Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3131362e39302e3136302e302f32302d3234203d3e203138303539.roa
File:                     3131362e39302e3136302e302f32302d3234203d3e203138303539.roa (raw, json)
Hash identifier:          saezUgdmJhcnec+p8D4tsgxLRR17WVEj4NlL+CwE4ls=
Subject key identifier:   1D:45:8D:A7:AA:44:35:54:AB:17:6A:1D:B1:3E:2C:34:EE:5F:B0:68
Certificate issuer:       /CN=82884151A5283F43CA97CE1ACE95A51C6C8A1D8E
Certificate serial:       0E607B86AEB38BB9CC7F3A6981BD2115D513613A
Authority key identifier: 82:88:41:51:A5:28:3F:43:CA:97:CE:1A:CE:95:A5:1C:6C:8A:1D:8E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3131362e39302e3136302e302f32302d3234203d3e203138303539.roa
Signing time:             Fri 19 Apr 2024 09:01:26 +0000
ROA not before:           Fri 19 Apr 2024 08:56:26 +0000
ROA not after:            Fri 18 Apr 2025 09:01:26 +0000
asID:                     18059
IP address blocks:        116.90.160.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.crl
                          rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 23 Nov 2024 18:33:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:60:7b:86:ae:b3:8b:b9:cc:7f:3a:69:81:bd:21:15:d5:13:61:3a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82884151A5283F43CA97CE1ACE95A51C6C8A1D8E
        Validity
            Not Before: Apr 19 08:56:26 2024 GMT
            Not After : Apr 18 09:01:26 2025 GMT
        Subject: CN=1D458DA7AA443554AB176A1DB13E2C34EE5FB068
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:31:50:db:ad:21:5d:4d:82:60:c0:fe:3d:57:
                    c6:7c:b9:95:61:21:d6:d9:d2:4e:e9:6d:cc:21:bd:
                    ab:68:2d:5c:07:e9:e3:3f:90:92:8a:99:48:25:75:
                    5f:49:46:26:97:b6:f4:7a:33:94:21:cf:a7:d5:43:
                    a4:f5:14:f2:a6:cd:22:ea:89:70:c1:3c:5c:a4:00:
                    cb:cb:bf:dc:83:34:c5:fd:ab:b5:dc:b2:a5:ef:9c:
                    cc:95:e3:84:57:30:e4:be:af:20:52:4a:5e:c1:60:
                    f4:6c:96:48:5e:33:8b:91:c7:62:44:06:8d:a3:67:
                    a9:87:2e:1a:a3:4c:46:6f:3d:fd:94:22:45:0b:20:
                    ea:e0:60:44:83:2c:11:46:e7:43:d4:cc:fc:68:2e:
                    a3:87:76:17:bb:09:96:d1:b8:90:cc:8b:26:15:81:
                    83:f3:48:b7:90:16:a8:4c:00:b9:83:23:ca:1c:e6:
                    33:d6:9c:8d:78:e4:87:d7:df:46:fe:ec:81:35:72:
                    18:ce:1e:92:e3:ba:8d:9a:02:42:00:41:04:fe:7f:
                    57:54:e2:b4:40:22:c7:a9:d0:74:94:b6:08:f2:cd:
                    0f:25:71:f9:b4:f6:26:87:ec:44:f1:1b:c5:2f:67:
                    91:53:d5:18:d1:c1:de:0f:11:d7:74:b5:e5:1c:37:
                    1b:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:45:8D:A7:AA:44:35:54:AB:17:6A:1D:B1:3E:2C:34:EE:5F:B0:68
            X509v3 Authority Key Identifier:
