Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3230322e36312e3130302e302f32332d3234203d3e203435373836.roa
File:                     3230322e36312e3130302e302f32332d3234203d3e203435373836.roa (raw, json)
Hash identifier:          a8mTP5wqsK0/6i33hi9F2fx0vcrLrr8F0sXVOsBm+uM=
Subject key identifier:   A1:6A:ED:FE:37:52:FC:5B:F9:DA:8C:54:AF:07:C6:8F:EA:46:F9:FE
Certificate issuer:       /CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
Certificate serial:       08B68C6C4757052FB543243FE3D4A6A9E0B324C5
Authority key identifier: BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3230322e36312e3130302e302f32332d3234203d3e203435373836.roa
Signing time:             Mon 02 Jun 2025 02:03:03 +0000
ROA not before:           Mon 02 Jun 2025 01:58:03 +0000
ROA not after:            Mon 01 Jun 2026 02:03:03 +0000
asID:                     45786
IP address blocks:        202.61.100.0/23 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl
                          rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 11 Jun 2025 23:22:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:b6:8c:6c:47:57:05:2f:b5:43:24:3f:e3:d4:a6:a9:e0:b3:24:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
        Validity
            Not Before: Jun  2 01:58:03 2025 GMT
            Not After : Jun  1 02:03:03 2026 GMT
        Subject: CN=A16AEDFE3752FC5BF9DA8C54AF07C68FEA46F9FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:45:1e:41:fb:1c:16:96:03:b4:7c:c1:b2:25:
                    2a:45:a4:0c:dc:6b:bd:be:1a:43:4d:4d:ff:27:c4:
                    7f:ee:e5:1f:64:ee:5d:28:2c:d8:c5:83:4b:50:cd:
                    bf:4a:ef:30:c2:9e:92:3e:5d:de:3b:98:9d:0a:6c:
                    90:46:2a:f3:d9:84:e0:a3:39:fd:5d:cd:7e:ab:a1:
                    c1:f5:2b:42:b9:39:32:cb:b0:d9:c5:6d:21:b3:aa:
                    47:70:d4:81:93:08:14:2c:f0:41:0f:98:6a:1f:81:
                    c6:8b:53:72:8a:0d:6f:31:95:c9:52:31:2e:e7:d8:
                    b1:b4:42:ca:90:2a:96:c2:9c:8e:06:e6:8d:94:7d:
                    41:94:61:e4:3f:83:ba:7c:e9:29:b2:a8:7e:5a:61:
                    92:7b:9b:fd:6c:9f:cd:ea:78:7b:dd:95:ae:ca:6d:
                    95:a5:31:0b:c5:f6:b5:04:2c:b9:71:95:77:72:82:
                    f0:c1:9f:c6:8c:56:85:21:b8:ad:12:c8:90:3c:02:
                    2c:c7:f3:a3:93:d7:46:d9:d9:d7:1c:ef:be:2e:1a:
                    20:26:53:20:70:18:52:5e:8d:86:92:c8:43:30:08:
                    fa:dc:5f:ad:cc:1c:f5:30:e2:fe:9e:ea:f1:71:bd:
                    bd:c7:fa:f8:1a:3b:f1:b9:39:83:06:7a:25:07:01:
                    f3:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:6A:ED:FE:37:52:FC:5B:F9:DA:8C:54:AF:07:C6:8F:EA:46:F9:FE
            X509v3 Authority Key Identifier:
                keyid:BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/3230322e36312e3130302e302f32332d3234203d3e203435373836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.61.100.0/23

    Signature Algorithm: sha256WithRSAEncryption
         05:74:09:35:2f:4b:ea:08:8c:af:0a:be:bd:a3:ef:84:91:ec:
         d2:bf:1e:49:c2:9a:c1:78:26:2d:ec:fb:bc:d9:5a:52:1b:81:
         23:0c:78:fd:88:6d:45:4d:54:fd:32:21:bf:7e:45:57:fa:33:
         9b:12:7a:5f:0b:dd:79:f5:76:c1:2a:27:b4:e5:76:1d:a8:17:
         27:de:dc:5d:95:ed:95:54:bb:f6:a9:b9:3d:47:ff:58:ff:18:
         00:ae:f2:f0:02:7b:17:ca:48:60:62:5a:5a:51:1f:aa:c3:3a:
         b3:d2:2e:5e:b8:8c:c7:c4:fc:95:ee:be:5e:68:76:1a:80:f9:
         aa:f5:1b:23:93:3e:e1:66:9c:d3:7e:de:a6:5c:9b:13:8d:95:
         32:cf:73:e5:b5:b4:07:01:20:3c:95:1a:a1:c5:fd:ac:65:38:
         7e:4c:a1:44:d4:93:56:2f:9a:3f:5b:9b:96:33:e3:34:14:68:
         c0:d0:66:43:6f:c2:be:91:7a:22:a1:d2:f6:d7:01:05:dd:18:
         0a:c8:b0:01:52:b0:d1:75:ed:81:78:27:2f:4b:de:a4:c6:fe:
         3a:bc:73:4d:a6:6e:0e:cb:da:43:68:a9:14:70:0c:ed:c7:35:
         af:3f:e7:d4:b8:73:b9:65:d2:db:25:8b:1c:5a:35:09:81:39:
         38:6e:25:f9
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUCLaMbEdXBS+1QyQ/49SmqeCzJMUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJB
RkU4QUEyQjAeFw0yNTA2MDIwMTU4MDNaFw0yNjA2MDEwMjAzMDNaMDMxMTAvBgNV
BAMTKEExNkFFREZFMzc1MkZDNUJGOURBOEM1NEFGMDdDNjhGRUE0NkY5RkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCRR5B+xwWlgO0fMGyJSpFpAzc
a72+GkNNTf8nxH/u5R9k7l0oLNjFg0tQzb9K7zDCnpI+Xd47mJ0KbJBGKvPZhOCj
Of1dzX6rocH1K0K5OTLLsNnFbSGzqkdw1IGTCBQs8EEPmGofgcaLU3KKDW8xlclS
MS7n2LG0QsqQKpbCnI4G5o2UfUGUYeQ/g7p86SmyqH5aYZJ7m/1sn83qeHvdla7K
bZWlMQvF9rUELLlxlXdygvDBn8aMVoUhuK0SyJA8AizH86OT10bZ2dcc774uGiAm
UyBwGFJejYaSyEMwCPrcX63MHPUw4v6e6vFxvb3H+vgaO/G5OYMGeiUHAfPHAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUoWrt/jdS/Fv52oxUrwfGj+pG+f4wHwYDVR0j
BBgwFoAUvwduokpozxUsMjx6Pf0/kq/oqiswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
NTBkYTQ0Ny1hMTM4LTQ2MjUtYTQyMC1hNzExYWMyNDM1MTkvMC9CRjA3NkVBMjRB
NjhDRjE1MkMzMjNDN0EzREZEM0Y5MkFGRThBQTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJBRkU4
QUEyQi5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1MGRhNDQ3LWExMzgtNDYyNS1h
NDIwLWE3MTFhYzI0MzUxOS8wLzMyMzAzMjJlMzYzMTJlMzEzMDMwMmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzQzNTM3MzgzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAco9ZDANBgkqhkiG
9w0BAQsFAAOCAQEABXQJNS9L6giMrwq+vaPvhJHs0r8eScKawXgmLez7vNlaUhuB
Iwx4/YhtRU1U/TIhv35FV/ozmxJ6XwvdefV2wSontOV2HagXJ97cXZXtlVS79qm5
PUf/WP8YAK7y8AJ7F8pIYGJaWlEfqsM6s9IuXriMx8T8le6+Xmh2GoD5qvUbI5M+
4Wac037eplybE42VMs9z5bW0BwEgPJUaocX9rGU4fkyhRNSTVi+aP1ubljPjNBRo
wNBmQ2/CvpF6IqHS9tcBBd0YCsiwAVKw0XXtgXgnL0vepMb+OrxzTaZuDsvaQ2ip
FHAM7cc1rz/n1LhzuWXS2yWLHFo1CYE5OG4l+Q==
-----END CERTIFICATE-----
Generated at Mon Jun 9 12:44:47 2025 by rpki-client