Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/88cac161-f880-4206-8d2c-daa604fe0902/0/3130332e3132352e3130362e302f32342d3234203d3e20313338313030.roa
File:                     3130332e3132352e3130362e302f32342d3234203d3e20313338313030.roa (raw, json)
Hash identifier:          j3oTKLrSg742IxXTFg5DIM3MNs6Owub8++tzCjYUFiA=
Subject key identifier:   8D:C5:37:1A:45:36:7F:31:5E:0B:A4:D0:94:AD:E2:AC:BA:BD:9A:5B
Certificate issuer:       /CN=06C079105A8A7FB53C97370CDE636B0A22588747
Certificate serial:       2DE732A8CA7598E761C04DC23FB900371A4EAAE5
Authority key identifier: 06:C0:79:10:5A:8A:7F:B5:3C:97:37:0C:DE:63:6B:0A:22:58:87:47
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/06C079105A8A7FB53C97370CDE636B0A22588747.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/88cac161-f880-4206-8d2c-daa604fe0902/0/3130332e3132352e3130362e302f32342d3234203d3e20313338313030.roa
Signing time:             Mon 31 Jul 2023 00:05:47 +0000
ROA not before:           Mon 31 Jul 2023 00:00:47 +0000
ROA not after:            Mon 29 Jul 2024 00:05:47 +0000
asID:                     138100
IP address blocks:        103.125.106.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/88cac161-f880-4206-8d2c-daa604fe0902/0/06C079105A8A7FB53C97370CDE636B0A22588747.crl
                          rsync://repo-rpki.idnic.net/repo/88cac161-f880-4206-8d2c-daa604fe0902/0/06C079105A8A7FB53C97370CDE636B0A22588747.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/06C079105A8A7FB53C97370CDE636B0A22588747.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:e7:32:a8:ca:75:98:e7:61:c0:4d:c2:3f:b9:00:37:1a:4e:aa:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=06C079105A8A7FB53C97370CDE636B0A22588747
        Validity
            Not Before: Jul 31 00:00:47 2023 GMT
            Not After : Jul 29 00:05:47 2024 GMT
        Subject: CN=8DC5371A45367F315E0BA4D094ADE2ACBABD9A5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:e7:7d:6a:9b:98:1d:af:b7:a5:8b:2f:b8:88:
                    87:e9:8d:9d:95:72:37:a4:5f:27:25:98:71:83:e6:
                    98:45:b6:81:bf:0d:fe:5f:5d:b3:d8:dd:db:c4:ff:
                    cd:2a:fa:62:9c:8c:f2:cd:9a:a0:e2:b7:a4:cd:ac:
                    61:56:13:55:0d:88:04:42:ca:4f:4e:0a:2d:a6:e5:
                    9b:56:d2:18:d3:53:ad:30:c8:56:b4:fd:c4:4e:48:
                    d9:79:d2:99:b5:99:4a:80:3f:2d:71:1b:b1:42:55:
                    fc:3f:5e:ab:3f:dd:f0:8c:ef:95:94:31:e9:a8:d9:
                    5a:ec:96:fd:36:3a:6a:3e:b1:cc:a1:20:81:c8:8e:
                    34:9c:55:32:d6:f2:81:ab:6e:5d:59:49:ca:08:d5:
                    61:76:4d:27:2c:7c:49:0d:48:47:28:33:8f:21:05:
                    71:1c:9e:ff:68:0c:58:21:f0:6c:d0:91:77:ae:e0:
                    b5:a6:a0:80:c2:73:76:51:f9:dd:5c:bb:30:57:eb:
                    14:ba:cb:0f:3f:5a:7f:73:b3:79:09:a9:61:2e:37:
                    b6:be:94:cd:12:a0:b7:a7:d9:bc:25:a5:d3:46:d2:
                    46:5b:86:49:cb:ff:22:20:94:91:69:6e:55:70:82:
                    21:65:58:7e:58:16:b7:1d:19:b7:df:c1:73:9c:6b:
                    e6:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:C5:37:1A:45:36:7F:31:5E:0B:A4:D0:94:AD:E2:AC:BA:BD:9A:5B
            X509v3 Authority Key Identifier:
                keyid:06:C0:79:10:5A:8A:7F:B5:3C:97:37:0C:DE:63:6B:0A:22:58:87:47

