Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/7e45ebab-ec16-4589-a9a6-8a3661d43e3e/0/3130332e39352e34302e302f32322d3234203d3e203538343935.roa
File:                     3130332e39352e34302e302f32322d3234203d3e203538343935.roa (raw, json)
Hash identifier:          zKpK86dwBbsrbNIlnGa4PwQDrWYBJhwxrKHgEC9RC7A=
Subject key identifier:   85:F6:6F:FC:9A:9C:B5:AD:21:46:82:0C:D1:FF:00:70:15:1B:5C:4A
Certificate issuer:       /CN=41ABF792D14122AAA67E42BD42EBB8E02A096620
Certificate serial:       7093862C37225E701DFD0ADD0E4CE428F7A69885
Authority key identifier: 41:AB:F7:92:D1:41:22:AA:A6:7E:42:BD:42:EB:B8:E0:2A:09:66:20
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41ABF792D14122AAA67E42BD42EBB8E02A096620.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7e45ebab-ec16-4589-a9a6-8a3661d43e3e/0/3130332e39352e34302e302f32322d3234203d3e203538343935.roa
Signing time:             Mon 31 Jul 2023 00:04:27 +0000
ROA not before:           Sun 30 Jul 2023 23:59:27 +0000
ROA not after:            Mon 29 Jul 2024 00:04:27 +0000
asID:                     58495
IP address blocks:        103.95.40.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7e45ebab-ec16-4589-a9a6-8a3661d43e3e/0/41ABF792D14122AAA67E42BD42EBB8E02A096620.crl
                          rsync://repo-rpki.idnic.net/repo/7e45ebab-ec16-4589-a9a6-8a3661d43e3e/0/41ABF792D14122AAA67E42BD42EBB8E02A096620.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41ABF792D14122AAA67E42BD42EBB8E02A096620.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 07:32:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:93:86:2c:37:22:5e:70:1d:fd:0a:dd:0e:4c:e4:28:f7:a6:98:85
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=41ABF792D14122AAA67E42BD42EBB8E02A096620
        Validity
            Not Before: Jul 30 23:59:27 2023 GMT
            Not After : Jul 29 00:04:27 2024 GMT
        Subject: CN=85F66FFC9A9CB5AD2146820CD1FF0070151B5C4A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:c8:7e:e9:78:6f:61:f3:94:a5:4c:00:d1:3d:
                    88:ab:55:5b:e1:65:e7:10:38:6d:fa:37:ff:68:02:
                    71:e8:9d:23:2a:96:21:65:02:fe:51:9e:c6:1c:df:
                    0d:59:92:05:20:08:df:d4:0e:47:85:e2:88:29:59:
                    8e:57:0b:78:b1:3e:1a:6c:6d:c1:36:86:8a:ea:d7:
                    9c:2c:f9:33:ba:3f:b1:38:fb:94:ec:ef:e6:ca:fe:
                    3e:22:be:9f:c1:07:ab:98:24:3b:90:c1:4a:7d:84:
                    52:87:ef:7b:aa:ca:73:de:d0:e4:ca:5b:79:50:b0:
                    55:14:11:d0:96:61:27:37:5b:10:71:ca:2a:d3:59:
                    11:98:2d:2e:6a:b1:df:46:24:3f:22:20:7b:86:a6:
                    7d:5e:75:5e:20:82:b8:ed:64:e8:66:da:10:fb:f8:
                    ad:99:4c:49:43:f5:72:a5:2b:4c:db:e0:2f:c9:df:
                    1c:db:52:c1:07:e0:a4:f5:1a:94:e0:82:e0:b8:70:
                    73:5e:4d:20:1c:6a:87:11:af:ec:38:e2:20:0a:d0:
                    7a:8e:77:5d:b0:18:30:e4:18:26:3e:dd:91:57:b9:
                    69:5e:ae:13:9f:60:4f:8c:06:62:69:7c:1a:d5:5d:
                    a3:46:14:c4:d8:77:d1:b6:65:df:ba:63:28:51:d5:
                    ae:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:F6:6F:FC:9A:9C:B5:AD:21:46:82:0C:D1:FF:00:70:15:1B:5C:4A
            X509v3 Authority Key Identifier:
