Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3135302e3130372e3131302e302f32342d3234203d3e203138303539.roa
File:                     3135302e3130372e3131302e302f32342d3234203d3e203138303539.roa (raw, json)
Hash identifier:          zTrIP9rolqAhg8Zu0uMyyUkJLhXT8zokr9KkZTkLb/M=
Subject key identifier:   86:D6:A2:C4:9F:68:4E:5A:D0:ED:7E:26:72:40:F5:96:46:C8:7D:33
Certificate issuer:       /CN=82884151A5283F43CA97CE1ACE95A51C6C8A1D8E
Certificate serial:       52E5108F03971A586EE0FA946404BDCFF0C1766F
Authority key identifier: 82:88:41:51:A5:28:3F:43:CA:97:CE:1A:CE:95:A5:1C:6C:8A:1D:8E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3135302e3130372e3131302e302f32342d3234203d3e203138303539.roa
Signing time:             Fri 25 Oct 2024 05:00:02 +0000
ROA not before:           Fri 25 Oct 2024 04:55:02 +0000
ROA not after:            Fri 24 Oct 2025 05:00:02 +0000
asID:                     18059
IP address blocks:        150.107.110.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.crl
                          rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 23 Nov 2024 18:33:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:e5:10:8f:03:97:1a:58:6e:e0:fa:94:64:04:bd:cf:f0:c1:76:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=82884151A5283F43CA97CE1ACE95A51C6C8A1D8E
        Validity
            Not Before: Oct 25 04:55:02 2024 GMT
            Not After : Oct 24 05:00:02 2025 GMT
        Subject: CN=86D6A2C49F684E5AD0ED7E267240F59646C87D33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:76:5d:6a:ba:da:32:12:ec:67:47:ac:6a:52:
                    59:16:b6:8e:f2:8f:b5:58:46:41:23:03:c3:91:5c:
                    dd:91:d0:ce:2b:c8:3c:97:ea:95:9e:e1:e4:5f:64:
                    4c:35:5b:5b:5b:51:24:1d:32:52:a8:c3:00:a6:e4:
                    d4:5b:eb:8d:63:d4:38:73:3b:cb:01:22:c7:fd:52:
                    df:62:c3:4c:c3:e2:6d:33:e3:ed:ec:07:99:c9:97:
                    d8:af:0c:d5:05:e7:0b:88:44:bf:da:97:65:74:fa:
                    17:a3:b7:af:ee:82:12:1c:e3:e5:78:51:64:7f:6b:
                    b8:fe:1a:c1:0a:b1:bb:9e:70:08:62:15:92:98:da:
                    e5:b1:4d:81:ac:fe:44:ec:1b:60:b0:8f:b6:2f:22:
                    29:29:59:d5:26:ed:43:0a:8e:c1:87:6e:69:1a:1f:
                    58:41:52:92:fe:5e:16:32:89:91:19:0a:84:36:0e:
                    9f:26:19:f5:6b:f1:e7:ee:dc:7e:e6:a5:fd:9c:ff:
                    16:6c:99:fa:ee:22:9b:26:d6:5e:e1:05:e6:1f:6d:
                    6c:12:35:82:79:9c:43:55:df:23:8e:03:b5:5a:e2:
                    08:d1:9e:3f:4b:c3:aa:6b:fa:2b:a9:19:78:71:9c:
                    63:3a:6c:cf:9d:13:58:1c:5f:95:d3:76:13:26:1b:
                    d2:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                86:D6:A2:C4:9F:68:4E:5A:D0:ED:7E:26:72:40:F5:96:46:C8:7D:33
            X509v3 Authority Key Identifier:
                keyid:82:88:41:51:A5:28:3F:43:CA:97:CE:1A:CE:95:A5:1C:6C:8A:1D:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/82884151A5283F43CA97CE1ACE95A51C6C8A1D8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c2836763-12b6-4d8f-ad0b-4cd5b61959ef/0/3135302e3130372e3131302e302f32342d3234203d3e203138303539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  150.107.110.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:d3:2d:cb:e3:41:be:54:80:e5:4e:c5:b3:32:41:5c:ae:83:
         12:76:c2:fa:d8:85:c4:a3:80:88:f9:35:66:47:13:d3:bc:fb:
         e2:7a:93:38:41:e5:a0:90:89:54:5a:94:1b:b2:18:6d:e2:94:
         0b:05:19:ad:a3:e3:a7:28:57:79:52:40:1e:6d:5d:8c:d3:23:
         95:f4:d7:34:ad:c1:6f:4a:7d:b8:c7:aa:98:ab:31:58:f8:6b:
         20:56:73:b0:c4:d4:5b:09:25:4d:cc:ef:eb:13:c3:ec:77:09:
         09:95:23:fd:48:7b:7d:56:76:42:a8:2d:e1:04:b2:71:f3:04:
         ee:38:ad:8c:c6:ed:02:70:49:be:b9:06:83:85:34:d7:bb:6a:
         7c:15:ef:68:3e:92:6d:60:15:ca:43:9f:d3:e1:de:ca:30:9a:
         35:a7:cc:c6:29:e6:f0:13:26:d5:dd:fe:e6:37:8f:41:51:86:
         21:33:1b:b7:01:23:51:84:fc:1e:aa:03:65:6b:b4:39:2e:39:
         63:12:92:08:3b:c4:8b:52:e2:90:a3:a0:d7:13:f9:b3:af:e2:
         8c:82:d7:49:9c:eb:02:f3:07:f5:db:e9:ba:fd:75:d7:bb:83:
         e6:74:55:71:50:bb:f6:ac:42:ac:35:b6:88:12:68:10:a9:9a:
         6d:82:7f:10
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUUuUQjwOXGlhu4PqUZAS9z/DBdm8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODI4ODQxNTFBNTI4M0Y0M0NBOTdDRTFBQ0U5NUE1MUM2
QzhBMUQ4RTAeFw0yNDEwMjUwNDU1MDJaFw0yNTEwMjQwNTAwMDJaMDMxMTAvBgNV
BAMTKDg2RDZBMkM0OUY2ODRFNUFEMEVEN0UyNjcyNDBGNTk2NDZDODdEMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtdl1qutoyEuxnR6xqUlkWto7y
j7VYRkEjA8ORXN2R0M4ryDyX6pWe4eRfZEw1W1tbUSQdMlKowwCm5NRb641j1Dhz
O8sBIsf9Ut9iw0zD4m0z4+3sB5nJl9ivDNUF5wuIRL/al2V0+hejt6/ughIc4+V4
UWR/a7j+GsEKsbuecAhiFZKY2uWxTYGs/kTsG2Cwj7YvIikpWdUm7UMKjsGHbmka
H1hBUpL+XhYyiZEZCoQ2Dp8mGfVr8efu3H7mpf2c/xZsmfruIpsm1l7hBeYfbWwS
NYJ5nENV3yOOA7Va4gjRnj9Lw6pr+iupGXhxnGM6bM+dE1gcX5XTdhMmG9JHAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUhtaixJ9oTlrQ7X4mckD1lkbIfTMwHwYDVR0j
BBgwFoAUgohBUaUoP0PKl84azpWlHGyKHY4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
MjgzNjc2My0xMmI2LTRkOGYtYWQwYi00Y2Q1YjYxOTU5ZWYvMC84Mjg4NDE1MUE1
MjgzRjQzQ0E5N0NFMUFDRTk1QTUxQzZDOEExRDhFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvODI4ODQxNTFBNTI4M0Y0M0NBOTdDRTFBQ0U5NUE1MUM2QzhB
MUQ4RS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2MyODM2NzYzLTEyYjYtNGQ4Zi1h
ZDBiLTRjZDViNjE5NTllZi8wLzMxMzUzMDJlMzEzMDM3MmUzMTMxMzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM4MzAzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlmtuMA0GCSqG
SIb3DQEBCwUAA4IBAQAY0y3L40G+VIDlTsWzMkFcroMSdsL62IXEo4CI+TVmRxPT
vPviepM4QeWgkIlUWpQbshht4pQLBRmto+OnKFd5UkAebV2M0yOV9Nc0rcFvSn24
x6qYqzFY+GsgVnOwxNRbCSVNzO/rE8PsdwkJlSP9SHt9VnZCqC3hBLJx8wTuOK2M
xu0CcEm+uQaDhTTXu2p8Fe9oPpJtYBXKQ5/T4d7KMJo1p8zGKebwEybV3f7mN49B
UYYhMxu3ASNRhPweqgNla7Q5LjljEpIIO8SLUuKQo6DXE/mzr+KMgtdJnOsC8wf1
2+m6/XXXu4PmdFVxULv2rEKsNbaIEmgQqZptgn8Q
-----END CERTIFICATE-----
Generated at Wed Nov 20 21:31:15 2024 by rpki-client on console-ams.rpki-client.org