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/88cac161-f880-4206-8d2c-daa604fe0902/0/06C079105A8A7FB53C97370CDE636B0A22588747.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/06C079105A8A7FB53C97370CDE636B0A22588747.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/88cac161-f880-4206-8d2c-daa604fe0902/0/3130332e3132352e3130362e302f32342d3234203d3e20313338313030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.125.106.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7a:04:af:8e:9a:c7:46:36:d3:f3:4d:9f:8c:35:40:67:a9:07:
         a9:7c:54:6c:43:ae:51:71:8f:0a:4e:6b:7d:f7:59:06:8c:14:
         8f:b9:10:ec:e7:4f:46:24:42:e2:5e:55:0d:e4:fe:75:88:a6:
         a1:e6:49:60:4b:f5:68:d0:fa:f7:6f:4e:7a:7b:d4:a3:86:e1:
         27:e3:6f:be:e8:6f:f9:68:c8:c9:10:56:10:3f:c0:47:74:64:
         29:cd:a2:10:48:8d:ab:bb:7f:4d:ba:03:f9:02:e4:ee:09:01:
         38:0a:51:d7:fe:70:34:ef:94:90:28:44:75:03:82:c1:49:c2:
         b2:61:a9:6e:da:ef:74:ea:42:38:37:35:b1:b2:09:00:c8:13:
         0f:0d:1d:36:1a:90:8a:8b:29:ab:1a:63:27:84:eb:a5:e5:b7:
         cf:be:ed:24:e9:a9:d1:42:94:0f:27:d8:9d:f2:75:10:55:aa:
         65:9a:30:78:c7:32:09:85:78:6b:74:5b:0b:13:9a:f1:61:95:
         19:44:ff:8c:c8:b5:24:b3:23:98:89:24:13:96:33:7d:bc:3d:
         22:fc:a4:86:40:a7:f0:93:66:f1:35:6e:87:1a:ce:da:90:a8:
         77:4a:6f:c3:80:b0:8e:f8:25:76:a1:93:1d:69:47:ff:3e:9e:
         92:29:52:69
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIULecyqMp1mOdhwE3CP7kANxpOquUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDZDMDc5MTA1QThBN0ZCNTNDOTczNzBDREU2MzZCMEEy
MjU4ODc0NzAeFw0yMzA3MzEwMDAwNDdaFw0yNDA3MjkwMDA1NDdaMDMxMTAvBgNV
BAMTKDhEQzUzNzFBNDUzNjdGMzE1RTBCQTREMDk0QURFMkFDQkFCRDlBNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr531qm5gdr7eliy+4iIfpjZ2V
cjekXyclmHGD5phFtoG/Df5fXbPY3dvE/80q+mKcjPLNmqDit6TNrGFWE1UNiARC
yk9OCi2m5ZtW0hjTU60wyFa0/cROSNl50pm1mUqAPy1xG7FCVfw/Xqs/3fCM75WU
Memo2Vrslv02Omo+scyhIIHIjjScVTLW8oGrbl1ZScoI1WF2TScsfEkNSEcoM48h
BXEcnv9oDFgh8GzQkXeu4LWmoIDCc3ZR+d1cuzBX6xS6yw8/Wn9zs3kJqWEuN7a+
lM0SoLen2bwlpdNG0kZbhknL/yIglJFpblVwgiFlWH5YFrcdGbffwXOca+abAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUjcU3GkU2fzFeC6TQlK3irLq9mlswHwYDVR0j
BBgwFoAUBsB5EFqKf7U8lzcM3mNrCiJYh0cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
OGNhYzE2MS1mODgwLTQyMDYtOGQyYy1kYWE2MDRmZTA5MDIvMC8wNkMwNzkxMDVB
OEE3RkI1M0M5NzM3MENERTYzNkIwQTIyNTg4NzQ3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDZDMDc5MTA1QThBN0ZCNTNDOTczNzBDREU2MzZCMEEyMjU4
ODc0Ny5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg4Y2FjMTYxLWY4ODAtNDIwNi04
ZDJjLWRhYTYwNGZlMDkwMi8wLzMxMzAzMzJlMzEzMjM1MmUzMTMwMzYyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzMTMwMzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnfWowDQYJ
KoZIhvcNAQELBQADggEBAHoEr46ax0Y20/NNn4w1QGepB6l8VGxDrlFxjwpOa333
WQaMFI+5EOznT0YkQuJeVQ3k/nWIpqHmSWBL9WjQ+vdvTnp71KOG4Sfjb77ob/lo
yMkQVhA/wEd0ZCnNohBIjau7f026A/kC5O4JATgKUdf+cDTvlJAoRHUDgsFJwrJh
qW7a73TqQjg3NbGyCQDIEw8NHTYakIqLKasaYyeE66Xlt8++7STpqdFClA8n2J3y
dRBVqmWaMHjHMgmFeGt0WwsTmvFhlRlE/4zItSSzI5iJJBOWM328PSL8pIZAp/CT
ZvE1bocaztqQqHdKb8OAsI74JXahkx1pR/8+npIpUmk=
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:10:05 2024 by rpki-client on console-fra.rpki-client.org