                keyid:41:AB:F7:92:D1:41:22:AA:A6:7E:42:BD:42:EB:B8:E0:2A:09:66:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7e45ebab-ec16-4589-a9a6-8a3661d43e3e/0/41ABF792D14122AAA67E42BD42EBB8E02A096620.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/41ABF792D14122AAA67E42BD42EBB8E02A096620.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7e45ebab-ec16-4589-a9a6-8a3661d43e3e/0/3130332e39352e34302e302f32322d3234203d3e203538343935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.95.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1a:5b:c6:f3:ea:4e:cc:b9:65:93:4f:5d:9c:8a:55:ca:e4:42:
         4a:1d:56:13:54:b0:4e:bb:7b:2a:e9:e0:b1:7b:91:9f:91:34:
         13:52:03:e8:0b:a5:fe:63:55:4c:30:f8:6a:3e:d4:ce:ab:cf:
         98:e4:3c:cd:c0:51:87:d5:fe:d1:36:44:77:3e:b0:b1:7f:46:
         fc:d2:b6:bb:11:8b:cf:5b:82:2a:15:07:00:b1:3d:b8:e2:57:
         7b:16:fd:6b:3b:77:b0:52:e8:d1:c1:3e:68:54:74:85:99:cb:
         bf:ef:e4:60:8a:68:7a:e4:e8:9e:ac:93:c5:8e:e6:fb:00:30:
         b5:0b:52:dd:1a:7b:bb:6e:bd:3a:28:c0:98:0b:12:14:38:6b:
         4d:42:9f:c9:95:b3:91:d1:88:15:5c:5d:40:a9:bd:ee:3e:e0:
         95:d9:a3:1d:b0:90:cc:37:76:70:c3:0f:20:03:4a:fb:42:07:
         84:2b:48:3e:a5:ee:9b:14:c3:45:2b:85:5e:43:3b:f2:50:62:
         0d:69:0f:71:04:0f:2e:76:06:f5:6d:07:9a:56:c4:c2:45:a2:
         c6:6d:f7:47:42:d7:0c:88:74:8e:56:71:1e:1e:89:c5:02:1b:
         95:fb:ee:a8:9f:0d:fc:06:c2:39:2b:ab:5d:65:e6:8e:eb:7c:
         39:39:dc:a3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUcJOGLDciXnAd/QrdDkzkKPemmIUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDFBQkY3OTJEMTQxMjJBQUE2N0U0MkJENDJFQkI4RTAy
QTA5NjYyMDAeFw0yMzA3MzAyMzU5MjdaFw0yNDA3MjkwMDA0MjdaMDMxMTAvBgNV
BAMTKDg1RjY2RkZDOUE5Q0I1QUQyMTQ2ODIwQ0QxRkYwMDcwMTUxQjVDNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5yH7peG9h85SlTADRPYirVVvh
ZecQOG36N/9oAnHonSMqliFlAv5RnsYc3w1ZkgUgCN/UDkeF4ogpWY5XC3ixPhps
bcE2horq15ws+TO6P7E4+5Ts7+bK/j4ivp/BB6uYJDuQwUp9hFKH73uqynPe0OTK
W3lQsFUUEdCWYSc3WxBxyirTWRGYLS5qsd9GJD8iIHuGpn1edV4ggrjtZOhm2hD7
+K2ZTElD9XKlK0zb4C/J3xzbUsEH4KT1GpTgguC4cHNeTSAcaocRr+w44iAK0HqO
d12wGDDkGCY+3ZFXuWlerhOfYE+MBmJpfBrVXaNGFMTYd9G2Zd+6YyhR1a6hAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUhfZv/Jqcta0hRoIM0f8AcBUbXEowHwYDVR0j
BBgwFoAUQav3ktFBIqqmfkK9Quu44CoJZiAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
ZTQ1ZWJhYi1lYzE2LTQ1ODktYTlhNi04YTM2NjFkNDNlM2UvMC80MUFCRjc5MkQx
NDEyMkFBQTY3RTQyQkQ0MkVCQjhFMDJBMDk2NjIwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDFBQkY3OTJEMTQxMjJBQUE2N0U0MkJENDJFQkI4RTAyQTA5
NjYyMC5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdlNDVlYmFiLWVjMTYtNDU4OS1h
OWE2LThhMzY2MWQ0M2UzZS8wLzMxMzAzMzJlMzkzNTJlMzQzMDJlMzAyZjMyMzIy
ZDMyMzQyMDNkM2UyMDM1MzgzNDM5MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJnXygwDQYJKoZIhvcN
AQELBQADggEBABpbxvPqTsy5ZZNPXZyKVcrkQkodVhNUsE67eyrp4LF7kZ+RNBNS
A+gLpf5jVUww+Go+1M6rz5jkPM3AUYfV/tE2RHc+sLF/RvzStrsRi89bgioVBwCx
PbjiV3sW/Ws7d7BS6NHBPmhUdIWZy7/v5GCKaHrk6J6sk8WO5vsAMLULUt0ae7tu
vToowJgLEhQ4a01Cn8mVs5HRiBVcXUCpve4+4JXZox2wkMw3dnDDDyADSvtCB4Qr
SD6l7psUw0UrhV5DO/JQYg1pD3EEDy52BvVtB5pWxMJFosZt90dC1wyIdI5WcR4e
icUCG5X77qifDfwGwjkrq11l5o7rfDk53KM=
-----END CERTIFICATE-----
Generated at Tue Mar 26 15:30:30 2024 by rpki-client on console-fra.rpki-client.org