Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/3130332e3130302e3138302e302f32342d3234203d3e20313336383430.roa
File:                     3130332e3130302e3138302e302f32342d3234203d3e20313336383430.roa (raw, json)
Hash identifier:          Bmp6uDaGfxU7uEKi3hxe743VCuq9y3H1SvKNvKTFhPI=
Subject key identifier:   34:1D:9E:93:13:61:33:B9:76:93:B4:79:9B:23:F7:9E:6B:ED:A2:1E
Certificate issuer:       /CN=F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3
Certificate serial:       5D18D90154458F37A53B0209541D55B88DEED528
Authority key identifier: F3:F9:AB:30:AC:2C:50:B3:ED:F7:C9:1C:45:31:CC:9A:EE:9C:9D:A3
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/3130332e3130302e3138302e302f32342d3234203d3e20313336383430.roa
Signing time:             Mon 31 Jul 2023 00:09:44 +0000
ROA not before:           Mon 31 Jul 2023 00:04:44 +0000
ROA not after:            Mon 29 Jul 2024 00:09:44 +0000
asID:                     136840
IP address blocks:        103.100.180.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.crl
                          rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:18:d9:01:54:45:8f:37:a5:3b:02:09:54:1d:55:b8:8d:ee:d5:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3
        Validity
            Not Before: Jul 31 00:04:44 2023 GMT
            Not After : Jul 29 00:09:44 2024 GMT
        Subject: CN=341D9E93136133B97693B4799B23F79E6BEDA21E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:f2:4b:90:f2:90:0f:fb:c2:e6:ab:5d:70:be:
                    ea:6f:5d:3b:71:b4:79:49:8e:9d:a3:42:24:d4:df:
                    c6:85:ea:55:5a:5a:8e:a5:bf:56:0f:69:9b:c3:da:
                    6e:a2:64:91:62:4d:d7:e8:cb:81:ed:08:93:b8:90:
                    a3:bb:42:f5:17:16:f5:ae:78:6d:6c:df:de:d6:6a:
                    5c:ac:ff:cb:1e:16:ca:83:fe:2e:ac:70:42:b2:4e:
                    ff:ea:91:b5:a1:cb:3d:68:ec:95:76:7d:86:60:dd:
                    a3:5a:8b:c6:6f:aa:03:3e:bf:aa:a5:f8:5b:ed:1e:
                    e7:81:2c:fc:db:60:fe:95:25:dc:d4:df:2e:d1:7c:
                    4f:43:58:ff:bd:7a:c6:a0:2f:38:36:01:dd:d2:0e:
                    de:99:54:4a:5e:8b:05:d0:0f:9f:bc:03:f4:d3:21:
                    fe:41:5e:1f:f5:dd:9d:a8:ae:cf:58:cd:b4:4e:66:
                    b6:77:1e:f7:50:05:45:ca:43:35:4e:a9:12:30:3e:
                    57:4c:49:81:21:ef:9b:96:51:d0:6e:ec:11:80:e9:
                    7a:4c:a6:96:59:98:00:55:a5:71:a2:f0:a4:80:b5:
                    b2:28:0f:48:ca:50:4d:a0:12:1c:be:d7:50:e0:c2:
                    fa:94:53:9b:e7:5c:0f:7c:51:a7:31:93:3b:d2:8e:
                    ed:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:1D:9E:93:13:61:33:B9:76:93:B4:79:9B:23:F7:9E:6B:ED:A2:1E
            X509v3 Authority Key Identifier:
                keyid:F3:F9:AB:30:AC:2C:50:B3:ED:F7:C9:1C:45:31:CC:9A:EE:9C:9D:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F3F9AB30AC2C50B3EDF7C91C4531CC9AEE9C9DA3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5ef08900-f2c6-4d07-b694-d188baa3b8f2/0/3130332e3130302e3138302e302f32342d3234203d3e20313336383430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.100.180.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0e:4f:5e:c6:d3:b6:bd:89:46:fe:21:cf:cb:34:d5:19:6f:c2:
         88:8d:88:63:45:01:43:f6:f7:a9:62:f6:4d:af:29:61:8a:f8:
         98:e8:1a:e1:76:2d:e6:f7:12:f3:c7:9a:88:e2:68:d3:65:ed:
         84:ac:4c:a4:f1:c9:ef:e2:d2:5f:64:1b:ce:ac:4d:39:64:e3:
         28:99:f2:61:17:25:a7:e4:a1:c3:ad:b3:e0:76:6c:aa:83:47:
         3e:f4:45:56:6d:a5:99:da:11:f4:0b:03:40:f9:af:87:a1:17:
         71:ed:4a:d9:ea:b4:fd:b7:c9:6d:c8:b5:ba:94:76:17:b8:69:
         25:9b:85:12:68:e1:fb:9a:53:fa:e2:72:ac:6e:07:ce:b1:4d:
         65:e8:1f:1f:49:42:2a:c0:f4:7e:9d:87:da:7f:3e:9c:aa:3f:
         e4:60:5b:2e:d3:44:85:e1:d5:00:ec:b2:11:c3:34:92:62:72:
         00:2d:74:40:22:17:43:4a:12:f0:ff:bd:6d:b8:42:1d:24:e6:
         aa:53:87:e1:d9:33:41:96:b0:a0:8e:88:78:a4:10:1e:7e:f9:
         e4:ff:3b:3f:47:d0:2e:9a:65:90:24:ea:ab:af:48:12:0a:cb:
         8d:05:fb:49:bd:47:4d:f6:c5:97:0c:a6:46:c6:9c:63:dc:74:
         de:2c:aa:3d
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUXRjZAVRFjzelOwIJVB1VuI3u1SgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjNGOUFCMzBBQzJDNTBCM0VERjdDOTFDNDUzMUNDOUFF
RTlDOURBMzAeFw0yMzA3MzEwMDA0NDRaFw0yNDA3MjkwMDA5NDRaMDMxMTAvBgNV
BAMTKDM0MUQ5RTkzMTM2MTMzQjk3NjkzQjQ3OTlCMjNGNzlFNkJFREEyMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe8kuQ8pAP+8Lmq11wvupvXTtx
tHlJjp2jQiTU38aF6lVaWo6lv1YPaZvD2m6iZJFiTdfoy4HtCJO4kKO7QvUXFvWu
eG1s397Walys/8seFsqD/i6scEKyTv/qkbWhyz1o7JV2fYZg3aNai8ZvqgM+v6ql
+FvtHueBLPzbYP6VJdzU3y7RfE9DWP+9esagLzg2Ad3SDt6ZVEpeiwXQD5+8A/TT
If5BXh/13Z2ors9YzbROZrZ3HvdQBUXKQzVOqRIwPldMSYEh75uWUdBu7BGA6XpM
ppZZmABVpXGi8KSAtbIoD0jKUE2gEhy+11DgwvqUU5vnXA98UacxkzvSju3pAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUNB2ekxNhM7l2k7R5myP3nmvtoh4wHwYDVR0j
BBgwFoAU8/mrMKwsULPt98kcRTHMmu6cnaMwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
ZWYwODkwMC1mMmM2LTRkMDctYjY5NC1kMTg4YmFhM2I4ZjIvMC9GM0Y5QUIzMEFD
MkM1MEIzRURGN0M5MUM0NTMxQ0M5QUVFOUM5REEzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjNGOUFCMzBBQzJDNTBCM0VERjdDOTFDNDUzMUNDOUFFRTlD
OURBMy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVlZjA4OTAwLWYyYzYtNGQwNy1i
Njk0LWQxODhiYWEzYjhmMi8wLzMxMzAzMzJlMzEzMDMwMmUzMTM4MzAyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzODM0MzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnZLQwDQYJ
KoZIhvcNAQELBQADggEBAA5PXsbTtr2JRv4hz8s01RlvwoiNiGNFAUP296li9k2v
KWGK+JjoGuF2Leb3EvPHmojiaNNl7YSsTKTxye/i0l9kG86sTTlk4yiZ8mEXJafk
ocOts+B2bKqDRz70RVZtpZnaEfQLA0D5r4ehF3HtStnqtP23yW3ItbqUdhe4aSWb
hRJo4fuaU/ricqxuB86xTWXoHx9JQirA9H6dh9p/PpyqP+RgWy7TRIXh1QDsshHD
NJJicgAtdEAiF0NKEvD/vW24Qh0k5qpTh+HZM0GWsKCOiHikEB5++eT/Oz9H0C6a
ZZAk6quvSBIKy40F+0m9R032xZcMpkbGnGPcdN4sqj0=
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:52:59 2024 by rpki-client on console-ams.rpki-client.org