Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/323430343a663863303a3a2f34382d3438203d3e203435333132.roa
File:                     323430343a663863303a3a2f34382d3438203d3e203435333132.roa (raw, json)
Hash identifier:          SyGccnFjYCmYBHjqhir/xiFDpBKR2HNvXPGnFPOH6PY=
Subject key identifier:   94:44:7C:17:E6:8D:B3:90:74:C9:F5:A4:5A:3A:3F:2C:69:2D:7C:94
Certificate issuer:       /CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Certificate serial:       7534AA51F0BF525F1EFD030F1985F5D541AA2ABA
Authority key identifier: 15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/323430343a663863303a3a2f34382d3438203d3e203435333132.roa
Signing time:             Tue 26 Dec 2023 07:01:03 +0000
ROA not before:           Tue 26 Dec 2023 06:56:03 +0000
ROA not after:            Tue 24 Dec 2024 07:01:03 +0000
asID:                     45312
IP address blocks:        2404:f8c0::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl
                          rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 13:45:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:34:aa:51:f0:bf:52:5f:1e:fd:03:0f:19:85:f5:d5:41:aa:2a:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
        Validity
            Not Before: Dec 26 06:56:03 2023 GMT
            Not After : Dec 24 07:01:03 2024 GMT
        Subject: CN=94447C17E68DB39074C9F5A45A3A3F2C692D7C94
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:13:d3:04:d5:0a:5e:43:3a:3c:8a:8d:ba:4a:
                    67:9a:7c:34:25:67:a2:fb:11:07:f4:d4:d6:dd:3e:
                    31:89:b9:a7:23:9b:7a:db:30:08:05:a9:46:f2:55:
                    b1:91:8b:56:1a:65:3a:f6:60:08:bc:16:44:18:7d:
                    85:8b:5d:1b:49:27:14:3c:03:7c:ea:29:b1:be:9b:
                    71:42:97:dc:78:a4:3f:db:fe:65:9c:e3:83:7c:ad:
                    1b:46:64:4b:cc:18:e9:1c:e9:da:24:ab:07:d7:4e:
                    46:f2:5b:a3:47:07:23:e1:5a:bd:25:5f:d5:ac:2d:
                    a8:b2:c1:3c:7b:fc:ed:ac:da:6f:17:8f:df:41:c1:
                    c0:a8:73:53:dc:07:ac:59:99:7e:0b:7e:be:db:cb:
                    69:3f:b9:68:3b:15:da:ae:4d:fd:51:a2:c3:c8:4f:
                    0f:85:f9:7b:2f:52:e7:c6:b1:36:b0:c7:a5:80:59:
                    e4:5c:55:fb:2a:e5:10:7a:3e:c1:09:8f:16:28:cb:
                    6f:0f:92:a8:da:b7:a2:73:a5:c7:08:90:9c:1c:7b:
                    96:62:dd:bb:e2:cf:27:aa:a4:51:0e:bc:45:ec:d5:
                    d4:87:c6:5b:eb:e6:71:92:8d:ba:3f:a1:1c:d8:72:
                    53:0d:96:0c:52:90:87:a9:84:7c:8c:e6:6a:10:f0:
                    fa:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:44:7C:17:E6:8D:B3:90:74:C9:F5:A4:5A:3A:3F:2C:69:2D:7C:94
            X509v3 Authority Key Identifier:
                keyid:15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/323430343a663863303a3a2f34382d3438203d3e203435333132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2404:f8c0::/48

    Signature Algorithm: sha256WithRSAEncryption
         41:3c:13:56:fb:6a:c7:49:bc:70:97:c6:23:8f:6d:ec:a8:ee:
         db:a2:45:12:34:32:cd:e5:85:a1:b3:2a:5e:b1:e9:f5:e6:5d:
         2e:e2:46:3d:05:5d:04:80:29:d0:90:98:8e:12:bf:67:a5:34:
         82:9d:7a:3d:af:83:1e:63:e7:25:4e:63:82:8e:8b:62:17:7a:
         c1:1f:69:e8:cb:84:88:03:2f:de:8f:93:2b:4b:97:62:9a:a6:
         53:de:17:2c:16:bc:f5:90:11:97:0b:e6:62:7e:4e:49:5a:39:
         1c:fe:f9:63:49:77:ef:84:ac:be:34:92:c2:ee:12:50:de:d2:
         0d:69:37:df:3f:70:b9:dd:52:3c:32:2c:50:04:9b:aa:74:cb:
         e7:e9:bd:b1:e4:84:08:ec:fb:ee:16:65:95:5f:3a:05:e8:30:
         72:f2:b8:3c:49:ad:04:3a:b0:55:92:73:1b:bd:7d:c9:1b:a9:
         d2:5f:89:51:f3:bb:6f:0f:3e:76:45:be:ab:13:b2:0e:7f:9b:
         be:f1:3d:12:6c:2a:13:ff:35:06:1a:ea:6b:9f:fb:5c:59:15:
         c9:c0:f3:4f:2b:fd:a5:e2:c1:1c:61:25:3c:a2:e3:92:02:24:
         14:0e:00:c3:3e:88:7c:09:a0:fe:f6:9c:a2:e9:22:b6:ee:31:
         36:3a:28:4e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgIUdTSqUfC/Ul8e/QMPGYX11UGqKrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NB
MEJGQzQ0MTAeFw0yMzEyMjYwNjU2MDNaFw0yNDEyMjQwNzAxMDNaMDMxMTAvBgNV
BAMTKDk0NDQ3QzE3RTY4REIzOTA3NEM5RjVBNDVBM0EzRjJDNjkyRDdDOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBE9ME1QpeQzo8io26SmeafDQl
Z6L7EQf01NbdPjGJuacjm3rbMAgFqUbyVbGRi1YaZTr2YAi8FkQYfYWLXRtJJxQ8
A3zqKbG+m3FCl9x4pD/b/mWc44N8rRtGZEvMGOkc6dokqwfXTkbyW6NHByPhWr0l
X9WsLaiywTx7/O2s2m8Xj99BwcCoc1PcB6xZmX4Lfr7by2k/uWg7FdquTf1RosPI
Tw+F+XsvUufGsTawx6WAWeRcVfsq5RB6PsEJjxYoy28Pkqjat6JzpccIkJwce5Zi
3bvizyeqpFEOvEXs1dSHxlvr5nGSjbo/oRzYclMNlgxSkIephHyM5moQ8PphAgMB
AAGjggIzMIICLzAdBgNVHQ4EFgQUlER8F+aNs5B0yfWkWjo/LGktfJQwHwYDVR0j
BBgwFoAUFU7gMZhGe5YxX9tSf7O7zKC/xEEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NjIxZjc1My1hODhlLTRlZGYtYTMwNi1iZDkzZDVhMzhmZWEvMC8xNTRFRTAzMTk4
NDY3Qjk2MzE1RkRCNTI3RkIzQkJDQ0EwQkZDNDQxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NBMEJG
QzQ0MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2MjFmNzUzLWE4OGUtNGVkZi1h
MzA2LWJkOTNkNWEzOGZlYS8wLzMyMzQzMDM0M2E2NjM4NjMzMDNhM2EyZjM0Mzgy
ZDM0MzgyMDNkM2UyMDM0MzUzMzMxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAkBPjAAAAwDQYJKoZI
hvcNAQELBQADggEBAEE8E1b7asdJvHCXxiOPbeyo7tuiRRI0Ms3lhaGzKl6x6fXm
XS7iRj0FXQSAKdCQmI4Sv2elNIKdej2vgx5j5yVOY4KOi2IXesEfaejLhIgDL96P
kytLl2KaplPeFywWvPWQEZcL5mJ+TklaORz++WNJd++ErL40ksLuElDe0g1pN98/
cLndUjwyLFAEm6p0y+fpvbHkhAjs++4WZZVfOgXoMHLyuDxJrQQ6sFWScxu9fckb
qdJfiVHzu28PPnZFvqsTsg5/m77xPRJsKhP/NQYa6muf+1xZFcnA808r/aXiwRxh
JTyi45ICJBQOAMM+iHwJoP72nKLpIrbuMTY6KE4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:30:03 2024 by rpki-client on console-fra.rpki-client.org