Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/3130332e3134302e3138392e302f32342d3234203d3e20313338383831.roa
File:                     3130332e3134302e3138392e302f32342d3234203d3e20313338383831.roa (raw, json)
Hash identifier:          HNdjq/16Cg7RnF2QvlrZEOzSfemi6JKWooVM4wdQ/uY=
Subject key identifier:   3D:8C:C6:FF:11:C3:7F:0F:09:3F:80:4C:10:08:AD:23:48:DF:C4:44
Certificate issuer:       /CN=02AC8DC3B003059A7040EDCFC881D9C93B064C18
Certificate serial:       4FE0DED321213F46BC6634571DE6A86674A7F711
Authority key identifier: 02:AC:8D:C3:B0:03:05:9A:70:40:ED:CF:C8:81:D9:C9:3B:06:4C:18
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/02AC8DC3B003059A7040EDCFC881D9C93B064C18.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/3130332e3134302e3138392e302f32342d3234203d3e20313338383831.roa
Signing time:             Sun 06 Aug 2023 05:00:01 +0000
ROA not before:           Sun 06 Aug 2023 04:55:01 +0000
ROA not after:            Sun 04 Aug 2024 05:00:01 +0000
asID:                     138881
IP address blocks:        103.140.189.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/02AC8DC3B003059A7040EDCFC881D9C93B064C18.crl
                          rsync://repo-rpki.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/02AC8DC3B003059A7040EDCFC881D9C93B064C18.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/02AC8DC3B003059A7040EDCFC881D9C93B064C18.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:e0:de:d3:21:21:3f:46:bc:66:34:57:1d:e6:a8:66:74:a7:f7:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02AC8DC3B003059A7040EDCFC881D9C93B064C18
        Validity
            Not Before: Aug  6 04:55:01 2023 GMT
            Not After : Aug  4 05:00:01 2024 GMT
        Subject: CN=3D8CC6FF11C37F0F093F804C1008AD2348DFC444
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:56:49:37:56:46:64:0f:e3:63:8d:b8:00:f3:
                    fd:0a:34:db:c2:d7:7d:a4:f6:a6:36:e9:9b:25:fe:
                    9c:f7:ff:fc:7f:1c:44:89:00:c6:28:92:e3:6a:46:
                    97:c4:c6:77:59:09:eb:1f:bd:fc:51:93:0a:ef:4c:
                    14:02:ad:17:f1:0c:e5:9b:42:be:30:b2:e3:9e:81:
                    00:c0:47:3b:6e:e8:3b:4d:da:bf:d0:f9:63:a0:3b:
                    7a:ba:98:5b:fc:69:98:1f:fc:52:92:00:c0:67:f2:
                    09:1d:da:e8:81:49:1f:bd:41:2f:dc:b6:16:df:bd:
                    00:9d:23:92:e8:6f:8e:b3:c0:b5:e5:74:ee:6a:61:
                    f3:df:12:68:33:5f:7e:f7:a3:db:e3:c9:d2:ae:53:
                    36:b5:fd:b2:77:e0:60:6c:a5:fb:1f:3c:fb:c2:41:
                    7d:9a:07:ed:9f:76:62:7a:27:d8:fd:b8:05:89:61:
                    63:50:ac:81:fa:70:46:2f:f3:3c:91:9f:7c:3c:b8:
                    4e:01:4d:16:bc:18:c7:e0:8b:33:27:d6:96:74:72:
                    5a:63:c6:48:80:d1:75:55:27:f3:cc:36:1e:61:6d:
                    e5:a5:1f:c8:73:52:89:6e:7e:4e:8b:ef:32:87:3b:
                    44:9d:49:ff:60:f1:99:de:49:f2:34:d8:67:c1:78:
                    3b:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:8C:C6:FF:11:C3:7F:0F:09:3F:80:4C:10:08:AD:23:48:DF:C4:44
            X509v3 Authority Key Identifier:
                keyid:02:AC:8D:C3:B0:03:05:9A:70:40:ED:CF:C8:81:D9:C9:3B:06:4C:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/02AC8DC3B003059A7040EDCFC881D9C93B064C18.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/02AC8DC3B003059A7040EDCFC881D9C93B064C18.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/02cb0b3a-692d-442e-9308-903c02d5718f/0/3130332e3134302e3138392e302f32342d3234203d3e20313338383831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.140.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9a:e8:06:3d:b1:1a:62:67:56:2f:97:c5:c3:b8:7a:fb:2f:53:
         3e:7f:b3:35:e5:5f:43:98:f9:59:cf:b5:6a:ef:17:4b:70:80:
         7e:a2:7d:69:2f:bd:8f:68:3c:de:32:2b:3e:ed:c1:a4:d3:5a:
         7a:d3:6c:e2:c5:f8:e3:46:50:18:60:19:ef:c0:6a:33:cf:2a:
         66:2a:cb:7b:eb:8c:18:b3:29:c9:49:e0:90:6f:15:22:61:c3:
         bc:d5:8c:a1:56:e4:53:1d:76:18:c7:01:5f:8c:3e:ce:18:93:
         a9:a4:ad:7e:de:da:e7:88:64:7b:45:ce:92:9e:8d:e8:88:56:
         29:b2:ac:ce:9a:3e:64:ca:d9:71:1e:22:99:77:0c:26:18:32:
         c8:f5:5c:a4:5a:2a:9b:14:f7:e5:6a:4d:b6:16:3d:ec:ad:c0:
         9f:fc:52:1b:e1:c3:70:c8:cc:3c:9e:c6:b0:ce:98:ac:5f:33:
         2d:67:00:71:71:82:d9:63:7d:e0:b3:16:cf:5c:b2:2d:3f:71:
         7d:cb:5b:3f:97:54:b7:d5:c7:86:3e:ce:44:01:59:95:b1:88:
         b9:31:1a:31:6c:d2:e8:1d:cd:11:a8:3a:9f:67:f3:a4:56:26:
         a7:e2:8e:01:58:5d:cc:64:b4:fb:1d:21:48:10:c5:9b:1e:f1:
         2f:61:b3:12
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUT+De0yEhP0a8ZjRXHeaoZnSn9xEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJBQzhEQzNCMDAzMDU5QTcwNDBFRENGQzg4MUQ5Qzkz
QjA2NEMxODAeFw0yMzA4MDYwNDU1MDFaFw0yNDA4MDQwNTAwMDFaMDMxMTAvBgNV
BAMTKDNEOENDNkZGMTFDMzdGMEYwOTNGODA0QzEwMDhBRDIzNDhERkM0NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvVkk3VkZkD+NjjbgA8/0KNNvC
132k9qY26Zsl/pz3//x/HESJAMYokuNqRpfExndZCesfvfxRkwrvTBQCrRfxDOWb
Qr4wsuOegQDARztu6DtN2r/Q+WOgO3q6mFv8aZgf/FKSAMBn8gkd2uiBSR+9QS/c
thbfvQCdI5Lob46zwLXldO5qYfPfEmgzX373o9vjydKuUza1/bJ34GBspfsfPPvC
QX2aB+2fdmJ6J9j9uAWJYWNQrIH6cEYv8zyRn3w8uE4BTRa8GMfgizMn1pZ0clpj
xkiA0XVVJ/PMNh5hbeWlH8hzUolufk6L7zKHO0SdSf9g8ZneSfI02GfBeDsbAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUPYzG/xHDfw8JP4BMEAitI0jfxEQwHwYDVR0j
BBgwFoAUAqyNw7ADBZpwQO3PyIHZyTsGTBgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
MmNiMGIzYS02OTJkLTQ0MmUtOTMwOC05MDNjMDJkNTcxOGYvMC8wMkFDOERDM0Iw
MDMwNTlBNzA0MEVEQ0ZDODgxRDlDOTNCMDY0QzE4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDJBQzhEQzNCMDAzMDU5QTcwNDBFRENGQzg4MUQ5QzkzQjA2
NEMxOC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAyY2IwYjNhLTY5MmQtNDQyZS05
MzA4LTkwM2MwMmQ1NzE4Zi8wLzMxMzAzMzJlMzEzNDMwMmUzMTM4MzkyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzODM4MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnjL0wDQYJ
KoZIhvcNAQELBQADggEBAJroBj2xGmJnVi+XxcO4evsvUz5/szXlX0OY+VnPtWrv
F0twgH6ifWkvvY9oPN4yKz7twaTTWnrTbOLF+ONGUBhgGe/AajPPKmYqy3vrjBiz
KclJ4JBvFSJhw7zVjKFW5FMddhjHAV+MPs4Yk6mkrX7e2ueIZHtFzpKejeiIVimy
rM6aPmTK2XEeIpl3DCYYMsj1XKRaKpsU9+VqTbYWPeytwJ/8Uhvhw3DIzDyexrDO
mKxfMy1nAHFxgtljfeCzFs9csi0/cX3LWz+XVLfVx4Y+zkQBWZWxiLkxGjFs0ugd
zRGoOp9n86RWJqfijgFYXcxktPsdIUgQxZse8S9hsxI=
-----END CERTIFICATE-----
Generated at Wed Mar 27 02:25:55 2024 by rpki-client on console-fra.rpki-client.org