68vRlMQImjnqj1DE2KQCozLFLEEiaaZCP1
i+eLPpP9zCDdAo1iWMatsTtpR0j3gRk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:19:21 2024 by rpki-client on console-fra.rpki-client.org