Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/018c6831-8f40-4a20-813e-878558e80c26/0/3130332e3132362e382e302f32322d3234203d3e20313338313036.roa
File:                     3130332e3132362e382e302f32322d3234203d3e20313338313036.roa (raw, json)
Hash identifier:          IRT5EBbtYuUJGEcl5xullorMGlIcXV9tdF8K9cnLq08=
Subject key identifier:   7A:53:6F:D0:35:E0:87:B3:72:05:F1:51:E5:FE:A8:31:4D:22:F3:4F
Certificate issuer:       /CN=25FB03D0A2C3547C3A38ACAE2A752BB15A245E15
Certificate serial:       0EAB126BB38B30595A28B0C1E543920C272F4704
Authority key identifier: 25:FB:03:D0:A2:C3:54:7C:3A:38:AC:AE:2A:75:2B:B1:5A:24:5E:15
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25FB03D0A2C3547C3A38ACAE2A752BB15A245E15.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/018c6831-8f40-4a20-813e-878558e80c26/0/3130332e3132362e382e302f32322d3234203d3e20313338313036.roa
Signing time:             Mon 31 Jul 2023 00:14:26 +0000
ROA not before:           Mon 31 Jul 2023 00:09:26 +0000
ROA not after:            Mon 29 Jul 2024 00:14:26 +0000
asID:                     138106
IP address blocks:        103.126.8.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/018c6831-8f40-4a20-813e-878558e80c26/0/25FB03D0A2C3547C3A38ACAE2A752BB15A245E15.crl
                          rsync://repo-rpki.idnic.net/repo/018c6831-8f40-4a20-813e-878558e80c26/0/25FB03D0A2C3547C3A38ACAE2A752BB15A245E15.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25FB03D0A2C3547C3A38ACAE2A752BB15A245E15.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 03:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:ab:12:6b:b3:8b:30:59:5a:28:b0:c1:e5:43:92:0c:27:2f:47:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=25FB03D0A2C3547C3A38ACAE2A752BB15A245E15
        Validity
            Not Before: Jul 31 00:09:26 2023 GMT
            Not After : Jul 29 00:14:26 2024 GMT
        Subject: CN=7A536FD035E087B37205F151E5FEA8314D22F34F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:b3:4d:f3:7e:e4:2b:d3:b5:30:f9:0d:82:3c:
                    0d:d5:a0:7f:8d:5a:0d:96:6c:de:2a:b0:97:26:eb:
                    d8:0c:e1:34:68:64:ea:49:a3:c7:58:8b:3b:49:f4:
                    6a:d9:b2:4f:2a:86:b4:a6:b4:21:05:88:30:12:70:
                    99:33:cb:69:95:d7:e3:40:d6:3f:c4:b8:69:35:22:
                    2b:aa:0e:3f:3a:0b:24:fa:9f:69:2b:36:c7:7d:57:
                    aa:7f:b2:de:28:d8:ec:8d:32:50:20:cc:dd:4e:67:
                    ee:8d:02:c5:f7:bc:44:fd:31:2c:3d:27:07:6f:59:
                    f2:dc:e3:08:26:67:78:04:58:97:d1:8c:a5:b6:5e:
                    c5:e4:28:6c:41:02:35:12:25:cd:ef:5c:65:8f:a4:
                    61:65:ae:9f:68:1d:30:f6:8e:7f:7c:dd:4a:72:ae:
                    63:00:89:a8:36:4a:7d:97:ec:6e:60:25:37:c5:d0:
                    d1:79:c1:a1:30:fd:64:8f:3d:36:d9:ac:2f:b2:3f:
                    8a:84:f0:f4:23:d2:45:34:7b:fd:42:dc:52:80:2f:
                    65:a6:f6:24:0d:f1:87:a6:e3:4d:e8:09:14:ea:90:
                    2f:df:51:9b:4c:d1:c5:23:30:f5:b9:85:99:6a:e6:
                    70:a4:c3:70:46:73:aa:3f:71:46:dc:b4:c5:fe:85:
                    4a:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:53:6F:D0:35:E0:87:B3:72:05:F1:51:E5:FE:A8:31:4D:22:F3:4F
            X509v3 Authority Key Identifier:
                keyid:25:FB:03:D0:A2:C3:54:7C:3A:38:AC:AE:2A:75:2B:B1:5A:24:5E:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/018c6831-8f40-4a20-813e-878558e80c26/0/25FB03D0A2C3547C3A38ACAE2A752BB15A245E15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/25FB03D0A2C3547C3A38ACAE2A752BB15A245E15.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/018c6831-8f40-4a20-813e-878558e80c26/0/3130332e3132362e382e302f32322d3234203d3e20313338313036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.126.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:07:47:49:0d:54:47:8f:04:3c:13:22:96:52:a4:8f:e4:0a:
         9a:28:15:61:74:ee:70:24:0d:6a:e8:ca:9a:75:32:5c:2c:b1:
         41:85:af:8c:e4:3c:2c:f5:31:69:cc:51:73:01:66:ae:d0:0a:
         ed:9a:bb:96:1d:4b:e4:f0:49:65:92:13:db:4d:21:e8:0d:13:
         68:47:10:f7:42:5e:0b:05:d3:d3:8f:b1:be:ec:85:85:ef:0e:
         54:99:49:6a:9f:c1:45:51:50:41:aa:11:2c:2d:4b:03:29:7b:
         4f:4d:72:57:26:97:87:a1:bf:d4:2a:5b:2e:4a:34:e5:de:8c:
         1d:1f:86:50:0f:5d:8f:b0:f4:65:04:82:a1:79:34:b6:83:75:
         3b:24:57:d9:40:a0:0d:cf:fa:a3:ae:9f:96:15:65:a7:c7:e2:
         3a:28:1d:a5:68:f3:e7:d6:95:38:05:a3:b1:47:93:e4:23:c5:
         03:aa:02:8e:12:1a:f4:f1:37:ec:78:9d:38:b6:91:a8:08:7c:
         f7:ee:c0:40:4e:e1:56:fd:ec:75:10:11:da:26:56:e4:8e:6d:
         28:a6:3d:7d:2e:0f:98:e0:65:20:8b:ef:80:ff:59:61:b4:e5:
         00:df:35:7a:08:5d:80:c3:5d:55:68:3a:e5:7e:aa:c9:3d:1d:
         27:2a:6c:1b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUDqsSa7OLMFlaKLDB5UOSDCcvRwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjVGQjAzRDBBMkMzNTQ3QzNBMzhBQ0FFMkE3NTJCQjE1
QTI0NUUxNTAeFw0yMzA3MzEwMDA5MjZaFw0yNDA3MjkwMDE0MjZaMDMxMTAvBgNV
BAMTKDdBNTM2RkQwMzVFMDg3QjM3MjA1RjE1MUU1RkVBODMxNEQyMkYzNEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDts03zfuQr07Uw+Q2CPA3VoH+N
Wg2WbN4qsJcm69gM4TRoZOpJo8dYiztJ9GrZsk8qhrSmtCEFiDAScJkzy2mV1+NA
1j/EuGk1IiuqDj86CyT6n2krNsd9V6p/st4o2OyNMlAgzN1OZ+6NAsX3vET9MSw9
JwdvWfLc4wgmZ3gEWJfRjKW2XsXkKGxBAjUSJc3vXGWPpGFlrp9oHTD2jn983Upy
rmMAiag2Sn2X7G5gJTfF0NF5waEw/WSPPTbZrC+yP4qE8PQj0kU0e/1C3FKAL2Wm
9iQN8Yem403oCRTqkC/fUZtM0cUjMPW5hZlq5nCkw3BGc6o/cUbctMX+hUrlAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUelNv0DXgh7NyBfFR5f6oMU0i808wHwYDVR0j
BBgwFoAUJfsD0KLDVHw6OKyuKnUrsVokXhUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
MThjNjgzMS04ZjQwLTRhMjAtODEzZS04Nzg1NThlODBjMjYvMC8yNUZCMDNEMEEy
QzM1NDdDM0EzOEFDQUUyQTc1MkJCMTVBMjQ1RTE1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjVGQjAzRDBBMkMzNTQ3QzNBMzhBQ0FFMkE3NTJCQjE1QTI0
NUUxNS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAxOGM2ODMxLThmNDAtNGEyMC04
MTNlLTg3ODU1OGU4MGMyNi8wLzMxMzAzMzJlMzEzMjM2MmUzODJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDMxMzMzODMxMzAzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmd+CDANBgkqhkiG
9w0BAQsFAAOCAQEAMQdHSQ1UR48EPBMillKkj+QKmigVYXTucCQNaujKmnUyXCyx
QYWvjOQ8LPUxacxRcwFmrtAK7Zq7lh1L5PBJZZIT200h6A0TaEcQ90JeCwXT04+x
vuyFhe8OVJlJap/BRVFQQaoRLC1LAyl7T01yVyaXh6G/1CpbLko05d6MHR+GUA9d
j7D0ZQSCoXk0toN1OyRX2UCgDc/6o66flhVlp8fiOigdpWjz59aVOAWjsUeT5CPF
A6oCjhIa9PE37HidOLaRqAh89+7AQE7hVv3sdRAR2iZW5I5tKKY9fS4PmOBlIIvv
gP9ZYbTlAN81eghdgMNdVWg65X6qyT0dJypsGw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 06:01:00 2024 by rpki-client on console-fra.rpki-client.org