Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/7488d4c0-dc92-4aa8-b169-52cab2a61ba1/0/323430343a653930303a343030303a3a2f33342d3334203d3e203436303632.roa
File:                     323430343a653930303a343030303a3a2f33342d3334203d3e203436303632.roa (raw, json)
Hash identifier:          8pvSL0egc+WMc+a2/glW47Xs8RpIIsEutGyuUrDJkHQ=
Subject key identifier:   55:D0:0E:F8:FE:C5:A3:FB:4E:A3:FD:31:CB:FC:72:9E:83:01:9C:2A
Certificate issuer:       /CN=247D705AC2F14A763F3EB87E2E41158A251F3D76
Certificate serial:       53B5BA10B7AD0A0AE9F56B7D48A9537F3257DA7A
Authority key identifier: 24:7D:70:5A:C2:F1:4A:76:3F:3E:B8:7E:2E:41:15:8A:25:1F:3D:76
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/247D705AC2F14A763F3EB87E2E41158A251F3D76.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7488d4c0-dc92-4aa8-b169-52cab2a61ba1/0/323430343a653930303a343030303a3a2f33342d3334203d3e203436303632.roa
Signing time:             Tue 06 Aug 2024 06:00:00 +0000
ROA not before:           Tue 06 Aug 2024 05:55:00 +0000
ROA not after:            Tue 05 Aug 2025 06:00:00 +0000
asID:                     46062
IP address blocks:        2404:e900:4000::/34 maxlen: 34
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7488d4c0-dc92-4aa8-b169-52cab2a61ba1/0/247D705AC2F14A763F3EB87E2E41158A251F3D76.crl
                          rsync://repo-rpki.idnic.net/repo/7488d4c0-dc92-4aa8-b169-52cab2a61ba1/0/247D705AC2F14A763F3EB87E2E41158A251F3D76.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/247D705AC2F14A763F3EB87E2E41158A251F3D76.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 23 Feb 2025 11:06:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:b5:ba:10:b7:ad:0a:0a:e9:f5:6b:7d:48:a9:53:7f:32:57:da:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=247D705AC2F14A763F3EB87E2E41158A251F3D76
        Validity
            Not Before: Aug  6 05:55:00 2024 GMT
            Not After : Aug  5 06:00:00 2025 GMT
        Subject: CN=55D00EF8FEC5A3FB4EA3FD31CBFC729E83019C2A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:80:b0:d9:5e:c7:a7:77:f7:9b:f9:89:f4:e7:
                    f1:26:7d:a5:b3:0c:1a:8b:4d:ed:6b:78:8a:51:ba:
                    69:a1:15:b9:8d:88:95:12:af:2d:6d:e4:bc:87:d3:
                    71:bb:3b:b3:a4:fa:fd:d4:93:62:f4:55:5c:8a:90:
                    32:9c:5d:86:9c:99:df:54:aa:fe:1d:82:0d:90:32:
                    99:45:9b:22:17:df:b1:d3:4e:d4:a9:8d:29:51:7c:
                    13:60:ec:9a:14:83:7b:6d:d6:59:45:97:4c:23:10:
                    b9:fc:3a:e9:4e:6c:8b:f3:2c:d2:9a:21:00:a7:5a:
                    b8:95:39:93:e0:bc:77:bb:08:32:ac:c9:be:5e:b6:
                    7b:ba:ba:93:50:95:8d:e6:f1:4b:aa:bf:94:66:72:
                    92:68:a1:67:c0:79:f8:5f:40:ae:1e:9f:da:b3:7a:
                    9d:22:be:12:16:cc:58:4c:8a:f9:89:40:60:f7:f7:
                    2d:bb:66:ef:dd:6f:df:d6:61:c9:c4:60:b7:c5:4e:
                    cb:da:0d:56:ee:df:ce:04:c2:79:a8:dc:d1:d7:a7:
                    f3:36:c3:1f:81:5c:c0:2a:45:01:79:50:3c:b4:7d:
                    cb:80:2a:f2:d3:f0:8d:d2:42:bf:6a:27:99:76:a8:
                    a5:52:5d:bf:a0:a2:b2:e5:3c:db:5f:00:18:1c:e2:
                    42:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                55:D0:0E:F8:FE:C5:A3:FB:4E:A3:FD:31:CB:FC:72:9E:83:01:9C:2A
            X509v3 Authority Key Identifier:
