Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e3232302e3131332e302f32342d3234203d3e20313333383237.roa
File:                     3130332e3232302e3131332e302f32342d3234203d3e20313333383237.roa (raw, json)
Hash identifier:          tF4gWzTFjz3gQ4A8VqOnZPaz7mLGb5Yk4LVsu0mMs8I=
Subject key identifier:   27:7B:B5:20:F5:A7:C3:6E:5E:81:01:A4:2B:3B:25:E7:9F:2A:C4:BC
Certificate issuer:       /CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
Certificate serial:       346FB34B26AB1826D2877D6AFDB8B1BD8F1FED2B
Authority key identifier: 0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e3232302e3131332e302f32342d3234203d3e20313333383237.roa
Signing time:             Thu 07 Sep 2023 03:46:56 +0000
ROA not before:           Thu 07 Sep 2023 03:41:56 +0000
ROA not after:            Thu 05 Sep 2024 03:46:56 +0000
asID:                     133827
IP address blocks:        103.220.113.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl
                          rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 08:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:6f:b3:4b:26:ab:18:26:d2:87:7d:6a:fd:b8:b1:bd:8f:1f:ed:2b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
        Validity
            Not Before: Sep  7 03:41:56 2023 GMT
            Not After : Sep  5 03:46:56 2024 GMT
        Subject: CN=277BB520F5A7C36E5E8101A42B3B25E79F2AC4BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:05:af:36:a7:2b:4b:aa:94:18:b1:d5:77:0d:
                    8b:31:76:e8:e0:4b:4c:e5:3c:1d:98:94:19:89:bf:
                    6f:28:96:7c:df:17:8e:06:32:56:a4:cf:75:67:ac:
                    09:f9:2e:a2:ab:2b:70:aa:b6:a4:69:e2:48:55:49:
                    e5:e4:ef:1a:ed:f1:f8:45:08:ff:b9:e5:ef:f6:7c:
                    e6:d9:bd:67:28:55:30:4a:a8:e3:3d:8a:74:d5:91:
                    1c:7f:0c:e5:4e:19:81:c5:6b:63:74:8d:21:ef:28:
                    54:b8:41:ff:f6:a0:3d:02:93:27:66:c4:45:b3:34:
                    4b:1b:fa:f2:b2:df:06:48:04:d7:8c:1d:55:b0:dd:
                    59:66:18:c0:ec:8f:37:f4:60:73:70:54:c2:37:05:
                    c4:3d:39:43:89:bd:20:11:71:00:12:93:f7:2b:4c:
                    69:ef:44:dc:ca:11:7c:2d:cf:64:4f:b6:96:22:27:
                    fe:7d:f6:91:a7:ba:86:67:24:17:05:82:1f:e0:8e:
                    13:52:5f:94:00:58:27:e2:de:da:3d:f2:23:d1:d6:
                    48:d5:71:36:ec:82:79:c3:84:52:f5:bb:1d:6c:ab:
                    46:fa:36:a5:44:6c:f6:ed:aa:9f:f1:f6:5b:0c:62:
                    cc:7e:c8:74:96:c0:21:11:98:4d:e7:34:b7:6b:cf:
                    ce:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:7B:B5:20:F5:A7:C3:6E:5E:81:01:A4:2B:3B:25:E7:9F:2A:C4:BC
            X509v3 Authority Key Identifier:
                keyid:0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e3232302e3131332e302f32342d3234203d3e20313333383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.220.113.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:1b:5c:9c:6d:e6:27:6b:bb:cc:9e:51:ae:38:11:9b:bc:06:
         51:b6:f8:e7:15:75:ff:ee:e3:5f:69:23:81:80:02:5d:bb:4e:
         c5:d2:10:27:0d:78:3d:77:e9:ad:ce:5b:6c:6a:72:f5:26:a4:
         d9:47:d8:ef:b8:28:1f:ab:9b:49:0e:74:40:3f:17:4a:31:c4:
         ba:68:f8:41:5b:42:28:9c:d5:79:25:02:d4:b7:e3:ad:7d:7e:
         59:a1:19:0d:70:83:a0:66:00:95:cc:5f:bc:17:df:bc:52:01:
         73:b4:e1:83:17:e4:d7:c5:e9:36:0c:5b:db:f2:28:7f:df:20:
         16:71:da:9b:a7:22:80:fd:e6:02:d8:b6:45:f7:43:c0:a0:e4:
         70:cb:69:cc:36:62:a2:37:a7:16:c9:ae:51:9c:a1:0c:05:df:
         0a:17:26:ef:bb:6c:70:fe:f9:fb:5d:d2:ee:20:57:b3:0d:e5:
         84:a0:5b:84:3f:3e:6e:48:fd:0c:29:d7:b5:c3:31:e5:09:84:
         6f:63:17:61:ea:4c:e8:cb:3e:80:5a:73:9f:fa:3c:83:fc:25:
         8e:69:48:80:b9:14:5f:cc:fd:c9:0f:9a:d2:39:70:c8:d7:0f:
         10:35:b7:e4:4b:e2:bf:d8:27:6a:5d:ab:72:44:38:e5:3d:27:
         3b:82:85:62
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUNG+zSyarGCbSh31q/bixvY8f7SswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1
NjlGODM2RjAeFw0yMzA5MDcwMzQxNTZaFw0yNDA5MDUwMzQ2NTZaMDMxMTAvBgNV
BAMTKDI3N0JCNTIwRjVBN0MzNkU1RTgxMDFBNDJCM0IyNUU3OUYyQUM0QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Ba82pytLqpQYsdV3DYsxdujg
S0zlPB2YlBmJv28olnzfF44GMlakz3VnrAn5LqKrK3CqtqRp4khVSeXk7xrt8fhF
CP+55e/2fObZvWcoVTBKqOM9inTVkRx/DOVOGYHFa2N0jSHvKFS4Qf/2oD0Ckydm
xEWzNEsb+vKy3wZIBNeMHVWw3VlmGMDsjzf0YHNwVMI3BcQ9OUOJvSARcQASk/cr
TGnvRNzKEXwtz2RPtpYiJ/599pGnuoZnJBcFgh/gjhNSX5QAWCfi3to98iPR1kjV
cTbsgnnDhFL1ux1sq0b6NqVEbPbtqp/x9lsMYsx+yHSWwCERmE3nNLdrz85NAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUJ3u1IPWnw25egQGkKzsl558qxLwwHwYDVR0j
BBgwFoAUDOannVPYKfKlViNnbo0qmlafg28wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YTk5MDEyNS02MDlhLTQ4YzgtYWM4Ni0xYzNiYzMxNWJhZDYvMC8wQ0U2QTc5RDUz
RDgyOUYyQTU1NjIzNjc2RThEMkE5QTU2OUY4MzZGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1NjlG
ODM2Ri5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhOTkwMTI1LTYwOWEtNDhjOC1h
Yzg2LTFjM2JjMzE1YmFkNi8wLzMxMzAzMzJlMzIzMjMwMmUzMTMxMzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzMzODMyMzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn3HEwDQYJ
KoZIhvcNAQELBQADggEBAJ0bXJxt5idru8yeUa44EZu8BlG2+OcVdf/u419pI4GA
Al27TsXSECcNeD136a3OW2xqcvUmpNlH2O+4KB+rm0kOdEA/F0oxxLpo+EFbQiic
1XklAtS34619flmhGQ1wg6BmAJXMX7wX37xSAXO04YMX5NfF6TYMW9vyKH/fIBZx
2punIoD95gLYtkX3Q8Cg5HDLacw2YqI3pxbJrlGcoQwF3woXJu+7bHD++ftd0u4g
V7MN5YSgW4Q/Pm5I/Qwp17XDMeUJhG9jF2HqTOjLPoBac5/6PIP8JY5pSIC5FF/M
/ckPmtI5cMjXDxA1t+RL4r/YJ2pdq3JEOOU9JzuChWI=
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:26:42 2024 by rpki-client on console-ams.rpki-client.org