Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/77cd68f4-69a5-475f-aee4-3ef4b8d302dd/0/32372e3132332e302e302f32312d3234203d3e203435373036.roa
File:                     32372e3132332e302e302f32312d3234203d3e203435373036.roa (raw, json)
Hash identifier:          i0k8diaTpdGEA+1RnifMXA8toR7ceP46n+4PEFdgPCI=
Subject key identifier:   8A:C7:8A:C5:41:DB:8C:5C:E6:73:16:D6:12:30:3B:71:19:A2:8E:02
Certificate issuer:       /CN=490B3FBCC6F0FC65785096A153DC87BC5057ACE5
Certificate serial:       74098A0BB4C1BED4C7FA1CFDE793116D2057D8E2
Authority key identifier: 49:0B:3F:BC:C6:F0:FC:65:78:50:96:A1:53:DC:87:BC:50:57:AC:E5
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/490B3FBCC6F0FC65785096A153DC87BC5057ACE5.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/77cd68f4-69a5-475f-aee4-3ef4b8d302dd/0/32372e3132332e302e302f32312d3234203d3e203435373036.roa
Signing time:             Fri 05 Jul 2024 03:00:00 +0000
ROA not before:           Fri 05 Jul 2024 02:55:00 +0000
ROA not after:            Fri 04 Jul 2025 03:00:00 +0000
asID:                     45706
IP address blocks:        27.123.0.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/77cd68f4-69a5-475f-aee4-3ef4b8d302dd/0/490B3FBCC6F0FC65785096A153DC87BC5057ACE5.crl
                          rsync://repo-rpki.idnic.net/repo/77cd68f4-69a5-475f-aee4-3ef4b8d302dd/0/490B3FBCC6F0FC65785096A153DC87BC5057ACE5.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/490B3FBCC6F0FC65785096A153DC87BC5057ACE5.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 09:50:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:09:8a:0b:b4:c1:be:d4:c7:fa:1c:fd:e7:93:11:6d:20:57:d8:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=490B3FBCC6F0FC65785096A153DC87BC5057ACE5
        Validity
            Not Before: Jul  5 02:55:00 2024 GMT
            Not After : Jul  4 03:00:00 2025 GMT
        Subject: CN=8AC78AC541DB8C5CE67316D612303B7119A28E02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:bb:19:61:29:59:03:c0:3b:63:d7:91:10:11:
                    7a:6c:35:63:9e:ae:f3:c0:17:b2:9a:5a:db:29:5b:
                    2e:83:42:13:ff:0c:15:76:5b:18:7e:fc:f2:b5:a4:
                    73:2a:59:ff:fc:dd:fb:91:31:cd:94:da:43:47:da:
                    60:2b:87:de:2d:9e:e3:dc:af:c4:e3:5d:b6:6e:16:
                    33:ed:1b:75:70:5e:ae:71:02:e5:6d:9e:24:07:a3:
                    24:b4:5e:f5:10:18:6c:16:f8:5a:7e:7c:2c:86:5f:
                    ed:bb:b6:38:e6:80:ee:5a:12:db:cf:ee:e4:d8:ec:
                    29:06:7d:b9:15:54:aa:c0:1b:54:94:b8:67:51:1c:
                    25:e7:77:17:47:2a:78:51:b5:4b:27:3c:2d:70:98:
                    a1:20:3d:1b:35:65:06:2e:a4:90:f8:b9:6e:6e:19:
                    10:a5:b1:cf:65:50:2c:a5:e5:21:47:ce:17:e7:d5:
                    69:5a:56:19:7e:e2:89:70:25:04:2e:85:45:3c:a0:
                    a2:9f:ea:88:0b:05:87:a4:0a:4f:bb:7f:d1:12:05:
                    50:cc:82:3a:d1:f7:70:31:ae:57:e4:86:f7:c6:b3:
                    2a:b2:b9:73:b3:aa:73:66:b4:7b:10:b6:5b:7a:42:
                    9e:4e:f0:1f:cf:3f:36:09:c1:4b:61:27:d9:ca:c3:
                    e5:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:C7:8A:C5:41:DB:8C:5C:E6:73:16:D6:12:30:3B:71:19:A2:8E:02
            X509v3 Authority Key Identifier:
