Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/3130332e3130352e35322e302f32322d3234203d3e20313336383733.roa
File:                     3130332e3130352e35322e302f32322d3234203d3e20313336383733.roa (raw, json)
Hash identifier:          U7R10SL2ksiYciPK6cnF09wrHd0fjIE9H3BgBXbOEWk=
Subject key identifier:   E6:E3:6D:67:D9:A0:E5:B7:95:EC:95:AA:DC:32:FB:3E:C1:10:5C:30
Certificate issuer:       /CN=69D341364BC344B4ED6B3A65031AACB403AB3222
Certificate serial:       6AAC3D94A87E921FC2849F75FC8D7387639ADD6F
Authority key identifier: 69:D3:41:36:4B:C3:44:B4:ED:6B:3A:65:03:1A:AC:B4:03:AB:32:22
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/69D341364BC344B4ED6B3A65031AACB403AB3222.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/3130332e3130352e35322e302f32322d3234203d3e20313336383733.roa
Signing time:             Mon 31 Jul 2023 00:08:37 +0000
ROA not before:           Mon 31 Jul 2023 00:03:37 +0000
ROA not after:            Mon 29 Jul 2024 00:08:37 +0000
asID:                     136873
IP address blocks:        103.105.52.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/69D341364BC344B4ED6B3A65031AACB403AB3222.crl
                          rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/69D341364BC344B4ED6B3A65031AACB403AB3222.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/69D341364BC344B4ED6B3A65031AACB403AB3222.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 19:44:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6a:ac:3d:94:a8:7e:92:1f:c2:84:9f:75:fc:8d:73:87:63:9a:dd:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=69D341364BC344B4ED6B3A65031AACB403AB3222
        Validity
            Not Before: Jul 31 00:03:37 2023 GMT
            Not After : Jul 29 00:08:37 2024 GMT
        Subject: CN=E6E36D67D9A0E5B795EC95AADC32FB3EC1105C30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:b0:de:c4:63:09:d2:9b:16:57:eb:e4:76:e2:
                    20:eb:ec:f6:57:b1:e1:78:10:40:4f:24:62:b3:f4:
                    06:a7:b9:7b:1e:2f:df:b3:fa:8b:de:ef:44:7c:5e:
                    98:49:b1:28:e8:ca:62:b8:ce:19:a1:76:91:56:26:
                    c0:cb:65:76:a4:23:8d:9d:7a:78:61:66:34:40:bb:
                    81:64:3e:60:46:5f:b5:b8:c0:f3:fc:17:16:11:6f:
                    06:01:5a:0c:4a:6c:ef:97:31:50:ce:b8:3a:27:38:
                    06:64:34:ee:5f:d8:26:33:ac:cc:cd:4f:37:f5:18:
                    a9:b5:da:c0:0a:95:c7:93:b2:e7:e9:48:89:d6:5d:
                    df:37:9f:9b:95:2c:b0:50:d3:e1:d0:55:fe:07:ca:
                    70:86:75:f2:48:78:dd:fa:5d:67:15:b2:6c:31:75:
                    ce:5e:14:98:8c:5d:35:e4:74:24:5d:ad:49:6d:a4:
                    45:79:bf:e1:7f:22:40:41:39:0d:8e:89:99:e2:35:
                    70:6b:17:05:60:9d:d2:25:52:b5:03:0a:c1:fc:8a:
                    f7:8a:e2:34:47:8a:a8:40:c7:a3:81:5b:11:a8:86:
                    fb:46:4c:ae:3e:dd:d2:a9:36:51:08:67:6d:5b:1f:
                    68:0c:e9:39:8c:04:10:08:61:1c:70:84:0e:0c:74:
                    77:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:E3:6D:67:D9:A0:E5:B7:95:EC:95:AA:DC:32:FB:3E:C1:10:5C:30
            X509v3 Authority Key Identifier:
                keyid:69:D3:41:36:4B:C3:44:B4:ED:6B:3A:65:03:1A:AC:B4:03:AB:32:22