                keyid:24:7D:70:5A:C2:F1:4A:76:3F:3E:B8:7E:2E:41:15:8A:25:1F:3D:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7488d4c0-dc92-4aa8-b169-52cab2a61ba1/0/247D705AC2F14A763F3EB87E2E41158A251F3D76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/247D705AC2F14A763F3EB87E2E41158A251F3D76.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7488d4c0-dc92-4aa8-b169-52cab2a61ba1/0/323430343a653930303a343030303a3a2f33342d3334203d3e203436303632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:e900:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         6c:53:ad:a3:c0:53:ab:b8:10:07:38:e3:42:61:15:cb:b9:2c:
         6c:6e:0e:da:7e:0e:99:c7:ff:79:1c:4b:bf:22:38:3a:e7:9f:
         07:fc:19:a7:4e:f8:31:fb:7f:84:2c:38:31:36:e9:c6:8e:9b:
         01:9a:4e:76:f3:48:4a:89:40:0d:ef:8a:fc:61:b3:a1:1c:a6:
         81:1f:d2:6a:0c:b9:e3:ce:b7:22:9d:62:f2:47:fd:68:33:fa:
         c0:6a:47:0b:35:ff:93:09:0c:58:18:14:1b:e9:e2:39:f8:e4:
         ca:b8:a8:88:b9:04:a0:db:7d:29:1d:90:dd:57:6b:fc:56:d3:
         d5:d6:fc:63:7b:ee:fa:58:f5:0d:a4:53:fb:10:16:b0:5c:e9:
         0f:f7:56:85:08:30:d0:53:c1:74:8c:0c:9e:16:a1:f9:fe:3c:
         0b:1d:3c:9f:6e:37:40:3c:c8:42:5c:b0:6a:25:7a:07:c9:f3:
         17:31:db:ea:3c:2b:92:4e:2d:3e:fe:79:59:a4:ec:5e:e7:48:
         f5:71:05:98:bd:f6:fa:05:eb:90:21:9b:e6:60:9b:72:74:e5:
         0a:18:cf:74:05:7a:9d:15:65:77:15:e0:6d:83:34:e1:a3:98:
         30:d6:98:98:87:bd:ec:ba:88:ec:cc:52:6f:57:2c:fa:19:d0:
         9f:4f:1e:80
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUU7W6ELetCgrp9Wt9SKlTfzJX2nowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjQ3RDcwNUFDMkYxNEE3NjNGM0VCODdFMkU0MTE1OEEy
NTFGM0Q3NjAeFw0yNDA4MDYwNTU1MDBaFw0yNTA4MDUwNjAwMDBaMDMxMTAvBgNV
BAMTKDU1RDAwRUY4RkVDNUEzRkI0RUEzRkQzMUNCRkM3MjlFODMwMTlDMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwgLDZXsend/eb+Yn05/EmfaWz
DBqLTe1reIpRummhFbmNiJUSry1t5LyH03G7O7Ok+v3Uk2L0VVyKkDKcXYacmd9U
qv4dgg2QMplFmyIX37HTTtSpjSlRfBNg7JoUg3tt1llFl0wjELn8OulObIvzLNKa
IQCnWriVOZPgvHe7CDKsyb5etnu6upNQlY3m8Uuqv5RmcpJooWfAefhfQK4en9qz
ep0ivhIWzFhMivmJQGD39y27Zu/db9/WYcnEYLfFTsvaDVbu384Ewnmo3NHXp/M2
wx+BXMAqRQF5UDy0fcuAKvLT8I3SQr9qJ5l2qKVSXb+gorLlPNtfABgc4kLhAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUVdAO+P7Fo/tOo/0xy/xynoMBnCowHwYDVR0j
BBgwFoAUJH1wWsLxSnY/Prh+LkEViiUfPXYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
NDg4ZDRjMC1kYzkyLTRhYTgtYjE2OS01MmNhYjJhNjFiYTEvMC8yNDdENzA1QUMy
RjE0QTc2M0YzRUI4N0UyRTQxMTU4QTI1MUYzRDc2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjQ3RDcwNUFDMkYxNEE3NjNGM0VCODdFMkU0MTE1OEEyNTFG
M0Q3Ni5jZXIwgaoGCCsGAQUFBwELBIGdMIGaMIGXBggrBgEFBQcwC4aBinJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc0ODhkNGMwLWRjOTItNGFhOC1i
MTY5LTUyY2FiMmE2MWJhMS8wLzMyMzQzMDM0M2E2NTM5MzAzMDNhMzQzMDMwMzAz
YTNhMmYzMzM0MmQzMzM0MjAzZDNlMjAzNDM2MzAzNjMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYGJATp
AEAwDQYJKoZIhvcNAQELBQADggEBAGxTraPAU6u4EAc440JhFcu5LGxuDtp+DpnH
/3kcS78iODrnnwf8GadO+DH7f4QsODE26caOmwGaTnbzSEqJQA3vivxhs6EcpoEf
0moMuePOtyKdYvJH/Wgz+sBqRws1/5MJDFgYFBvp4jn45Mq4qIi5BKDbfSkdkN1X
a/xW09XW/GN77vpY9Q2kU/sQFrBc6Q/3VoUIMNBTwXSMDJ4Wofn+PAsdPJ9uN0A8
yEJcsGolegfJ8xcx2+o8K5JOLT7+eVmk7F7nSPVxBZi99voF65Ahm+Zgm3J05QoY
z3QFep0VZXcV4G2DNOGjmDDWmJiHvey6iOzMUm9XLPoZ0J9PHoA=
-----END CERTIFICATE-----
Generated at Fri Feb 21 11:19:59 2025 by rpki-client