Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e35352e3133392e302f32342d3234203d3e20313333383237.roa
File:                     3130332e35352e3133392e302f32342d3234203d3e20313333383237.roa (raw, json)
Hash identifier:          N/0CCQrtIs9cyRDUl+96RgRPDuTdz3s/U/LFC7Cnp7A=
Subject key identifier:   1A:92:4B:35:6E:F5:2B:05:0D:54:DD:DE:A2:2C:59:AC:04:AB:1A:3E
Certificate issuer:       /CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
Certificate serial:       0D17E279F2551F49376A2EDB15C64764F171D39D
Authority key identifier: 0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e35352e3133392e302f32342d3234203d3e20313333383237.roa
Signing time:             Thu 07 Sep 2023 03:47:22 +0000
ROA not before:           Thu 07 Sep 2023 03:42:22 +0000
ROA not after:            Thu 05 Sep 2024 03:47:22 +0000
asID:                     133827
IP address blocks:        103.55.139.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl
                          rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 08:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:17:e2:79:f2:55:1f:49:37:6a:2e:db:15:c6:47:64:f1:71:d3:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0CE6A79D53D829F2A55623676E8D2A9A569F836F
        Validity
            Not Before: Sep  7 03:42:22 2023 GMT
            Not After : Sep  5 03:47:22 2024 GMT
        Subject: CN=1A924B356EF52B050D54DDDEA22C59AC04AB1A3E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:30:d2:d7:db:ca:12:64:5d:92:b4:2f:84:6e:
                    3a:96:1d:b8:bd:fa:e2:42:78:30:ed:d9:70:de:13:
                    81:a4:a7:e4:82:f4:b9:a7:45:12:12:dd:b2:4e:72:
                    83:45:ba:8c:24:ec:f8:21:b5:07:29:0c:9e:eb:5c:
                    09:5e:84:bd:68:1e:a4:f6:27:8e:9e:af:f9:b6:45:
                    92:83:31:7a:21:f2:3b:71:05:1a:9b:cd:09:ea:4d:
                    85:2e:8b:20:05:1f:b8:89:4f:07:8b:32:75:26:9d:
                    7e:b5:85:0b:f4:5f:68:2e:8f:5b:4d:56:9b:d3:ae:
                    33:93:cb:fb:79:33:5b:98:a9:fc:58:17:f8:ae:3b:
                    de:b6:fa:a2:cd:5e:00:9b:22:1e:36:0a:a1:83:41:
                    50:58:d0:0e:0c:00:37:3d:5d:b2:db:09:a4:cf:2f:
                    07:ac:5e:4a:a4:70:cf:d7:ba:8f:c3:8a:d0:5d:de:
                    3b:08:b6:19:26:1d:be:24:cd:af:2f:34:49:a1:eb:
                    10:0d:e1:38:01:67:b1:06:ce:62:b4:07:2e:78:8c:
                    76:fb:82:d1:10:1d:8e:77:2e:8c:5d:8d:08:e3:6f:
                    25:21:0e:f8:11:e6:8e:81:90:83:1b:64:f6:d3:d5:
                    5b:09:5a:32:81:2d:7a:12:f4:27:ae:ac:c1:85:d7:
                    96:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:92:4B:35:6E:F5:2B:05:0D:54:DD:DE:A2:2C:59:AC:04:AB:1A:3E
            X509v3 Authority Key Identifier:
                keyid:0C:E6:A7:9D:53:D8:29:F2:A5:56:23:67:6E:8D:2A:9A:56:9F:83:6F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/0CE6A79D53D829F2A55623676E8D2A9A569F836F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0CE6A79D53D829F2A55623676E8D2A9A569F836F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5a990125-609a-48c8-ac86-1c3bc315bad6/0/3130332e35352e3133392e302f32342d3234203d3e20313333383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.55.139.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ad:0e:f8:e0:8e:01:2b:79:00:13:7f:5b:e1:a9:d7:e2:30:37:
         ab:e0:11:1b:8e:10:6c:02:85:d9:aa:df:e9:5d:bc:08:2a:29:
         e3:71:1c:99:e8:43:86:79:0c:6a:ae:53:93:3e:56:d6:25:3e:
         01:37:d0:7b:5d:d6:0b:69:a1:8e:1f:99:f2:f1:88:68:a7:b5:
         fc:3b:80:f9:8f:5f:4a:79:47:1f:7c:2a:12:d2:2f:95:30:76:
         0b:d2:8b:e3:69:85:71:07:a7:9e:7b:5b:bc:cc:13:b1:77:b3:
         e6:e9:e0:20:0f:2a:5d:80:85:d5:ea:7f:09:c0:ab:ed:a0:9a:
         c9:3c:8c:c2:76:40:4a:5f:07:7b:40:be:28:53:e1:3d:b3:09:
         03:6d:2d:58:ad:b3:36:5e:39:fc:c7:76:eb:09:89:e4:0b:97:
         20:c0:3f:a5:3f:50:8f:b7:41:59:91:27:db:67:c3:31:ce:24:
         08:b6:67:11:af:cc:1f:be:49:e0:00:0a:6f:31:da:5f:a7:86:
         c0:f4:33:ef:c9:bb:b5:7b:a8:35:66:6e:18:7b:02:96:cc:5c:
         78:4f:b7:b0:38:b6:86:ae:34:6e:ea:40:a1:4d:f4:82:00:d2:
         46:4a:fc:33:18:ae:65:2e:47:51:79:2f:c2:b5:01:ce:3b:e1:
         34:f4:fc:cb
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUDRfiefJVH0k3ai7bFcZHZPFx050wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1
NjlGODM2RjAeFw0yMzA5MDcwMzQyMjJaFw0yNDA5MDUwMzQ3MjJaMDMxMTAvBgNV
BAMTKDFBOTI0QjM1NkVGNTJCMDUwRDU0RERERUEyMkM1OUFDMDRBQjFBM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgMNLX28oSZF2StC+EbjqWHbi9
+uJCeDDt2XDeE4Gkp+SC9LmnRRIS3bJOcoNFuowk7PghtQcpDJ7rXAlehL1oHqT2
J46er/m2RZKDMXoh8jtxBRqbzQnqTYUuiyAFH7iJTweLMnUmnX61hQv0X2guj1tN
VpvTrjOTy/t5M1uYqfxYF/iuO962+qLNXgCbIh42CqGDQVBY0A4MADc9XbLbCaTP
LwesXkqkcM/Xuo/DitBd3jsIthkmHb4kza8vNEmh6xAN4TgBZ7EGzmK0By54jHb7
gtEQHY53LoxdjQjjbyUhDvgR5o6BkIMbZPbT1VsJWjKBLXoS9CeurMGF15YbAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUGpJLNW71KwUNVN3eoixZrASrGj4wHwYDVR0j
BBgwFoAUDOannVPYKfKlViNnbo0qmlafg28wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YTk5MDEyNS02MDlhLTQ4YzgtYWM4Ni0xYzNiYzMxNWJhZDYvMC8wQ0U2QTc5RDUz
RDgyOUYyQTU1NjIzNjc2RThEMkE5QTU2OUY4MzZGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMENFNkE3OUQ1M0Q4MjlGMkE1NTYyMzY3NkU4RDJBOUE1NjlG
ODM2Ri5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVhOTkwMTI1LTYwOWEtNDhjOC1h
Yzg2LTFjM2JjMzE1YmFkNi8wLzMxMzAzMzJlMzUzNTJlMzEzMzM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMzMzgzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZzeLMA0GCSqG
SIb3DQEBCwUAA4IBAQCtDvjgjgEreQATf1vhqdfiMDer4BEbjhBsAoXZqt/pXbwI
KinjcRyZ6EOGeQxqrlOTPlbWJT4BN9B7XdYLaaGOH5ny8Yhop7X8O4D5j19KeUcf
fCoS0i+VMHYL0ovjaYVxB6eee1u8zBOxd7Pm6eAgDypdgIXV6n8JwKvtoJrJPIzC
dkBKXwd7QL4oU+E9swkDbS1YrbM2Xjn8x3brCYnkC5cgwD+lP1CPt0FZkSfbZ8Mx
ziQItmcRr8wfvkngAApvMdpfp4bA9DPvybu1e6g1Zm4YewKWzFx4T7ewOLaGrjRu
6kChTfSCANJGSvwzGK5lLkdReS/CtQHOO+E09PzL
-----END CERTIFICATE-----
Generated at Sat Jun 15 10:17:16 2024 by rpki-client on console-fra.rpki-client.org