Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137362e302f32342d3234203d3e203633383539.roa
File:                     3135382e3134302e3137362e302f32342d3234203d3e203633383539.roa (raw, json)
Hash identifier:          4UOzwPCCuhunnR2QcaEH9I+Tci8JPBiM+UmeE3Ft+2k=
Subject key identifier:   C5:EF:95:7A:DF:DF:E0:2A:DE:84:50:DB:0E:F2:C3:74:61:30:45:2C
Certificate issuer:       /CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF
Certificate serial:       4212B8651C9CB7564FDF22C4E462FEA2B8C57A90
Authority key identifier: 7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137362e302f32342d3234203d3e203633383539.roa
Signing time:             Sun 13 Jul 2025 11:00:02 +0000
ROA not before:           Sun 13 Jul 2025 10:55:02 +0000
ROA not after:            Sun 12 Jul 2026 11:00:02 +0000
asID:                     63859
IP address blocks:        158.140.176.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl
                          rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/60F8BE9C16625C424B269EE06C64A83BAB8506D4.mft
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YPi-nBZiXEJLJp7gbGSoO6uFBtQ.cer
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl
                          rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 10 Aug 2025 11:19:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:12:b8:65:1c:9c:b7:56:4f:df:22:c4:e4:62:fe:a2:b8:c5:7a:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7D0C886CFBAF0624029CCAE57824C3CF470E8FCF
        Validity
            Not Before: Jul 13 10:55:02 2025 GMT
            Not After : Jul 12 11:00:02 2026 GMT
        Subject: CN=C5EF957ADFDFE02ADE8450DB0EF2C3746130452C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:61:56:c8:5f:4f:b7:23:13:9f:29:18:a3:11:
                    bd:9b:65:09:0f:34:50:33:f3:60:15:7e:a0:ef:f1:
                    5f:9b:6e:0f:83:e8:fa:49:99:55:b4:13:04:93:e1:
                    ca:40:4b:6f:e7:49:33:4b:62:8a:cb:fa:7a:53:f5:
                    ab:fc:6f:ab:b9:2b:79:38:2c:d6:7f:02:98:01:6f:
                    63:49:16:c0:3d:e7:bf:b7:d7:c3:82:4b:f2:6b:32:
                    cf:7d:ee:d0:f7:4b:a7:09:0c:39:36:ed:e4:18:b0:
                    cf:c1:83:8a:bd:29:8e:51:d3:c5:eb:40:fb:23:cf:
                    43:c1:b6:f8:e2:4c:0c:c9:94:67:5e:23:75:5b:42:
                    fa:45:fd:55:e4:1e:9b:9f:aa:3e:bd:d2:fa:fc:03:
                    26:d3:dc:47:d3:33:eb:65:b1:f3:c8:4e:9a:56:08:
                    48:33:bf:05:8b:5c:15:84:8c:ab:1c:23:aa:f8:51:
                    8c:8a:78:22:8c:93:8b:d7:fd:4f:8e:c6:0a:5b:8d:
                    49:6e:cc:68:06:5c:c3:7d:12:2c:7d:f1:52:09:3d:
                    d7:3c:98:a5:06:ba:c3:2b:05:1d:fb:05:6b:70:1e:
                    c3:f4:d8:48:55:34:02:9a:f9:f1:86:8a:31:51:ad:
                    d2:ab:12:f2:9d:60:aa:bb:d3:61:cf:9b:62:de:3d:
                    36:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:EF:95:7A:DF:DF:E0:2A:DE:84:50:DB:0E:F2:C3:74:61:30:45:2C
            X509v3 Authority Key Identifier:
                keyid:7D:0C:88:6C:FB:AF:06:24:02:9C:CA:E5:78:24:C3:CF:47:0E:8F:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/1/7D0C886CFBAF0624029CCAE57824C3CF470E8FCF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3bbb2734-e5fa-40eb-8598-b7cd101343ca/1/3135382e3134302e3137362e302f32342d3234203d3e203633383539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  158.140.176.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:71:af:d5:a4:74:e9:6c:38:ff:35:8e:51:2d:c7:85:bc:16:
         65:72:93:63:14:4c:e4:7a:e7:b1:48:e3:be:b9:3f:c9:05:5c:
         d8:1f:28:86:36:56:e7:dd:d3:e1:94:ac:55:b3:b3:b0:bc:6c:
         a8:10:c2:91:1a:9e:af:81:0e:55:a1:5b:8c:41:ee:9d:53:6f:
         95:31:a7:04:b4:80:8a:be:27:86:b9:3b:45:03:a5:64:38:5a:
         35:63:56:1f:42:30:c5:88:73:85:1b:b3:47:b9:62:d3:0e:68:
         fb:63:fd:c4:67:a6:8a:7c:68:f4:6a:d3:9e:62:32:41:6a:31:
         89:6c:43:3f:50:b8:4d:f3:5d:03:ca:1d:aa:65:9a:89:83:eb:
         e3:c5:30:fd:44:84:22:44:ec:a3:9c:c3:04:ad:88:c1:f0:e3:
         60:82:d7:e2:61:cc:f0:d2:51:ee:ca:df:fb:88:c9:ec:e5:a7:
         26:3f:34:d0:d3:5b:de:5d:cd:d2:2e:52:3c:56:45:f5:a4:6b:
         5c:8e:b5:8a:fd:45:ab:33:e1:f8:35:80:fd:36:e1:15:8a:c1:
         4a:ee:a8:e1:e2:01:36:01:3d:2b:45:03:f5:c5:01:7f:3f:73:
         48:e3:c6:6b:43:0d:bf:29:4d:54:8f:61:2e:32:08:3c:89:18:
         fc:95:e5:25
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUQhK4ZRyct1ZP3yLE5GL+orjFepAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0
NzBFOEZDRjAeFw0yNTA3MTMxMDU1MDJaFw0yNjA3MTIxMTAwMDJaMDMxMTAvBgNV
BAMTKEM1RUY5NTdBREZERkUwMkFERTg0NTBEQjBFRjJDMzc0NjEzMDQ1MkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfYVbIX0+3IxOfKRijEb2bZQkP
NFAz82AVfqDv8V+bbg+D6PpJmVW0EwST4cpAS2/nSTNLYorL+npT9av8b6u5K3k4
LNZ/ApgBb2NJFsA957+318OCS/JrMs997tD3S6cJDDk27eQYsM/Bg4q9KY5R08Xr
QPsjz0PBtvjiTAzJlGdeI3VbQvpF/VXkHpufqj690vr8AybT3EfTM+tlsfPITppW
CEgzvwWLXBWEjKscI6r4UYyKeCKMk4vX/U+OxgpbjUluzGgGXMN9Eix98VIJPdc8
mKUGusMrBR37BWtwHsP02EhVNAKa+fGGijFRrdKrEvKdYKq702HPm2LePTaJAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUxe+Vet/f4CrehFDbDvLDdGEwRSwwHwYDVR0j
BBgwFoAUfQyIbPuvBiQCnMrleCTDz0cOj88wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
YmJiMjczNC1lNWZhLTQwZWItODU5OC1iN2NkMTAxMzQzY2EvMS83RDBDODg2Q0ZC
QUYwNjI0MDI5Q0NBRTU3ODI0QzNDRjQ3MEU4RkNGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzEvN0QwQzg4NkNGQkFGMDYyNDAyOUNDQUU1NzgyNEMzQ0Y0NzBF
OEZDRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNiYmIyNzM0LWU1ZmEtNDBlYi04
NTk4LWI3Y2QxMDEzNDNjYS8xLzMxMzUzODJlMzEzNDMwMmUzMTM3MzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNjMzMzgzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnoywMA0GCSqG
SIb3DQEBCwUAA4IBAQAUca/VpHTpbDj/NY5RLceFvBZlcpNjFEzkeuexSOO+uT/J
BVzYHyiGNlbn3dPhlKxVs7OwvGyoEMKRGp6vgQ5VoVuMQe6dU2+VMacEtICKvieG
uTtFA6VkOFo1Y1YfQjDFiHOFG7NHuWLTDmj7Y/3EZ6aKfGj0atOeYjJBajGJbEM/
ULhN810Dyh2qZZqJg+vjxTD9RIQiROyjnMMErYjB8ONggtfiYczw0lHuyt/7iMns
5acmPzTQ01veXc3SLlI8VkX1pGtcjrWK/UWrM+H4NYD9NuEVisFK7qjh4gE2AT0r
RQP1xQF/P3NI48ZrQw2/KU1Uj2EuMgg8iRj8leUl
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:58:33 2025 by rpki-client