Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/3130332e38372e3232392e302f32342d3234203d3e20313336303838.roa
File:                     3130332e38372e3232392e302f32342d3234203d3e20313336303838.roa (raw, json)
Hash identifier:          v2YeJBPUOT4XSBZslIL593suBiT27b8zEfKoCux8KaI=
Subject key identifier:   6D:0A:30:76:E0:C0:8C:EB:F1:98:EF:55:05:EF:6C:B2:5D:4E:7E:93
Certificate issuer:       /CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
Certificate serial:       31639E2F1D63D010FDA50D95589B98CFC71B9052
Authority key identifier: D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/3130332e38372e3232392e302f32342d3234203d3e20313336303838.roa
Signing time:             Mon 31 Jul 2023 00:07:16 +0000
ROA not before:           Mon 31 Jul 2023 00:02:16 +0000
ROA not after:            Mon 29 Jul 2024 00:07:16 +0000
asID:                     136088
IP address blocks:        103.87.229.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl
                          rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 17:21:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:63:9e:2f:1d:63:d0:10:fd:a5:0d:95:58:9b:98:cf:c7:1b:90:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
        Validity
            Not Before: Jul 31 00:02:16 2023 GMT
            Not After : Jul 29 00:07:16 2024 GMT
        Subject: CN=6D0A3076E0C08CEBF198EF5505EF6CB25D4E7E93
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:36:7f:39:94:91:76:54:5c:df:56:a6:c6:70:
                    3e:94:16:2e:0f:ca:01:5d:8e:60:db:10:a9:f7:5d:
                    72:b9:ce:db:97:3d:1e:4f:c6:8a:c3:69:56:20:e7:
                    c3:81:73:c2:e5:97:cc:db:e9:da:a5:8e:e9:13:c7:
                    8b:4d:5c:19:7b:1d:ae:4d:d2:46:91:2b:c8:c8:e9:
                    dc:e4:59:ca:57:d9:32:41:a1:e2:88:1e:8a:79:08:
                    13:a3:f9:2a:b6:de:40:8e:c3:7d:55:db:ad:fa:4b:
                    d1:8b:df:16:8c:3a:9d:ed:2f:ee:d8:ca:64:fe:3d:
                    fe:d1:49:6c:4d:a7:20:02:8e:82:59:ad:3b:28:82:
                    44:42:6a:f4:5f:69:f2:54:86:3d:48:f2:d3:8e:13:
                    90:63:4d:ef:34:12:e8:bc:f2:24:fd:4e:76:06:a4:
                    96:99:46:1c:07:71:79:d5:83:c5:db:49:3c:21:4a:
                    53:2b:6d:49:33:e4:2f:d2:2d:fb:fa:24:38:00:e5:
                    e6:51:fa:e1:b1:c1:03:38:67:3f:71:9f:97:a1:54:
                    82:18:6f:3d:f7:3a:48:0b:e4:41:03:2d:5e:31:24:
                    22:af:f8:f1:6b:31:42:48:3a:08:a1:85:37:93:0d:
                    cc:75:0d:25:72:dd:2a:11:2f:e4:c5:8a:b2:5c:ed:
                    7b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:0A:30:76:E0:C0:8C:EB:F1:98:EF:55:05:EF:6C:B2:5D:4E:7E:93
            X509v3 Authority Key Identifier:
                keyid:D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/3130332e38372e3232392e302f32342d3234203d3e20313336303838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.87.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7b:73:52:2c:5c:54:e2:93:7b:1b:db:42:35:e8:fb:e5:4a:fc:
         65:8c:7a:e3:b2:21:03:d4:c5:45:4d:fb:f8:dd:a3:39:68:01:
         47:e2:86:74:2e:ad:6c:7a:97:9e:f7:47:13:52:29:bc:7f:a1:
         24:81:e3:0d:f8:69:96:90:e2:bc:69:58:9c:9a:52:aa:46:ad:
         0b:b9:1a:aa:55:2d:fa:7f:cc:57:0b:c0:73:2f:b1:be:49:d5:
         21:5a:a3:25:ab:fd:37:bd:da:e1:1e:b8:22:6c:2a:c0:b9:8c:
         6f:c0:6e:6a:f0:b8:d8:22:ed:59:a9:0e:86:4e:14:a4:5f:08:
         d3:20:b7:54:c9:cd:c5:be:f3:50:e1:bf:b6:64:bd:9c:94:06:
         cd:1a:2e:54:a2:16:02:74:60:ff:2a:35:00:c9:70:82:b4:ba:
         06:65:0f:c7:22:1e:61:d1:ad:8e:16:5b:df:64:b8:61:a9:b8:
         ee:b9:9a:cb:d1:3b:0a:d8:89:62:97:59:dd:35:24:a7:fa:22:
         81:ff:f5:bb:84:f3:18:88:9c:99:d4:c0:57:26:90:61:03:03:
         ad:3e:d0:12:1b:ab:fa:48:c4:13:04:55:c3:40:0f:3c:9b:6e:
         0f:0b:e1:53:58:ef:03:3f:b1:45:ac:bd:fc:0d:3b:e2:13:9c:
         e6:f7:8d:ed
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUMWOeLx1j0BD9pQ2VWJuYz8cbkFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhE
MEJFOTIzRjAeFw0yMzA3MzEwMDAyMTZaFw0yNDA3MjkwMDA3MTZaMDMxMTAvBgNV
BAMTKDZEMEEzMDc2RTBDMDhDRUJGMTk4RUY1NTA1RUY2Q0IyNUQ0RTdFOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiNn85lJF2VFzfVqbGcD6UFi4P
ygFdjmDbEKn3XXK5ztuXPR5PxorDaVYg58OBc8Lll8zb6dqljukTx4tNXBl7Ha5N
0kaRK8jI6dzkWcpX2TJBoeKIHop5CBOj+Sq23kCOw31V2636S9GL3xaMOp3tL+7Y
ymT+Pf7RSWxNpyACjoJZrTsogkRCavRfafJUhj1I8tOOE5BjTe80Eui88iT9TnYG
pJaZRhwHcXnVg8XbSTwhSlMrbUkz5C/SLfv6JDgA5eZR+uGxwQM4Zz9xn5ehVIIY
bz33OkgL5EEDLV4xJCKv+PFrMUJIOgihhTeTDcx1DSVy3SoRL+TFirJc7XtpAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUbQowduDAjOvxmO9VBe9ssl1OfpMwHwYDVR0j
BBgwFoAU0/th10akR2fUUY1un9H72NC+kj8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2Y0ZWMxYy05NTM1LTRjYmYtOWM3YS1mZDMyYzgzMGVkYmEvMC9EM0ZCNjFENzQ2
QTQ0NzY3RDQ1MThENkU5RkQxRkJEOEQwQkU5MjNGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhEMEJF
OTIzRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05
YzdhLWZkMzJjODMwZWRiYS8wLzMxMzAzMzJlMzgzNzJlMzIzMjM5MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzAzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ1flMA0GCSqG
SIb3DQEBCwUAA4IBAQB7c1IsXFTik3sb20I16PvlSvxljHrjsiED1MVFTfv43aM5
aAFH4oZ0Lq1sepee90cTUim8f6EkgeMN+GmWkOK8aVicmlKqRq0LuRqqVS36f8xX
C8BzL7G+SdUhWqMlq/03vdrhHrgibCrAuYxvwG5q8LjYIu1ZqQ6GThSkXwjTILdU
yc3FvvNQ4b+2ZL2clAbNGi5UohYCdGD/KjUAyXCCtLoGZQ/HIh5h0a2OFlvfZLhh
qbjuuZrL0TsK2Ilil1ndNSSn+iKB//W7hPMYiJyZ1MBXJpBhAwOtPtASG6v6SMQT
BFXDQA88m24PC+FTWO8DP7FFrL38DTviE5zm943t
-----END CERTIFICATE-----
Generated at Thu Mar 28 14:00:46 2024 by rpki-client on console-fra.rpki-client.org