Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3230322e3132372e39362e302f32302d3230203d3e203137393130.roa
File:                     3230322e3132372e39362e302f32302d3230203d3e203137393130.roa (raw, json)
Hash identifier:          FrhZIsA2EAriYUEHDAEqTDZdZdNHqsPml83KdFcpBMM=
Subject key identifier:   8E:26:6C:E3:8B:D7:2D:57:93:B9:F0:81:41:2D:47:AC:C6:54:7D:9F
Certificate issuer:       /CN=1635F5E419798341BDC615D4E1C6AE340C34BEED
Certificate serial:       6B79D8262078DA5D5B050C8E63235F2BB1C5F1E3
Authority key identifier: 16:35:F5:E4:19:79:83:41:BD:C6:15:D4:E1:C6:AE:34:0C:34:BE:ED
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3230322e3132372e39362e302f32302d3230203d3e203137393130.roa
Signing time:             Mon 01 Jul 2024 01:05:24 +0000
ROA not before:           Mon 01 Jul 2024 01:00:24 +0000
ROA not after:            Mon 30 Jun 2025 01:05:24 +0000
asID:                     17910
IP address blocks:        202.127.96.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.crl
                          rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 01:21:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:79:d8:26:20:78:da:5d:5b:05:0c:8e:63:23:5f:2b:b1:c5:f1:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1635F5E419798341BDC615D4E1C6AE340C34BEED
        Validity
            Not Before: Jul  1 01:00:24 2024 GMT
            Not After : Jun 30 01:05:24 2025 GMT
        Subject: CN=8E266CE38BD72D5793B9F081412D47ACC6547D9F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:ee:6d:a9:bd:2c:d5:89:be:2b:14:13:1d:6a:
                    41:65:cb:d7:06:c1:e7:03:f4:6f:68:f4:35:90:f4:
                    29:62:3c:92:ae:04:97:ff:6a:6c:17:fc:ba:3a:a2:
                    af:6a:35:d0:41:b3:86:29:a2:52:04:dd:fa:97:62:
                    9f:16:73:cf:af:7b:da:4d:56:62:2e:49:f3:5b:1f:
                    80:01:f6:91:2e:cf:35:26:1e:ba:77:ec:c0:f4:1e:
                    ed:32:f4:0e:2e:a2:66:96:88:f8:28:52:2a:4b:d2:
                    37:ae:c9:53:79:db:4b:a5:57:b1:bc:4e:38:dc:ff:
                    f8:a2:c5:cf:2d:84:68:28:18:5d:00:94:07:80:4c:
                    be:5c:66:d1:f1:0b:2c:44:af:7b:67:53:2c:4e:3d:
                    de:c6:74:a3:93:8f:28:e5:27:0a:9b:dc:58:a4:79:
                    be:ea:49:af:40:d8:b2:bf:9b:43:13:48:50:10:7c:
                    7f:e6:11:9a:7f:ca:7b:53:96:76:c8:34:30:af:5f:
                    49:46:83:ea:0f:51:3e:fd:b3:a3:f3:75:32:57:aa:
                    73:bd:8f:d2:ed:f9:c7:1f:64:e1:b7:60:ce:fa:d1:
                    fc:8d:76:51:77:75:3e:c1:7f:d8:ca:50:41:e1:42:
                    b5:03:8f:d1:97:e3:b5:3f:1c:a7:2d:fc:8f:22:64:
                    59:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:26:6C:E3:8B:D7:2D:57:93:B9:F0:81:41:2D:47:AC:C6:54:7D:9F
            X509v3 Authority Key Identifier:
                keyid:16:35:F5:E4:19:79:83:41:BD:C6:15:D4:E1:C6:AE:34:0C:34:BE:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/1635F5E419798341BDC615D4E1C6AE340C34BEED.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1635F5E419798341BDC615D4E1C6AE340C34BEED.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/86450032-5492-4a5a-943f-bdb473341233/0/3230322e3132372e39362e302f32302d3230203d3e203137393130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.127.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6f:f3:bf:02:48:79:b9:e6:6c:07:88:74:c2:41:0f:2b:ae:0d:
         b9:9f:4c:85:68:36:72:bf:5d:8f:c9:91:60:a3:5a:83:ef:dc:
         21:8c:5f:45:94:ce:bb:54:e1:28:99:ff:5a:9d:8b:7e:e2:0b:
         92:00:2a:8b:24:37:dc:49:45:b6:61:c2:74:59:d1:b5:27:83:
         7e:da:3a:18:ba:a9:55:69:6d:ae:e0:a5:23:61:05:ad:a0:81:
         8a:83:9c:0b:aa:ab:01:c0:fe:ee:74:f7:04:5a:dd:7f:86:ef:
         50:8e:39:25:02:6d:2a:ef:1d:b1:b5:27:67:e3:b1:54:0f:12:
         f8:e7:e8:90:b7:44:26:7a:03:33:9d:9c:75:84:0e:b1:4b:51:
         24:84:c4:05:2a:3c:fe:47:8d:c6:bb:19:14:28:c4:7c:ad:aa:
         f9:cb:3f:74:f1:ce:33:bf:30:e3:d4:0d:fb:eb:c8:3a:fe:df:
         34:f1:ef:6f:a4:9f:af:88:b8:83:c9:da:ec:ef:0c:8e:ea:78:
         a2:f7:39:8c:24:36:e7:46:fc:68:f9:6d:ca:e4:9f:a8:7a:5b:
         33:0d:b3:a0:fe:88:79:85:4e:42:fc:a5:78:46:61:62:21:e1:
         77:80:75:51:3a:17:59:70:62:e6:bf:62:5e:6a:45:97:8a:39:
         b4:23:16:7c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUa3nYJiB42l1bBQyOYyNfK7HF8eMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTYzNUY1RTQxOTc5ODM0MUJEQzYxNUQ0RTFDNkFFMzQw
QzM0QkVFRDAeFw0yNDA3MDEwMTAwMjRaFw0yNTA2MzAwMTA1MjRaMDMxMTAvBgNV
BAMTKDhFMjY2Q0UzOEJENzJENTc5M0I5RjA4MTQxMkQ0N0FDQzY1NDdEOUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR7m2pvSzVib4rFBMdakFly9cG
wecD9G9o9DWQ9CliPJKuBJf/amwX/Lo6oq9qNdBBs4YpolIE3fqXYp8Wc8+ve9pN
VmIuSfNbH4AB9pEuzzUmHrp37MD0Hu0y9A4uomaWiPgoUipL0jeuyVN520ulV7G8
Tjjc//iixc8thGgoGF0AlAeATL5cZtHxCyxEr3tnUyxOPd7GdKOTjyjlJwqb3Fik
eb7qSa9A2LK/m0MTSFAQfH/mEZp/yntTlnbINDCvX0lGg+oPUT79s6PzdTJXqnO9
j9Lt+ccfZOG3YM760fyNdlF3dT7Bf9jKUEHhQrUDj9GX47U/HKct/I8iZFkpAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUjiZs44vXLVeTufCBQS1HrMZUfZ8wHwYDVR0j
BBgwFoAUFjX15Bl5g0G9xhXU4cauNAw0vu0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
NjQ1MDAzMi01NDkyLTRhNWEtOTQzZi1iZGI0NzMzNDEyMzMvMC8xNjM1RjVFNDE5
Nzk4MzQxQkRDNjE1RDRFMUM2QUUzNDBDMzRCRUVELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTYzNUY1RTQxOTc5ODM0MUJEQzYxNUQ0RTFDNkFFMzQwQzM0
QkVFRC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg2NDUwMDMyLTU0OTItNGE1YS05
NDNmLWJkYjQ3MzM0MTIzMy8wLzMyMzAzMjJlMzEzMjM3MmUzOTM2MmUzMDJmMzIz
MDJkMzIzMDIwM2QzZTIwMzEzNzM5MzEzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBMp/YDANBgkqhkiG
9w0BAQsFAAOCAQEAb/O/Akh5ueZsB4h0wkEPK64NuZ9MhWg2cr9dj8mRYKNag+/c
IYxfRZTOu1ThKJn/Wp2LfuILkgAqiyQ33ElFtmHCdFnRtSeDfto6GLqpVWltruCl
I2EFraCBioOcC6qrAcD+7nT3BFrdf4bvUI45JQJtKu8dsbUnZ+OxVA8S+OfokLdE
JnoDM52cdYQOsUtRJITEBSo8/keNxrsZFCjEfK2q+cs/dPHOM78w49QN++vIOv7f
NPHvb6Sfr4i4g8na7O8Mjup4ovc5jCQ250b8aPltyuSfqHpbMw2zoP6IeYVOQvyl
eEZhYiHhd4B1UToXWXBi5r9iXmpFl4o5tCMWfA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:32:59 2024 by rpki-client on console-ams.rpki-client.org