Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/3130332e3131392e3131362e302f32342d3234203d3e20313337333738.roa
File:                     3130332e3131392e3131362e302f32342d3234203d3e20313337333738.roa (raw, json)
Hash identifier:          /EKFOj0t8diKieUzMUvT1QgZFsDnosx01GQC6ERbJSY=
Subject key identifier:   F8:AF:EC:F0:FE:AC:3E:BF:B2:B0:DE:2A:DD:39:6E:04:5D:5A:10:83
Certificate issuer:       /CN=00AC65E61E4913268C5D0B8AFE8C7D913B686D9F
Certificate serial:       633241A48DD7C5E534897FB99A8FB29D60970D93
Authority key identifier: 00:AC:65:E6:1E:49:13:26:8C:5D:0B:8A:FE:8C:7D:91:3B:68:6D:9F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/3130332e3131392e3131362e302f32342d3234203d3e20313337333738.roa
Signing time:             Mon 31 Jul 2023 00:04:40 +0000
ROA not before:           Sun 30 Jul 2023 23:59:40 +0000
ROA not after:            Mon 29 Jul 2024 00:04:40 +0000
asID:                     137378
IP address blocks:        103.119.116.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.crl
                          rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 13:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            63:32:41:a4:8d:d7:c5:e5:34:89:7f:b9:9a:8f:b2:9d:60:97:0d:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00AC65E61E4913268C5D0B8AFE8C7D913B686D9F
        Validity
            Not Before: Jul 30 23:59:40 2023 GMT
            Not After : Jul 29 00:04:40 2024 GMT
        Subject: CN=F8AFECF0FEAC3EBFB2B0DE2ADD396E045D5A1083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:a2:0d:5e:b0:b3:fe:91:6d:1c:88:98:ae:42:
                    46:0f:a2:12:b8:72:13:8c:2c:0e:2c:8a:e1:f2:b0:
                    0d:d8:5b:24:ce:dc:6d:d3:9d:d1:03:70:7b:ee:68:
                    89:70:5d:57:93:59:d6:4d:eb:6a:53:d9:04:25:c3:
                    87:ba:f1:50:f6:89:05:d7:1e:c3:a5:d6:09:cc:91:
                    29:8a:88:eb:8e:07:fe:8c:5b:e2:4a:aa:e2:81:21:
                    6b:d0:83:9f:dc:c4:19:43:cb:eb:52:2b:c3:80:2d:
                    36:f6:e1:d0:0e:fe:31:73:ae:7d:52:6a:3f:e0:0a:
                    f6:24:de:50:9c:2d:39:52:49:38:62:85:82:45:45:
                    8c:0d:d5:bf:ae:a6:69:82:99:2b:97:de:cc:11:59:
                    5a:f2:c9:40:ad:60:1c:56:95:17:2d:e2:2c:b4:de:
                    ca:d4:01:80:cb:61:61:00:8b:3a:f1:e2:49:8f:3f:
                    eb:aa:24:5c:06:ad:6c:25:ec:64:af:57:27:d8:45:
                    0d:dc:a8:e0:58:7c:14:fb:b1:96:ee:96:48:e0:7f:
                    5c:4b:af:b6:e8:fd:14:d4:71:e3:d3:66:4a:69:39:
                    98:57:09:8e:73:f5:8a:cb:ca:62:49:89:b9:7e:39:
                    6c:26:1a:d6:f6:0d:87:49:da:86:a6:72:6c:f4:b1:
                    da:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:AF:EC:F0:FE:AC:3E:BF:B2:B0:DE:2A:DD:39:6E:04:5D:5A:10:83
            X509v3 Authority Key Identifier:
