Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2d0927e6-8a0a-4fa7-8969-9fb9d694397c/0/3130332e31392e35362e302f32342d3234203d3e20313332363337.roa
File:                     3130332e31392e35362e302f32342d3234203d3e20313332363337.roa (raw, json)
Hash identifier:          DOR2UWTNvl+qND1ih+wCVmGN2HcEobKZ7YVgzpbDI2A=
Subject key identifier:   8B:E5:ED:73:1A:2B:97:4E:D7:99:1C:65:7E:74:CC:1E:45:48:AC:2F
Certificate issuer:       /CN=7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD
Certificate serial:       2653A359BFE915FED732AEB2E2BDBB310C8DF6EC
Authority key identifier: 7E:FA:64:C1:15:73:C2:92:E1:92:C2:CD:EA:C4:D5:F8:B8:C2:1D:BD
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2d0927e6-8a0a-4fa7-8969-9fb9d694397c/0/3130332e31392e35362e302f32342d3234203d3e20313332363337.roa
Signing time:             Mon 31 Jul 2023 00:14:29 +0000
ROA not before:           Mon 31 Jul 2023 00:09:29 +0000
ROA not after:            Mon 29 Jul 2024 00:14:29 +0000
asID:                     132637
IP address blocks:        103.19.56.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2d0927e6-8a0a-4fa7-8969-9fb9d694397c/0/7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD.crl
                          rsync://repo-rpki.idnic.net/repo/2d0927e6-8a0a-4fa7-8969-9fb9d694397c/0/7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:53:a3:59:bf:e9:15:fe:d7:32:ae:b2:e2:bd:bb:31:0c:8d:f6:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD
        Validity
            Not Before: Jul 31 00:09:29 2023 GMT
            Not After : Jul 29 00:14:29 2024 GMT
        Subject: CN=8BE5ED731A2B974ED7991C657E74CC1E4548AC2F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:77:5a:eb:93:15:5a:af:ad:78:28:51:26:8f:
                    70:7a:f4:1b:b7:14:2c:4f:78:57:02:49:fa:13:9f:
                    e9:c1:92:6e:48:d4:2e:14:db:e6:df:2f:c7:bd:33:
                    c7:13:45:b8:b5:bf:4a:aa:6b:52:15:8c:02:53:42:
                    44:c0:d0:df:a8:fe:2f:df:4e:29:94:c6:aa:64:d5:
                    31:97:ed:50:0a:76:ec:b4:d6:4f:a4:92:c5:63:eb:
                    9f:f9:17:ea:d9:13:a9:f9:ed:77:da:89:e8:96:a1:
                    c2:48:0d:bc:f5:fb:ef:8c:90:85:6f:5e:12:e2:f8:
                    6c:64:f3:f2:23:45:99:30:c4:e4:5c:b8:1d:f3:46:
                    af:a6:53:96:b3:99:4c:76:eb:91:a1:65:86:d8:95:
                    f1:a9:4b:67:2f:bc:e0:17:f4:88:de:ce:47:59:fb:
                    04:dd:a6:70:6c:10:3f:33:10:d7:93:89:2f:9d:3c:
                    a2:a5:5f:40:0b:51:8c:ad:06:f9:f9:b5:ba:10:ed:
                    77:3c:3c:50:17:1a:12:c2:92:bf:94:4a:8b:23:1f:
                    1a:c2:08:c4:ef:ed:a1:5b:59:fc:4d:c4:37:4d:97:
                    c5:73:37:00:63:dd:6d:61:8a:a2:01:ea:9f:1e:ff:
                    09:b0:f0:9f:60:ab:6e:cd:d3:40:43:25:63:f7:df:
                    74:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:E5:ED:73:1A:2B:97:4E:D7:99:1C:65:7E:74:CC:1E:45:48:AC:2F
            X509v3 Authority Key Identifier:
                keyid:7E:FA:64:C1:15:73:C2:92:E1:92:C2:CD:EA:C4:D5:F8:B8:C2:1D:BD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2d0927e6-8a0a-4fa7-8969-9fb9d694397c/0/7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7EFA64C11573C292E192C2CDEAC4D5F8B8C21DBD.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2d0927e6-8a0a-4fa7-8969-9fb9d694397c/0/3130332e31392e35362e302f32342d3234203d3e20313332363337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.19.56.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6d:92:6b:07:c0:8f:ae:ef:be:63:10:02:7f:a5:c5:26:78:58:
         ac:e7:22:48:08:1e:ba:60:7f:b3:d5:de:07:0a:a7:a5:c4:fd:
         e6:d3:3a:13:63:ed:6e:70:42:5f:71:07:87:df:d6:17:3b:f7:
         3a:82:64:a8:13:48:6b:6c:86:01:42:67:58:13:71:82:a2:35:
         2a:07:eb:99:46:88:d2:24:f4:80:5f:4f:46:9d:d3:88:8b:a0:
         f7:da:6a:12:70:12:02:ea:a0:5b:82:c3:dd:d7:d0:0d:27:54:
         18:c6:f0:fe:6c:22:16:ff:ca:fb:50:db:cb:3f:16:af:40:6e:
         17:08:ba:71:0f:45:bf:56:89:3d:4f:52:14:d1:08:4f:e9:d6:
         c6:09:47:94:03:2c:f5:13:9d:41:77:e4:da:22:62:e3:93:06:
         67:9d:0a:40:77:6a:ab:09:f6:2b:13:97:2b:fe:40:15:f2:d6:
         d8:e1:45:7b:85:86:34:5d:b2:86:00:d8:e4:5d:d7:cb:19:24:
         81:59:af:0f:c4:ae:de:1f:dd:6d:c2:0c:72:22:54:56:50:8f:
         e3:a4:8e:c0:40:c2:72:ee:e1:ef:de:b6:36:4b:9d:47:05:70:
         a7:53:be:5a:21:d6:3f:e4:29:b4:d8:af:3c:19:24:eb:d8:ed:
         ae:48:2f:ef
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUJlOjWb/pFf7XMq6y4r27MQyN9uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0VGQTY0QzExNTczQzI5MkUxOTJDMkNERUFDNEQ1RjhC
OEMyMURCRDAeFw0yMzA3MzEwMDA5MjlaFw0yNDA3MjkwMDE0MjlaMDMxMTAvBgNV
BAMTKDhCRTVFRDczMUEyQjk3NEVENzk5MUM2NTdFNzRDQzFFNDU0OEFDMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0d1rrkxVar614KFEmj3B69Bu3
FCxPeFcCSfoTn+nBkm5I1C4U2+bfL8e9M8cTRbi1v0qqa1IVjAJTQkTA0N+o/i/f
TimUxqpk1TGX7VAKduy01k+kksVj65/5F+rZE6n57XfaieiWocJIDbz1+++MkIVv
XhLi+Gxk8/IjRZkwxORcuB3zRq+mU5azmUx265GhZYbYlfGpS2cvvOAX9IjezkdZ
+wTdpnBsED8zENeTiS+dPKKlX0ALUYytBvn5tboQ7Xc8PFAXGhLCkr+USosjHxrC
CMTv7aFbWfxNxDdNl8VzNwBj3W1hiqIB6p8e/wmw8J9gq27N00BDJWP333TjAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUi+Xtcxorl07XmRxlfnTMHkVIrC8wHwYDVR0j
BBgwFoAUfvpkwRVzwpLhksLN6sTV+LjCHb0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZDA5MjdlNi04YTBhLTRmYTctODk2OS05ZmI5ZDY5NDM5N2MvMC83RUZBNjRDMTE1
NzNDMjkyRTE5MkMyQ0RFQUM0RDVGOEI4QzIxREJELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0VGQTY0QzExNTczQzI5MkUxOTJDMkNERUFDNEQ1RjhCOEMy
MURCRC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzJkMDkyN2U2LThhMGEtNGZhNy04
OTY5LTlmYjlkNjk0Mzk3Yy8wLzMxMzAzMzJlMzEzOTJlMzUzNjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzMzMjM2MzMzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcTODANBgkqhkiG
9w0BAQsFAAOCAQEAbZJrB8CPru++YxACf6XFJnhYrOciSAgeumB/s9XeBwqnpcT9
5tM6E2PtbnBCX3EHh9/WFzv3OoJkqBNIa2yGAUJnWBNxgqI1KgfrmUaI0iT0gF9P
Rp3TiIug99pqEnASAuqgW4LD3dfQDSdUGMbw/mwiFv/K+1Dbyz8Wr0BuFwi6cQ9F
v1aJPU9SFNEIT+nWxglHlAMs9ROdQXfk2iJi45MGZ50KQHdqqwn2KxOXK/5AFfLW
2OFFe4WGNF2yhgDY5F3XyxkkgVmvD8Su3h/dbcIMciJUVlCP46SOwEDCcu7h7962
NkudRwVwp1O+WiHWP+QptNivPBkk69jtrkgv7w==
-----END CERTIFICATE-----
Generated at Wed Mar 27 21:29:29 2024 by rpki-client on console-fra.rpki-client.org