Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/34352e36342e3130302e302f32322d3234203d3e203435373836.roa
File:                     34352e36342e3130302e302f32322d3234203d3e203435373836.roa (raw, json)
Hash identifier:          79szJlSxFEM6vGgihAOETNzSQWjHNJBKmnEw59Gq12g=
Subject key identifier:   0E:1E:78:45:B6:05:2D:87:BF:E0:E8:AB:68:14:44:DB:D5:F2:E3:57
Certificate issuer:       /CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
Certificate serial:       439887B1BCF615F26CEDE402097948107C815E2F
Authority key identifier: BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/34352e36342e3130302e302f32322d3234203d3e203435373836.roa
Signing time:             Thu 22 Aug 2024 09:00:52 +0000
ROA not before:           Thu 22 Aug 2024 08:55:52 +0000
ROA not after:            Thu 21 Aug 2025 09:00:52 +0000
asID:                     45786
IP address blocks:        45.64.100.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl
                          rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 17 Mar 2025 10:00:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:98:87:b1:bc:f6:15:f2:6c:ed:e4:02:09:79:48:10:7c:81:5e:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B
        Validity
            Not Before: Aug 22 08:55:52 2024 GMT
            Not After : Aug 21 09:00:52 2025 GMT
        Subject: CN=0E1E7845B6052D87BFE0E8AB681444DBD5F2E357
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:bc:33:e6:d9:ba:8d:05:ef:d5:bb:67:5d:98:
                    b6:35:ce:b7:e6:2d:97:7c:da:7a:f1:af:c4:4c:d1:
                    5c:68:ad:15:87:05:d4:0e:6c:a4:44:34:3d:3c:31:
                    c6:3d:a2:f6:0b:d6:80:75:7b:7a:d5:fc:db:37:1c:
                    4f:66:19:42:fb:55:54:54:d5:dc:08:db:ff:de:85:
                    5d:4c:a4:f0:88:be:21:e4:cd:ac:ec:61:ae:1d:91:
                    45:67:d4:71:13:44:1d:d4:06:71:4a:17:5e:5e:43:
                    05:a7:87:54:1b:b6:8a:93:6c:72:bc:91:27:90:79:
                    53:a7:ca:65:95:e3:78:f5:37:84:74:0e:86:0f:7a:
                    f4:9f:e9:7f:2d:60:35:e8:8b:4f:7b:86:58:80:17:
                    b3:d9:0a:74:32:58:92:9e:2c:32:96:f0:28:d8:ff:
                    b4:e7:a3:e0:8e:04:24:60:af:04:55:80:cb:bb:b7:
                    0f:03:c1:70:50:c2:52:da:3a:f4:04:8b:c7:13:4b:
                    f0:6a:cb:02:f8:85:a1:93:ee:fe:4c:cb:06:fa:6f:
                    27:bf:67:5e:18:24:f6:23:c1:32:5b:be:a6:6f:34:
                    6c:9d:32:cb:6b:a4:c6:c6:a2:df:fe:05:b8:d8:a7:
                    aa:49:8b:7c:d1:61:94:4e:55:4a:c3:c1:45:e5:ec:
                    e5:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:1E:78:45:B6:05:2D:87:BF:E0:E8:AB:68:14:44:DB:D5:F2:E3:57
            X509v3 Authority Key Identifier:
                keyid:BF:07:6E:A2:4A:68:CF:15:2C:32:3C:7A:3D:FD:3F:92:AF:E8:AA:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BF076EA24A68CF152C323C7A3DFD3F92AFE8AA2B.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e50da447-a138-4625-a420-a711ac243519/0/34352e36342e3130302e302f32322d3234203d3e203435373836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.64.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         57:20:3f:d1:f9:58:00:87:54:58:af:28:27:e0:40:d4:9c:f2:
         bc:5f:24:e7:46:80:e8:9f:a8:e3:91:21:e3:f4:d2:27:04:2f:
         99:40:cf:1f:ad:e4:e2:c2:6e:6f:40:9b:cc:75:cc:9f:16:bb:
         0f:9f:09:b6:f4:86:d1:ab:54:ed:85:6e:19:b7:3b:d8:2e:09:
         80:6a:53:9a:12:e3:bf:13:68:da:27:0e:d0:1d:7a:aa:ff:61:
         1d:5f:7f:88:5a:80:da:fe:9a:75:5d:34:eb:60:70:55:67:e1:
         a9:58:cc:b1:38:4a:ed:58:83:91:ee:0b:b0:17:eb:f6:1c:a3:
         e0:84:bf:30:df:99:ff:6a:61:29:74:d5:06:b1:fd:89:7e:3a:
         6a:a6:5f:bc:b0:c8:80:0f:8f:c5:02:79:8e:1c:9a:89:b5:07:
         41:55:3d:4d:d2:ff:9f:88:c8:7e:4c:29:ff:af:a6:30:40:5c:
         5f:6d:f6:f0:b1:f8:c2:d0:55:86:9a:49:54:f9:6a:37:14:39:
         de:15:c1:0d:7b:38:f5:33:a8:0e:2d:5c:cc:75:5e:61:f8:c5:
         c0:e7:c0:32:1a:fa:ce:52:e2:e6:e9:09:d1:0a:8d:e8:b1:e9:
         66:dd:a0:b4:5b:6c:05:06:65:b4:f5:f8:22:c2:ff:8c:92:74:
         d7:4e:03:22
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUQ5iHsbz2FfJs7eQCCXlIEHyBXi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJB
RkU4QUEyQjAeFw0yNDA4MjIwODU1NTJaFw0yNTA4MjEwOTAwNTJaMDMxMTAvBgNV
BAMTKDBFMUU3ODQ1QjYwNTJEODdCRkUwRThBQjY4MTQ0NERCRDVGMkUzNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuvDPm2bqNBe/Vu2ddmLY1zrfm
LZd82nrxr8RM0VxorRWHBdQObKREND08McY9ovYL1oB1e3rV/Ns3HE9mGUL7VVRU
1dwI2//ehV1MpPCIviHkzazsYa4dkUVn1HETRB3UBnFKF15eQwWnh1QbtoqTbHK8
kSeQeVOnymWV43j1N4R0DoYPevSf6X8tYDXoi097hliAF7PZCnQyWJKeLDKW8CjY
/7Tno+COBCRgrwRVgMu7tw8DwXBQwlLaOvQEi8cTS/BqywL4haGT7v5Mywb6bye/
Z14YJPYjwTJbvqZvNGydMstrpMbGot/+BbjYp6pJi3zRYZROVUrDwUXl7OXFAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUDh54RbYFLYe/4OiraBRE29Xy41cwHwYDVR0j
BBgwFoAUvwduokpozxUsMjx6Pf0/kq/oqiswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
NTBkYTQ0Ny1hMTM4LTQ2MjUtYTQyMC1hNzExYWMyNDM1MTkvMC9CRjA3NkVBMjRB
NjhDRjE1MkMzMjNDN0EzREZEM0Y5MkFGRThBQTJCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQkYwNzZFQTI0QTY4Q0YxNTJDMzIzQzdBM0RGRDNGOTJBRkU4
QUEyQi5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U1MGRhNDQ3LWExMzgtNDYyNS1h
NDIwLWE3MTFhYzI0MzUxOS8wLzM0MzUyZTM2MzQyZTMxMzAzMDJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDM0MzUzNzM4MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItQGQwDQYJKoZIhvcN
AQELBQADggEBAFcgP9H5WACHVFivKCfgQNSc8rxfJOdGgOifqOORIeP00icEL5lA
zx+t5OLCbm9Am8x1zJ8Wuw+fCbb0htGrVO2Fbhm3O9guCYBqU5oS478TaNonDtAd
eqr/YR1ff4hagNr+mnVdNOtgcFVn4alYzLE4Su1Yg5HuC7AX6/Yco+CEvzDfmf9q
YSl01Qax/Yl+OmqmX7ywyIAPj8UCeY4cmom1B0FVPU3S/5+IyH5MKf+vpjBAXF9t
9vCx+MLQVYaaSVT5ajcUOd4VwQ17OPUzqA4tXMx1XmH4xcDnwDIa+s5S4ubpCdEK
jeix6WbdoLRbbAUGZbT1+CLC/4ySdNdOAyI=
-----END CERTIFICATE-----
Generated at Sat Mar 15 05:49:15 2025 by rpki-client