Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa
File:                     3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa (raw, json)
Hash identifier:          Yk4G03GQNoIZbipugEEDdD1uis4DOd7NkdJuPgusSGY=
Subject key identifier:   50:F4:1F:32:94:1C:26:13:8F:CE:84:7A:C5:CD:1B:3D:F6:E5:57:C3
Certificate issuer:       /CN=CB8106D827747D008C9DE9181B4EC6739C8EE800
Certificate serial:       7551B8449E4AF91DFDDCE637D4F0693F71BDF31A
Authority key identifier: CB:81:06:D8:27:74:7D:00:8C:9D:E9:18:1B:4E:C6:73:9C:8E:E8:00
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB8106D827747D008C9DE9181B4EC6739C8EE800.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa
Signing time:             Mon 31 Jul 2023 00:09:46 +0000
ROA not before:           Mon 31 Jul 2023 00:04:46 +0000
ROA not after:            Mon 29 Jul 2024 00:09:46 +0000
asID:                     131746
IP address blocks:        103.248.196.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/CB8106D827747D008C9DE9181B4EC6739C8EE800.crl
                          rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/CB8106D827747D008C9DE9181B4EC6739C8EE800.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB8106D827747D008C9DE9181B4EC6739C8EE800.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:51:b8:44:9e:4a:f9:1d:fd:dc:e6:37:d4:f0:69:3f:71:bd:f3:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CB8106D827747D008C9DE9181B4EC6739C8EE800
        Validity
            Not Before: Jul 31 00:04:46 2023 GMT
            Not After : Jul 29 00:09:46 2024 GMT
        Subject: CN=50F41F32941C26138FCE847AC5CD1B3DF6E557C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:24:66:3f:a3:55:b4:6d:bf:8c:a7:40:fb:ea:
                    d0:87:25:72:70:8d:4c:e1:01:cc:98:46:fc:c1:5b:
                    25:17:dd:7c:fc:c4:7b:1b:d6:1b:df:a2:e1:8b:9e:
                    af:15:92:5e:14:ea:ab:62:f4:94:c2:12:75:fd:6b:
                    63:b7:50:56:62:a6:48:78:4f:af:c4:de:00:92:16:
                    95:7d:4c:43:95:93:ed:e7:64:17:fe:44:75:c6:9a:
                    9e:36:16:af:f0:08:e9:22:ae:c2:79:59:29:27:da:
                    39:60:cd:00:1e:d4:20:21:3c:8c:33:1c:9e:36:81:
                    5d:e9:cb:be:c5:a2:0e:a7:48:3b:16:27:bb:03:fa:
                    ac:8d:d6:56:46:58:84:df:79:b0:1c:1f:51:4c:90:
                    1d:7d:51:2c:dd:97:b3:ad:7e:b0:06:b3:39:45:72:
                    e0:38:72:05:23:ea:7e:dd:9f:f5:d1:b2:1b:7b:78:
                    41:91:31:74:ca:f2:81:40:74:75:80:0f:d8:92:f8:
                    c6:e9:e8:36:ff:d3:52:07:53:cb:1e:7d:ab:74:a6:
                    07:93:f6:51:4e:59:93:84:08:10:8e:e8:82:d0:4c:
                    ba:cc:80:ff:a0:93:04:6e:97:1e:8a:6b:57:75:ae:
                    6f:0a:f5:60:60:ff:f5:5a:90:51:3b:08:53:a5:6c:
                    89:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:F4:1F:32:94:1C:26:13:8F:CE:84:7A:C5:CD:1B:3D:F6:E5:57:C3
            X509v3 Authority Key Identifier:
                keyid:CB:81:06:D8:27:74:7D:00:8C:9D:E9:18:1B:4E:C6:73:9C:8E:E8:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/CB8106D827747D008C9DE9181B4EC6739C8EE800.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB8106D827747D008C9DE9181B4EC6739C8EE800.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.248.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:b0:bf:08:b3:d6:c6:86:04:bc:88:7b:30:8f:1a:60:f8:6c:
         0c:63:de:01:db:d1:fe:68:c1:07:4a:b8:cf:c2:27:cc:e0:6e:
         5b:55:17:dc:57:b8:78:3e:66:ab:b9:59:5d:97:14:4b:ef:ba:
         ac:5e:99:b9:91:25:6a:38:bb:84:59:54:d5:49:39:1b:05:59:
         5d:ee:71:cc:3c:e7:57:cc:d9:87:8e:70:d0:5c:9b:2e:7b:95:
         b8:e7:22:96:00:89:75:bf:37:ab:41:93:a1:53:c3:49:fc:28:
         18:f5:80:14:91:a9:54:e0:b9:fe:34:83:21:da:8e:93:f1:bc:
         ac:dd:30:17:42:23:a1:ea:7a:40:f3:ab:f5:5a:40:e6:e6:88:
         fb:7e:ae:78:91:75:ef:31:b6:31:4a:40:0a:d8:a8:dd:6e:97:
         46:52:7d:0e:b3:2a:86:72:a2:68:96:b3:4a:5f:1d:6b:5c:08:
         c4:35:89:63:b3:89:23:58:2a:53:27:4c:71:ca:04:44:e2:ce:
         82:48:f9:2d:f4:41:f1:4c:7e:78:9e:81:7e:5d:18:77:d3:6c:
         cb:a9:1f:fe:5c:35:8d:f3:e7:a0:97:1b:4d:aa:52:3c:02:16:
         ef:f1:00:5b:d2:5d:87:d2:aa:8e:d6:b1:f4:30:4f:40:87:0d:
         6d:1d:f5:6a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUdVG4RJ5K+R393OY31PBpP3G98xowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0I4MTA2RDgyNzc0N0QwMDhDOURFOTE4MUI0RUM2NzM5
QzhFRTgwMDAeFw0yMzA3MzEwMDA0NDZaFw0yNDA3MjkwMDA5NDZaMDMxMTAvBgNV
BAMTKDUwRjQxRjMyOTQxQzI2MTM4RkNFODQ3QUM1Q0QxQjNERjZFNTU3QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9JGY/o1W0bb+Mp0D76tCHJXJw
jUzhAcyYRvzBWyUX3Xz8xHsb1hvfouGLnq8Vkl4U6qti9JTCEnX9a2O3UFZipkh4
T6/E3gCSFpV9TEOVk+3nZBf+RHXGmp42Fq/wCOkirsJ5WSkn2jlgzQAe1CAhPIwz
HJ42gV3py77Fog6nSDsWJ7sD+qyN1lZGWITfebAcH1FMkB19USzdl7OtfrAGszlF
cuA4cgUj6n7dn/XRsht7eEGRMXTK8oFAdHWAD9iS+Mbp6Db/01IHU8sefat0pgeT
9lFOWZOECBCO6ILQTLrMgP+gkwRulx6Ka1d1rm8K9WBg//VakFE7CFOlbIkdAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUUPQfMpQcJhOPzoR6xc0bPfblV8MwHwYDVR0j
BBgwFoAUy4EG2Cd0fQCMnekYG07Gc5yO6AAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
YmU1NzhkMC1kM2FhLTRmMGYtYmI5ZC1mNzRiNDljNmE2NTUvMC9DQjgxMDZEODI3
NzQ3RDAwOEM5REU5MTgxQjRFQzY3MzlDOEVFODAwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0I4MTA2RDgyNzc0N0QwMDhDOURFOTE4MUI0RUM2NzM5QzhF
RTgwMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZiZTU3OGQwLWQzYWEtNGYwZi1i
YjlkLWY3NGI0OWM2YTY1NS8wLzMxMzAzMzJlMzIzNDM4MmUzMTM5MzYyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzEzNzM0MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn+MQwDQYJ
KoZIhvcNAQELBQADggEBAJ+wvwiz1saGBLyIezCPGmD4bAxj3gHb0f5owQdKuM/C
J8zgbltVF9xXuHg+Zqu5WV2XFEvvuqxembmRJWo4u4RZVNVJORsFWV3uccw851fM
2YeOcNBcmy57lbjnIpYAiXW/N6tBk6FTw0n8KBj1gBSRqVTguf40gyHajpPxvKzd
MBdCI6HqekDzq/VaQObmiPt+rniRde8xtjFKQArYqN1ul0ZSfQ6zKoZyomiWs0pf
HWtcCMQ1iWOziSNYKlMnTHHKBETizoJI+S30QfFMfniegX5dGHfTbMupH/5cNY3z
56CXG02qUjwCFu/xAFvSXYfSqo7WsfQwT0CHDW0d9Wo=
-----END CERTIFICATE-----
Generated at Tue Mar 26 23:17:26 2024 by rpki-client on console-ams.rpki-client.org