Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/53b146a2-7715-459f-8244-8b32a364663c/0/3130332e3132312e3134392e302f32342d3234203d3e203538333639.roa
File:                     3130332e3132312e3134392e302f32342d3234203d3e203538333639.roa (raw, json)
Hash identifier:          UBQ3ZTn+O757yRYtqshWqgG4yQ97nheZQKJ1HN9DWrM=
Subject key identifier:   13:A1:2C:F2:FB:9D:5C:E7:E0:21:42:0E:3B:D6:F7:A7:6B:ED:7B:17
Certificate issuer:       /CN=98F94938EA9072872BE06639F79DC61C000F849C
Certificate serial:       36BF6E52BC35CC0DCC9184F83734F10B57443A02
Authority key identifier: 98:F9:49:38:EA:90:72:87:2B:E0:66:39:F7:9D:C6:1C:00:0F:84:9C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/98F94938EA9072872BE06639F79DC61C000F849C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/53b146a2-7715-459f-8244-8b32a364663c/0/3130332e3132312e3134392e302f32342d3234203d3e203538333639.roa
Signing time:             Mon 31 Jul 2023 00:05:33 +0000
ROA not before:           Mon 31 Jul 2023 00:00:33 +0000
ROA not after:            Mon 29 Jul 2024 00:05:33 +0000
asID:                     58369
IP address blocks:        103.121.149.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/53b146a2-7715-459f-8244-8b32a364663c/0/98F94938EA9072872BE06639F79DC61C000F849C.crl
                          rsync://repo-rpki.idnic.net/repo/53b146a2-7715-459f-8244-8b32a364663c/0/98F94938EA9072872BE06639F79DC61C000F849C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/98F94938EA9072872BE06639F79DC61C000F849C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 03:01:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:bf:6e:52:bc:35:cc:0d:cc:91:84:f8:37:34:f1:0b:57:44:3a:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=98F94938EA9072872BE06639F79DC61C000F849C
        Validity
            Not Before: Jul 31 00:00:33 2023 GMT
            Not After : Jul 29 00:05:33 2024 GMT
        Subject: CN=13A12CF2FB9D5CE7E021420E3BD6F7A76BED7B17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:29:2d:6d:a3:4b:c3:2a:1f:4b:7a:6c:84:f0:
                    1d:88:3c:bb:54:e7:01:c1:3d:5f:53:af:0f:0e:b0:
                    18:08:96:f7:28:b4:81:e3:70:db:3e:bb:e1:cb:bc:
                    fb:02:02:fa:eb:a3:30:5e:48:ce:69:f7:fc:d2:b5:
                    74:de:8a:14:c3:42:88:ae:9b:a8:39:fb:29:90:d5:
                    e9:5d:a8:9e:37:83:f0:64:5d:3f:29:16:e6:48:49:
                    7a:a7:d0:b1:9f:a2:90:be:2f:24:c4:c0:57:ca:ee:
                    2c:3a:14:56:9e:28:b9:71:c1:79:8f:72:e3:40:4d:
                    1e:61:3a:f5:a3:2d:6b:3c:e9:37:30:48:c0:c4:89:
                    bc:e1:f8:78:3d:34:83:61:04:03:f7:cf:11:35:83:
                    07:4e:a1:0a:15:66:b2:b2:d2:0a:4d:e6:6f:1a:e9:
                    57:d1:6f:04:c0:9f:06:31:70:42:59:ec:6c:3e:d4:
                    1b:8c:10:4e:a0:f6:ad:dd:1c:44:01:21:5f:f9:e3:
                    66:c9:de:4b:0a:71:2f:02:a9:1f:2a:5c:5e:b2:6b:
                    4e:2a:92:bf:1d:45:bb:6f:fb:2c:28:d6:3e:58:96:
                    ec:3d:62:14:b5:54:55:b9:e5:40:a8:7d:3c:99:39:
                    0a:c8:ec:3b:2c:08:ff:a7:3e:2d:10:f9:b2:85:c9:
                    19:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                13:A1:2C:F2:FB:9D:5C:E7:E0:21:42:0E:3B:D6:F7:A7:6B:ED:7B:17
            X509v3 Authority Key Identifier:
                keyid:98:F9:49:38:EA:90:72:87:2B:E0:66:39:F7:9D:C6:1C:00:0F:84:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/53b146a2-7715-459f-8244-8b32a364663c/0/98F94938EA9072872BE06639F79DC61C000F849C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/98F94938EA9072872BE06639F79DC61C000F849C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/53b146a2-7715-459f-8244-8b32a364663c/0/3130332e3132312e3134392e302f32342d3234203d3e203538333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.121.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:6d:71:f8:93:90:a7:ef:8b:0d:7a:59:78:54:26:19:14:78:
         17:75:0d:7e:b4:a5:f2:66:af:40:a1:31:d4:d7:db:84:56:af:
         32:2d:37:2c:85:74:b2:8a:0b:1e:af:f7:19:f3:60:69:af:cc:
         d6:0a:a5:93:a1:8b:47:3e:0e:3f:d1:8d:81:ae:bc:31:66:66:
         4a:0e:1f:f0:01:de:d7:7f:92:61:f6:51:b8:6f:e0:7c:1f:50:
         26:43:74:0a:5e:b8:02:b1:5a:b0:16:e3:e2:ea:96:ee:3b:e1:
         8d:6d:ca:a3:b7:91:3c:d8:ad:67:e9:9f:29:10:7a:cc:79:b5:
         58:78:3c:fe:83:cb:bb:36:76:2b:f7:82:a1:2d:c6:8f:84:4b:
         39:07:ae:5b:20:91:3f:70:35:4b:21:f1:ae:f3:1b:27:ea:80:
         9d:8a:13:bd:b4:fc:24:40:9c:b7:a3:39:c9:c4:4c:06:61:3f:
         6b:41:57:27:02:07:a8:4a:6c:82:cb:6c:e4:f6:f9:55:99:0c:
         1c:d3:0d:78:19:73:a1:13:ab:50:14:13:ef:5b:6c:e2:18:c0:
         08:70:4f:17:e7:51:e1:4e:8f:62:9e:04:3d:25:85:58:03:c8:
         3c:3a:fb:9b:3c:ed:2f:46:af:90:6e:c7:f6:3e:73:d5:36:b9:
         2b:0c:af:18
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUNr9uUrw1zA3MkYT4NzTxC1dEOgIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOThGOTQ5MzhFQTkwNzI4NzJCRTA2NjM5Rjc5REM2MUMw
MDBGODQ5QzAeFw0yMzA3MzEwMDAwMzNaFw0yNDA3MjkwMDA1MzNaMDMxMTAvBgNV
BAMTKDEzQTEyQ0YyRkI5RDVDRTdFMDIxNDIwRTNCRDZGN0E3NkJFRDdCMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8KS1to0vDKh9LemyE8B2IPLtU
5wHBPV9Trw8OsBgIlvcotIHjcNs+u+HLvPsCAvrrozBeSM5p9/zStXTeihTDQoiu
m6g5+ymQ1eldqJ43g/BkXT8pFuZISXqn0LGfopC+LyTEwFfK7iw6FFaeKLlxwXmP
cuNATR5hOvWjLWs86TcwSMDEibzh+Hg9NINhBAP3zxE1gwdOoQoVZrKy0gpN5m8a
6VfRbwTAnwYxcEJZ7Gw+1BuMEE6g9q3dHEQBIV/542bJ3ksKcS8CqR8qXF6ya04q
kr8dRbtv+ywo1j5Yluw9YhS1VFW55UCofTyZOQrI7DssCP+nPi0Q+bKFyRmzAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUE6Es8vudXOfgIUIOO9b3p2vtexcwHwYDVR0j
BBgwFoAUmPlJOOqQcocr4GY5953GHAAPhJwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
M2IxNDZhMi03NzE1LTQ1OWYtODI0NC04YjMyYTM2NDY2M2MvMC85OEY5NDkzOEVB
OTA3Mjg3MkJFMDY2MzlGNzlEQzYxQzAwMEY4NDlDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOThGOTQ5MzhFQTkwNzI4NzJCRTA2NjM5Rjc5REM2MUMwMDBG
ODQ5Qy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzUzYjE0NmEyLTc3MTUtNDU5Zi04
MjQ0LThiMzJhMzY0NjYzYy8wLzMxMzAzMzJlMzEzMjMxMmUzMTM0MzkyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNTM4MzMzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3mVMA0GCSqG
SIb3DQEBCwUAA4IBAQAWbXH4k5Cn74sNell4VCYZFHgXdQ1+tKXyZq9AoTHU19uE
Vq8yLTcshXSyigser/cZ82Bpr8zWCqWToYtHPg4/0Y2BrrwxZmZKDh/wAd7Xf5Jh
9lG4b+B8H1AmQ3QKXrgCsVqwFuPi6pbuO+GNbcqjt5E82K1n6Z8pEHrMebVYeDz+
g8u7NnYr94KhLcaPhEs5B65bIJE/cDVLIfGu8xsn6oCdihO9tPwkQJy3oznJxEwG
YT9rQVcnAgeoSmyCy2zk9vlVmQwc0w14GXOhE6tQFBPvW2ziGMAIcE8X51HhTo9i
ngQ9JYVYA8g8OvubPO0vRq+Qbsf2PnPVNrkrDK8Y
-----END CERTIFICATE-----
Generated at Thu Mar 28 05:42:48 2024 by rpki-client on console-ams.rpki-client.org