Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/3130332e3132332e3130382e302f32342d3234203d3e20313338303636.roa
File:                     3130332e3132332e3130382e302f32342d3234203d3e20313338303636.roa (raw, json)
Hash identifier:          dsz+Uz1QUCheGKdAMCajeoKpi4e8k4v8bo4TTY5XYZ4=
Subject key identifier:   A8:63:04:6A:63:FD:B4:42:25:01:1F:06:7E:AF:82:F2:C7:17:EB:15
Certificate issuer:       /CN=977EA5118551E98AEAA8BB11C9D99D7196D3DEBA
Certificate serial:       02F64D3989B147AB2BF5A26CC06093E49466FA75
Authority key identifier: 97:7E:A5:11:85:51:E9:8A:EA:A8:BB:11:C9:D9:9D:71:96:D3:DE:BA
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/977EA5118551E98AEAA8BB11C9D99D7196D3DEBA.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/3130332e3132332e3130382e302f32342d3234203d3e20313338303636.roa
Signing time:             Mon 31 Jul 2023 00:11:52 +0000
ROA not before:           Mon 31 Jul 2023 00:06:52 +0000
ROA not after:            Mon 29 Jul 2024 00:11:52 +0000
asID:                     138066
IP address blocks:        103.123.108.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/977EA5118551E98AEAA8BB11C9D99D7196D3DEBA.crl
                          rsync://repo-rpki.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/977EA5118551E98AEAA8BB11C9D99D7196D3DEBA.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/977EA5118551E98AEAA8BB11C9D99D7196D3DEBA.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 19:38:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:f6:4d:39:89:b1:47:ab:2b:f5:a2:6c:c0:60:93:e4:94:66:fa:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=977EA5118551E98AEAA8BB11C9D99D7196D3DEBA
        Validity
            Not Before: Jul 31 00:06:52 2023 GMT
            Not After : Jul 29 00:11:52 2024 GMT
        Subject: CN=A863046A63FDB44225011F067EAF82F2C717EB15
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:94:63:e9:08:46:ec:bc:06:6a:cd:a6:4d:9e:
                    a7:45:04:61:ad:2e:5a:00:47:30:40:3b:33:3f:a9:
                    a2:47:e2:e8:24:6a:b4:52:f8:8d:0c:2e:9a:f5:2c:
                    95:6d:7a:62:c8:ac:0b:7e:bf:e5:28:26:0e:0c:27:
                    89:e7:60:2b:ab:48:36:11:44:8b:4b:c0:9d:ad:91:
                    87:ed:77:3d:69:08:5c:da:24:15:60:bf:8d:a3:68:
                    b6:d1:dc:f7:03:3c:ce:c9:9b:be:3b:ca:60:97:7e:
                    2e:a5:67:d5:38:1e:47:a5:c3:cd:4b:87:3e:1f:0e:
                    b3:2b:29:20:e8:52:03:50:85:a9:bc:0c:66:18:e7:
                    e1:d6:e7:45:c8:9d:84:e9:6b:0c:42:95:10:7a:29:
                    2b:ac:12:f3:a7:ce:fe:1f:be:e1:67:fd:e9:05:04:
                    14:2a:6d:3b:14:75:8f:95:d1:e8:74:09:9b:2b:ac:
                    0f:a6:79:aa:ed:7c:18:71:fb:79:99:72:57:08:6a:
                    c4:52:f5:1c:32:c8:9c:dd:50:a9:d4:5b:56:0a:1d:
                    5e:0b:9a:83:98:a1:fc:f8:1b:70:24:11:bc:62:08:
                    84:ac:71:2e:72:ba:32:0d:15:35:c8:94:8d:0c:2b:
                    19:9e:d8:cb:86:25:23:d8:64:ff:26:24:74:40:98:
                    3f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:63:04:6A:63:FD:B4:42:25:01:1F:06:7E:AF:82:F2:C7:17:EB:15
            X509v3 Authority Key Identifier:
                keyid:97:7E:A5:11:85:51:E9:8A:EA:A8:BB:11:C9:D9:9D:71:96:D3:DE:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/977EA5118551E98AEAA8BB11C9D99D7196D3DEBA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/977EA5118551E98AEAA8BB11C9D99D7196D3DEBA.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8988c0f2-2800-48da-a83e-ab54df65c574/0/3130332e3132332e3130382e302f32342d3234203d3e20313338303636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.123.108.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:29:e2:7a:00:34:8b:a7:0d:f1:c2:c4:1b:d8:30:e4:72:5e:
         f8:cf:76:ca:ed:96:80:ad:90:b6:de:04:54:16:41:6b:8a:d3:
         49:86:2b:f7:b6:1b:2d:03:6f:dc:9c:d8:8e:dd:fa:51:e4:8e:
         fc:01:1a:1c:85:93:32:30:f5:0a:fe:ce:23:ca:1a:bd:39:32:
         3c:4c:5e:e3:56:c7:78:3b:6a:ef:6f:c4:3b:96:47:c4:16:93:
         cc:c2:ba:76:39:55:9b:1a:41:31:e6:18:3d:69:2c:b2:80:0f:
         72:49:72:03:c4:59:ea:e6:4c:7b:6c:c1:c3:a7:89:7e:87:06:
         1d:46:ed:4f:34:30:b9:e6:68:7b:69:44:4d:bf:14:d3:da:4b:
         eb:21:48:c9:d5:8e:66:c5:32:a6:33:d7:6d:e9:02:8b:97:fd:
         e4:a6:3b:52:1f:a3:72:ae:86:52:84:53:cc:82:bb:a1:35:4b:
         82:64:3b:c4:76:48:a6:7b:e8:63:cc:8d:ce:69:cd:38:1f:8c:
         e8:28:50:06:c4:7d:fe:95:cb:2f:99:d0:ac:44:01:c9:47:1b:
         e8:cb:ff:a8:72:64:01:0f:f8:f0:a2:40:22:91:b4:d1:4e:fa:
         4a:95:f8:eb:5b:a8:c7:65:38:6d:b7:98:9f:c6:b2:60:08:81:
         fe:8b:a5:42
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUAvZNOYmxR6sr9aJswGCT5JRm+nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTc3RUE1MTE4NTUxRTk4QUVBQThCQjExQzlEOTlENzE5
NkQzREVCQTAeFw0yMzA3MzEwMDA2NTJaFw0yNDA3MjkwMDExNTJaMDMxMTAvBgNV
BAMTKEE4NjMwNDZBNjNGREI0NDIyNTAxMUYwNjdFQUY4MkYyQzcxN0VCMTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCslGPpCEbsvAZqzaZNnqdFBGGt
LloARzBAOzM/qaJH4ugkarRS+I0MLpr1LJVtemLIrAt+v+UoJg4MJ4nnYCurSDYR
RItLwJ2tkYftdz1pCFzaJBVgv42jaLbR3PcDPM7Jm747ymCXfi6lZ9U4Hkelw81L
hz4fDrMrKSDoUgNQham8DGYY5+HW50XInYTpawxClRB6KSusEvOnzv4fvuFn/ekF
BBQqbTsUdY+V0eh0CZsrrA+meartfBhx+3mZclcIasRS9RwyyJzdUKnUW1YKHV4L
moOYofz4G3AkEbxiCISscS5yujINFTXIlI0MKxme2MuGJSPYZP8mJHRAmD8vAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUqGMEamP9tEIlAR8Gfq+C8scX6xUwHwYDVR0j
BBgwFoAUl36lEYVR6YrqqLsRydmdcZbT3rowDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
OTg4YzBmMi0yODAwLTQ4ZGEtYTgzZS1hYjU0ZGY2NWM1NzQvMC85NzdFQTUxMTg1
NTFFOThBRUFBOEJCMTFDOUQ5OUQ3MTk2RDNERUJBLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTc3RUE1MTE4NTUxRTk4QUVBQThCQjExQzlEOTlENzE5NkQz
REVCQS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzg5ODhjMGYyLTI4MDAtNDhkYS1h
ODNlLWFiNTRkZjY1YzU3NC8wLzMxMzAzMzJlMzEzMjMzMmUzMTMwMzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzgzMDM2MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABne2wwDQYJ
KoZIhvcNAQELBQADggEBAI4p4noANIunDfHCxBvYMORyXvjPdsrtloCtkLbeBFQW
QWuK00mGK/e2Gy0Db9yc2I7d+lHkjvwBGhyFkzIw9Qr+ziPKGr05MjxMXuNWx3g7
au9vxDuWR8QWk8zCunY5VZsaQTHmGD1pLLKAD3JJcgPEWermTHtswcOniX6HBh1G
7U80MLnmaHtpRE2/FNPaS+shSMnVjmbFMqYz123pAouX/eSmO1Ifo3KuhlKEU8yC
u6E1S4JkO8R2SKZ76GPMjc5pzTgfjOgoUAbEff6Vyy+Z0KxEAclHG+jL/6hyZAEP
+PCiQCKRtNFO+kqV+OtbqMdlOG23mJ/GsmAIgf6LpUI=
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:02:29 2024 by rpki-client on console-ams.rpki-client.org