Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/15bf718d-911e-43d6-8e3c-0d1b3646e276/0/3130332e3134342e3235302e302f32332d3234203d3e20313339343335.roa
File:                     3130332e3134342e3235302e302f32332d3234203d3e20313339343335.roa (raw, json)
Hash identifier:          OS/xtc2KtFaB8Ju+kLlDpMIIyFbY3YcHrZLehb9wlek=
Subject key identifier:   11:A8:03:B9:45:63:02:C1:A7:D3:69:89:C2:A6:45:2D:34:F3:07:3F
Certificate issuer:       /CN=94EDA4B2360B47DC65386E3E7EBAE35B997F2A42
Certificate serial:       69696BB9CBE3BFF8DF289582D43B15C42771421D
Authority key identifier: 94:ED:A4:B2:36:0B:47:DC:65:38:6E:3E:7E:BA:E3:5B:99:7F:2A:42
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/94EDA4B2360B47DC65386E3E7EBAE35B997F2A42.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/15bf718d-911e-43d6-8e3c-0d1b3646e276/0/3130332e3134342e3235302e302f32332d3234203d3e20313339343335.roa
Signing time:             Mon 31 Jul 2023 00:07:36 +0000
ROA not before:           Mon 31 Jul 2023 00:02:36 +0000
ROA not after:            Mon 29 Jul 2024 00:07:36 +0000
asID:                     139435
IP address blocks:        103.144.250.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/15bf718d-911e-43d6-8e3c-0d1b3646e276/0/94EDA4B2360B47DC65386E3E7EBAE35B997F2A42.crl
                          rsync://repo-rpki.idnic.net/repo/15bf718d-911e-43d6-8e3c-0d1b3646e276/0/94EDA4B2360B47DC65386E3E7EBAE35B997F2A42.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/94EDA4B2360B47DC65386E3E7EBAE35B997F2A42.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 18:13:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:69:6b:b9:cb:e3:bf:f8:df:28:95:82:d4:3b:15:c4:27:71:42:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=94EDA4B2360B47DC65386E3E7EBAE35B997F2A42
        Validity
            Not Before: Jul 31 00:02:36 2023 GMT
            Not After : Jul 29 00:07:36 2024 GMT
        Subject: CN=11A803B9456302C1A7D36989C2A6452D34F3073F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:77:39:52:33:bf:f3:4d:6b:4f:fe:ca:86:c4:
                    7c:87:f4:cb:79:ea:33:52:13:6f:56:f3:78:0c:a2:
                    06:ab:84:67:cf:8f:84:1f:e3:8d:e8:bc:ff:89:ba:
                    45:c4:2d:a2:ff:7e:74:dd:eb:b8:c0:99:45:a4:fa:
                    9c:b1:5e:bc:f1:aa:63:31:cb:9d:73:31:b7:46:7c:
                    e8:13:b8:17:7b:af:83:59:71:aa:79:d1:d7:89:e0:
                    ba:b3:ff:2c:14:73:99:2d:20:70:88:bb:fe:43:fa:
                    a1:3d:7b:ec:f3:c1:4e:8a:5c:1f:88:a6:88:0b:e6:
                    44:41:10:1e:34:91:7a:e1:4f:f8:ce:4d:83:c6:9e:
                    75:6d:a5:36:b2:16:0c:99:71:d2:08:d4:10:b9:48:
                    64:57:94:d8:53:69:d3:b9:0c:88:b0:fa:61:df:b2:
                    dd:63:3a:5a:49:cc:5f:5e:7c:c8:f3:70:1b:2f:fc:
                    eb:3d:29:34:7b:27:88:98:b7:af:97:9e:e3:2c:8d:
                    15:f1:08:35:63:11:71:72:93:e0:f2:3c:43:d2:51:
                    e4:ad:c6:48:61:41:7b:04:ed:91:66:2b:88:68:90:
                    94:7c:ef:d2:8f:92:7a:74:2d:96:00:76:39:0c:a9:
                    ac:e9:b6:27:cb:f4:8b:3e:93:81:76:6d:04:65:ab:
                    41:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:A8:03:B9:45:63:02:C1:A7:D3:69:89:C2:A6:45:2D:34:F3:07:3F
            X509v3 Authority Key Identifier:
                keyid:94:ED:A4:B2:36:0B:47:DC:65:38:6E:3E:7E:BA:E3:5B:99:7F:2A:42

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/15bf718d-911e-43d6-8e3c-0d1b3646e276/0/94EDA4B2360B47DC65386E3E7EBAE35B997F2A42.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/94EDA4B2360B47DC65386E3E7EBAE35B997F2A42.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/15bf718d-911e-43d6-8e3c-0d1b3646e276/0/3130332e3134342e3235302e302f32332d3234203d3e20313339343335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.144.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         57:5b:58:93:a7:d3:e0:21:16:86:78:91:46:8a:21:70:c1:5e:
         db:95:90:1e:f8:26:38:83:42:d5:f4:9f:4e:17:91:26:5d:dd:
         c3:fb:c7:68:ec:5c:b0:51:15:72:0a:6d:37:57:0a:4b:90:26:
         c1:87:b6:05:20:b5:5d:f2:b2:a7:94:67:e0:66:de:b8:83:09:
         a0:5a:e7:61:30:92:d3:c4:32:8a:d9:36:70:8f:37:6d:f0:3f:
         6d:62:60:45:88:49:19:88:7e:b7:3a:97:3e:2e:0e:80:d0:b8:
         68:7e:ea:c9:47:be:3a:0b:0c:29:1e:75:ae:58:40:1c:c8:75:
         99:da:30:3a:47:b8:2e:17:5d:8b:59:5e:77:87:d3:26:39:e3:
         d3:60:d6:ce:bc:7e:fc:f9:e8:35:66:d2:05:e3:53:30:f2:51:
         d7:47:3a:ad:df:4b:94:45:4f:68:88:c7:7f:e7:cb:69:7a:4b:
         84:18:b4:19:38:ad:52:a1:3b:7a:c4:93:1b:e3:a3:1d:c0:b7:
         56:54:31:7f:4c:07:37:2d:0f:e0:4e:13:cb:0c:d9:91:5d:2b:
         40:3e:e8:31:c5:07:eb:1a:d3:90:d1:88:51:13:13:fd:c0:65:
         2c:3b:7c:14:72:1a:bd:2a:74:fe:bf:b6:78:51:ea:a8:b2:f8:
         8f:9d:01:10
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUaWlrucvjv/jfKJWC1DsVxCdxQh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTRFREE0QjIzNjBCNDdEQzY1Mzg2RTNFN0VCQUUzNUI5
OTdGMkE0MjAeFw0yMzA3MzEwMDAyMzZaFw0yNDA3MjkwMDA3MzZaMDMxMTAvBgNV
BAMTKDExQTgwM0I5NDU2MzAyQzFBN0QzNjk4OUMyQTY0NTJEMzRGMzA3M0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrdzlSM7/zTWtP/sqGxHyH9Mt5
6jNSE29W83gMogarhGfPj4Qf443ovP+JukXELaL/fnTd67jAmUWk+pyxXrzxqmMx
y51zMbdGfOgTuBd7r4NZcap50deJ4Lqz/ywUc5ktIHCIu/5D+qE9e+zzwU6KXB+I
pogL5kRBEB40kXrhT/jOTYPGnnVtpTayFgyZcdII1BC5SGRXlNhTadO5DIiw+mHf
st1jOlpJzF9efMjzcBsv/Os9KTR7J4iYt6+XnuMsjRXxCDVjEXFyk+DyPEPSUeSt
xkhhQXsE7ZFmK4hokJR879KPknp0LZYAdjkMqazptifL9Is+k4F2bQRlq0F7AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUEagDuUVjAsGn02mJwqZFLTTzBz8wHwYDVR0j
BBgwFoAUlO2ksjYLR9xlOG4+frrjW5l/KkIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
NWJmNzE4ZC05MTFlLTQzZDYtOGUzYy0wZDFiMzY0NmUyNzYvMC85NEVEQTRCMjM2
MEI0N0RDNjUzODZFM0U3RUJBRTM1Qjk5N0YyQTQyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTRFREE0QjIzNjBCNDdEQzY1Mzg2RTNFN0VCQUUzNUI5OTdG
MkE0Mi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE1YmY3MThkLTkxMWUtNDNkNi04
ZTNjLTBkMWIzNjQ2ZTI3Ni8wLzMxMzAzMzJlMzEzNDM0MmUzMjM1MzAyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzkzNDMzMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnkPowDQYJ
KoZIhvcNAQELBQADggEBAFdbWJOn0+AhFoZ4kUaKIXDBXtuVkB74JjiDQtX0n04X
kSZd3cP7x2jsXLBRFXIKbTdXCkuQJsGHtgUgtV3ysqeUZ+Bm3riDCaBa52EwktPE
MorZNnCPN23wP21iYEWISRmIfrc6lz4uDoDQuGh+6slHvjoLDCkeda5YQBzIdZna
MDpHuC4XXYtZXneH0yY549Ng1s68fvz56DVm0gXjUzDyUddHOq3fS5RFT2iIx3/n
y2l6S4QYtBk4rVKhO3rEkxvjox3At1ZUMX9MBzctD+BOE8sM2ZFdK0A+6DHFB+sa
05DRiFETE/3AZSw7fBRyGr0qdP6/tnhR6qiy+I+dARA=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:02:28 2024 by rpki-client on console-ams.rpki-client.org