Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/323430343a636534303a313030303a3a2f33362d3336203d3e20313338383834.roa
File:                     323430343a636534303a313030303a3a2f33362d3336203d3e20313338383834.roa (raw, json)
Hash identifier:          4N83F1FY8HtDNTq6OMGSFNYU4XLLuDbuSDKgz6IAVpA=
Subject key identifier:   C2:C5:17:8F:58:84:C9:FD:47:46:5E:5E:A3:6D:17:A9:AB:1A:DA:C6
Certificate issuer:       /CN=88BD1AAEA16D8A24550416CDB95E232152249B3E
Certificate serial:       22F3DE691505934875DF2E84FF9D5F4B2FD7459C
Authority key identifier: 88:BD:1A:AE:A1:6D:8A:24:55:04:16:CD:B9:5E:23:21:52:24:9B:3E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88BD1AAEA16D8A24550416CDB95E232152249B3E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/323430343a636534303a313030303a3a2f33362d3336203d3e20313338383834.roa
Signing time:             Wed 28 Aug 2024 17:00:01 +0000
ROA not before:           Wed 28 Aug 2024 16:55:01 +0000
ROA not after:            Wed 27 Aug 2025 17:00:01 +0000
asID:                     138884
IP address blocks:        2404:ce40:1000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.crl
                          rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88BD1AAEA16D8A24550416CDB95E232152249B3E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 10:58:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:f3:de:69:15:05:93:48:75:df:2e:84:ff:9d:5f:4b:2f:d7:45:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=88BD1AAEA16D8A24550416CDB95E232152249B3E
        Validity
            Not Before: Aug 28 16:55:01 2024 GMT
            Not After : Aug 27 17:00:01 2025 GMT
        Subject: CN=C2C5178F5884C9FD47465E5EA36D17A9AB1ADAC6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:ca:59:d7:22:94:8e:ef:17:20:b2:65:3f:6f:
                    9c:55:68:5b:9d:f3:bd:6a:27:93:e4:41:83:4d:9c:
                    b3:cd:28:59:79:2b:f1:be:d6:c3:ed:d4:6d:06:fc:
                    f6:cf:d1:1b:19:18:03:be:20:b1:06:dd:a4:cb:70:
                    09:c8:a5:10:5c:96:a1:ee:ab:ff:31:d4:16:99:d6:
                    50:27:f7:3e:0c:a2:d1:4c:8c:8f:0b:64:71:50:7e:
                    e8:2c:06:f7:5c:8e:c8:5f:63:b2:e7:d7:09:52:f5:
                    a8:5e:ff:03:5a:67:d8:d4:cd:c9:8d:e0:da:08:b6:
                    41:f3:4b:a7:fe:93:cf:a8:81:8f:8b:4b:26:5d:14:
                    4b:ff:b3:d5:b1:a6:28:03:1a:f6:44:75:7d:6a:46:
                    39:53:6d:f2:04:16:7c:ae:00:1c:9e:c1:17:89:3a:
                    c4:20:ff:7c:9a:b9:dc:ea:be:55:3c:58:b8:c5:eb:
                    87:93:d1:b2:c2:84:d6:b1:d9:0d:03:eb:33:45:0a:
                    ff:f5:f4:fd:11:a8:04:3f:f7:21:f8:9a:6b:b1:05:
                    9c:71:33:30:1b:05:47:fb:99:4c:5d:ff:c9:c6:89:
                    d7:5b:c2:6f:f4:d5:2f:74:88:a6:95:a4:85:6a:62:
                    a6:d9:86:f2:76:b8:35:30:4e:8f:9c:05:ca:17:df:
                    e7:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:C5:17:8F:58:84:C9:FD:47:46:5E:5E:A3:6D:17:A9:AB:1A:DA:C6
            X509v3 Authority Key Identifier:
                keyid:88:BD:1A:AE:A1:6D:8A:24:55:04:16:CD:B9:5E:23:21:52:24:9B:3E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/88BD1AAEA16D8A24550416CDB95E232152249B3E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/88BD1AAEA16D8A24550416CDB95E232152249B3E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b20c6d69-6290-402f-a84e-d289c6e93a73/0/323430343a636534303a313030303a3a2f33362d3336203d3e20313338383834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:ce40:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         da:12:4b:70:b6:f1:da:15:88:6b:55:c4:59:58:f9:3d:2a:c6:
         6d:a3:bf:81:72:b3:9b:f8:7c:d2:8e:3d:6a:40:7b:3f:75:59:
         ca:7c:a0:3c:ef:1f:11:e8:ce:d8:1b:87:b8:cc:42:ba:41:27:
         99:e7:73:6d:e1:e0:49:1b:8c:60:cd:d2:50:8f:8f:fd:51:a8:
         63:25:09:50:05:7c:ba:37:70:44:61:bc:7a:75:3b:ca:45:c9:
         9c:1d:f2:47:b1:45:98:b8:82:bd:c4:1c:9a:e6:26:d6:4f:09:
         31:64:ac:57:a6:53:b1:3a:51:56:59:52:2b:13:75:60:46:53:
         2a:4b:ad:05:76:9e:d8:3a:b8:1c:ad:0e:19:9e:57:14:88:13:
         39:fa:b5:a8:64:74:bf:47:30:1b:55:73:a1:7d:3c:0f:e2:6a:
         20:58:6c:e3:48:2e:9d:f1:15:1e:39:35:d5:1d:88:a6:ab:74:
         8b:ec:9f:34:3f:44:b3:40:ab:86:e3:4c:79:fd:64:92:d6:b3:
         fb:aa:23:65:cc:87:da:92:26:84:63:18:81:c7:de:4c:cb:a0:
         40:b7:d1:61:b4:00:e0:80:7d:f8:b7:0a:7e:d2:88:7d:cd:02:
         d9:4c:67:2f:34:68:9c:42:66:0f:04:12:5a:6b:0d:ed:4d:7d:
         66:cb:77:8a
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUIvPeaRUFk0h13y6E/51fSy/XRZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhCRDFBQUVBMTZEOEEyNDU1MDQxNkNEQjk1RTIzMjE1
MjI0OUIzRTAeFw0yNDA4MjgxNjU1MDFaFw0yNTA4MjcxNzAwMDFaMDMxMTAvBgNV
BAMTKEMyQzUxNzhGNTg4NEM5RkQ0NzQ2NUU1RUEzNkQxN0E5QUIxQURBQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ylnXIpSO7xcgsmU/b5xVaFud
871qJ5PkQYNNnLPNKFl5K/G+1sPt1G0G/PbP0RsZGAO+ILEG3aTLcAnIpRBclqHu
q/8x1BaZ1lAn9z4MotFMjI8LZHFQfugsBvdcjshfY7Ln1wlS9ahe/wNaZ9jUzcmN
4NoItkHzS6f+k8+ogY+LSyZdFEv/s9WxpigDGvZEdX1qRjlTbfIEFnyuAByewReJ
OsQg/3yaudzqvlU8WLjF64eT0bLChNax2Q0D6zNFCv/19P0RqAQ/9yH4mmuxBZxx
MzAbBUf7mUxd/8nGiddbwm/01S90iKaVpIVqYqbZhvJ2uDUwTo+cBcoX3+dHAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUwsUXj1iEyf1HRl5eo20Xqasa2sYwHwYDVR0j
BBgwFoAUiL0arqFtiiRVBBbNuV4jIVIkmz4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
MjBjNmQ2OS02MjkwLTQwMmYtYTg0ZS1kMjg5YzZlOTNhNzMvMC84OEJEMUFBRUEx
NkQ4QTI0NTUwNDE2Q0RCOTVFMjMyMTUyMjQ5QjNFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODhCRDFBQUVBMTZEOEEyNDU1MDQxNkNEQjk1RTIzMjE1MjI0
OUIzRS5jZXIwgawGCCsGAQUFBwELBIGfMIGcMIGZBggrBgEFBQcwC4aBjHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IyMGM2ZDY5LTYyOTAtNDAyZi1h
ODRlLWQyODljNmU5M2E3My8wLzMyMzQzMDM0M2E2MzY1MzQzMDNhMzEzMDMwMzAz
YTNhMmYzMzM2MmQzMzM2MjAzZDNlMjAzMTMzMzgzODM4MzQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQk
BM5AEDANBgkqhkiG9w0BAQsFAAOCAQEA2hJLcLbx2hWIa1XEWVj5PSrGbaO/gXKz
m/h80o49akB7P3VZynygPO8fEejO2BuHuMxCukEnmedzbeHgSRuMYM3SUI+P/VGo
YyUJUAV8ujdwRGG8enU7ykXJnB3yR7FFmLiCvcQcmuYm1k8JMWSsV6ZTsTpRVllS
KxN1YEZTKkutBXae2Dq4HK0OGZ5XFIgTOfq1qGR0v0cwG1VzoX08D+JqIFhs40gu
nfEVHjk11R2Ipqt0i+yfND9Es0CrhuNMef1kktaz+6ojZcyH2pImhGMYgcfeTMug
QLfRYbQA4IB9+LcKftKIfc0C2UxnLzRonEJmDwQSWmsN7U19Zst3ig==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:59:56 2024 by rpki-client on console-ams.rpki-client.org