Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/87e830c8-d559-456a-8835-4f6eb5527aa2/0/3130332e34392e33302e302f32342d3234203d3e203633383632.roa
File:                     3130332e34392e33302e302f32342d3234203d3e203633383632.roa (raw, json)
Hash identifier:          mHr7ZOR/UV4GsODMFfObi3OuJQt+2kkh2gnOIQwbamw=
Subject key identifier:   3B:AF:D4:4A:9B:D3:13:32:1D:1A:8F:28:87:1D:AF:F9:0A:E1:CD:F4
Certificate issuer:       /CN=764B23EB6C63FFCAA305F37DBE9B904AE01D60C9
Certificate serial:       1D784328FD0604211F514597FA97ABCFACA9B99C
Authority key identifier: 76:4B:23:EB:6C:63:FF:CA:A3:05:F3:7D:BE:9B:90:4A:E0:1D:60:C9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/764B23EB6C63FFCAA305F37DBE9B904AE01D60C9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/87e830c8-d559-456a-8835-4f6eb5527aa2/0/3130332e34392e33302e302f32342d3234203d3e203633383632.roa
Signing time:             Mon 31 Jul 2023 00:14:31 +0000
ROA not before:           Mon 31 Jul 2023 00:09:31 +0000
ROA not after:            Mon 29 Jul 2024 00:14:31 +0000
asID:                     63862
IP address blocks:        103.49.30.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/87e830c8-d559-456a-8835-4f6eb5527aa2/0/764B23EB6C63FFCAA305F37DBE9B904AE01D60C9.crl
                          rsync://repo-rpki.idnic.net/repo/87e830c8-d559-456a-8835-4f6eb5527aa2/0/764B23EB6C63FFCAA305F37DBE9B904AE01D60C9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/764B23EB6C63FFCAA305F37DBE9B904AE01D60C9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:78:43:28:fd:06:04:21:1f:51:45:97:fa:97:ab:cf:ac:a9:b9:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=764B23EB6C63FFCAA305F37DBE9B904AE01D60C9
        Validity
            Not Before: Jul 31 00:09:31 2023 GMT
            Not After : Jul 29 00:14:31 2024 GMT
        Subject: CN=3BAFD44A9BD313321D1A8F28871DAFF90AE1CDF4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:41:9d:c2:2a:15:6f:12:16:a1:aa:81:a4:38:
                    27:89:1e:23:45:6a:d7:72:ca:64:1f:a9:1e:d8:03:
                    03:bc:57:32:66:f5:2c:45:b8:56:df:c8:02:50:8a:
                    9e:c5:44:31:6b:41:25:af:9d:57:c4:c9:1c:70:9d:
                    f2:63:61:08:49:0f:2a:39:0a:f5:36:24:db:f7:ec:
                    c2:42:83:c9:6c:33:c1:14:32:b0:20:b5:66:f2:78:
                    c5:20:fa:aa:de:d0:6b:31:64:d1:54:1b:df:e0:b2:
                    a6:96:26:2c:76:3a:24:51:a2:d7:04:31:c7:ac:38:
                    ec:19:c8:0c:85:bf:05:0e:e9:89:a8:eb:67:a2:b0:
                    c2:b2:86:48:e0:4b:dd:d6:d5:b8:46:f1:c3:4c:34:
                    f9:29:e6:ba:13:9f:11:2d:d4:46:21:e0:d3:79:c5:
                    c6:1d:05:e4:c3:e9:3a:aa:29:58:87:50:5e:c0:64:
                    fb:f7:6d:b5:65:ae:ed:0f:5b:44:bf:ac:e6:f8:51:
                    f6:41:ab:d5:e6:fb:32:4a:7a:25:11:0e:e5:3c:19:
                    14:c8:ed:e2:89:43:a5:05:05:4a:85:ed:e6:6c:60:
                    95:7c:90:ed:e7:ef:b2:5e:2f:45:f7:b6:db:ff:4c:
                    36:9b:dc:b2:54:91:80:91:fe:ec:64:85:45:28:4c:
                    4f:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:AF:D4:4A:9B:D3:13:32:1D:1A:8F:28:87:1D:AF:F9:0A:E1:CD:F4
            X509v3 Authority Key Identifier:
                keyid:76:4B:23:EB:6C:63:FF:CA:A3:05:F3:7D:BE:9B:90:4A:E0:1D:60:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/87e830c8-d559-456a-8835-4f6eb5527aa2/0/764B23EB6C63FFCAA305F37DBE9B904AE01D60C9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/764B23EB6C63FFCAA305F37DBE9B904AE01D60C9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/87e830c8-d559-456a-8835-4f6eb5527aa2/0/3130332e34392e33302e302f32342d3234203d3e203633383632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.49.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:52:bb:6c:08:96:c8:ce:6f:88:14:d4:b2:bf:47:29:73:8d:
         1b:a4:a9:80:bb:ea:ea:d3:39:76:29:9a:c9:30:36:4e:11:1d:
         17:3e:5a:d7:e0:ce:e3:c6:0b:c0:b6:92:66:4a:e3:b1:bc:f3:
         78:d2:24:05:62:2b:11:81:73:10:fc:42:8e:04:16:63:f5:f5:
         e1:c4:cf:72:d7:f9:40:4d:bf:a6:94:64:b9:f3:99:28:41:79:
         90:b4:42:0f:84:be:e2:4f:b6:4d:1a:2a:d3:0e:92:1a:da:5b:
         b9:67:d1:b0:50:3f:a7:9f:c3:27:8a:f4:43:78:29:3b:28:36:
         0e:ab:35:09:97:b6:69:9c:fe:c8:79:07:40:ef:64:a6:cb:bf:
         f5:d2:d7:62:88:10:ca:b3:2f:b6:d2:54:de:e4:c1:e9:bc:7f:
         19:b9:d7:ba:f6:9e:31:d9:52:72:64:73:1a:0f:36:25:83:54:
         0c:a9:73:77:ac:63:69:cf:2e:98:e3:e4:21:c0:79:75:67:60:
         52:c3:82:80:a8:1a:00:1a:af:a7:b5:58:41:5d:47:24:78:60:
         4a:76:d8:17:53:95:d0:a9:93:d2:5e:a6:c5:89:a0:56:16:a9:
         c8:f7:df:18:f8:7a:11:6e:28:b1:86:f5:a4:b7:f9:92:3d:67:
         37:0d:b2:a8
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUHXhDKP0GBCEfUUWX+perz6ypuZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzY0QjIzRUI2QzYzRkZDQUEzMDVGMzdEQkU5QjkwNEFF
MDFENjBDOTAeFw0yMzA3MzEwMDA5MzFaFw0yNDA3MjkwMDE0MzFaMDMxMTAvBgNV
BAMTKDNCQUZENDRBOUJEMzEzMzIxRDFBOEYyODg3MURBRkY5MEFFMUNERjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtQZ3CKhVvEhahqoGkOCeJHiNF
atdyymQfqR7YAwO8VzJm9SxFuFbfyAJQip7FRDFrQSWvnVfEyRxwnfJjYQhJDyo5
CvU2JNv37MJCg8lsM8EUMrAgtWbyeMUg+qre0GsxZNFUG9/gsqaWJix2OiRRotcE
McesOOwZyAyFvwUO6Ymo62eisMKyhkjgS93W1bhG8cNMNPkp5roTnxEt1EYh4NN5
xcYdBeTD6TqqKViHUF7AZPv3bbVlru0PW0S/rOb4UfZBq9Xm+zJKeiURDuU8GRTI
7eKJQ6UFBUqF7eZsYJV8kO3n77JeL0X3ttv/TDab3LJUkYCR/uxkhUUoTE9jAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUO6/USpvTEzIdGo8ohx2v+QrhzfQwHwYDVR0j
BBgwFoAUdksj62xj/8qjBfN9vpuQSuAdYMkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
N2U4MzBjOC1kNTU5LTQ1NmEtODgzNS00ZjZlYjU1MjdhYTIvMC83NjRCMjNFQjZD
NjNGRkNBQTMwNUYzN0RCRTlCOTA0QUUwMUQ2MEM5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzY0QjIzRUI2QzYzRkZDQUEzMDVGMzdEQkU5QjkwNEFFMDFE
NjBDOS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg3ZTgzMGM4LWQ1NTktNDU2YS04
ODM1LTRmNmViNTUyN2FhMi8wLzMxMzAzMzJlMzQzOTJlMzMzMDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM2MzMzODM2MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnMR4wDQYJKoZIhvcN
AQELBQADggEBAGJSu2wIlsjOb4gU1LK/RylzjRukqYC76urTOXYpmskwNk4RHRc+
WtfgzuPGC8C2kmZK47G883jSJAViKxGBcxD8Qo4EFmP19eHEz3LX+UBNv6aUZLnz
mShBeZC0Qg+EvuJPtk0aKtMOkhraW7ln0bBQP6efwyeK9EN4KTsoNg6rNQmXtmmc
/sh5B0DvZKbLv/XS12KIEMqzL7bSVN7kwem8fxm517r2njHZUnJkcxoPNiWDVAyp
c3esY2nPLpjj5CHAeXVnYFLDgoCoGgAar6e1WEFdRyR4YEp22BdTldCpk9JepsWJ
oFYWqcj33xj4ehFuKLGG9aS3+ZI9ZzcNsqg=
-----END CERTIFICATE-----
Generated at Wed Mar 27 05:20:15 2024 by rpki-client on console-fra.rpki-client.org