Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3131312e36372e37362e302f32342d3234203d3e203536323333.roa
File:                     3131312e36372e37362e302f32342d3234203d3e203536323333.roa (raw, json)
Hash identifier:          vhSbfr4PwcH2c1j4QZ7NODAAE3UKxSP2hh5xHxbrnvM=
Subject key identifier:   AF:99:1B:9C:7E:AE:BE:BE:F3:30:47:35:DD:10:06:30:3F:01:EC:0D
Certificate issuer:       /CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
Certificate serial:       772A4C9BEA626C1DE8CF4C04F67E5C49551E44A5
Authority key identifier: BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3131312e36372e37362e302f32342d3234203d3e203536323333.roa
Signing time:             Mon 08 Jul 2024 14:00:01 +0000
ROA not before:           Mon 08 Jul 2024 13:55:01 +0000
ROA not after:            Mon 07 Jul 2025 14:00:01 +0000
asID:                     56233
IP address blocks:        111.67.76.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl
                          rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 21:27:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:2a:4c:9b:ea:62:6c:1d:e8:cf:4c:04:f6:7e:5c:49:55:1e:44:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
        Validity
            Not Before: Jul  8 13:55:01 2024 GMT
            Not After : Jul  7 14:00:01 2025 GMT
        Subject: CN=AF991B9C7EAEBEBEF3304735DD1006303F01EC0D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:d9:ba:fc:cf:c8:1c:b6:6f:62:02:4a:dd:9d:
                    b6:fe:d7:cc:ea:07:8d:a7:d4:7d:d1:60:09:6e:f6:
                    f9:57:f8:e9:f4:25:f8:cf:80:a2:31:61:28:ec:8a:
                    aa:d9:0e:16:1a:7a:7f:e3:10:9e:0a:86:91:35:9f:
                    91:ea:be:43:7c:05:aa:07:49:6f:8d:13:f0:12:97:
                    4b:16:11:36:a7:19:17:71:ae:99:41:8b:f7:1b:bb:
                    94:89:fa:4b:bf:c6:f8:72:58:b6:7c:2b:ec:3c:40:
                    c9:ca:2b:63:5c:6d:77:8a:00:77:5e:7b:f8:60:70:
                    b9:0a:5e:58:55:40:f4:34:d2:fb:d2:ef:ee:af:0c:
                    2a:ac:c8:52:72:80:2e:8a:28:21:a2:ff:3e:72:ed:
                    a4:fa:f8:ec:0c:04:cb:d5:c8:1a:2d:a8:f0:f0:ec:
                    7b:b7:0c:2a:11:f8:c5:70:53:d6:fa:3c:e4:9d:cb:
                    7c:a3:64:2b:cc:1e:73:2c:24:7d:9a:67:92:fb:b9:
                    fc:95:a8:a8:c3:be:47:04:b5:4e:17:6f:a9:d0:d2:
                    3f:79:47:6f:26:9c:e6:23:9d:36:c1:a6:89:5f:54:
                    be:07:d9:b0:ee:65:75:99:60:71:6f:4c:4a:be:7a:
                    6d:29:fb:75:e3:1f:b5:85:0f:ad:f5:5a:a5:ad:12:
                    7f:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:99:1B:9C:7E:AE:BE:BE:F3:30:47:35:DD:10:06:30:3F:01:EC:0D
            X509v3 Authority Key Identifier:
                keyid:BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3131312e36372e37362e302f32342d3234203d3e203536323333.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.67.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:42:5e:7e:4b:35:4a:ea:6f:01:7e:30:af:38:20:11:bf:c5:
         41:49:3d:2f:7d:3a:4f:15:a8:1b:dd:7d:69:81:a9:68:8c:95:
         cc:61:7b:33:5e:6d:dc:8f:18:22:74:09:9b:e1:77:0c:d3:0f:
         19:a3:a0:03:3a:5e:60:7b:50:ff:97:3d:28:16:94:e2:7f:50:
         8a:d3:3a:47:62:b0:cc:1c:a3:9b:27:4e:5f:81:d6:b2:6a:3f:
         10:40:dd:8a:d1:b1:c8:2d:7e:a8:f6:8a:b5:d7:9d:c1:93:2f:
         b9:87:9d:5c:a0:8e:cb:db:de:e2:b6:11:3d:08:67:3b:6b:c4:
         46:e8:a9:c5:c6:dd:90:9d:6e:d3:4d:25:a2:e8:9f:ae:66:ec:
         ee:7c:de:85:ac:f4:76:59:18:53:b7:f0:a2:cf:68:f9:6f:08:
         b2:08:28:6d:f5:7b:12:ca:cf:b7:60:25:50:74:77:38:f2:80:
         5f:33:68:6b:49:05:94:61:a5:e6:d6:ae:83:ba:3f:19:e5:31:
         1f:ab:9d:42:27:db:15:ff:af:df:84:16:0a:3a:d8:9a:3e:df:
         e8:fd:e6:f1:14:ed:ee:97:38:6d:1f:3a:ed:4e:a1:a3:f2:4c:
         41:df:02:62:84:e1:88:a9:c5:82:09:9b:a4:d8:42:24:fb:24:
         3a:b9:3f:ab
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUdypMm+pibB3oz0wE9n5cSVUeRKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJB
RkU4QUEyQjAeFw0yNDA3MDgxMzU1MDFaFw0yNTA3MDcxNDAwMDFaMDMxMTAvBgNV
BAMTKEFGOTkxQjlDN0VBRUJFQkVGMzMwNDczNUREMTAwNjMwM0YwMUVDMEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS2br8z8gctm9iAkrdnbb+18zq
B42n1H3RYAlu9vlX+On0JfjPgKIxYSjsiqrZDhYaen/jEJ4KhpE1n5HqvkN8BaoH
SW+NE/ASl0sWETanGRdxrplBi/cbu5SJ+ku/xvhyWLZ8K+w8QMnKK2NcbXeKAHde
e/hgcLkKXlhVQPQ00vvS7+6vDCqsyFJygC6KKCGi/z5y7aT6+OwMBMvVyBotqPDw
7Hu3DCoR+MVwU9b6POSdy3yjZCvMHnMsJH2aZ5L7ufyVqKjDvkcEtU4Xb6nQ0j95
R28mnOYjnTbBpolfVL4H2bDuZXWZYHFvTEq+em0p+3XjH7WFD631WqWtEn+ZAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUr5kbnH6uvr7zMEc13RAGMD8B7A0wHwYDVR0j
BBgwFoAUvwduokpozxUsMjx6Pf0/kq/oqiswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
NTBkYTQ0Ny1hMTM4LTQ2MjUtYTQyMC1hNzExYWMyNDM1MTkvMC9CRjA3NkVBMjRB
NjhDRjE1MkMzMjNDN0EzREZEM0Y5MkFGRThBQTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJBRkU4
QUEyQi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1MGRhNDQ3LWExMzgtNDYyNS1h
NDIwLWE3MTFhYzI0MzUxOS8wLzMxMzEzMTJlMzYzNzJlMzczNjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM1MzYzMjMzMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABvQ0wwDQYJKoZIhvcN
AQELBQADggEBAENCXn5LNUrqbwF+MK84IBG/xUFJPS99Ok8VqBvdfWmBqWiMlcxh
ezNebdyPGCJ0CZvhdwzTDxmjoAM6XmB7UP+XPSgWlOJ/UIrTOkdisMwco5snTl+B
1rJqPxBA3YrRscgtfqj2irXXncGTL7mHnVygjsvb3uK2ET0IZztrxEboqcXG3ZCd
btNNJaLon65m7O583oWs9HZZGFO38KLPaPlvCLIIKG31exLKz7dgJVB0dzjygF8z
aGtJBZRhpebWroO6PxnlMR+rnUIn2xX/r9+EFgo62Jo+3+j95vEU7e6XOG0fOu1O
oaPyTEHfAmKE4YipxYIJm6TYQiT7JDq5P6s=
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:29:10 2024 by rpki-client on console-ams.rpki-client.org