                keyid:00:AC:65:E6:1E:49:13:26:8C:5D:0B:8A:FE:8C:7D:91:3B:68:6D:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/3130332e3131392e3131362e302f32342d3234203d3e20313337333738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.119.116.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bc:5b:9d:e2:cf:04:68:d5:10:49:7c:32:f1:65:4d:95:d8:85:
         7d:f8:17:22:e2:89:ad:25:c5:e9:51:e7:d4:4e:b6:8c:3d:98:
         ff:8e:9b:45:a5:1f:aa:c2:45:65:c2:1c:6c:74:53:a1:58:1d:
         67:90:e3:5d:3f:53:74:72:24:46:79:72:b6:48:89:9e:e5:c6:
         99:de:7f:c8:c1:4e:53:32:2b:97:55:5b:23:13:fb:a6:da:47:
         7a:46:e1:05:78:cb:49:c6:41:1b:19:d8:33:e4:05:4f:f9:e8:
         52:59:a5:b1:f7:de:86:c7:72:15:7a:1f:e8:da:e7:aa:7c:1c:
         6a:4c:34:e5:65:c3:94:34:8d:8e:f3:27:d2:8f:ac:fc:06:e5:
         92:d4:05:a2:c5:86:3c:77:24:29:24:28:f7:52:be:d5:cb:c9:
         2a:fa:96:ea:2a:fb:b7:8a:7f:da:27:be:90:fc:26:99:31:6e:
         c0:05:83:d3:91:0c:28:af:3f:58:4c:c9:bf:2c:16:ce:df:39:
         ca:59:15:db:db:1d:1f:43:99:e6:4e:7c:04:75:5c:25:3c:9e:
         a9:67:a1:15:9d:ab:c6:99:5d:99:1f:31:61:18:75:cd:c4:4f:
         38:1a:3a:f2:df:26:44:be:8a:1a:3d:8d:fb:75:b5:78:6e:a1:
         e0:28:d3:17
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUYzJBpI3XxeU0iX+5mo+ynWCXDZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDBBQzY1RTYxRTQ5MTMyNjhDNUQwQjhBRkU4QzdEOTEz
QjY4NkQ5RjAeFw0yMzA3MzAyMzU5NDBaFw0yNDA3MjkwMDA0NDBaMDMxMTAvBgNV
BAMTKEY4QUZFQ0YwRkVBQzNFQkZCMkIwREUyQUREMzk2RTA0NUQ1QTEwODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoog1esLP+kW0ciJiuQkYPohK4
chOMLA4siuHysA3YWyTO3G3TndEDcHvuaIlwXVeTWdZN62pT2QQlw4e68VD2iQXX
HsOl1gnMkSmKiOuOB/6MW+JKquKBIWvQg5/cxBlDy+tSK8OALTb24dAO/jFzrn1S
aj/gCvYk3lCcLTlSSThihYJFRYwN1b+upmmCmSuX3swRWVryyUCtYBxWlRct4iy0
3srUAYDLYWEAizrx4kmPP+uqJFwGrWwl7GSvVyfYRQ3cqOBYfBT7sZbulkjgf1xL
r7bo/RTUcePTZkppOZhXCY5z9YrLymJJibl+OWwmGtb2DYdJ2oamcmz0sdqTAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQU+K/s8P6sPr+ysN4q3TluBF1aEIMwHwYDVR0j
BBgwFoAUAKxl5h5JEyaMXQuK/ox9kTtobZ8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
ZTg5NTBmMC0zYjE0LTRhNmQtYjMwZi03NTM3OWNiMmViY2UvMC8wMEFDNjVFNjFF
NDkxMzI2OEM1RDBCOEFGRThDN0Q5MTNCNjg2RDlGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDBBQzY1RTYxRTQ5MTMyNjhDNUQwQjhBRkU4QzdEOTEzQjY4
NkQ5Ri5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNlODk1MGYwLTNiMTQtNGE2ZC1i
MzBmLTc1Mzc5Y2IyZWJjZS8wLzMxMzAzMzJlMzEzMTM5MmUzMTMxMzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczMzM3Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnd3QwDQYJ
KoZIhvcNAQELBQADggEBALxbneLPBGjVEEl8MvFlTZXYhX34FyLiia0lxelR59RO
tow9mP+Om0WlH6rCRWXCHGx0U6FYHWeQ410/U3RyJEZ5crZIiZ7lxpnef8jBTlMy
K5dVWyMT+6baR3pG4QV4y0nGQRsZ2DPkBU/56FJZpbH33obHchV6H+ja56p8HGpM
NOVlw5Q0jY7zJ9KPrPwG5ZLUBaLFhjx3JCkkKPdSvtXLySr6luoq+7eKf9onvpD8
JpkxbsAFg9ORDCivP1hMyb8sFs7fOcpZFdvbHR9DmeZOfAR1XCU8nqlnoRWdq8aZ
XZkfMWEYdc3ETzgaOvLfJkS+iho9jft1tXhuoeAo0xc=
-----END CERTIFICATE-----
Generated at Wed Mar 27 13:04:16 2024 by rpki-client on console-ams.rpki-client.org