Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/3130332e3131392e3131372e302f32342d3234203d3e20313337333738.roa
File:                     3130332e3131392e3131372e302f32342d3234203d3e20313337333738.roa (raw, json)
Hash identifier:          Yh+hggoRXloDIAdbERmzb62xS1kVyjCTIppLxSwod5Y=
Subject key identifier:   B4:DD:F8:BC:0D:C3:53:57:73:E3:0E:60:C3:DB:A0:7C:EC:E7:61:FC
Certificate issuer:       /CN=00AC65E61E4913268C5D0B8AFE8C7D913B686D9F
Certificate serial:       3AC8AE3634023504CB9F2B50E168A67F48EE73A6
Authority key identifier: 00:AC:65:E6:1E:49:13:26:8C:5D:0B:8A:FE:8C:7D:91:3B:68:6D:9F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/3130332e3131392e3131372e302f32342d3234203d3e20313337333738.roa
Signing time:             Mon 31 Jul 2023 00:04:40 +0000
ROA not before:           Sun 30 Jul 2023 23:59:40 +0000
ROA not after:            Mon 29 Jul 2024 00:04:40 +0000
asID:                     137378
IP address blocks:        103.119.117.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.crl
                          rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 13:02:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:c8:ae:36:34:02:35:04:cb:9f:2b:50:e1:68:a6:7f:48:ee:73:a6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00AC65E61E4913268C5D0B8AFE8C7D913B686D9F
        Validity
            Not Before: Jul 30 23:59:40 2023 GMT
            Not After : Jul 29 00:04:40 2024 GMT
        Subject: CN=B4DDF8BC0DC3535773E30E60C3DBA07CECE761FC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:da:8d:99:39:82:91:52:ca:bd:d2:e8:0b:de:
                    8c:84:18:f4:3b:c9:c2:8c:2e:89:4e:f8:4f:79:1b:
                    4d:e2:05:28:fc:a9:49:3e:53:60:9b:e5:9c:25:71:
                    c4:f9:1b:98:f3:9a:fb:aa:a7:d9:78:81:94:fd:da:
                    82:cd:f0:ad:4b:94:46:f0:4d:b4:fb:98:f4:79:75:
                    e3:11:c6:84:d0:a9:3f:04:f7:8b:58:7a:6f:42:30:
                    5a:6b:1f:c9:4a:86:e8:87:69:98:bd:56:e5:88:f2:
                    0b:cc:bc:b8:d3:c8:00:ac:46:76:5e:9a:76:bd:7e:
                    02:12:35:d1:a1:27:e5:8f:a3:51:ea:04:e7:bb:6a:
                    48:ce:10:5b:ff:c9:3d:ad:c9:bd:24:75:49:5c:a2:
                    c0:df:88:39:18:a8:04:24:f1:41:40:46:5b:e2:b9:
                    f1:9c:c2:e8:7c:2f:4e:6a:62:58:a2:0a:00:19:03:
                    a9:96:ed:d1:e9:6c:7c:a5:e8:f0:d9:4c:98:90:23:
                    ee:d3:97:cb:64:e3:96:35:f4:48:99:02:75:f9:88:
                    b1:c6:11:06:ff:82:30:4a:2a:ec:7b:e6:77:c2:b4:
                    09:6d:fc:ea:b7:64:48:64:6c:ff:ff:7e:f3:15:16:
                    96:e7:c7:80:51:c4:ed:63:60:7b:1a:c5:a1:9d:ce:
                    82:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:DD:F8:BC:0D:C3:53:57:73:E3:0E:60:C3:DB:A0:7C:EC:E7:61:FC
            X509v3 Authority Key Identifier:
                keyid:00:AC:65:E6:1E:49:13:26:8C:5D:0B:8A:FE:8C:7D:91:3B:68:6D:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/00AC65E61E4913268C5D0B8AFE8C7D913B686D9F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e8950f0-3b14-4a6d-b30f-75379cb2ebce/0/3130332e3131392e3131372e302f32342d3234203d3e20313337333738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.119.117.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:6f:d1:d2:48:92:5e:75:77:79:c9:97:d6:34:bf:ca:3e:60:
         3f:02:2a:24:1f:c6:85:6c:fa:c5:24:1f:45:5c:55:50:f2:b3:
         5c:7e:22:e3:cf:2b:c5:e5:ac:1b:c1:ba:21:51:f9:0d:70:a2:
         e8:c6:f6:ad:62:ca:a8:b6:77:3f:19:e7:6d:75:69:6a:0e:a1:
         df:27:74:6d:58:2a:b9:6e:6b:5a:5d:72:8a:6a:f8:c6:60:c0:
         6e:94:01:f9:fd:d1:8e:7b:ba:41:b4:e5:58:79:69:56:3d:e2:
         4a:7f:1f:e6:97:73:e1:14:c6:99:ae:a7:3f:d1:00:9e:93:9a:
         88:4c:a0:c6:cb:b8:29:15:4f:61:43:1f:d6:f4:bb:b5:2c:b8:
         2c:96:4d:ab:cd:19:fa:66:46:0a:93:5d:3d:ba:a8:4c:0d:f9:
         e9:8d:72:9e:78:cd:b7:19:ff:68:d2:39:9c:54:d7:07:17:1a:
         92:7a:ff:68:7b:3b:09:1d:62:06:c2:7f:17:d6:1b:a7:06:bb:
         79:9d:cc:f9:24:2f:83:f2:f7:74:9a:e8:74:97:ac:88:82:ee:
         da:93:82:2a:0d:6b:d6:f7:05:7d:93:15:bf:ab:7c:91:69:8c:
         be:2e:b8:8e:3c:16:be:a9:1e:48:a4:c8:39:30:55:d9:b5:52:
         11:4a:6b:63
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUOsiuNjQCNQTLnytQ4Wimf0juc6YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDBBQzY1RTYxRTQ5MTMyNjhDNUQwQjhBRkU4QzdEOTEz
QjY4NkQ5RjAeFw0yMzA3MzAyMzU5NDBaFw0yNDA3MjkwMDA0NDBaMDMxMTAvBgNV
BAMTKEI0RERGOEJDMERDMzUzNTc3M0UzMEU2MEMzREJBMDdDRUNFNzYxRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDp2o2ZOYKRUsq90ugL3oyEGPQ7
ycKMLolO+E95G03iBSj8qUk+U2Cb5ZwlccT5G5jzmvuqp9l4gZT92oLN8K1LlEbw
TbT7mPR5deMRxoTQqT8E94tYem9CMFprH8lKhuiHaZi9VuWI8gvMvLjTyACsRnZe
mna9fgISNdGhJ+WPo1HqBOe7akjOEFv/yT2tyb0kdUlcosDfiDkYqAQk8UFARlvi
ufGcwuh8L05qYliiCgAZA6mW7dHpbHyl6PDZTJiQI+7Tl8tk45Y19EiZAnX5iLHG
EQb/gjBKKux75nfCtAlt/Oq3ZEhkbP//fvMVFpbnx4BRxO1jYHsaxaGdzoIvAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUtN34vA3DU1dz4w5gw9ugfOznYfwwHwYDVR0j
BBgwFoAUAKxl5h5JEyaMXQuK/ox9kTtobZ8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
ZTg5NTBmMC0zYjE0LTRhNmQtYjMwZi03NTM3OWNiMmViY2UvMC8wMEFDNjVFNjFF
NDkxMzI2OEM1RDBCOEFGRThDN0Q5MTNCNjg2RDlGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDBBQzY1RTYxRTQ5MTMyNjhDNUQwQjhBRkU4QzdEOTEzQjY4
NkQ5Ri5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNlODk1MGYwLTNiMTQtNGE2ZC1i
MzBmLTc1Mzc5Y2IyZWJjZS8wLzMxMzAzMzJlMzEzMTM5MmUzMTMxMzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczMzM3Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnd3UwDQYJ
KoZIhvcNAQELBQADggEBAF9v0dJIkl51d3nJl9Y0v8o+YD8CKiQfxoVs+sUkH0Vc
VVDys1x+IuPPK8XlrBvBuiFR+Q1woujG9q1iyqi2dz8Z5211aWoOod8ndG1YKrlu
a1pdcopq+MZgwG6UAfn90Y57ukG05Vh5aVY94kp/H+aXc+EUxpmupz/RAJ6TmohM
oMbLuCkVT2FDH9b0u7UsuCyWTavNGfpmRgqTXT26qEwN+emNcp54zbcZ/2jSOZxU
1wcXGpJ6/2h7OwkdYgbCfxfWG6cGu3mdzPkkL4Py93Sa6HSXrIiC7tqTgioNa9b3
BX2TFb+rfJFpjL4uuI48Fr6pHkikyDkwVdm1UhFKa2M=
-----END CERTIFICATE-----
Generated at Wed Mar 27 13:19:54 2024 by rpki-client on console-fra.rpki-client.org