Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/3130332e3134382e3139382e302f32332d3234203d3e20313339393938.roa
File:                     3130332e3134382e3139382e302f32332d3234203d3e20313339393938.roa (raw, json)
Hash identifier:          VfsjHz1Yrct8mcgY9sofRiOh7BiQIbotdBv7PxlfiYI=
Subject key identifier:   9D:2F:F7:C4:6B:1C:C9:8D:68:38:ED:77:B1:B8:12:F2:73:EA:F7:9C
Certificate issuer:       /CN=08D07F010DA28112A94E8800C317B8DF7F1ABF43
Certificate serial:       139B29D0036E8E94B4B1F754452929C6D4363F19
Authority key identifier: 08:D0:7F:01:0D:A2:81:12:A9:4E:88:00:C3:17:B8:DF:7F:1A:BF:43
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08D07F010DA28112A94E8800C317B8DF7F1ABF43.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/3130332e3134382e3139382e302f32332d3234203d3e20313339393938.roa
Signing time:             Mon 31 Jul 2023 00:13:36 +0000
ROA not before:           Mon 31 Jul 2023 00:08:36 +0000
ROA not after:            Mon 29 Jul 2024 00:13:36 +0000
asID:                     139998
IP address blocks:        103.148.198.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/08D07F010DA28112A94E8800C317B8DF7F1ABF43.crl
                          rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/08D07F010DA28112A94E8800C317B8DF7F1ABF43.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08D07F010DA28112A94E8800C317B8DF7F1ABF43.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:9b:29:d0:03:6e:8e:94:b4:b1:f7:54:45:29:29:c6:d4:36:3f:19
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=08D07F010DA28112A94E8800C317B8DF7F1ABF43
        Validity
            Not Before: Jul 31 00:08:36 2023 GMT
            Not After : Jul 29 00:13:36 2024 GMT
        Subject: CN=9D2FF7C46B1CC98D6838ED77B1B812F273EAF79C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d8:1d:5b:1d:46:74:bb:89:dc:42:52:a9:6b:
                    ea:de:bb:4e:f9:91:9b:f8:33:f2:f1:53:92:1e:8d:
                    f9:6a:6c:e9:07:78:72:46:bd:dd:c3:6e:1e:a3:45:
                    b9:56:8f:37:2c:95:c7:58:7e:74:be:7c:8f:96:d8:
                    95:54:70:8d:da:9f:1c:33:d0:04:9a:3f:64:a2:48:
                    16:97:cf:9a:2c:7b:57:d8:05:2b:75:d5:bf:6c:2a:
                    48:a7:ed:df:e3:4a:59:fb:39:f4:d6:e3:ba:4a:a9:
                    c6:5e:45:6d:ab:a3:00:a8:3b:93:20:02:69:45:f8:
                    28:1a:02:49:8c:e4:1a:95:e4:34:ad:78:da:00:e4:
                    7b:92:e4:20:83:ec:fd:d0:cb:d1:1d:59:a7:57:51:
                    f1:7c:9b:97:0f:f7:15:b3:0e:58:46:3c:e4:0d:63:
                    0c:76:e7:89:f9:6a:84:08:65:1b:61:55:c2:2c:a0:
                    d6:11:ab:e9:b3:f4:92:70:1a:7f:78:b9:f3:ca:46:
                    a9:53:cb:6c:cb:37:02:81:42:df:72:a5:0b:b5:1c:
                    2b:25:de:0e:94:14:bf:a8:cb:72:04:67:18:09:14:
                    17:39:29:60:90:3d:e0:e3:ca:04:fe:9a:f8:c5:0b:
                    dd:9f:03:04:b9:2f:18:5d:7d:3f:33:e4:29:5b:41:
                    8a:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:2F:F7:C4:6B:1C:C9:8D:68:38:ED:77:B1:B8:12:F2:73:EA:F7:9C
            X509v3 Authority Key Identifier:
                keyid:08:D0:7F:01:0D:A2:81:12:A9:4E:88:00:C3:17:B8:DF:7F:1A:BF:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/08D07F010DA28112A94E8800C317B8DF7F1ABF43.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/08D07F010DA28112A94E8800C317B8DF7F1ABF43.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/70c2a13b-1f40-4c03-bc35-f6961516d4d9/0/3130332e3134382e3139382e302f32332d3234203d3e20313339393938.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.148.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         2a:19:07:8d:36:82:27:63:a8:6d:81:c6:12:4e:92:3c:e2:96:
         00:c2:b7:05:18:8c:66:eb:06:e4:10:62:9d:8e:06:aa:c0:8e:
         22:51:2a:a5:bf:eb:7f:61:0a:81:79:53:70:49:f5:d3:29:db:
         c8:45:40:86:64:ca:bc:99:22:ae:f5:d4:38:ab:ea:5c:72:22:
         b5:d2:a0:46:ec:02:7b:4c:52:69:e1:eb:31:d7:f0:74:5b:d2:
         06:9a:cb:fb:a2:eb:7d:32:54:81:36:15:76:d0:d1:d6:87:cd:
         cc:09:d1:7f:aa:3c:f7:6b:26:55:6b:13:9e:ac:de:f6:79:c7:
         25:28:a7:e1:19:de:57:c9:5b:00:67:cf:89:c1:ca:84:1e:03:
         0c:35:ab:da:41:93:13:61:8d:75:ab:00:37:79:6e:dd:0c:7b:
         2c:64:d6:8e:3a:22:e9:48:3c:5b:f4:9f:3a:ca:c3:d3:a0:44:
         5e:93:67:72:5b:6f:c4:21:ca:cd:f7:e0:1c:7f:b9:f0:2f:be:
         b1:b6:c1:69:d4:59:95:dc:a8:80:6c:8f:a5:bd:c4:f6:ed:ed:
         37:65:17:0e:49:c9:c6:35:f6:99:a2:4f:50:c5:a2:7d:ab:62:
         9e:c8:77:63:22:24:55:4c:a6:d6:99:8c:f9:f8:2d:ab:77:01:
         95:7b:aa:e6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUE5sp0ANujpS0sfdURSkpxtQ2PxkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDhEMDdGMDEwREEyODExMkE5NEU4ODAwQzMxN0I4REY3
RjFBQkY0MzAeFw0yMzA3MzEwMDA4MzZaFw0yNDA3MjkwMDEzMzZaMDMxMTAvBgNV
BAMTKDlEMkZGN0M0NkIxQ0M5OEQ2ODM4RUQ3N0IxQjgxMkYyNzNFQUY3OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv2B1bHUZ0u4ncQlKpa+reu075
kZv4M/LxU5IejflqbOkHeHJGvd3Dbh6jRblWjzcslcdYfnS+fI+W2JVUcI3anxwz
0ASaP2SiSBaXz5ose1fYBSt11b9sKkin7d/jSln7OfTW47pKqcZeRW2rowCoO5Mg
AmlF+CgaAkmM5BqV5DSteNoA5HuS5CCD7P3Qy9EdWadXUfF8m5cP9xWzDlhGPOQN
Ywx254n5aoQIZRthVcIsoNYRq+mz9JJwGn94ufPKRqlTy2zLNwKBQt9ypQu1HCsl
3g6UFL+oy3IEZxgJFBc5KWCQPeDjygT+mvjFC92fAwS5LxhdfT8z5ClbQYptAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUnS/3xGscyY1oOO13sbgS8nPq95wwHwYDVR0j
BBgwFoAUCNB/AQ2igRKpTogAwxe4338av0MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
MGMyYTEzYi0xZjQwLTRjMDMtYmMzNS1mNjk2MTUxNmQ0ZDkvMC8wOEQwN0YwMTBE
QTI4MTEyQTk0RTg4MDBDMzE3QjhERjdGMUFCRjQzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDhEMDdGMDEwREEyODExMkE5NEU4ODAwQzMxN0I4REY3RjFB
QkY0My5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzcwYzJhMTNiLTFmNDAtNGMwMy1i
YzM1LWY2OTYxNTE2ZDRkOS8wLzMxMzAzMzJlMzEzNDM4MmUzMTM5MzgyZTMwMmYz
MjMzMmQzMjM0MjAzZDNlMjAzMTMzMzkzOTM5Mzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnlMYwDQYJ
KoZIhvcNAQELBQADggEBACoZB402gidjqG2BxhJOkjzilgDCtwUYjGbrBuQQYp2O
BqrAjiJRKqW/639hCoF5U3BJ9dMp28hFQIZkyryZIq711Dir6lxyIrXSoEbsAntM
Umnh6zHX8HRb0gaay/ui630yVIE2FXbQ0daHzcwJ0X+qPPdrJlVrE56s3vZ5xyUo
p+EZ3lfJWwBnz4nByoQeAww1q9pBkxNhjXWrADd5bt0Meyxk1o46IulIPFv0nzrK
w9OgRF6TZ3Jbb8Qhys334Bx/ufAvvrG2wWnUWZXcqIBsj6W9xPbt7TdlFw5JycY1
9pmiT1DFon2rYp7Id2MiJFVMptaZjPn4Lat3AZV7quY=
-----END CERTIFICATE-----
Generated at Wed Mar 27 18:48:30 2024 by rpki-client on console-fra.rpki-client.org