Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d8b98722-1cb4-40d4-ac8b-c3bca2bca217/0/323030313a6466303a663830303a3a2f34382d3438203d3e203538333937.roa
File:                     323030313a6466303a663830303a3a2f34382d3438203d3e203538333937.roa (raw, json)
Hash identifier:          EKn5uM+MkBaqtjDpMQRe7GQThv+kPugl1u46fwmpTmM=
Subject key identifier:   C6:C2:3D:08:C7:19:DD:CC:55:BA:CF:8F:F7:80:C8:66:1A:B9:44:7D
Certificate issuer:       /CN=8A95FAF723EC129E336E75ACE1CD4F3094FB6481
Certificate serial:       2B4BAEC487E3597B915075C6BB2B4C6A56168C06
Authority key identifier: 8A:95:FA:F7:23:EC:12:9E:33:6E:75:AC:E1:CD:4F:30:94:FB:64:81
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A95FAF723EC129E336E75ACE1CD4F3094FB6481.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d8b98722-1cb4-40d4-ac8b-c3bca2bca217/0/323030313a6466303a663830303a3a2f34382d3438203d3e203538333937.roa
Signing time:             Thu 11 Jan 2024 08:01:00 +0000
ROA not before:           Thu 11 Jan 2024 07:56:00 +0000
ROA not after:            Thu 09 Jan 2025 08:01:00 +0000
asID:                     58397
IP address blocks:        2001:df0:f800::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d8b98722-1cb4-40d4-ac8b-c3bca2bca217/0/8A95FAF723EC129E336E75ACE1CD4F3094FB6481.crl
                          rsync://repo-rpki.idnic.net/repo/d8b98722-1cb4-40d4-ac8b-c3bca2bca217/0/8A95FAF723EC129E336E75ACE1CD4F3094FB6481.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A95FAF723EC129E336E75ACE1CD4F3094FB6481.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 05:17:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:4b:ae:c4:87:e3:59:7b:91:50:75:c6:bb:2b:4c:6a:56:16:8c:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8A95FAF723EC129E336E75ACE1CD4F3094FB6481
        Validity
            Not Before: Jan 11 07:56:00 2024 GMT
            Not After : Jan  9 08:01:00 2025 GMT
        Subject: CN=C6C23D08C719DDCC55BACF8FF780C8661AB9447D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:e9:fe:91:f6:17:72:12:8f:37:dc:45:eb:54:
                    53:a0:c9:50:3b:98:c8:6d:c4:f3:38:99:a3:6b:c9:
                    d7:e4:ae:43:4e:30:22:f0:04:eb:a5:8e:dd:3b:e2:
                    4d:89:dd:f5:5b:1f:d7:7e:54:5c:71:e3:95:c7:76:
                    bb:5d:44:ad:e0:5d:84:30:64:3f:ae:51:e0:e8:f0:
                    63:23:d4:84:3c:1f:82:b9:21:7e:da:32:e7:8a:26:
                    41:bd:4c:17:59:a8:a4:df:b7:78:22:72:b9:b9:0f:
                    82:86:75:ad:81:82:07:62:16:3a:77:f8:ec:a2:8c:
                    dd:7d:35:10:da:66:fd:fc:71:cf:95:b7:b1:e0:2e:
                    49:78:9d:95:09:89:99:7f:4c:ff:8e:77:77:0e:8f:
                    70:4c:d0:a5:5c:4a:c5:3a:62:b8:54:96:74:24:f2:
                    08:6f:a3:13:41:4c:3c:b7:f6:d7:18:6e:b0:3b:3b:
                    e1:8b:7f:c7:23:87:01:05:d5:16:da:d7:8d:1b:b1:
                    d4:29:66:34:b3:2e:4c:71:68:d0:28:42:a4:1c:dd:
                    c5:bd:bc:78:59:69:06:4d:5d:38:5a:d8:05:b5:ec:
                    5b:53:d3:06:2e:7d:e7:d6:dd:52:b5:07:2d:6f:48:
                    6f:4c:4d:3e:a2:7a:78:b3:86:41:68:8d:c9:50:bb:
                    b4:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:C2:3D:08:C7:19:DD:CC:55:BA:CF:8F:F7:80:C8:66:1A:B9:44:7D
            X509v3 Authority Key Identifier:
                keyid:8A:95:FA:F7:23:EC:12:9E:33:6E:75:AC:E1:CD:4F:30:94:FB:64:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d8b98722-1cb4-40d4-ac8b-c3bca2bca217/0/8A95FAF723EC129E336E75ACE1CD4F3094FB6481.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A95FAF723EC129E336E75ACE1CD4F3094FB6481.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d8b98722-1cb4-40d4-ac8b-c3bca2bca217/0/323030313a6466303a663830303a3a2f34382d3438203d3e203538333937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:df0:f800::/48

    Signature Algorithm: sha256WithRSAEncryption
         68:83:3c:c5:37:b0:68:e3:13:a5:aa:0e:ae:40:9b:01:93:59:
         fe:e4:8f:4c:42:3a:aa:28:ab:38:d3:f3:53:66:70:42:6d:81:
         81:6b:53:2c:a9:67:1c:e3:09:d3:00:55:b0:8a:e6:03:14:23:
         44:2a:60:eb:19:eb:c4:cf:fc:79:86:ac:e0:4b:f6:ab:39:86:
         91:94:79:ea:d7:06:81:f3:4a:4e:76:81:7a:c3:ca:63:3c:7f:
         37:37:5e:ed:16:9d:c9:3b:6c:06:09:a7:7e:a6:9c:a7:3f:cc:
         75:23:75:8a:29:17:82:01:92:3e:7e:87:ae:df:81:fd:13:ee:
         46:d1:34:3b:81:ec:76:9b:04:d3:e0:c2:22:14:47:87:1f:88:
         08:e4:d1:39:05:b9:d5:ad:dd:51:36:5b:1a:e7:a3:30:e8:59:
         50:e3:4e:04:25:25:b3:95:b3:ed:b7:a7:82:0e:df:2a:4a:e8:
         c8:ce:3d:fb:ff:35:a5:9f:6b:34:df:b3:c8:7e:9b:c8:54:7c:
         15:e5:e3:6c:27:47:90:5c:6a:ce:24:47:6f:ac:e3:3f:72:f1:
         58:2c:1f:35:54:6e:4a:18:07:b7:55:e0:1d:7e:be:d1:e8:5b:
         2b:07:d1:d9:c9:67:8f:01:bd:59:3e:4a:2e:c7:fd:c2:e2:a3:
         03:2b:89:b6
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUK0uuxIfjWXuRUHXGuytMalYWjAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEE5NUZBRjcyM0VDMTI5RTMzNkU3NUFDRTFDRDRGMzA5
NEZCNjQ4MTAeFw0yNDAxMTEwNzU2MDBaFw0yNTAxMDkwODAxMDBaMDMxMTAvBgNV
BAMTKEM2QzIzRDA4QzcxOUREQ0M1NUJBQ0Y4RkY3ODBDODY2MUFCOTQ0N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC46f6R9hdyEo833EXrVFOgyVA7
mMhtxPM4maNrydfkrkNOMCLwBOuljt074k2J3fVbH9d+VFxx45XHdrtdRK3gXYQw
ZD+uUeDo8GMj1IQ8H4K5IX7aMueKJkG9TBdZqKTft3gicrm5D4KGda2BggdiFjp3
+OyijN19NRDaZv38cc+Vt7HgLkl4nZUJiZl/TP+Od3cOj3BM0KVcSsU6YrhUlnQk
8ghvoxNBTDy39tcYbrA7O+GLf8cjhwEF1Rba140bsdQpZjSzLkxxaNAoQqQc3cW9
vHhZaQZNXTha2AW17FtT0wYufefW3VK1By1vSG9MTT6ienizhkFojclQu7T5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUxsI9CMcZ3cxVus+P94DIZhq5RH0wHwYDVR0j
BBgwFoAUipX69yPsEp4zbnWs4c1PMJT7ZIEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
OGI5ODcyMi0xY2I0LTQwZDQtYWM4Yi1jM2JjYTJiY2EyMTcvMC84QTk1RkFGNzIz
RUMxMjlFMzM2RTc1QUNFMUNENEYzMDk0RkI2NDgxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEE5NUZBRjcyM0VDMTI5RTMzNkU3NUFDRTFDRDRGMzA5NEZC
NjQ4MS5jZXIwgagGCCsGAQUFBwELBIGbMIGYMIGVBggrBgEFBQcwC4aBiHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q4Yjk4NzIyLTFjYjQtNDBkNC1h
YzhiLWMzYmNhMmJjYTIxNy8wLzMyMzAzMDMxM2E2NDY2MzAzYTY2MzgzMDMwM2Ez
YTJmMzQzODJkMzQzODIwM2QzZTIwMzUzODMzMzkzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABDfD4
ADANBgkqhkiG9w0BAQsFAAOCAQEAaIM8xTewaOMTpaoOrkCbAZNZ/uSPTEI6qiir
ONPzU2ZwQm2BgWtTLKlnHOMJ0wBVsIrmAxQjRCpg6xnrxM/8eYas4Ev2qzmGkZR5
6tcGgfNKTnaBesPKYzx/Nzde7RadyTtsBgmnfqacpz/MdSN1iikXggGSPn6Hrt+B
/RPuRtE0O4HsdpsE0+DCIhRHhx+ICOTROQW51a3dUTZbGuejMOhZUONOBCUls5Wz
7bengg7fKkroyM49+/81pZ9rNN+zyH6byFR8FeXjbCdHkFxqziRHb6zjP3LxWCwf
NVRuShgHt1XgHX6+0ehbKwfR2clnjwG9WT5KLsf9wuKjAyuJtg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:43:26 2024 by rpki-client on console-ams.rpki-client.org