Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2410fa43-0be3-471a-9c20-81046291ca11/0/3130332e3234352e3132322e302f32342d3234203d3e203436303536.roa
File:                     3130332e3234352e3132322e302f32342d3234203d3e203436303536.roa (raw, json)
Hash identifier:          HKtwbicytQIJJiMszVY+S2rprix+jn6jwCQJJEixkWQ=
Subject key identifier:   06:53:CE:32:21:B0:91:CF:EB:AB:8E:72:6B:E1:F7:78:39:B2:95:CD
Certificate issuer:       /CN=AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06
Certificate serial:       3D39DC44C42B0F901EDE1F9A3A62ED7853A30B54
Authority key identifier: AB:58:72:11:82:B4:EA:A8:FE:CD:4A:D8:80:8C:EE:F5:CD:DD:1B:06
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2410fa43-0be3-471a-9c20-81046291ca11/0/3130332e3234352e3132322e302f32342d3234203d3e203436303536.roa
Signing time:             Mon 31 Jul 2023 00:14:26 +0000
ROA not before:           Mon 31 Jul 2023 00:09:26 +0000
ROA not after:            Mon 29 Jul 2024 00:14:26 +0000
asID:                     46056
IP address blocks:        103.245.122.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2410fa43-0be3-471a-9c20-81046291ca11/0/AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06.crl
                          rsync://repo-rpki.idnic.net/repo/2410fa43-0be3-471a-9c20-81046291ca11/0/AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 13:56:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:39:dc:44:c4:2b:0f:90:1e:de:1f:9a:3a:62:ed:78:53:a3:0b:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06
        Validity
            Not Before: Jul 31 00:09:26 2023 GMT
            Not After : Jul 29 00:14:26 2024 GMT
        Subject: CN=0653CE3221B091CFEBAB8E726BE1F77839B295CD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:cf:3d:06:79:53:c7:ef:01:a2:c9:56:e3:5b:
                    9e:da:e3:0b:16:ee:87:d9:29:6c:6d:1f:a8:45:59:
                    c7:10:08:49:ce:e8:f6:a7:4d:90:e1:44:b8:43:a6:
                    31:00:83:ab:a3:d7:3f:dc:2b:24:e5:24:5a:d1:06:
                    67:1d:2e:96:bf:c3:f9:2a:7b:e8:68:3c:cb:65:fb:
                    f0:c5:2a:a9:f9:b9:f9:31:20:8c:25:68:4a:80:7f:
                    0b:6d:0b:cc:55:23:d4:6a:cb:6e:6b:09:63:6f:d7:
                    b1:a0:8a:eb:82:66:79:c3:6c:ae:2c:fc:fd:40:a1:
                    7a:89:0a:ea:db:7d:b0:52:6d:f4:66:ac:79:40:db:
                    aa:c9:06:4b:c5:4e:56:43:12:08:54:7a:76:2e:bc:
                    76:28:13:68:72:04:e4:06:84:78:04:de:d5:ff:91:
                    0c:5b:6a:7a:f1:52:03:d3:50:0b:70:ab:89:a9:78:
                    45:53:c6:c3:aa:3e:a8:d2:88:da:da:60:98:ad:47:
                    6b:f6:b5:a6:04:d2:ef:5e:fc:b9:a0:7b:18:1f:cf:
                    ea:f9:a2:c8:a5:06:36:c2:d5:1b:1e:12:af:55:8a:
                    c1:3d:a5:9e:03:51:c9:52:b7:ee:ec:f4:5e:1f:77:
                    3c:44:ab:30:36:02:5f:81:48:61:0f:28:13:c8:32:
                    64:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:53:CE:32:21:B0:91:CF:EB:AB:8E:72:6B:E1:F7:78:39:B2:95:CD
            X509v3 Authority Key Identifier:
                keyid:AB:58:72:11:82:B4:EA:A8:FE:CD:4A:D8:80:8C:EE:F5:CD:DD:1B:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2410fa43-0be3-471a-9c20-81046291ca11/0/AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AB58721182B4EAA8FECD4AD8808CEEF5CDDD1B06.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2410fa43-0be3-471a-9c20-81046291ca11/0/3130332e3234352e3132322e302f32342d3234203d3e203436303536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.245.122.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:81:41:1a:9f:ec:15:bf:0d:5c:78:71:15:be:ed:b8:d1:66:
         c9:4c:fc:7a:d8:8d:28:bc:bd:04:95:68:e4:8c:15:24:f3:c2:
         8c:49:12:58:78:5a:9e:ce:8a:01:d4:22:5a:ba:e9:0c:60:b9:
         19:35:de:4d:12:a1:c6:f5:c3:ec:d9:51:b1:af:ab:8d:b5:77:
         83:e8:ac:94:c8:c5:6f:a7:af:ef:e6:aa:06:a5:d1:8e:27:16:
         7d:fe:d7:1d:d2:8f:1d:79:59:d5:fb:8f:ce:d7:ab:fb:bc:88:
         ec:03:ff:ec:e3:3c:e3:33:0a:1b:5c:a6:0c:aa:fb:22:af:1b:
         fd:db:3f:0a:34:a6:d5:e9:e8:d3:36:fe:a7:ad:ae:d2:34:0c:
         bd:4c:7b:16:8a:eb:c6:ab:c8:dc:9e:cd:e6:f5:ff:9c:7f:ca:
         57:c8:7e:28:a2:d3:a9:9a:38:95:ff:36:24:11:63:a6:f8:76:
         20:49:51:a4:88:14:fd:6e:87:7e:fa:4a:1b:0d:66:d0:1d:0a:
         ab:3d:e2:97:0a:1d:3a:0a:e6:b2:6b:30:ff:24:6b:8f:92:c6:
         07:19:34:0b:32:e7:9c:1e:7f:bd:32:c8:e7:1d:5d:a4:7f:ad:
         79:76:ec:87:5b:c9:df:38:28:a0:55:64:7b:c8:68:41:08:b1:
         f2:f7:d6:4f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUPTncRMQrD5Ae3h+aOmLteFOjC1QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUI1ODcyMTE4MkI0RUFBOEZFQ0Q0QUQ4ODA4Q0VFRjVD
REREMUIwNjAeFw0yMzA3MzEwMDA5MjZaFw0yNDA3MjkwMDE0MjZaMDMxMTAvBgNV
BAMTKDA2NTNDRTMyMjFCMDkxQ0ZFQkFCOEU3MjZCRTFGNzc4MzlCMjk1Q0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9zz0GeVPH7wGiyVbjW57a4wsW
7ofZKWxtH6hFWccQCEnO6PanTZDhRLhDpjEAg6uj1z/cKyTlJFrRBmcdLpa/w/kq
e+hoPMtl+/DFKqn5ufkxIIwlaEqAfwttC8xVI9Rqy25rCWNv17GgiuuCZnnDbK4s
/P1AoXqJCurbfbBSbfRmrHlA26rJBkvFTlZDEghUenYuvHYoE2hyBOQGhHgE3tX/
kQxbanrxUgPTUAtwq4mpeEVTxsOqPqjSiNraYJitR2v2taYE0u9e/Lmgexgfz+r5
osilBjbC1RseEq9VisE9pZ4DUclSt+7s9F4fdzxEqzA2Al+BSGEPKBPIMmSZAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUBlPOMiGwkc/rq45ya+H3eDmylc0wHwYDVR0j
BBgwFoAUq1hyEYK06qj+zUrYgIzu9c3dGwYwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
NDEwZmE0My0wYmUzLTQ3MWEtOWMyMC04MTA0NjI5MWNhMTEvMC9BQjU4NzIxMTgy
QjRFQUE4RkVDRDRBRDg4MDhDRUVGNUNEREQxQjA2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQUI1ODcyMTE4MkI0RUFBOEZFQ0Q0QUQ4ODA4Q0VFRjVDRERE
MUIwNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI0MTBmYTQzLTBiZTMtNDcxYS05
YzIwLTgxMDQ2MjkxY2ExMS8wLzMxMzAzMzJlMzIzNDM1MmUzMTMyMzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNDM2MzAzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ/V6MA0GCSqG
SIb3DQEBCwUAA4IBAQC6gUEan+wVvw1ceHEVvu240WbJTPx62I0ovL0ElWjkjBUk
88KMSRJYeFqezooB1CJauukMYLkZNd5NEqHG9cPs2VGxr6uNtXeD6KyUyMVvp6/v
5qoGpdGOJxZ9/tcd0o8deVnV+4/O16v7vIjsA//s4zzjMwobXKYMqvsirxv92z8K
NKbV6ejTNv6nra7SNAy9THsWiuvGq8jcns3m9f+cf8pXyH4ootOpmjiV/zYkEWOm
+HYgSVGkiBT9bod++kobDWbQHQqrPeKXCh06CuayazD/JGuPksYHGTQLMuecHn+9
MsjnHV2kf615duyHW8nfOCigVWR7yGhBCLHy99ZP
-----END CERTIFICATE-----
Generated at Thu Mar 28 13:27:25 2024 by rpki-client on console-ams.rpki-client.org