Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a646561643a3a2f34382d3438203d3e20313336303838.roa
File:                     323430303a643934303a646561643a3a2f34382d3438203d3e20313336303838.roa (raw, json)
Hash identifier:          ApsYy3XjFlolZnpc/0DGW8loTu4knnHR7uGy5K34oVY=
Subject key identifier:   CE:B1:D3:C1:83:12:BB:DA:7A:34:DA:E1:93:E9:C3:17:53:4F:1A:DE
Certificate issuer:       /CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
Certificate serial:       53D9DBCC938D218689E3C1A0390A766479CEAEC8
Authority key identifier: D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a646561643a3a2f34382d3438203d3e20313336303838.roa
Signing time:             Sat 15 Jun 2024 03:43:29 +0000
ROA not before:           Sat 15 Jun 2024 03:38:29 +0000
ROA not after:            Sat 14 Jun 2025 03:43:29 +0000
asID:                     136088
IP address blocks:        2400:d940:dead::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl
                          rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 08:51:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:d9:db:cc:93:8d:21:86:89:e3:c1:a0:39:0a:76:64:79:ce:ae:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
        Validity
            Not Before: Jun 15 03:38:29 2024 GMT
            Not After : Jun 14 03:43:29 2025 GMT
        Subject: CN=CEB1D3C18312BBDA7A34DAE193E9C317534F1ADE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:29:88:a6:86:00:3d:b7:fe:05:21:ac:68:5f:
                    57:19:2b:3d:dd:23:76:9d:26:34:55:9d:c5:e9:52:
                    c4:5a:13:43:5d:5d:4e:b8:83:4b:77:a2:17:39:df:
                    fa:72:f8:7e:56:21:f0:db:a1:48:9f:75:8c:4c:14:
                    c7:40:e1:d7:47:20:f9:4b:dc:ba:60:f4:f8:14:68:
                    2b:cd:24:32:48:5b:3b:75:ff:b9:6d:ac:7f:0d:85:
                    32:6f:14:7f:fb:a7:83:77:32:ea:75:53:e2:ab:e5:
                    5a:d7:b4:2a:64:0d:4a:8b:5c:9f:c1:fc:ad:ce:52:
                    22:f8:02:db:9b:3c:d3:a2:12:dd:d9:66:9a:4e:f2:
                    c2:a9:a8:94:cf:f1:20:a6:f2:9b:b3:e9:f3:3b:4e:
                    c8:ac:d2:62:bf:94:ad:ce:b8:06:d5:bd:5e:20:b4:
                    78:ce:1a:02:d7:ef:b7:44:8e:ea:54:5d:25:4f:2a:
                    b9:76:06:92:c0:c3:1e:00:47:43:96:3d:8f:7a:68:
                    d5:05:76:52:d3:e4:c6:78:32:c3:02:65:ae:8b:9c:
                    46:af:99:b7:da:b1:3a:3d:2d:d8:37:9c:39:d9:bc:
                    53:04:08:36:4b:fe:54:df:2d:5d:59:49:e1:14:a5:
                    74:9e:14:81:d8:8b:24:e2:2d:65:b2:18:2c:d1:72:
                    70:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:B1:D3:C1:83:12:BB:DA:7A:34:DA:E1:93:E9:C3:17:53:4F:1A:DE
            X509v3 Authority Key Identifier:
                keyid:D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/323430303a643934303a646561643a3a2f34382d3438203d3e20313336303838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:d940:dead::/48

