Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/3131362e36362e3230352e302f32342d3234203d3e20313337333436.roa
File:                     3131362e36362e3230352e302f32342d3234203d3e20313337333436.roa (raw, json)
Hash identifier:          6L1fi4mJdWpRroX23zZEOVdQU8PvSqTKWylh/RDULSQ=
Subject key identifier:   69:13:55:69:2E:E3:44:A8:C9:66:A7:D8:00:61:A1:09:A0:01:F8:A0
Certificate issuer:       /CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
Certificate serial:       639BCC2317A5F1BFC64560D61A759838C346BBDC
Authority key identifier: 6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/3131362e36362e3230352e302f32342d3234203d3e20313337333436.roa
Signing time:             Fri 24 May 2024 04:00:02 +0000
ROA not before:           Fri 24 May 2024 03:55:02 +0000
ROA not after:            Fri 23 May 2025 04:00:02 +0000
asID:                     137346
IP address blocks:        116.66.205.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.crl
                          rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 21:27:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:9b:cc:23:17:a5:f1:bf:c6:45:60:d6:1a:75:98:38:c3:46:bb:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC
        Validity
            Not Before: May 24 03:55:02 2024 GMT
            Not After : May 23 04:00:02 2025 GMT
        Subject: CN=691355692EE344A8C966A7D80061A109A001F8A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:48:bb:77:67:55:0c:6d:70:86:0a:de:52:4f:
                    0c:ca:27:0e:35:4b:27:13:64:a4:7a:dd:12:b0:d1:
                    50:15:cd:50:94:93:99:da:7b:e0:9e:6a:d3:d7:ed:
                    f8:0b:47:41:aa:8a:5c:05:74:30:9e:51:64:9e:f3:
                    b4:f5:a5:f5:e1:24:73:64:33:73:bc:d8:ec:56:b5:
                    a9:6d:44:6c:e9:30:e9:dd:e6:7c:26:b1:20:bb:f3:
                    52:d2:4e:20:c0:6a:ad:b5:a9:55:40:3f:5d:a5:2a:
                    f8:7f:79:98:a0:ed:c8:5c:68:a2:90:de:d7:9f:f4:
                    ef:60:52:d0:ab:91:d6:fd:be:8d:62:88:de:94:d3:
                    32:61:27:8e:44:d0:01:46:99:52:25:cc:3f:33:39:
                    e8:29:aa:c2:78:70:ea:61:85:cb:e4:3e:ce:0b:e7:
                    af:40:65:c7:6e:89:cf:08:7c:32:86:f3:ec:1d:85:
                    a2:dd:44:07:6e:5a:9f:9f:2f:2f:c7:52:d8:85:9c:
                    8a:cd:25:2f:31:0a:0f:11:bc:9d:d9:18:3c:26:c4:
                    4e:90:8b:fd:cd:ae:a3:70:a2:bd:15:88:e0:b6:4e:
                    43:48:a5:ef:ce:ff:a2:32:03:aa:72:43:0b:f7:66:
                    0c:c0:23:66:ce:60:14:12:f6:5d:1b:d6:6f:d4:c2:
                    52:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:13:55:69:2E:E3:44:A8:C9:66:A7:D8:00:61:A1:09:A0:01:F8:A0
            X509v3 Authority Key Identifier:
                keyid:6A:D9:56:36:B6:B3:E0:D5:F9:0E:E4:1F:3C:3D:6D:51:F8:FC:06:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/6AD95636B6B3E0D5F90EE41F3C3D6D51F8FC06EC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/e87349fb-465e-4e8b-a974-90e939bcb0fb/0/3131362e36362e3230352e302f32342d3234203d3e20313337333436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  116.66.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:b5:c3:89:fc:eb:23:af:fa:f7:93:28:9b:64:f5:91:24:0c:
         03:f5:67:49:60:2f:06:a7:d7:d5:e2:85:2c:6d:4d:3a:c0:4d:
         3f:ae:39:60:e6:3c:62:77:ea:53:77:75:d8:eb:e4:34:39:bc:
         d7:ae:08:bf:d2:88:4f:08:17:1c:a8:9d:e8:57:e8:dd:bf:b6:
         17:66:a9:df:4a:ab:fd:a8:ea:fb:4c:34:c5:7b:3c:46:8f:7e:
         6d:45:2f:b2:26:c8:6b:59:5c:4f:b1:20:06:a0:81:ad:b1:2e:
         82:0c:4d:ca:3d:04:17:b7:69:e8:e4:5c:b7:09:03:20:33:47:
         78:4e:93:2b:b4:9d:0f:11:31:5a:d8:b1:b5:b2:95:fe:a2:20:
         1f:bb:33:f4:48:86:59:42:d9:25:8d:bb:82:41:be:2e:c7:7e:
         3a:59:b0:02:77:e2:54:1d:ca:b7:6b:7b:8a:59:e9:00:b2:93:
         2d:39:ee:fa:3f:2f:71:13:fc:b2:57:4f:2c:04:a7:2e:b0:14:
         27:f8:a0:11:25:b8:70:23:38:0a:72:95:f3:c0:b5:96:95:7d:
         2e:08:96:ac:6d:92:d2:2c:1e:e2:40:43:13:45:05:e0:e6:0b:
         06:89:7f:05:6f:96:c0:ac:fd:46:43:d5:98:8f:c0:56:92:1b:
         e5:c0:dd:9c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUY5vMIxel8b/GRWDWGnWYOMNGu9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFG
OEZDMDZFQzAeFw0yNDA1MjQwMzU1MDJaFw0yNTA1MjMwNDAwMDJaMDMxMTAvBgNV
BAMTKDY5MTM1NTY5MkVFMzQ0QThDOTY2QTdEODAwNjFBMTA5QTAwMUY4QTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzSLt3Z1UMbXCGCt5STwzKJw41
SycTZKR63RKw0VAVzVCUk5nae+CeatPX7fgLR0GqilwFdDCeUWSe87T1pfXhJHNk
M3O82OxWtaltRGzpMOnd5nwmsSC781LSTiDAaq21qVVAP12lKvh/eZig7chcaKKQ
3tef9O9gUtCrkdb9vo1iiN6U0zJhJ45E0AFGmVIlzD8zOegpqsJ4cOphhcvkPs4L
569AZcduic8IfDKG8+wdhaLdRAduWp+fLy/HUtiFnIrNJS8xCg8RvJ3ZGDwmxE6Q
i/3NrqNwor0ViOC2TkNIpe/O/6IyA6pyQwv3ZgzAI2bOYBQS9l0b1m/UwlKhAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUaRNVaS7jRKjJZqfYAGGhCaAB+KAwHwYDVR0j
BBgwFoAUatlWNraz4NX5DuQfPD1tUfj8BuwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9l
ODczNDlmYi00NjVlLTRlOGItYTk3NC05MGU5MzliY2IwZmIvMC82QUQ5NTYzNkI2
QjNFMEQ1RjkwRUU0MUYzQzNENkQ1MUY4RkMwNkVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNkFEOTU2MzZCNkIzRTBENUY5MEVFNDFGM0MzRDZENTFGOEZD
MDZFQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2U4NzM0OWZiLTQ2NWUtNGU4Yi1h
OTc0LTkwZTkzOWJjYjBmYi8wLzMxMzEzNjJlMzYzNjJlMzIzMDM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM3MzMzNDM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAdELNMA0GCSqG
SIb3DQEBCwUAA4IBAQCXtcOJ/Osjr/r3kyibZPWRJAwD9WdJYC8Gp9fV4oUsbU06
wE0/rjlg5jxid+pTd3XY6+Q0ObzXrgi/0ohPCBccqJ3oV+jdv7YXZqnfSqv9qOr7
TDTFezxGj35tRS+yJshrWVxPsSAGoIGtsS6CDE3KPQQXt2no5Fy3CQMgM0d4TpMr
tJ0PETFa2LG1spX+oiAfuzP0SIZZQtkljbuCQb4ux346WbACd+JUHcq3a3uKWekA
spMtOe76Py9xE/yyV08sBKcusBQn+KARJbhwIzgKcpXzwLWWlX0uCJasbZLSLB7i
QEMTRQXg5gsGiX8Fb5bArP1GQ9WYj8BWkhvlwN2c
-----END CERTIFICATE-----
Generated at Sun Nov 24 00:14:31 2024 by rpki-client on console-ams.rpki-client.org