Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/3130332e34312e3139322e302f32322d3234203d3e203538333937.roa
File:                     3130332e34312e3139322e302f32322d3234203d3e203538333937.roa (raw, json)
Hash identifier:          rZPduyT8LmU69JMvhmuoepLOx5Bw9UBBh+rXCUuTVSs=
Subject key identifier:   92:75:75:8A:6B:E4:83:93:15:EE:7D:EA:32:86:BA:A4:76:25:77:32
Certificate issuer:       /CN=498B46B789361D2AAA4E5CF9B2A81E223925A89F
Certificate serial:       4A2D7D4BF2A838B0E6D4E57E65C51B82074234A3
Authority key identifier: 49:8B:46:B7:89:36:1D:2A:AA:4E:5C:F9:B2:A8:1E:22:39:25:A8:9F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/498B46B789361D2AAA4E5CF9B2A81E223925A89F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/3130332e34312e3139322e302f32322d3234203d3e203538333937.roa
Signing time:             Mon 31 Jul 2023 00:08:30 +0000
ROA not before:           Mon 31 Jul 2023 00:03:30 +0000
ROA not after:            Mon 29 Jul 2024 00:08:30 +0000
asID:                     58397
IP address blocks:        103.41.192.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/498B46B789361D2AAA4E5CF9B2A81E223925A89F.crl
                          rsync://repo-rpki.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/498B46B789361D2AAA4E5CF9B2A81E223925A89F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/498B46B789361D2AAA4E5CF9B2A81E223925A89F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 03:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:2d:7d:4b:f2:a8:38:b0:e6:d4:e5:7e:65:c5:1b:82:07:42:34:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=498B46B789361D2AAA4E5CF9B2A81E223925A89F
        Validity
            Not Before: Jul 31 00:03:30 2023 GMT
            Not After : Jul 29 00:08:30 2024 GMT
        Subject: CN=9275758A6BE4839315EE7DEA3286BAA476257732
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:23:d0:d4:79:ad:18:b8:c3:0a:4f:4c:e8:36:
                    46:30:f5:ec:aa:44:39:4d:0f:91:39:8d:19:f9:13:
                    9c:56:31:97:54:10:c3:76:c8:ca:e3:0d:9e:0c:3d:
                    b4:9d:14:78:10:a9:a0:a0:99:de:7d:24:d9:3e:3a:
                    4d:d2:dd:06:52:1f:a2:37:7a:30:f5:8e:bb:39:96:
                    cd:3d:c4:8b:60:48:8a:81:ae:29:a5:dc:6d:01:b6:
                    09:b9:77:f7:7d:d3:57:a2:19:57:20:ef:34:1b:94:
                    4a:c7:86:99:b8:bd:ca:65:96:54:d7:97:f5:0b:c2:
                    2e:09:3f:36:40:e0:84:78:33:21:28:ee:97:21:dd:
                    84:be:21:cb:a0:c5:98:f2:c8:8b:eb:f0:28:a2:bd:
                    b9:fb:05:cf:5f:cd:da:41:d0:f2:f2:d0:1e:5d:7e:
                    43:33:43:00:3c:90:4e:28:22:06:2e:44:7c:c2:89:
                    b0:6a:46:f5:e7:dc:e6:70:07:8d:fe:9d:48:c4:7b:
                    4a:31:67:f1:ba:1d:e9:48:e1:d8:ee:ce:eb:94:5a:
                    c7:76:77:07:01:fe:98:fc:08:3b:71:5b:65:e7:dc:
                    1a:4f:d6:24:2d:54:fc:49:ad:eb:3c:f9:5a:35:da:
                    85:7e:58:1a:b3:06:6e:fc:c6:94:01:9f:b7:7f:9b:
                    04:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:75:75:8A:6B:E4:83:93:15:EE:7D:EA:32:86:BA:A4:76:25:77:32
            X509v3 Authority Key Identifier:
                keyid:49:8B:46:B7:89:36:1D:2A:AA:4E:5C:F9:B2:A8:1E:22:39:25:A8:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/498B46B789361D2AAA4E5CF9B2A81E223925A89F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/498B46B789361D2AAA4E5CF9B2A81E223925A89F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/519166a1-18cd-44d3-a6e0-2ef82f760d28/0/3130332e34312e3139322e302f32322d3234203d3e203538333937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.41.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         27:1b:06:5f:75:ac:eb:91:72:8e:d0:72:9c:be:39:26:d6:43:
         9a:94:38:9b:02:7b:c4:22:e9:d7:b7:81:af:47:c2:ea:03:96:
         99:ae:b6:b2:5d:cc:2c:58:db:1c:fd:87:cc:cd:49:78:58:58:
         e4:82:89:b8:ce:b6:02:a9:48:c1:bb:18:80:c4:47:6e:ee:89:
         6f:55:a3:a4:f3:83:6e:02:cf:8b:99:ff:75:b1:7c:a4:09:8e:
         49:29:d5:5a:ac:d1:b3:8a:34:20:d5:13:44:c4:ac:fc:4e:c4:
         2d:9a:25:18:ce:d4:b8:84:c6:bf:f7:25:4a:2a:2d:3e:af:ed:
         6b:e3:1a:c5:0d:38:5f:0d:93:13:be:16:b0:f5:1d:6c:3a:8d:
         ce:d5:1d:68:9f:1e:4f:fe:d6:58:9d:f2:f3:66:18:c3:1a:bc:
         c9:e1:4d:6a:69:25:64:73:1a:fd:c6:fd:4e:3a:35:55:6c:c5:
         02:82:db:87:a2:0b:bc:65:bc:20:06:ee:71:22:5c:91:13:da:
         db:cb:5b:a3:07:18:8b:3b:2c:af:91:b8:85:c2:7e:61:55:d5:
         d7:74:68:7a:ae:4a:a7:b1:e7:99:72:94:49:c5:9d:a3:57:cd:
         d4:61:02:7e:9f:9d:f3:a9:af:95:7c:77:b1:0b:48:b3:8c:74:
         71:18:75:0d
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUSi19S/KoOLDm1OV+ZcUbggdCNKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDk4QjQ2Qjc4OTM2MUQyQUFBNEU1Q0Y5QjJBODFFMjIz
OTI1QTg5RjAeFw0yMzA3MzEwMDAzMzBaFw0yNDA3MjkwMDA4MzBaMDMxMTAvBgNV
BAMTKDkyNzU3NThBNkJFNDgzOTMxNUVFN0RFQTMyODZCQUE0NzYyNTc3MzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEI9DUea0YuMMKT0zoNkYw9eyq
RDlND5E5jRn5E5xWMZdUEMN2yMrjDZ4MPbSdFHgQqaCgmd59JNk+Ok3S3QZSH6I3
ejD1jrs5ls09xItgSIqBriml3G0Btgm5d/d901eiGVcg7zQblErHhpm4vcplllTX
l/ULwi4JPzZA4IR4MyEo7pch3YS+IcugxZjyyIvr8Ciivbn7Bc9fzdpB0PLy0B5d
fkMzQwA8kE4oIgYuRHzCibBqRvXn3OZwB43+nUjEe0oxZ/G6HelI4djuzuuUWsd2
dwcB/pj8CDtxW2Xn3BpP1iQtVPxJres8+Vo12oV+WBqzBm78xpQBn7d/mwTNAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUknV1imvkg5MV7n3qMoa6pHYldzIwHwYDVR0j
BBgwFoAUSYtGt4k2HSqqTlz5sqgeIjklqJ8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
MTkxNjZhMS0xOGNkLTQ0ZDMtYTZlMC0yZWY4MmY3NjBkMjgvMC80OThCNDZCNzg5
MzYxRDJBQUE0RTVDRjlCMkE4MUUyMjM5MjVBODlGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDk4QjQ2Qjc4OTM2MUQyQUFBNEU1Q0Y5QjJBODFFMjIzOTI1
QTg5Ri5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzUxOTE2NmExLTE4Y2QtNDRkMy1h
NmUwLTJlZjgyZjc2MGQyOC8wLzMxMzAzMzJlMzQzMTJlMzEzOTMyMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzUzODMzMzkzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAmcpwDANBgkqhkiG
9w0BAQsFAAOCAQEAJxsGX3Ws65FyjtBynL45JtZDmpQ4mwJ7xCLp17eBr0fC6gOW
ma62sl3MLFjbHP2HzM1JeFhY5IKJuM62AqlIwbsYgMRHbu6Jb1WjpPODbgLPi5n/
dbF8pAmOSSnVWqzRs4o0INUTRMSs/E7ELZolGM7UuITGv/clSiotPq/ta+MaxQ04
Xw2TE74WsPUdbDqNztUdaJ8eT/7WWJ3y82YYwxq8yeFNamklZHMa/cb9Tjo1VWzF
AoLbh6ILvGW8IAbucSJckRPa28tbowcYizssr5G4hcJ+YVXV13Roeq5Kp7HnmXKU
ScWdo1fN1GECfp+d86mvlXx3sQtIs4x0cRh1DQ==
-----END CERTIFICATE-----
Generated at Thu Mar 28 04:07:58 2024 by rpki-client on console-ams.rpki-client.org