Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/20a820b4-82ef-4412-be2e-5d6914bd4844/0/3130332e3136302e3137382e302f32342d3234203d3e20313431353932.roa
File:                     3130332e3136302e3137382e302f32342d3234203d3e20313431353932.roa (raw, json)
Hash identifier:          k4kGEWmJPdH11JPWKVnLRe8PScrv+1tjgbdhWefh5yE=
Subject key identifier:   2B:08:DE:24:18:5F:C8:BB:5A:6C:AD:2B:5E:49:DA:41:14:B7:D2:BB
Certificate issuer:       /CN=032056FFABA06741112BA404900B315C87E35361
Certificate serial:       698F919408F707FE7CA5914623F94DD431CC4A40
Authority key identifier: 03:20:56:FF:AB:A0:67:41:11:2B:A4:04:90:0B:31:5C:87:E3:53:61
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/032056FFABA06741112BA404900B315C87E35361.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/20a820b4-82ef-4412-be2e-5d6914bd4844/0/3130332e3136302e3137382e302f32342d3234203d3e20313431353932.roa
Signing time:             Thu 19 Oct 2023 09:00:33 +0000
ROA not before:           Thu 19 Oct 2023 08:55:33 +0000
ROA not after:            Thu 17 Oct 2024 09:00:33 +0000
asID:                     141592
IP address blocks:        103.160.178.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/20a820b4-82ef-4412-be2e-5d6914bd4844/0/032056FFABA06741112BA404900B315C87E35361.crl
                          rsync://repo-rpki.idnic.net/repo/20a820b4-82ef-4412-be2e-5d6914bd4844/0/032056FFABA06741112BA404900B315C87E35361.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/032056FFABA06741112BA404900B315C87E35361.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            69:8f:91:94:08:f7:07:fe:7c:a5:91:46:23:f9:4d:d4:31:cc:4a:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=032056FFABA06741112BA404900B315C87E35361
        Validity
            Not Before: Oct 19 08:55:33 2023 GMT
            Not After : Oct 17 09:00:33 2024 GMT
        Subject: CN=2B08DE24185FC8BB5A6CAD2B5E49DA4114B7D2BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:31:2a:30:8d:73:26:72:e4:7c:1e:88:d1:11:
                    5f:8d:96:d0:ec:7e:b9:c9:5d:b4:10:55:ad:28:e8:
                    c2:bf:a9:3f:d1:22:4f:25:16:32:03:7e:02:66:6c:
                    d0:fb:72:57:81:3a:f9:46:8d:1d:b6:a1:77:b4:3f:
                    a7:14:ad:cf:81:f0:e1:ef:39:3f:ed:6c:cb:f3:89:
                    ea:2a:73:e4:4e:29:60:b3:d5:f1:fb:f1:7e:fb:69:
                    e3:4f:d2:0d:09:b1:91:08:48:fd:70:53:49:6d:fd:
                    ff:31:c8:be:51:3f:31:f8:a1:4e:a6:a2:06:60:ac:
                    47:de:25:a5:4f:c8:8c:a5:b1:0e:8b:96:42:5f:54:
                    0c:87:18:2c:0f:78:55:1d:3f:9d:7e:84:5f:a6:4f:
                    ba:e0:74:c2:7d:3c:53:72:a4:02:27:7a:6d:8e:7c:
                    56:fc:a0:2f:b3:09:62:cf:8f:5c:4c:1b:2c:6b:7c:
                    0d:51:57:61:ce:e0:7f:6a:08:cd:73:d8:57:56:aa:
                    c3:95:e7:4b:f2:83:58:40:b2:e2:6c:be:02:ee:db:
                    94:87:f8:00:22:5e:e8:43:ca:8f:14:b8:47:11:8d:
                    42:28:af:53:bb:1b:69:bb:f6:db:2a:f6:67:03:55:
                    a1:13:57:47:f3:6b:b1:82:d9:ab:88:89:3c:dd:56:
                    51:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:08:DE:24:18:5F:C8:BB:5A:6C:AD:2B:5E:49:DA:41:14:B7:D2:BB
            X509v3 Authority Key Identifier:
                keyid:03:20:56:FF:AB:A0:67:41:11:2B:A4:04:90:0B:31:5C:87:E3:53:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/20a820b4-82ef-4412-be2e-5d6914bd4844/0/032056FFABA06741112BA404900B315C87E35361.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/032056FFABA06741112BA404900B315C87E35361.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/20a820b4-82ef-4412-be2e-5d6914bd4844/0/3130332e3136302e3137382e302f32342d3234203d3e20313431353932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.160.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ca:70:83:c2:95:d3:e5:cd:43:53:1d:0a:30:4e:5a:2e:ee:e0:
         62:d3:54:16:b4:06:5b:e9:ed:d6:fa:a8:7f:41:88:17:8e:d5:
         53:96:fb:b8:1e:4b:b1:e9:3e:5c:10:1d:af:68:0a:b1:62:36:
         a9:67:44:b0:3e:29:d5:3f:99:f4:81:f0:bd:56:32:ec:4a:11:
         5a:84:91:b9:86:a5:3c:b6:2c:28:5c:70:49:61:6c:f7:3a:2d:
         ac:5b:1a:54:53:0c:89:8c:1b:23:d9:e0:be:a4:6a:c1:e0:5d:
         c8:91:4c:30:4d:3a:11:e5:cc:44:78:aa:4d:7c:26:31:52:11:
         d4:46:b2:8e:45:6f:c5:28:4a:95:d2:9c:b7:f0:b6:e6:b0:6b:
         65:e3:52:09:5a:fe:c9:05:1e:18:fe:15:0a:dd:59:ab:54:61:
         99:81:1b:10:da:37:f8:49:66:5a:9c:f6:e9:58:d3:18:80:0d:
         7d:2e:62:ff:15:3d:b6:06:30:9e:4e:5a:26:ac:f4:11:10:f3:
         bb:77:60:8d:1f:01:06:93:f1:d8:b7:e6:12:bc:23:7b:85:ed:
         6e:2b:38:02:d7:30:89:5d:d8:94:1e:b8:b1:53:37:72:f5:23:
         44:b4:a2:fa:0d:4b:c1:00:46:d0:5d:fd:d9:2d:90:92:21:61:
         3c:46:1e:e5
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUaY+RlAj3B/58pZFGI/lN1DHMSkAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDMyMDU2RkZBQkEwNjc0MTExMkJBNDA0OTAwQjMxNUM4
N0UzNTM2MTAeFw0yMzEwMTkwODU1MzNaFw0yNDEwMTcwOTAwMzNaMDMxMTAvBgNV
BAMTKDJCMDhERTI0MTg1RkM4QkI1QTZDQUQyQjVFNDlEQTQxMTRCN0QyQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkMSowjXMmcuR8HojREV+NltDs
frnJXbQQVa0o6MK/qT/RIk8lFjIDfgJmbND7cleBOvlGjR22oXe0P6cUrc+B8OHv
OT/tbMvzieoqc+ROKWCz1fH78X77aeNP0g0JsZEISP1wU0lt/f8xyL5RPzH4oU6m
ogZgrEfeJaVPyIylsQ6LlkJfVAyHGCwPeFUdP51+hF+mT7rgdMJ9PFNypAInem2O
fFb8oC+zCWLPj1xMGyxrfA1RV2HO4H9qCM1z2FdWqsOV50vyg1hAsuJsvgLu25SH
+AAiXuhDyo8UuEcRjUIor1O7G2m79tsq9mcDVaETV0fza7GC2auIiTzdVlFVAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUKwjeJBhfyLtabK0rXknaQRS30rswHwYDVR0j
BBgwFoAUAyBW/6ugZ0ERK6QEkAsxXIfjU2EwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
MGE4MjBiNC04MmVmLTQ0MTItYmUyZS01ZDY5MTRiZDQ4NDQvMC8wMzIwNTZGRkFC
QTA2NzQxMTEyQkE0MDQ5MDBCMzE1Qzg3RTM1MzYxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDMyMDU2RkZBQkEwNjc0MTExMkJBNDA0OTAwQjMxNUM4N0Uz
NTM2MS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzIwYTgyMGI0LTgyZWYtNDQxMi1i
ZTJlLTVkNjkxNGJkNDg0NC8wLzMxMzAzMzJlMzEzNjMwMmUzMTM3MzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzEzNTM5MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnoLIwDQYJ
KoZIhvcNAQELBQADggEBAMpwg8KV0+XNQ1MdCjBOWi7u4GLTVBa0Blvp7db6qH9B
iBeO1VOW+7geS7HpPlwQHa9oCrFiNqlnRLA+KdU/mfSB8L1WMuxKEVqEkbmGpTy2
LChccElhbPc6LaxbGlRTDImMGyPZ4L6kasHgXciRTDBNOhHlzER4qk18JjFSEdRG
so5Fb8UoSpXSnLfwtuawa2XjUgla/skFHhj+FQrdWatUYZmBGxDaN/hJZlqc9ulY
0xiADX0uYv8VPbYGMJ5OWias9BEQ87t3YI0fAQaT8di35hK8I3uF7W4rOALXMIld
2JQeuLFTN3L1I0S0ovoNS8EARtBd/dktkJIhYTxGHuU=
-----END CERTIFICATE-----
Generated at Tue Mar 26 18:22:28 2024 by rpki-client on console-fra.rpki-client.org