    Signature Algorithm: sha256WithRSAEncryption
         16:6a:77:3d:65:d4:01:8d:61:e7:11:ce:02:70:77:e4:72:42:
         d7:0a:a5:2e:ec:18:17:a2:95:87:ce:a2:ac:6b:44:7a:d1:5b:
         77:9b:ae:44:ce:aa:ea:a1:69:d6:33:90:a6:fc:66:f9:07:66:
         58:e5:4a:48:2b:87:77:e0:a6:58:2f:1d:e8:4b:31:91:03:25:
         2e:ad:49:85:78:a8:77:e3:7d:e2:16:f9:95:7c:73:f5:76:da:
         80:83:f4:2f:10:17:ae:61:8c:36:bf:39:38:f3:c6:75:59:ff:
         0e:eb:66:e8:2d:b9:97:c4:65:1c:56:f8:61:4d:0c:99:a4:3f:
         5e:5f:8b:2f:c6:80:35:f0:4b:6e:a6:49:ac:93:6c:d3:f5:f0:
         69:4a:58:f7:b0:7d:18:89:f8:fa:b7:4d:7e:3a:6c:c0:89:11:
         89:a3:38:0a:62:db:08:d3:d2:f2:7b:95:ba:48:77:28:f1:b6:
         1e:9e:65:bd:16:d6:af:49:7b:4e:0b:9e:a1:2f:ef:57:2a:96:
         66:26:06:b3:9b:c9:a3:be:1a:a6:5c:44:e5:f1:35:b5:35:58:
         d3:36:44:18:15:db:67:9e:19:a6:2c:7a:c7:24:72:a7:24:57:
         41:20:d0:8c:2b:b4:48:11:cd:28:34:70:c8:d8:d3:24:85:09:
         25:e3:a8:4e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUU9nbzJONIYaJ48GgOQp2ZHnOrsgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhE
MEJFOTIzRjAeFw0yNDA2MTUwMzM4MjlaFw0yNTA2MTQwMzQzMjlaMDMxMTAvBgNV
BAMTKENFQjFEM0MxODMxMkJCREE3QTM0REFFMTkzRTlDMzE3NTM0RjFBREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5KYimhgA9t/4FIaxoX1cZKz3d
I3adJjRVncXpUsRaE0NdXU64g0t3ohc53/py+H5WIfDboUifdYxMFMdA4ddHIPlL
3Lpg9PgUaCvNJDJIWzt1/7ltrH8NhTJvFH/7p4N3Mup1U+Kr5VrXtCpkDUqLXJ/B
/K3OUiL4AtubPNOiEt3ZZppO8sKpqJTP8SCm8puz6fM7Tsis0mK/lK3OuAbVvV4g
tHjOGgLX77dEjupUXSVPKrl2BpLAwx4AR0OWPY96aNUFdlLT5MZ4MsMCZa6LnEav
mbfasTo9Ldg3nDnZvFMECDZL/lTfLV1ZSeEUpXSeFIHYiyTiLWWyGCzRcnDnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzrHTwYMSu9p6NNrhk+nDF1NPGt4wHwYDVR0j
BBgwFoAU0/th10akR2fUUY1un9H72NC+kj8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2Y0ZWMxYy05NTM1LTRjYmYtOWM3YS1mZDMyYzgzMGVkYmEvMC9EM0ZCNjFENzQ2
QTQ0NzY3RDQ1MThENkU5RkQxRkJEOEQwQkU5MjNGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhEMEJF
OTIzRi5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05
YzdhLWZkMzJjODMwZWRiYS8wLzMyMzQzMDMwM2E2NDM5MzQzMDNhNjQ2NTYxNjQz
YTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMTMzMzYzMDM4Mzgucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAk
ANlA3q0wDQYJKoZIhvcNAQELBQADggEBABZqdz1l1AGNYecRzgJwd+RyQtcKpS7s
GBeilYfOoqxrRHrRW3ebrkTOquqhadYzkKb8ZvkHZljlSkgrh3fgplgvHehLMZED
JS6tSYV4qHfjfeIW+ZV8c/V22oCD9C8QF65hjDa/OTjzxnVZ/w7rZugtuZfEZRxW
+GFNDJmkP15fiy/GgDXwS26mSayTbNP18GlKWPewfRiJ+Pq3TX46bMCJEYmjOApi
2wjT0vJ7lbpIdyjxth6eZb0W1q9Je04LnqEv71cqlmYmBrObyaO+GqZcROXxNbU1
WNM2RBgV22eeGaYsesckcqckV0Eg0IwrtEgRzSg0cMjY0ySFCSXjqE4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:59:38 2024 by rpki-client on console-ams.rpki-client.org