                keyid:49:0B:3F:BC:C6:F0:FC:65:78:50:96:A1:53:DC:87:BC:50:57:AC:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/77cd68f4-69a5-475f-aee4-3ef4b8d302dd/0/490B3FBCC6F0FC65785096A153DC87BC5057ACE5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/490B3FBCC6F0FC65785096A153DC87BC5057ACE5.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/77cd68f4-69a5-475f-aee4-3ef4b8d302dd/0/32372e3132332e302e302f32312d3234203d3e203435373036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  27.123.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         55:e1:d8:10:85:02:c8:92:30:c8:e5:a7:95:4d:a7:47:1e:8b:
         d7:ec:28:47:11:7b:ff:c0:3f:75:56:2f:0c:b3:d8:79:bf:b2:
         c0:3c:63:d1:2b:3c:99:7c:68:5d:46:d9:f9:8b:41:d2:54:12:
         89:55:45:df:1b:a8:12:ae:53:8e:56:6d:02:b3:6a:95:9f:4e:
         a1:2f:e9:f8:2d:b2:22:1d:8d:68:83:b0:6d:ae:e1:99:31:9c:
         59:90:6d:12:5c:0e:9c:49:23:3f:3c:d4:32:34:36:81:dd:77:
         82:53:76:57:2d:94:ef:a1:33:43:4a:c7:2a:9a:95:8b:52:25:
         11:b7:6d:d8:6d:fd:b3:b4:7e:13:b6:4e:0f:c5:4f:19:04:5e:
         97:0f:dd:aa:9f:9e:ca:e8:b4:d3:fe:34:d9:38:dc:16:c7:3f:
         28:43:e9:63:20:6d:bf:3e:c8:47:13:1d:c5:e9:33:e8:e9:d9:
         01:5d:a5:87:f9:dc:36:75:0a:d2:a5:30:01:61:45:7d:50:88:
         14:af:f0:e1:38:39:21:b6:27:cf:85:a3:66:5e:60:33:8e:02:
         19:52:64:74:30:f5:8e:ce:b8:84:34:bc:b5:8c:1c:fc:a2:e7:
         cb:03:0e:1a:c5:f5:4d:d6:9d:03:f8:54:ee:c3:16:33:c6:1f:
         26:ca:b9:2a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUdAmKC7TBvtTH+hz955MRbSBX2OIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDkwQjNGQkNDNkYwRkM2NTc4NTA5NkExNTNEQzg3QkM1
MDU3QUNFNTAeFw0yNDA3MDUwMjU1MDBaFw0yNTA3MDQwMzAwMDBaMDMxMTAvBgNV
BAMTKDhBQzc4QUM1NDFEQjhDNUNFNjczMTZENjEyMzAzQjcxMTlBMjhFMDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVuxlhKVkDwDtj15EQEXpsNWOe
rvPAF7KaWtspWy6DQhP/DBV2Wxh+/PK1pHMqWf/83fuRMc2U2kNH2mArh94tnuPc
r8TjXbZuFjPtG3VwXq5xAuVtniQHoyS0XvUQGGwW+Fp+fCyGX+27tjjmgO5aEtvP
7uTY7CkGfbkVVKrAG1SUuGdRHCXndxdHKnhRtUsnPC1wmKEgPRs1ZQYupJD4uW5u
GRClsc9lUCyl5SFHzhfn1WlaVhl+4olwJQQuhUU8oKKf6ogLBYekCk+7f9ESBVDM
gjrR93AxrlfkhvfGsyqyuXOzqnNmtHsQtlt6Qp5O8B/PPzYJwUthJ9nKw+VLAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQUiseKxUHbjFzmcxbWEjA7cRmijgIwHwYDVR0j
BBgwFoAUSQs/vMbw/GV4UJahU9yHvFBXrOUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
N2NkNjhmNC02OWE1LTQ3NWYtYWVlNC0zZWY0YjhkMzAyZGQvMC80OTBCM0ZCQ0M2
RjBGQzY1Nzg1MDk2QTE1M0RDODdCQzUwNTdBQ0U1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDkwQjNGQkNDNkYwRkM2NTc4NTA5NkExNTNEQzg3QkM1MDU3
QUNFNS5jZXIwgZ0GCCsGAQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzdjZDY4ZjQtNjlhNS00NzVmLWFl
ZTQtM2VmNGI4ZDMwMmRkLzAvMzIzNzJlMzEzMjMzMmUzMDJlMzAyZjMyMzEyZDMy
MzQyMDNkM2UyMDM0MzUzNzMwMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMbewAwDQYJKoZIhvcNAQEL
BQADggEBAFXh2BCFAsiSMMjlp5VNp0cei9fsKEcRe//AP3VWLwyz2Hm/ssA8Y9Er
PJl8aF1G2fmLQdJUEolVRd8bqBKuU45WbQKzapWfTqEv6fgtsiIdjWiDsG2u4Zkx
nFmQbRJcDpxJIz881DI0NoHdd4JTdlctlO+hM0NKxyqalYtSJRG3bdht/bO0fhO2
Tg/FTxkEXpcP3aqfnsrotNP+NNk43BbHPyhD6WMgbb8+yEcTHcXpM+jp2QFdpYf5
3DZ1CtKlMAFhRX1QiBSv8OE4OSG2J8+Fo2ZeYDOOAhlSZHQw9Y7OuIQ0vLWMHPyi
58sDDhrF9U3WnQP4VO7DFjPGHybKuSo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:38:56 2024 by rpki-client on console-ams.rpki-client.org