Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139398.roa
File:                     AS139398.roa (raw, json)
Hash identifier:          yvpxNpRsErwMoB8Gcta5E21Py0KbGDFUaHzjg52Buuw=
Subject key identifier:   73:51:5F:BA:BD:95:0F:09:32:65:DD:E9:ED:EE:FD:FB:2A:0A:12:6C
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       154D96BB59912488FE09315337F6B4CC30E630C0
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139398.roa
Signing time:             Tue 10 Dec 2024 05:00:15 +0000
ROA not before:           Tue 10 Dec 2024 04:55:15 +0000
ROA not after:            Tue 09 Dec 2025 05:00:15 +0000
asID:                     139398
IP address blocks:        144.48.12.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 07 Apr 2025 17:17:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:4d:96:bb:59:91:24:88:fe:09:31:53:37:f6:b4:cc:30:e6:30:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000
        Validity
            Not Before: Dec 10 04:55:15 2024 GMT
            Not After : Dec  9 05:00:15 2025 GMT
        Subject: CN=73515FBABD950F093265DDE9EDEEFDFB2A0A126C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:55:c4:38:2f:21:ef:93:ab:c3:5e:1e:eb:a6:
                    13:61:82:87:1e:b3:25:d5:c8:cb:50:35:5d:e0:ca:
                    0c:6b:ec:4e:2d:fd:c7:c8:dd:1d:41:aa:b2:42:52:
                    50:89:c9:1e:de:ed:56:61:cc:bc:32:ef:cd:82:e2:
                    79:ca:e4:44:11:9c:e8:65:60:cb:ea:85:51:31:34:
                    88:e4:10:46:c4:77:80:94:6f:3d:b9:63:4c:c9:b8:
                    c8:44:19:8e:55:aa:2d:46:b7:25:72:00:b5:03:23:
                    db:9c:19:34:4c:6f:b6:6a:be:2a:6b:14:10:e4:74:
                    1f:55:d5:66:75:42:59:44:6f:39:d0:42:dd:41:e9:
                    7c:19:cb:d6:90:d0:b2:eb:76:3a:49:d6:3e:a2:16:
                    5d:48:09:36:66:36:fa:0d:54:b2:aa:e4:a6:cb:d1:
                    2c:fc:8e:25:6e:04:9d:b6:14:89:6f:e0:3d:a8:7b:
                    1d:88:ee:a6:31:80:3c:41:89:db:02:e7:56:d0:b2:
                    60:30:96:16:dd:4a:1d:c7:7d:b5:9c:ef:14:92:26:
                    79:55:30:94:66:cf:a0:69:ab:72:a4:d1:5b:f5:12:
                    26:55:87:60:73:c2:7c:33:a9:77:26:c9:38:4a:fc:
                    9b:93:f8:37:f9:71:22:3b:fc:d5:03:1f:cd:ce:9b:
                    dc:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                73:51:5F:BA:BD:95:0F:09:32:65:DD:E9:ED:EE:FD:FB:2A:0A:12:6C
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS139398.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  144.48.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:59:61:28:ed:22:38:64:21:36:27:df:71:e5:f9:98:8c:90:
         9e:1e:58:c1:11:ab:15:cb:2f:98:0d:ec:b9:d8:0b:de:34:db:
         2e:fa:1e:6f:7d:6f:75:20:47:86:08:b0:83:5a:04:a2:f1:55:
         9e:78:cb:34:5b:cd:65:68:94:f4:b5:57:0b:da:bb:a0:89:33:
         80:ed:93:b0:29:d3:8e:8f:16:cd:27:73:f0:a3:23:96:bf:a3:
         47:0b:74:2f:86:1b:b9:59:3c:1f:e4:dd:37:12:ce:93:90:10:
         5d:b8:8e:7a:8c:11:dd:dc:84:31:4e:fb:fe:8d:7d:ae:fc:ea:
         0f:a8:86:62:e6:2f:b4:e4:c4:6d:f2:a7:d3:a3:7a:0e:58:36:
         b4:df:98:e3:9d:89:cd:79:33:12:11:02:37:4d:56:bf:50:dd:
         68:65:6b:89:db:07:14:70:41:79:4b:1d:54:9d:34:82:34:82:
         f1:1f:2b:b1:b8:89:79:4a:1d:19:db:5c:23:b9:8e:90:5f:5a:
         86:a5:1b:90:a3:b0:6d:5a:16:16:f4:1a:ad:71:1a:4a:66:70:
         17:6f:53:73:64:2a:2c:dc:30:cf:a1:86:88:93:d9:62:4f:40:
         c7:45:a0:96:2d:22:1f:45:e3:d9:3e:66:69:0b:8d:38:4e:32:
         a2:02:1d:b3
-----BEGIN CERTIFICATE-----
MIIE3TCCA8WgAwIBAgIUFU2Wu1mRJIj+CTFTN/a0zDDmMMAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MTIxMDA0NTUxNVoX
DTI1MTIwOTA1MDAxNVowMzExMC8GA1UEAxMoNzM1MTVGQkFCRDk1MEYwOTMyNjVE
REU5RURFRUZERkIyQTBBMTI2QzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxVxDgvIe+Tq8NeHuumE2GChx6zJdXIy1A1XeDKDGvsTi39x8jdHUGqskJS
UInJHt7tVmHMvDLvzYLiecrkRBGc6GVgy+qFUTE0iOQQRsR3gJRvPbljTMm4yEQZ
jlWqLUa3JXIAtQMj25wZNExvtmq+KmsUEOR0H1XVZnVCWURvOdBC3UHpfBnL1pDQ
sut2OknWPqIWXUgJNmY2+g1UsqrkpsvRLPyOJW4EnbYUiW/gPah7HYjupjGAPEGJ
2wLnVtCyYDCWFt1KHcd9tZzvFJImeVUwlGbPoGmrcqTRW/USJlWHYHPCfDOpdybJ
OEr8m5P4N/lxIjv81QMfzc6b3OsCAwEAAaOCAdAwggHMMB0GA1UdDgQWBBRzUV+6
vZUPCTJl3ent7v37KgoSbDAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzEzOTM5OC5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4w
DAQCAAEwBgMEApAwDDANBgkqhkiG9w0BAQsFAAOCAQEATllhKO0iOGQhNiffceX5
mIyQnh5YwRGrFcsvmA3sudgL3jTbLvoeb31vdSBHhgiwg1oEovFVnnjLNFvNZWiU
9LVXC9q7oIkzgO2TsCnTjo8WzSdz8KMjlr+jRwt0L4YbuVk8H+TdNxLOk5AQXbiO
eowR3dyEMU77/o19rvzqD6iGYuYvtOTEbfKn06N6Dlg2tN+Y452JzXkzEhECN01W
v1DdaGVridsHFHBBeUsdVJ00gjSC8R8rsbiJeUodGdtcI7mOkF9ahqUbkKOwbVoW
FvQarXEaSmZwF29Tc2QqLNwwz6GGiJPZYk9Ax0Wgli0iH0Xj2T5maQuNOE4yogId
sw==
-----END CERTIFICATE-----