Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3131312e36372e36342e302f31392d3234203d3e203435373836.roa
File:                     3131312e36372e36342e302f31392d3234203d3e203435373836.roa (raw, json)
Hash identifier:          lrS/GSSKQ2J7NdJ/xy82TzU+/28NXl295mMItZF0aBM=
Subject key identifier:   F0:78:23:FC:2E:BE:3F:41:DB:92:81:66:F6:3B:5D:84:33:6A:B5:28
Certificate issuer:       /CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
Certificate serial:       337CCFBB38FED58A8384ECDC22B422D8171FB90E
Authority key identifier: BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3131312e36372e36342e302f31392d3234203d3e203435373836.roa
Signing time:             Mon 01 Jul 2024 01:04:01 +0000
ROA not before:           Mon 01 Jul 2024 00:59:01 +0000
ROA not after:            Mon 30 Jun 2025 01:04:01 +0000
asID:                     45786
IP address blocks:        111.67.64.0/19 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl
                          rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 17 Mar 2025 10:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:7c:cf:bb:38:fe:d5:8a:83:84:ec:dc:22:b4:22:d8:17:1f:b9:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
        Validity
            Not Before: Jul  1 00:59:01 2024 GMT
            Not After : Jun 30 01:04:01 2025 GMT
        Subject: CN=F07823FC2EBE3F41DB928166F63B5D84336AB528
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:57:a6:7a:fa:b1:65:e5:98:10:c5:46:7b:4d:
                    8c:68:aa:b3:42:cc:3a:c2:58:a6:ad:7d:31:79:66:
                    48:ea:3b:e2:87:7a:73:09:cf:5c:43:be:8e:ec:ed:
                    3c:7f:ef:de:d7:44:5b:02:3f:c0:c1:dc:01:5c:86:
                    e5:4c:ee:15:fe:bc:00:4e:9b:1a:57:50:43:c5:59:
                    bb:54:69:14:c7:22:a6:cf:51:e9:02:4d:61:b4:8b:
                    99:fe:ee:fb:44:4d:da:f0:e8:97:84:48:47:8f:58:
                    31:00:8e:d6:2e:9e:5f:76:88:89:9c:a8:84:6b:c7:
                    c9:eb:ab:21:fd:fb:cd:ec:c9:53:05:d5:c1:55:cf:
                    eb:e3:e6:3f:32:20:92:97:10:24:f5:85:b9:eb:13:
                    05:00:8b:47:dc:44:5e:74:24:ed:72:9b:5a:d7:4c:
                    48:a6:0d:34:7c:ec:59:58:c5:cd:de:d8:ec:f2:d7:
                    07:c5:a5:1c:c3:32:8d:1b:2c:ee:72:ab:05:ad:c2:
                    dc:84:ce:51:d9:99:3f:c3:bc:56:b5:e1:31:e1:05:
                    ba:47:5c:94:dd:76:69:a8:a5:83:5c:ca:84:b2:18:
                    f5:c2:fd:a4:4c:63:33:73:fc:1f:38:d8:22:89:b8:
                    c5:ea:8f:2b:61:3e:24:a6:23:3b:65:8d:d2:29:3d:
                    f4:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:78:23:FC:2E:BE:3F:41:DB:92:81:66:F6:3B:5D:84:33:6A:B5:28
            X509v3 Authority Key Identifier:
                keyid:BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3131312e36372e36342e302f31392d3234203d3e203435373836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.67.64.0/19

    Signature Algorithm: sha256WithRSAEncryption
         89:3e:29:1f:78:eb:27:46:8c:5e:ec:d4:2d:7a:15:2b:ba:0c:
         8b:38:04:c1:5d:b4:90:37:4b:5e:90:55:6b:a1:31:6c:90:06:
         d8:ff:7d:c7:88:6b:92:be:37:01:f7:12:d8:9d:c5:d4:10:30:
         57:d4:4e:c7:f3:ab:48:5f:a9:0a:93:04:36:10:55:3a:a5:87:
         4e:39:81:3e:7c:4f:b1:75:8a:f9:81:31:95:d3:c2:a4:2e:63:
         9d:7d:15:b7:25:ed:84:84:52:0f:75:e4:6f:3b:2b:33:bd:f9:
         6f:e7:b0:db:46:95:c4:4a:4c:1b:21:8f:0c:14:e4:f9:23:a0:
         d6:b9:4d:f2:be:d9:29:de:68:02:cb:29:92:84:70:76:d1:98:
         4d:d9:71:0b:f0:fc:3d:a1:4c:7f:7a:6e:85:c6:ea:e1:a9:65:
         5d:6d:a3:49:f3:bd:81:56:08:10:21:ea:58:d1:c0:50:17:dc:
         a7:83:a3:a1:30:74:6f:75:78:7c:8d:32:6f:3d:df:32:c5:37:
         a3:44:71:a5:09:4a:8f:13:73:c3:df:c2:9c:53:f0:f7:20:f7:
         a8:6e:75:c6:b9:79:c6:f3:13:5f:d6:19:38:eb:43:97:62:da:
         94:27:f3:bb:b0:79:7a:a9:85:8c:a0:c5:05:ae:3c:e7:1d:5b:
         a9:90:47:a8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUM3zPuzj+1YqDhOzcIrQi2BcfuQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJB
RkU4QUEyQjAeFw0yNDA3MDEwMDU5MDFaFw0yNTA2MzAwMTA0MDFaMDMxMTAvBgNV
BAMTKEYwNzgyM0ZDMkVCRTNGNDFEQjkyODE2NkY2M0I1RDg0MzM2QUI1MjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDV6Z6+rFl5ZgQxUZ7TYxoqrNC
zDrCWKatfTF5ZkjqO+KHenMJz1xDvo7s7Tx/797XRFsCP8DB3AFchuVM7hX+vABO
mxpXUEPFWbtUaRTHIqbPUekCTWG0i5n+7vtETdrw6JeESEePWDEAjtYunl92iImc
qIRrx8nrqyH9+83syVMF1cFVz+vj5j8yIJKXECT1hbnrEwUAi0fcRF50JO1ym1rX
TEimDTR87FlYxc3e2Ozy1wfFpRzDMo0bLO5yqwWtwtyEzlHZmT/DvFa14THhBbpH
XJTddmmopYNcyoSyGPXC/aRMYzNz/B842CKJuMXqjythPiSmIztljdIpPfSVAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU8Hgj/C6+P0HbkoFm9jtdhDNqtSgwHwYDVR0j
BBgwFoAUvwduokpozxUsMjx6Pf0/kq/oqiswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
NTBkYTQ0Ny1hMTM4LTQ2MjUtYTQyMC1hNzExYWMyNDM1MTkvMC9CRjA3NkVBMjRB
NjhDRjE1MkMzMjNDN0EzREZEM0Y5MkFGRThBQTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJBRkU4
QUEyQi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1MGRhNDQ3LWExMzgtNDYyNS1h
NDIwLWE3MTFhYzI0MzUxOS8wLzMxMzEzMTJlMzYzNzJlMzYzNDJlMzAyZjMxMzky
ZDMyMzQyMDNkM2UyMDM0MzUzNzM4MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAVvQ0AwDQYJKoZIhvcN
AQELBQADggEBAIk+KR946ydGjF7s1C16FSu6DIs4BMFdtJA3S16QVWuhMWyQBtj/
fceIa5K+NwH3EtidxdQQMFfUTsfzq0hfqQqTBDYQVTqlh045gT58T7F1ivmBMZXT
wqQuY519Fbcl7YSEUg915G87KzO9+W/nsNtGlcRKTBshjwwU5PkjoNa5TfK+2Sne
aALLKZKEcHbRmE3ZcQvw/D2hTH96boXG6uGpZV1to0nzvYFWCBAh6ljRwFAX3KeD
o6EwdG91eHyNMm893zLFN6NEcaUJSo8Tc8PfwpxT8Pcg96hudca5ecbzE1/WGTjr
Q5di2pQn87uweXqphYygxQWuPOcdW6mQR6g=
-----END CERTIFICATE-----
Generated at Sat Mar 15 05:49:15 2025 by rpki-client