Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/083977f4-8c2d-4eb1-b4cd-35b49216e073/0/3130332e3139382e3132332e302f32342d3234203d3e203436303535.roa
File:                     3130332e3139382e3132332e302f32342d3234203d3e203436303535.roa (raw, json)
Hash identifier:          +GUpqStmXvft/9tc5yEANBi0o2R0VfdV+S7r/yPGbpA=
Subject key identifier:   BD:F2:78:49:23:23:F4:2C:94:71:C8:9F:BF:1A:06:2C:81:09:B4:96
Certificate issuer:       /CN=FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91
Certificate serial:       107E7B8F9DC048D90772565A513F9FD63F7F6F1C
Authority key identifier: FB:D3:B2:8C:90:75:52:9D:EE:81:51:C4:E4:4B:0C:BC:13:FF:DA:91
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/083977f4-8c2d-4eb1-b4cd-35b49216e073/0/3130332e3139382e3132332e302f32342d3234203d3e203436303535.roa
Signing time:             Wed 09 Aug 2023 09:00:58 +0000
ROA not before:           Wed 09 Aug 2023 08:55:58 +0000
ROA not after:            Wed 07 Aug 2024 09:00:58 +0000
asID:                     46055
IP address blocks:        103.198.123.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/083977f4-8c2d-4eb1-b4cd-35b49216e073/0/FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91.crl
                          rsync://repo-rpki.idnic.net/repo/083977f4-8c2d-4eb1-b4cd-35b49216e073/0/FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:7e:7b:8f:9d:c0:48:d9:07:72:56:5a:51:3f:9f:d6:3f:7f:6f:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91
        Validity
            Not Before: Aug  9 08:55:58 2023 GMT
            Not After : Aug  7 09:00:58 2024 GMT
        Subject: CN=BDF278492323F42C9471C89FBF1A062C8109B496
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:ef:04:7d:fa:81:eb:e8:df:da:69:cd:0f:d5:
                    32:72:98:44:d4:70:1c:18:42:29:f8:82:fc:ff:78:
                    0a:c8:95:e7:8f:a2:c3:95:7e:93:ac:c8:39:1d:a6:
                    4f:c1:94:c1:43:d6:3e:10:22:8c:16:73:1c:a4:74:
                    74:8f:e3:00:8e:00:cf:ea:fe:7f:03:44:ef:f7:27:
                    e4:25:96:ae:2c:cc:b5:0f:48:bc:3f:c5:bb:5f:74:
                    1f:5d:05:22:f0:c2:f3:9c:11:04:99:41:16:5c:e3:
                    58:36:e7:d9:70:81:55:0b:c1:25:c8:0a:35:cf:c7:
                    02:1e:09:91:6a:34:23:85:6a:c4:b4:1f:7b:36:d8:
                    f4:8b:39:50:8d:93:3a:e0:1e:ce:57:5f:46:c2:82:
                    c8:a7:c9:b7:ed:e6:0e:38:14:08:b2:f2:6e:37:a9:
                    a3:88:87:3f:55:14:0f:bd:53:66:fa:9a:97:60:5d:
                    21:f3:fc:d6:0a:64:d1:ca:7c:20:d2:e5:77:ed:46:
                    b9:f3:5b:1f:f1:e6:52:92:af:7b:73:4c:de:72:f9:
                    4a:74:fe:aa:06:46:78:3f:a4:d0:05:20:a9:4a:5e:
                    c8:8f:e9:fd:f0:72:05:ce:22:4e:a7:2a:bf:b0:89:
                    23:cd:1e:64:66:66:0f:16:22:fc:c4:a5:1d:38:a4:
                    a9:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:F2:78:49:23:23:F4:2C:94:71:C8:9F:BF:1A:06:2C:81:09:B4:96
            X509v3 Authority Key Identifier:
                keyid:FB:D3:B2:8C:90:75:52:9D:EE:81:51:C4:E4:4B:0C:BC:13:FF:DA:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/083977f4-8c2d-4eb1-b4cd-35b49216e073/0/FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FBD3B28C9075529DEE8151C4E44B0CBC13FFDA91.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/083977f4-8c2d-4eb1-b4cd-35b49216e073/0/3130332e3139382e3132332e302f32342d3234203d3e203436303535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.198.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b7:4c:b1:54:d6:34:88:d0:12:ae:88:48:b8:fd:fd:ac:0a:1e:
         2a:26:ad:c4:c5:ce:32:17:03:5e:76:d0:d9:5b:72:a0:00:60:
         47:76:3b:df:1a:7d:9f:56:ce:df:50:f4:36:bb:ce:0e:03:6b:
         e8:67:3f:b8:87:df:b3:c2:52:a4:63:af:1f:a2:a9:3a:97:48:
         fe:39:56:21:f2:cd:a6:55:ab:b6:d7:ae:9b:d2:d3:90:35:45:
         1f:b7:65:62:b2:a3:66:bf:a1:d4:d4:8c:08:84:bb:69:f6:b5:
         2d:31:bd:46:6c:04:8c:f8:05:33:c6:99:60:80:d2:4f:4a:63:
         e9:8e:91:bf:2c:ee:ff:8f:d0:e1:3c:3c:f8:6b:f6:8f:26:e0:
         11:83:c3:b0:a5:7d:af:df:1b:e9:d3:01:7d:30:28:cd:70:cb:
         f6:90:08:62:7e:8f:6d:0d:2b:12:04:c6:de:a1:93:3f:fd:97:
         5b:6d:ea:f9:eb:e3:81:c3:b0:94:48:1c:31:bf:af:8f:d5:62:
         bf:78:9d:e7:92:41:90:f9:af:5e:48:2e:51:89:67:a1:54:3c:
         7e:de:8b:ec:81:0a:da:a6:13:a6:f1:62:68:1c:f3:67:20:2e:
         32:34:27:f2:5e:a9:15:73:c1:19:76:ca:b8:ea:39:22:46:84:
         84:18:13:da
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUEH57j53ASNkHclZaUT+f1j9/bxwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkJEM0IyOEM5MDc1NTI5REVFODE1MUM0RTQ0QjBDQkMx
M0ZGREE5MTAeFw0yMzA4MDkwODU1NThaFw0yNDA4MDcwOTAwNThaMDMxMTAvBgNV
BAMTKEJERjI3ODQ5MjMyM0Y0MkM5NDcxQzg5RkJGMUEwNjJDODEwOUI0OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ7wR9+oHr6N/aac0P1TJymETU
cBwYQin4gvz/eArIleePosOVfpOsyDkdpk/BlMFD1j4QIowWcxykdHSP4wCOAM/q
/n8DRO/3J+Qllq4szLUPSLw/xbtfdB9dBSLwwvOcEQSZQRZc41g259lwgVULwSXI
CjXPxwIeCZFqNCOFasS0H3s22PSLOVCNkzrgHs5XX0bCgsinybft5g44FAiy8m43
qaOIhz9VFA+9U2b6mpdgXSHz/NYKZNHKfCDS5XftRrnzWx/x5lKSr3tzTN5y+Up0
/qoGRng/pNAFIKlKXsiP6f3wcgXOIk6nKr+wiSPNHmRmZg8WIvzEpR04pKk1AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUvfJ4SSMj9CyUccifvxoGLIEJtJYwHwYDVR0j
BBgwFoAU+9OyjJB1Up3ugVHE5EsMvBP/2pEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
ODM5NzdmNC04YzJkLTRlYjEtYjRjZC0zNWI0OTIxNmUwNzMvMC9GQkQzQjI4Qzkw
NzU1MjlERUU4MTUxQzRFNDRCMENCQzEzRkZEQTkxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkJEM0IyOEM5MDc1NTI5REVFODE1MUM0RTQ0QjBDQkMxM0ZG
REE5MS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA4Mzk3N2Y0LThjMmQtNGViMS1i
NGNkLTM1YjQ5MjE2ZTA3My8wLzMxMzAzMzJlMzEzOTM4MmUzMTMyMzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNDM2MzAzNTM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ8Z7MA0GCSqG
SIb3DQEBCwUAA4IBAQC3TLFU1jSI0BKuiEi4/f2sCh4qJq3Exc4yFwNedtDZW3Kg
AGBHdjvfGn2fVs7fUPQ2u84OA2voZz+4h9+zwlKkY68foqk6l0j+OVYh8s2mVau2
166b0tOQNUUft2VisqNmv6HU1IwIhLtp9rUtMb1GbASM+AUzxplggNJPSmPpjpG/
LO7/j9DhPDz4a/aPJuARg8OwpX2v3xvp0wF9MCjNcMv2kAhifo9tDSsSBMbeoZM/
/Zdbber56+OBw7CUSBwxv6+P1WK/eJ3nkkGQ+a9eSC5RiWehVDx+3ovsgQraphOm
8WJoHPNnIC4yNCfyXqkVc8EZdsq46jkiRoSEGBPa
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:41:57 2024 by rpki-client on console-fra.rpki-client.org