                keyid:82:88:41:51:A5:28:3F:43:CA:97:CE:1A:CE:95:A5:1C:6C:8A:1D:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3131362e39302e3136302e302f32302d3234203d3e203138303539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.90.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         31:6f:82:1f:06:b0:cc:4a:39:bb:20:2b:1b:5f:15:52:64:ba:
         41:98:a4:2d:bc:b7:07:c7:89:aa:7a:6b:dc:83:92:ca:08:d9:
         36:31:46:a9:f4:e2:9f:e7:63:1e:6f:48:c9:ef:4f:af:35:92:
         89:65:2d:71:b3:25:e0:f0:1e:9b:f4:e5:c4:b1:60:c2:c5:64:
         92:5c:80:6a:4c:79:a3:7e:3b:fa:59:f4:05:41:8c:e7:58:27:
         2b:dd:d0:cb:91:f0:78:a3:c3:82:d9:28:60:57:4f:1a:b9:66:
         2f:67:74:75:de:be:9a:e6:aa:bf:82:a2:10:6f:c2:c4:6d:b7:
         37:04:4a:88:c7:19:1a:1a:8b:c4:fb:e1:42:1d:e9:7f:f4:96:
         f7:99:6b:65:a7:b2:9d:12:64:c8:9c:fe:7a:d2:1e:08:85:6a:
         40:dc:06:b5:07:15:57:c8:b5:98:64:16:16:e8:6b:b3:a1:f3:
         3b:87:6b:d7:da:46:e9:2b:d6:b3:15:59:e2:ff:b5:a8:05:c0:
         2b:0d:3d:c1:44:e8:c0:fc:4c:b7:1d:43:42:63:29:be:29:90:
         c6:50:d6:0a:ce:01:4a:5e:53:b2:ca:24:07:2b:d5:7c:e4:62:
         a9:8d:d2:f2:20:4c:95:6a:de:b6:0e:f5:23:1a:7e:9c:04:55:
         eb:9f:4b:e2
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUDmB7hq6zi7nMfzppgb0hFdUTYTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODI4ODQxNTFBNTI4M0Y0M0NBOTdDRTFBQ0U5NUE1MUM2
QzhBMUQ4RTAeFw0yNDA0MTkwODU2MjZaFw0yNTA0MTgwOTAxMjZaMDMxMTAvBgNV
BAMTKDFENDU4REE3QUE0NDM1NTRBQjE3NkExREIxM0UyQzM0RUU1RkIwNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKMVDbrSFdTYJgwP49V8Z8uZVh
IdbZ0k7pbcwhvatoLVwH6eM/kJKKmUgldV9JRiaXtvR6M5Qhz6fVQ6T1FPKmzSLq
iXDBPFykAMvLv9yDNMX9q7XcsqXvnMyV44RXMOS+ryBSSl7BYPRslkheM4uRx2JE
Bo2jZ6mHLhqjTEZvPf2UIkULIOrgYESDLBFG50PUzPxoLqOHdhe7CZbRuJDMiyYV
gYPzSLeQFqhMALmDI8oc5jPWnI145IfX30b+7IE1chjOHpLjuo2aAkIAQQT+f1dU
4rRAIsep0HSUtgjyzQ8lcfm09iaH7ETxG8UvZ5FT1RjRwd4PEdd0teUcNxsjAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUHUWNp6pENVSrF2odsT4sNO5fsGgwHwYDVR0j
BBgwFoAUgohBUaUoP0PKl84azpWlHGyKHY4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MjgzNjc2My0xMmI2LTRkOGYtYWQwYi00Y2Q1YjYxOTU5ZWYvMC84Mjg4NDE1MUE1
MjgzRjQzQ0E5N0NFMUFDRTk1QTUxQzZDOEExRDhFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODI4ODQxNTFBNTI4M0Y0M0NBOTdDRTFBQ0U5NUE1MUM2QzhB
MUQ4RS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MyODM2NzYzLTEyYjYtNGQ4Zi1h
ZDBiLTRjZDViNjE5NTllZi8wLzMxMzEzNjJlMzkzMDJlMzEzNjMwMmUzMDJmMzIz
MDJkMzIzNDIwM2QzZTIwMzEzODMwMzUzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBHRaoDANBgkqhkiG
9w0BAQsFAAOCAQEAMW+CHwawzEo5uyArG18VUmS6QZikLby3B8eJqnpr3IOSygjZ
NjFGqfTin+djHm9Iye9PrzWSiWUtcbMl4PAem/TlxLFgwsVkklyAakx5o347+ln0
BUGM51gnK93Qy5HweKPDgtkoYFdPGrlmL2d0dd6+muaqv4KiEG/CxG23NwRKiMcZ
GhqLxPvhQh3pf/SW95lrZaeynRJkyJz+etIeCIVqQNwGtQcVV8i1mGQWFuhrs6Hz
O4dr19pG6SvWsxVZ4v+1qAXAKw09wUTowPxMtx1DQmMpvimQxlDWCs4BSl5Tssok
ByvVfORiqY3S8iBMlWretg71Ixp+nARV659L4g==
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:31:15 2024 by rpki-client on console-ams.rpki-client.org