Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3131392e3131302e38302e302f32332d3233203d3e203338373533.roa
File:                     3131392e3131302e38302e302f32332d3233203d3e203338373533.roa (raw, json)
Hash identifier:          sF2pvtMqQhexo25+okDiGN+Eo4amfx8U7xhODcO4dOk=
Subject key identifier:   7E:23:3A:94:3B:70:C0:6A:C2:8D:E7:29:AA:51:32:32:23:4D:11:32
Certificate issuer:       /CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
Certificate serial:       50254C3CA703FA8BD1BA4FCAF9D50CFBFE238A92
Authority key identifier: 11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3131392e3131302e38302e302f32332d3233203d3e203338373533.roa
Signing time:             Tue 03 Jun 2025 08:03:23 +0000
ROA not before:           Tue 03 Jun 2025 07:58:23 +0000
ROA not after:            Tue 02 Jun 2026 08:03:23 +0000
asID:                     38753
IP address blocks:        119.110.80.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.crl
                          rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 01:31:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:25:4c:3c:a7:03:fa:8b:d1:ba:4f:ca:f9:d5:0c:fb:fe:23:8a:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11C9BA28534BA44999B4BA5D6B0F28E568DF6E14
        Validity
            Not Before: Jun  3 07:58:23 2025 GMT
            Not After : Jun  2 08:03:23 2026 GMT
        Subject: CN=7E233A943B70C06AC28DE729AA513232234D1132
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:46:f6:ec:ce:32:c8:85:05:11:a6:6c:71:f5:
                    69:83:88:7f:6e:a9:03:f4:5d:45:eb:bc:6b:26:79:
                    c0:60:d8:11:36:61:a6:e8:f2:c3:30:f7:b0:15:dd:
                    50:61:ee:37:44:cf:97:d0:1a:49:dd:43:6a:5d:f9:
                    46:46:5d:b8:5e:61:4a:5c:78:00:7a:40:ab:70:04:
                    8f:17:b0:4c:b4:fe:f6:02:7b:3d:9d:e7:e8:d2:78:
                    18:1a:a2:28:d4:7c:ff:d3:0e:5c:ff:48:3a:19:62:
                    b4:53:00:53:1e:08:ea:ed:63:b1:4e:03:ce:1f:0d:
                    69:79:c8:09:f8:3e:37:c3:5e:eb:bc:03:50:80:75:
                    51:07:41:6a:90:02:f3:8f:89:53:3b:c7:6d:ed:0b:
                    2b:b2:e6:51:36:f9:d9:6e:d5:af:b3:86:ef:d7:80:
                    95:01:ab:c6:c4:a8:1a:cb:41:67:bb:55:39:80:5b:
                    ed:2b:85:3c:5b:72:c2:20:88:db:dc:4a:32:fc:d6:
                    e4:58:0d:ec:12:61:a3:4a:2a:11:66:79:78:86:b6:
                    99:17:34:d2:55:cb:e3:f4:e3:a9:91:b7:0b:f9:20:
                    5c:10:c1:95:b0:c2:59:e4:70:c9:55:b9:07:b4:45:
                    38:29:71:94:ec:0b:04:99:48:f7:61:92:1d:f3:d0:
                    72:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:23:3A:94:3B:70:C0:6A:C2:8D:E7:29:AA:51:32:32:23:4D:11:32
            X509v3 Authority Key Identifier:
                keyid:11:C9:BA:28:53:4B:A4:49:99:B4:BA:5D:6B:0F:28:E5:68:DF:6E:14

