Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/7c4935d8-96a2-4564-85a3-32a53189367e/0/323030313a6466323a656434303a3a2f34382d3438203d3e203535363838.roa
File:                     323030313a6466323a656434303a3a2f34382d3438203d3e203535363838.roa (raw, json)
Hash identifier:          3LwTWTq6lR7/gbSdsCbSOqta9JhN0Eij75z5muuvESg=
Subject key identifier:   D9:81:44:8A:BB:23:5D:A6:31:63:C8:77:C6:11:81:DC:AF:7C:03:54
Certificate issuer:       /CN=4A9E8C61BE3670D865B8A79D7D32798550E64F2B
Certificate serial:       2AD853D824E9E342C8F6F2AE8A0BB9A42ED3ECD3
Authority key identifier: 4A:9E:8C:61:BE:36:70:D8:65:B8:A7:9D:7D:32:79:85:50:E6:4F:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4A9E8C61BE3670D865B8A79D7D32798550E64F2B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7c4935d8-96a2-4564-85a3-32a53189367e/0/323030313a6466323a656434303a3a2f34382d3438203d3e203535363838.roa
Signing time:             Mon 14 Oct 2024 02:00:00 +0000
ROA not before:           Mon 14 Oct 2024 01:55:00 +0000
ROA not after:            Mon 13 Oct 2025 02:00:00 +0000
asID:                     55688
IP address blocks:        2001:df2:ed40::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7c4935d8-96a2-4564-85a3-32a53189367e/0/4A9E8C61BE3670D865B8A79D7D32798550E64F2B.crl
                          rsync://repo-rpki.idnic.net/repo/7c4935d8-96a2-4564-85a3-32a53189367e/0/4A9E8C61BE3670D865B8A79D7D32798550E64F2B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4A9E8C61BE3670D865B8A79D7D32798550E64F2B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 04:05:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:d8:53:d8:24:e9:e3:42:c8:f6:f2:ae:8a:0b:b9:a4:2e:d3:ec:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4A9E8C61BE3670D865B8A79D7D32798550E64F2B
        Validity
            Not Before: Oct 14 01:55:00 2024 GMT
            Not After : Oct 13 02:00:00 2025 GMT
        Subject: CN=D981448ABB235DA63163C877C61181DCAF7C0354
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:57:59:94:d0:8d:fc:96:b3:8d:e7:ed:89:5a:
                    e2:73:55:3a:b4:83:2f:59:04:0e:24:c7:99:0b:f1:
                    fa:00:66:02:5e:d5:a3:31:3f:9e:94:19:f7:eb:09:
                    fd:fb:26:d8:aa:dd:62:09:b0:6c:69:04:77:aa:b4:
                    af:a3:45:af:36:2e:42:92:4a:41:1d:9e:f1:e3:d2:
                    d6:0f:56:25:4c:7c:a0:35:10:5a:b1:89:15:9e:49:
                    c2:12:0b:8e:d9:b5:94:73:e6:67:62:fb:aa:ee:d9:
                    f5:f1:22:86:da:b3:39:01:86:19:53:4f:75:15:62:
                    03:e4:c5:6e:9f:24:7b:30:cd:7d:12:34:82:69:b3:
                    3a:05:a7:84:28:56:c9:8e:9e:a9:70:fd:90:5b:2d:
                    1c:1b:b3:be:fe:d1:45:96:20:e7:a7:2a:e8:02:d7:
                    89:3c:ff:c5:cd:98:3b:41:5b:07:17:10:ff:b0:40:
                    a5:c7:65:93:9b:1f:e4:77:b3:3a:c1:15:16:57:9e:
                    bb:e8:66:ab:26:80:dc:10:64:17:e6:06:22:ae:d0:
                    c5:99:4b:78:46:38:30:f2:ad:9a:90:76:b0:84:fa:
                    a7:d7:fb:09:e1:54:68:48:1c:f7:7a:2a:bd:06:9c:
                    25:a3:78:c7:54:12:2c:31:dd:d1:67:5e:88:14:27:
                    e6:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:81:44:8A:BB:23:5D:A6:31:63:C8:77:C6:11:81:DC:AF:7C:03:54
            X509v3 Authority Key Identifier:
                keyid:4A:9E:8C:61:BE:36:70:D8:65:B8:A7:9D:7D:32:79:85:50:E6:4F:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7c4935d8-96a2-4564-85a3-32a53189367e/0/4A9E8C61BE3670D865B8A79D7D32798550E64F2B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4A9E8C61BE3670D865B8A79D7D32798550E64F2B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7c4935d8-96a2-4564-85a3-32a53189367e/0/323030313a6466323a656434303a3a2f34382d3438203d3e203535363838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df2:ed40::/48

    Signature Algorithm: sha256WithRSAEncryption
         6a:9b:4a:cd:34:15:a7:71:03:2a:27:aa:f9:98:d6:3a:60:09:
         12:9e:52:61:ac:31:25:ab:35:e5:81:e4:e8:d0:f9:6e:68:17:
         d7:17:da:67:cd:fd:18:04:2e:6c:a2:cc:1c:28:b0:77:5d:78:
         60:24:17:1b:87:59:ec:8e:52:fd:51:39:6e:cc:15:79:ad:16:
         5d:c4:c3:bd:b6:a8:3f:d9:ce:d4:c8:f5:20:5b:0b:eb:e1:13:
         43:a9:fc:c4:6e:04:27:f1:a5:56:dc:57:37:a7:ea:82:66:27:
         ee:06:63:f6:c7:67:13:11:d8:d4:d7:c2:99:fe:9f:13:58:72:
         6f:76:fe:8d:30:b0:fd:24:db:e5:09:0b:54:d1:95:e4:50:72:
         13:5d:ea:81:61:ab:03:01:ab:52:ef:bc:f1:7f:c5:e5:91:f0:
         31:69:90:98:02:12:50:e9:62:3b:a3:ef:7f:a7:9d:7c:b6:f0:
         49:38:f4:f0:8f:af:3b:06:d2:62:b3:63:02:0a:7d:18:d7:63:
         b9:48:12:f4:d5:df:f2:89:c4:bf:dd:9b:3b:ca:33:bc:c3:38:
         5d:c6:b3:64:78:26:db:7a:c9:64:04:11:48:61:e1:6e:5d:88:
         a2:c9:ec:fd:03:d9:be:df:39:f6:95:85:2c:4b:78:b1:16:f2:
         6d:65:21:6b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUKthT2CTp40LI9vKuigu5pC7T7NMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEE5RThDNjFCRTM2NzBEODY1QjhBNzlEN0QzMjc5ODU1
MEU2NEYyQjAeFw0yNDEwMTQwMTU1MDBaFw0yNTEwMTMwMjAwMDBaMDMxMTAvBgNV
BAMTKEQ5ODE0NDhBQkIyMzVEQTYzMTYzQzg3N0M2MTE4MURDQUY3QzAzNTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmV1mU0I38lrON5+2JWuJzVTq0
gy9ZBA4kx5kL8foAZgJe1aMxP56UGffrCf37Jtiq3WIJsGxpBHeqtK+jRa82LkKS
SkEdnvHj0tYPViVMfKA1EFqxiRWeScISC47ZtZRz5mdi+6ru2fXxIobaszkBhhlT
T3UVYgPkxW6fJHswzX0SNIJpszoFp4QoVsmOnqlw/ZBbLRwbs77+0UWWIOenKugC
14k8/8XNmDtBWwcXEP+wQKXHZZObH+R3szrBFRZXnrvoZqsmgNwQZBfmBiKu0MWZ
S3hGODDyrZqQdrCE+qfX+wnhVGhIHPd6Kr0GnCWjeMdUEiwx3dFnXogUJ+alAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU2YFEirsjXaYxY8h3xhGB3K98A1QwHwYDVR0j
BBgwFoAUSp6MYb42cNhluKedfTJ5hVDmTyswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
YzQ5MzVkOC05NmEyLTQ1NjQtODVhMy0zMmE1MzE4OTM2N2UvMC80QTlFOEM2MUJF
MzY3MEQ4NjVCOEE3OUQ3RDMyNzk4NTUwRTY0RjJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEE5RThDNjFCRTM2NzBEODY1QjhBNzlEN0QzMjc5ODU1MEU2
NEYyQi5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjNDkzNWQ4LTk2YTItNDU2NC04
NWEzLTMyYTUzMTg5MzY3ZS8wLzMyMzAzMDMxM2E2NDY2MzIzYTY1NjQzNDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzNTM2MzgzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABDfLt
QDANBgkqhkiG9w0BAQsFAAOCAQEAaptKzTQVp3EDKieq+ZjWOmAJEp5SYawxJas1
5YHk6ND5bmgX1xfaZ839GAQubKLMHCiwd114YCQXG4dZ7I5S/VE5bswVea0WXcTD
vbaoP9nO1Mj1IFsL6+ETQ6n8xG4EJ/GlVtxXN6fqgmYn7gZj9sdnExHY1NfCmf6f
E1hyb3b+jTCw/STb5QkLVNGV5FByE13qgWGrAwGrUu+88X/F5ZHwMWmQmAISUOli
O6Pvf6edfLbwSTj08I+vOwbSYrNjAgp9GNdjuUgS9NXf8onEv92bO8ozvMM4Xcaz
ZHgm23rJZAQRSGHhbl2Iosns/QPZvt859pWFLEt4sRbybWUhaw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:59:38 2024 by rpki-client on console-ams.rpki-client.org