Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/912a3f28-8273-4dd5-87fc-1ef00acac9b6/0/3130332e3133302e36332e302f32342d3234203d3e20313338303739.roa
File:                     3130332e3133302e36332e302f32342d3234203d3e20313338303739.roa (raw, json)
Hash identifier:          6g3BJiRYJrqvKlrMmXjkPJLXetMt/jSearNW8mZPwLc=
Subject key identifier:   60:BC:C6:CD:23:CB:59:7E:8B:63:37:7A:9A:BD:C8:85:65:09:60:41
Certificate issuer:       /CN=E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52
Certificate serial:       2CAC7490525281511240463CDCB43B43511D0F55
Authority key identifier: E1:7A:5E:B9:41:56:DE:23:FC:DC:8F:29:B2:10:FC:DE:DC:F0:8F:52
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/912a3f28-8273-4dd5-87fc-1ef00acac9b6/0/3130332e3133302e36332e302f32342d3234203d3e20313338303739.roa
Signing time:             Mon 31 Jul 2023 00:07:23 +0000
ROA not before:           Mon 31 Jul 2023 00:02:23 +0000
ROA not after:            Mon 29 Jul 2024 00:07:23 +0000
asID:                     138079
IP address blocks:        103.130.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/912a3f28-8273-4dd5-87fc-1ef00acac9b6/0/E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52.crl
                          rsync://repo-rpki.idnic.net/repo/912a3f28-8273-4dd5-87fc-1ef00acac9b6/0/E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 19:38:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:ac:74:90:52:52:81:51:12:40:46:3c:dc:b4:3b:43:51:1d:0f:55
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52
        Validity
            Not Before: Jul 31 00:02:23 2023 GMT
            Not After : Jul 29 00:07:23 2024 GMT
        Subject: CN=60BCC6CD23CB597E8B63377A9ABDC88565096041
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:3a:eb:25:d5:d8:3f:ba:bd:a4:65:e3:e7:46:
                    60:2c:f1:42:38:69:4b:9b:51:37:72:cf:ba:5d:b7:
                    c4:e7:dc:96:80:a7:8f:d1:7f:cf:64:f0:5c:de:61:
                    75:bb:04:95:e5:33:01:15:f7:3a:73:0f:db:f6:06:
                    f8:b4:4f:db:45:97:95:86:e1:d3:44:4e:bb:78:00:
                    e0:2d:14:4f:be:9a:9c:7a:8a:3c:4a:80:c5:de:69:
                    33:af:8f:9c:12:f3:d3:6e:32:bf:ed:f5:2b:f2:6d:
                    97:49:0c:21:79:a5:fd:18:74:89:e9:34:73:d5:44:
                    d1:66:9c:35:47:d0:2c:32:1b:5d:34:ef:68:e8:86:
                    0e:8b:a5:a6:f4:b3:24:78:ee:a4:0b:da:13:63:16:
                    3f:15:9e:1f:32:cd:d3:20:29:6a:24:be:3f:59:bf:
                    43:06:e6:8b:72:ed:15:8f:b3:ba:32:92:9b:2b:d8:
                    32:cf:8c:81:1b:8b:9a:76:8e:5f:e9:76:1d:18:22:
                    1b:fb:af:74:8c:48:f6:b1:20:36:11:f6:c6:e2:d2:
                    db:89:56:ee:5d:72:ce:04:2f:cd:87:bb:0d:8c:02:
                    2c:bb:e9:39:48:83:77:e9:2f:62:e1:e2:08:84:5d:
                    26:62:bf:2f:b7:9a:32:8b:ee:aa:05:61:87:85:6d:
                    1d:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:BC:C6:CD:23:CB:59:7E:8B:63:37:7A:9A:BD:C8:85:65:09:60:41
            X509v3 Authority Key Identifier:
                keyid:E1:7A:5E:B9:41:56:DE:23:FC:DC:8F:29:B2:10:FC:DE:DC:F0:8F:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/912a3f28-8273-4dd5-87fc-1ef00acac9b6/0/E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E17A5EB94156DE23FCDC8F29B210FCDEDCF08F52.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/912a3f28-8273-4dd5-87fc-1ef00acac9b6/0/3130332e3133302e36332e302f32342d3234203d3e20313338303739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.130.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         59:a4:9c:24:ed:1e:63:29:ff:1a:80:63:02:36:b8:cd:1a:2d:
         e1:ed:08:27:6b:b9:ef:54:a1:93:e2:a5:69:b1:7d:8f:0f:f2:
         ec:c3:86:09:00:99:5f:b5:63:27:a8:1a:3a:5b:01:11:b6:06:
         02:80:04:78:1f:cb:c5:6e:c4:9b:2f:42:ac:a5:a9:7e:80:25:
         f4:39:58:cb:76:48:5e:02:60:ee:b0:74:08:d8:4b:40:5c:4e:
         86:d2:19:56:a2:ed:41:b1:e1:6c:29:e5:91:91:85:1f:89:bd:
         24:e5:32:06:3d:bf:8a:3d:d7:0f:00:fa:2c:25:b6:fe:69:15:
         b6:73:8d:8e:0f:b8:a0:e2:e0:21:80:46:31:d0:7e:f0:49:54:
         b4:7f:74:1f:b5:1b:49:91:1d:58:20:0e:64:cc:59:33:3c:df:
         3c:43:ed:e3:3b:a3:36:2d:91:7f:1b:82:f4:3a:5b:a5:3a:c9:
         67:68:8c:4b:57:9f:a9:21:5c:d5:ed:da:3f:04:1c:a8:85:c9:
         81:9f:eb:91:8e:54:48:9b:20:11:29:b8:9f:4e:d1:26:0f:15:
         fe:9c:ae:08:5e:ab:53:48:5e:4e:2a:d0:b5:46:38:b5:24:cf:
         02:da:10:4a:5d:70:6f:d6:df:cb:77:46:04:22:a1:c3:e3:3c:
         05:43:c2:6a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIULKx0kFJSgVESQEY83LQ7Q1EdD1UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTE3QTVFQjk0MTU2REUyM0ZDREM4RjI5QjIxMEZDREVE
Q0YwOEY1MjAeFw0yMzA3MzEwMDAyMjNaFw0yNDA3MjkwMDA3MjNaMDMxMTAvBgNV
BAMTKDYwQkNDNkNEMjNDQjU5N0U4QjYzMzc3QTlBQkRDODg1NjUwOTYwNDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChOusl1dg/ur2kZePnRmAs8UI4
aUubUTdyz7pdt8Tn3JaAp4/Rf89k8FzeYXW7BJXlMwEV9zpzD9v2Bvi0T9tFl5WG
4dNETrt4AOAtFE++mpx6ijxKgMXeaTOvj5wS89NuMr/t9SvybZdJDCF5pf0YdInp
NHPVRNFmnDVH0CwyG10072johg6Lpab0syR47qQL2hNjFj8Vnh8yzdMgKWokvj9Z
v0MG5oty7RWPs7oykpsr2DLPjIEbi5p2jl/pdh0YIhv7r3SMSPaxIDYR9sbi0tuJ
Vu5dcs4EL82Huw2MAiy76TlIg3fpL2Lh4giEXSZivy+3mjKL7qoFYYeFbR17AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUYLzGzSPLWX6LYzd6mr3IhWUJYEEwHwYDVR0j
BBgwFoAU4XpeuUFW3iP83I8pshD83tzwj1IwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MTJhM2YyOC04MjczLTRkZDUtODdmYy0xZWYwMGFjYWM5YjYvMC9FMTdBNUVCOTQx
NTZERTIzRkNEQzhGMjlCMjEwRkNERURDRjA4RjUyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTE3QTVFQjk0MTU2REUyM0ZDREM4RjI5QjIxMEZDREVEQ0Yw
OEY1Mi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkxMmEzZjI4LTgyNzMtNGRkNS04
N2ZjLTFlZjAwYWNhYzliNi8wLzMxMzAzMzJlMzEzMzMwMmUzNjMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzNzM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ4I/MA0GCSqG
SIb3DQEBCwUAA4IBAQBZpJwk7R5jKf8agGMCNrjNGi3h7Qgna7nvVKGT4qVpsX2P
D/Lsw4YJAJlftWMnqBo6WwERtgYCgAR4H8vFbsSbL0Kspal+gCX0OVjLdkheAmDu
sHQI2EtAXE6G0hlWou1BseFsKeWRkYUfib0k5TIGPb+KPdcPAPosJbb+aRW2c42O
D7ig4uAhgEYx0H7wSVS0f3QftRtJkR1YIA5kzFkzPN88Q+3jO6M2LZF/G4L0Olul
OslnaIxLV5+pIVzV7do/BByohcmBn+uRjlRImyARKbifTtEmDxX+nK4IXqtTSF5O
KtC1Rji1JM8C2hBKXXBv1t/Ld0YEIqHD4zwFQ8Jq
-----END CERTIFICATE-----
Generated at Thu Mar 28 16:02:29 2024 by rpki-client on console-ams.rpki-client.org