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/11C9BA28534BA44999B4BA5D6B0F28E568DF6E14.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a06b6673-47a1-45e5-b6c2-42ab8b476249/0/3131392e3131302e38302e302f32332d3233203d3e203338373533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  119.110.80.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a7:45:b7:a5:3b:98:24:f2:fe:65:36:a0:31:3e:1d:c3:b0:54:
         81:27:48:ca:80:44:3c:f5:af:2e:4d:2a:d8:01:34:d0:aa:96:
         85:ce:68:a5:2c:53:d3:ea:49:3a:13:cb:05:94:8f:fa:bd:b8:
         3b:3e:08:6b:34:b0:a2:14:5d:7a:ef:bf:0c:45:8b:20:43:7c:
         99:bd:f6:d6:83:e7:c1:1f:5f:58:75:20:05:72:66:21:23:4e:
         9f:b1:34:3a:e3:1f:a5:7b:00:00:f7:3a:d5:05:2a:6b:cb:d8:
         e3:b1:25:6a:7d:98:40:84:e2:51:0e:98:2e:35:7f:3c:32:c0:
         a8:02:0c:f2:1c:f4:90:12:03:a9:dc:72:85:00:67:d6:41:9a:
         91:0b:41:83:43:6f:24:06:0c:ed:34:91:55:a1:59:27:cc:95:
         a4:f0:b4:4a:20:3f:36:71:62:bd:67:da:22:ff:17:e1:e2:71:
         52:d2:f7:c6:a9:b9:32:58:52:0b:cc:f7:0e:62:20:7d:af:55:
         b0:8e:fa:12:f9:62:85:88:3d:1a:6c:14:bb:9a:10:a6:5a:92:
         f7:d3:fa:cd:2e:90:ce:cf:56:2e:dd:0f:6d:3d:49:23:26:b9:
         61:f5:12:9e:35:f1:1f:b0:f9:13:f1:71:7d:a1:1e:fa:c6:01:
         53:a5:aa:f7
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUUCVMPKcD+ovRuk/K+dUM+/4jipIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2
OERGNkUxNDAeFw0yNTA2MDMwNzU4MjNaFw0yNjA2MDIwODAzMjNaMDMxMTAvBgNV
BAMTKDdFMjMzQTk0M0I3MEMwNkFDMjhERTcyOUFBNTEzMjMyMjM0RDExMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBRvbszjLIhQURpmxx9WmDiH9u
qQP0XUXrvGsmecBg2BE2Yabo8sMw97AV3VBh7jdEz5fQGkndQ2pd+UZGXbheYUpc
eAB6QKtwBI8XsEy0/vYCez2d5+jSeBgaoijUfP/TDlz/SDoZYrRTAFMeCOrtY7FO
A84fDWl5yAn4PjfDXuu8A1CAdVEHQWqQAvOPiVM7x23tCyuy5lE2+dlu1a+zhu/X
gJUBq8bEqBrLQWe7VTmAW+0rhTxbcsIgiNvcSjL81uRYDewSYaNKKhFmeXiGtpkX
NNJVy+P046mRtwv5IFwQwZWwwlnkcMlVuQe0RTgpcZTsCwSZSPdhkh3z0HLfAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUfiM6lDtwwGrCjecpqlEyMiNNETIwHwYDVR0j
BBgwFoAUEcm6KFNLpEmZtLpdaw8o5WjfbhQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MDZiNjY3My00N2ExLTQ1ZTUtYjZjMi00MmFiOGI0NzYyNDkvMC8xMUM5QkEyODUz
NEJBNDQ5OTlCNEJBNUQ2QjBGMjhFNTY4REY2RTE0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTFDOUJBMjg1MzRCQTQ0OTk5QjRCQTVENkIwRjI4RTU2OERG
NkUxNC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2EwNmI2NjczLTQ3YTEtNDVlNS1i
NmMyLTQyYWI4YjQ3NjI0OS8wLzMxMzEzOTJlMzEzMTMwMmUzODMwMmUzMDJmMzIz
MzJkMzIzMzIwM2QzZTIwMzMzODM3MzUzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAXduUDANBgkqhkiG
9w0BAQsFAAOCAQEAp0W3pTuYJPL+ZTagMT4dw7BUgSdIyoBEPPWvLk0q2AE00KqW
hc5opSxT0+pJOhPLBZSP+r24Oz4IazSwohRdeu+/DEWLIEN8mb321oPnwR9fWHUg
BXJmISNOn7E0OuMfpXsAAPc61QUqa8vY47Elan2YQITiUQ6YLjV/PDLAqAIM8hz0
kBIDqdxyhQBn1kGakQtBg0NvJAYM7TSRVaFZJ8yVpPC0SiA/NnFivWfaIv8X4eJx
UtL3xqm5MlhSC8z3DmIgfa9VsI76EvlihYg9GmwUu5oQplqS99P6zS6Qzs9WLt0P
bT1JIya5YfUSnjXxH7D5E/FxfaEe+sYBU6Wq9w==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:49:49 2025 by rpki-client