Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3130332e32322e3234392e302f32342d3234203d3e20313331313131.roa
File:                     3130332e32322e3234392e302f32342d3234203d3e20313331313131.roa (raw, json)
Hash identifier:          V4Xu5FUxjJ9JtDLYcgC0EIk5g92p6dEzb97bCap1H6c=
Subject key identifier:   24:5F:22:6E:2A:1E:FF:61:B2:B9:10:C5:C5:13:A9:28:F0:6E:4B:E8
Certificate issuer:       /CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
Certificate serial:       5E8A2DDE52C7A4309736101C19CEE4944C3E57B9
Authority key identifier: C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3130332e32322e3234392e302f32342d3234203d3e20313331313131.roa
Signing time:             Tue 08 Aug 2023 15:00:01 +0000
ROA not before:           Tue 08 Aug 2023 14:55:01 +0000
ROA not after:            Tue 06 Aug 2024 15:00:01 +0000
asID:                     131111
IP address blocks:        103.22.249.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl
                          rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:8a:2d:de:52:c7:a4:30:97:36:10:1c:19:ce:e4:94:4c:3e:57:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C1AF8C999E9D06DADEBC387D78B305AB8716DC2F
        Validity
            Not Before: Aug  8 14:55:01 2023 GMT
            Not After : Aug  6 15:00:01 2024 GMT
        Subject: CN=245F226E2A1EFF61B2B910C5C513A928F06E4BE8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:03:9f:56:af:d6:9d:7c:34:cd:22:c3:6d:f2:
                    94:a9:f6:e5:90:c1:81:71:d9:19:d8:89:b2:b6:3c:
                    37:60:5a:d2:f7:de:b8:1b:36:ad:48:17:47:fa:40:
                    e3:2c:bf:09:a3:01:34:22:91:1a:3e:aa:5c:f3:ac:
                    fe:67:7a:82:88:d0:67:c3:be:42:55:fc:31:0b:e6:
                    97:39:3c:6b:34:3a:bc:34:0e:bb:41:bb:c2:c3:c1:
                    64:95:4d:f8:d7:53:8b:cf:23:db:a9:c1:86:e0:9c:
                    02:4b:11:57:bf:fe:00:38:0d:86:a3:f8:20:9c:bd:
                    69:0b:5b:22:a2:b9:fb:40:ad:17:01:68:2f:70:85:
                    5e:ac:d8:e2:f7:e7:45:63:2c:e7:63:ec:0b:de:2a:
                    a2:75:c6:63:b6:b0:94:16:b5:03:0a:da:3c:d7:a6:
                    c1:23:7a:64:6a:79:cd:e0:7a:49:7f:ca:1c:d4:ff:
                    e6:4a:eb:04:1e:5b:88:70:00:34:d0:b8:48:de:be:
                    87:f8:21:b6:3a:7d:99:f4:44:f7:0f:cd:09:92:7e:
                    13:8e:7e:e7:84:20:2d:ea:42:b2:aa:b2:ee:c9:a2:
                    39:83:4f:51:b5:0a:35:9d:31:b8:58:01:72:08:6f:
                    a0:6f:b6:f2:ee:f3:1e:9e:7c:a0:1c:40:9d:71:6d:
                    d7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:5F:22:6E:2A:1E:FF:61:B2:B9:10:C5:C5:13:A9:28:F0:6E:4B:E8
            X509v3 Authority Key Identifier:
                keyid:C1:AF:8C:99:9E:9D:06:DA:DE:BC:38:7D:78:B3:05:AB:87:16:DC:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C1AF8C999E9D06DADEBC387D78B305AB8716DC2F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/19205e7c-a881-4873-9188-e521b6af529c/0/3130332e32322e3234392e302f32342d3234203d3e20313331313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.22.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:75:e7:da:a3:93:d5:93:17:00:c9:fb:39:b3:d1:34:f0:76:
         39:83:dd:95:8e:86:8b:83:ba:fd:11:f7:e3:eb:22:ca:e3:22:
         aa:c7:00:b7:85:65:cb:a9:18:3b:23:d8:a1:05:1e:a8:48:cf:
         ec:e6:4a:a8:06:8b:5e:bc:6e:21:ae:e5:c0:f3:24:17:5e:a7:
         59:41:61:d1:17:39:f9:bb:45:aa:7e:20:0a:c8:df:e3:e7:ef:
         0c:29:66:3f:1e:a5:06:e6:b2:ff:76:36:23:ee:fb:f5:4f:b6:
         c7:c1:b8:60:a5:44:f2:b6:ac:ce:60:4c:93:d1:fc:da:60:77:
         18:6d:82:c5:c9:d0:72:e8:e9:4f:c6:e7:5d:51:3f:de:ec:61:
         7c:7d:85:ee:e3:7b:a9:85:54:71:71:18:a1:bf:7c:c0:df:e7:
         19:4b:19:2b:e6:f9:c1:2a:00:4a:9d:af:48:97:06:06:ee:d9:
         54:3d:b3:62:73:38:ae:ca:dc:e8:08:be:8b:06:73:50:d4:ff:
         81:67:ac:e2:cc:22:6f:c6:29:50:fd:6b:c0:b8:86:d0:52:03:
         d5:eb:f5:05:44:09:e1:b6:10:2f:1e:d0:be:e9:a7:ba:40:3a:
         a2:4d:c7:59:67:e3:0c:e4:bd:20:d9:3f:ff:8b:3e:b3:50:b9:
         b5:43:19:dd
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUXoot3lLHpDCXNhAcGc7klEw+V7kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4
NzE2REMyRjAeFw0yMzA4MDgxNDU1MDFaFw0yNDA4MDYxNTAwMDFaMDMxMTAvBgNV
BAMTKDI0NUYyMjZFMkExRUZGNjFCMkI5MTBDNUM1MTNBOTI4RjA2RTRCRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNA59Wr9adfDTNIsNt8pSp9uWQ
wYFx2RnYibK2PDdgWtL33rgbNq1IF0f6QOMsvwmjATQikRo+qlzzrP5neoKI0GfD
vkJV/DEL5pc5PGs0Orw0DrtBu8LDwWSVTfjXU4vPI9upwYbgnAJLEVe//gA4DYaj
+CCcvWkLWyKiuftArRcBaC9whV6s2OL350VjLOdj7AveKqJ1xmO2sJQWtQMK2jzX
psEjemRqec3gekl/yhzU/+ZK6wQeW4hwADTQuEjevof4IbY6fZn0RPcPzQmSfhOO
fueEIC3qQrKqsu7JojmDT1G1CjWdMbhYAXIIb6BvtvLu8x6efKAcQJ1xbdeXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUJF8ibioe/2GyuRDFxROpKPBuS+gwHwYDVR0j
BBgwFoAUwa+MmZ6dBtrevDh9eLMFq4cW3C8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8x
OTIwNWU3Yy1hODgxLTQ4NzMtOTE4OC1lNTIxYjZhZjUyOWMvMC9DMUFGOEM5OTlF
OUQwNkRBREVCQzM4N0Q3OEIzMDVBQjg3MTZEQzJGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzFBRjhDOTk5RTlEMDZEQURFQkMzODdENzhCMzA1QUI4NzE2
REMyRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzE5MjA1ZTdjLWE4ODEtNDg3My05
MTg4LWU1MjFiNmFmNTI5Yy8wLzMxMzAzMzJlMzIzMjJlMzIzNDM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMxMzEzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZxb5MA0GCSqG
SIb3DQEBCwUAA4IBAQBGdefao5PVkxcAyfs5s9E08HY5g92VjoaLg7r9Effj6yLK
4yKqxwC3hWXLqRg7I9ihBR6oSM/s5kqoBotevG4hruXA8yQXXqdZQWHRFzn5u0Wq
fiAKyN/j5+8MKWY/HqUG5rL/djYj7vv1T7bHwbhgpUTytqzOYEyT0fzaYHcYbYLF
ydBy6OlPxuddUT/e7GF8fYXu43uphVRxcRihv3zA3+cZSxkr5vnBKgBKna9IlwYG
7tlUPbNicziuytzoCL6LBnNQ1P+BZ6zizCJvxilQ/WvAuIbQUgPV6/UFRAnhthAv
HtC+6ae6QDqiTcdZZ+MM5L0g2T//iz6zULm1Qxnd
-----END CERTIFICATE-----
Generated at Tue Mar 26 18:22:28 2024 by rpki-client on console-fra.rpki-client.org