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/69D341364BC344B4ED6B3A65031AACB403AB3222.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/69D341364BC344B4ED6B3A65031AACB403AB3222.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/657a6bcb-9eb6-49de-b998-0bed3c5c1278/0/3130332e3130352e35322e302f32322d3234203d3e20313336383733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.105.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:01:2b:c8:c7:94:b1:37:b2:80:f3:f3:dd:3f:44:2d:3d:f8:
         6b:6a:17:08:dc:9f:db:ef:1e:d7:47:04:1e:8e:e5:2a:a3:98:
         09:20:e3:9b:6a:b9:b0:d3:89:b8:5e:4c:95:5d:84:dc:ea:88:
         73:ff:18:06:ba:c1:7b:ec:58:ff:b2:c9:8c:e1:41:fd:fb:81:
         68:89:0c:52:6b:2d:6f:4f:46:74:21:30:fc:0e:a9:09:1f:d9:
         5e:f3:b7:f8:22:37:76:e8:33:45:ff:4b:04:d4:19:ec:ac:c8:
         69:61:f1:c2:47:f0:b2:d0:99:20:32:08:8a:ca:57:39:af:cf:
         9c:e0:19:a4:33:4d:57:5d:30:8f:b0:af:c2:da:16:cd:90:05:
         4b:89:1a:c7:40:dd:c0:ac:e3:f9:e6:24:ee:46:58:c1:10:fc:
         1d:99:ec:50:d9:c0:d4:d8:af:52:42:b4:6b:ed:cf:0a:bb:e8:
         4e:05:70:55:6f:9b:06:47:87:02:27:53:ee:f9:69:84:34:3c:
         94:64:8a:4f:7e:28:9a:71:a5:86:2c:3f:64:ff:b1:41:07:63:
         c4:5b:56:7f:21:19:4e:50:6d:1f:ee:65:1f:50:43:b7:23:62:
         67:b0:0b:fd:42:6f:25:fd:56:3c:50:11:3f:dc:8e:3a:29:08:
         f6:ac:bf:ae
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUaqw9lKh+kh/ChJ91/I1zh2Oa3W8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjlEMzQxMzY0QkMzNDRCNEVENkIzQTY1MDMxQUFDQjQw
M0FCMzIyMjAeFw0yMzA3MzEwMDAzMzdaFw0yNDA3MjkwMDA4MzdaMDMxMTAvBgNV
BAMTKEU2RTM2RDY3RDlBMEU1Qjc5NUVDOTVBQURDMzJGQjNFQzExMDVDMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDksN7EYwnSmxZX6+R24iDr7PZX
seF4EEBPJGKz9AanuXseL9+z+ove70R8XphJsSjoymK4zhmhdpFWJsDLZXakI42d
enhhZjRAu4FkPmBGX7W4wPP8FxYRbwYBWgxKbO+XMVDOuDonOAZkNO5f2CYzrMzN
Tzf1GKm12sAKlceTsufpSInWXd83n5uVLLBQ0+HQVf4HynCGdfJIeN36XWcVsmwx
dc5eFJiMXTXkdCRdrUltpEV5v+F/IkBBOQ2OiZniNXBrFwVgndIlUrUDCsH8iveK
4jRHiqhAx6OBWxGohvtGTK4+3dKpNlEIZ21bH2gM6TmMBBAIYRxwhA4MdHetAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU5uNtZ9mg5beV7JWq3DL7PsEQXDAwHwYDVR0j
BBgwFoAUadNBNkvDRLTtazplAxqstAOrMiIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
NTdhNmJjYi05ZWI2LTQ5ZGUtYjk5OC0wYmVkM2M1YzEyNzgvMC82OUQzNDEzNjRC
QzM0NEI0RUQ2QjNBNjUwMzFBQUNCNDAzQUIzMjIyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjlEMzQxMzY0QkMzNDRCNEVENkIzQTY1MDMxQUFDQjQwM0FC
MzIyMi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzY1N2E2YmNiLTllYjYtNDlkZS1i
OTk4LTBiZWQzYzVjMTI3OC8wLzMxMzAzMzJlMzEzMDM1MmUzNTMyMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzEzMzM2MzgzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZ2k0MA0GCSqG
SIb3DQEBCwUAA4IBAQAMASvIx5SxN7KA8/PdP0QtPfhrahcI3J/b7x7XRwQejuUq
o5gJIOObarmw04m4XkyVXYTc6ohz/xgGusF77Fj/ssmM4UH9+4FoiQxSay1vT0Z0
ITD8DqkJH9le87f4Ijd26DNF/0sE1BnsrMhpYfHCR/Cy0JkgMgiKylc5r8+c4Bmk
M01XXTCPsK/C2hbNkAVLiRrHQN3ArOP55iTuRljBEPwdmexQ2cDU2K9SQrRr7c8K
u+hOBXBVb5sGR4cCJ1Pu+WmENDyUZIpPfiiacaWGLD9k/7FBB2PEW1Z/IRlOUG0f
7mUfUEO3I2JnsAv9Qm8l/VY8UBE/3I46KQj2rL+u
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:54:32 2024 by rpki-client on console-fra.rpki-client.org