Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/9141f884-d5c9-4336-9a5c-777419e56dce/0/3130332e35302e3231362e302f32342d3234203d3e20313332313634.roa
File:                     3130332e35302e3231362e302f32342d3234203d3e20313332313634.roa (raw, json)
Hash identifier:          hC3cEPEd+vqbgTSHjEw80z+YW/5EKB5mmRVqVzQA7Oo=
Subject key identifier:   19:13:F2:7F:77:A4:F2:39:BC:A9:21:A6:E4:0A:09:94:AF:75:1A:29
Certificate issuer:       /CN=63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC
Certificate serial:       38D8AC4AB3C56EB0396EF29CEAD26CB989123395
Authority key identifier: 63:FD:8D:EE:5A:44:38:A5:0F:F5:0B:6B:9B:9D:6A:3F:53:F3:48:DC
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/9141f884-d5c9-4336-9a5c-777419e56dce/0/3130332e35302e3231362e302f32342d3234203d3e20313332313634.roa
Signing time:             Mon 31 Jul 2023 00:04:23 +0000
ROA not before:           Sun 30 Jul 2023 23:59:23 +0000
ROA not after:            Mon 29 Jul 2024 00:04:23 +0000
asID:                     132164
IP address blocks:        103.50.216.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/9141f884-d5c9-4336-9a5c-777419e56dce/0/63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC.crl
                          rsync://repo-rpki.idnic.net/repo/9141f884-d5c9-4336-9a5c-777419e56dce/0/63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:d8:ac:4a:b3:c5:6e:b0:39:6e:f2:9c:ea:d2:6c:b9:89:12:33:95
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC
        Validity
            Not Before: Jul 30 23:59:23 2023 GMT
            Not After : Jul 29 00:04:23 2024 GMT
        Subject: CN=1913F27F77A4F239BCA921A6E40A0994AF751A29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:47:26:b3:fa:0f:84:82:b0:e1:a3:96:1d:ad:
                    0d:9b:91:8a:76:d8:60:53:16:a5:ac:43:1c:1d:1d:
                    a4:ce:c8:6a:00:23:7a:54:0d:ff:94:a7:23:93:a4:
                    d0:a0:2c:fc:83:f6:72:1a:1c:0a:4a:66:a4:18:4a:
                    c6:42:72:b1:d0:22:a4:8a:14:5f:47:76:26:b3:c4:
                    03:8f:0d:38:de:2b:67:f4:15:46:00:c6:d5:79:27:
                    6c:b9:86:ea:d1:88:85:5a:fe:42:de:fe:c7:2f:1b:
                    88:35:f1:1f:73:28:56:4f:37:27:9c:6a:77:5a:66:
                    01:bd:fa:9e:bc:c5:64:ee:c9:68:ef:8b:94:7b:28:
                    6b:9b:e3:31:3f:d0:ad:59:ce:3c:47:79:df:b5:ef:
                    53:c1:10:14:4a:19:ce:d4:3d:e2:94:da:a8:f0:44:
                    c2:c3:a0:b0:b0:77:05:b3:d1:a0:91:86:23:db:72:
                    99:b4:af:55:ca:80:7f:7e:82:29:b6:5f:0e:d2:1b:
                    40:23:9d:cb:37:62:36:8b:03:fa:7c:02:ab:0d:d6:
                    eb:c5:d0:52:f4:f4:4a:42:5f:98:07:40:a7:4b:3d:
                    ad:1c:83:e5:e4:fb:63:56:5b:73:7f:17:0f:b3:3e:
                    02:0f:6a:0f:ec:55:d3:b4:70:00:bb:48:e2:fa:74:
                    8e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:13:F2:7F:77:A4:F2:39:BC:A9:21:A6:E4:0A:09:94:AF:75:1A:29
            X509v3 Authority Key Identifier:
                keyid:63:FD:8D:EE:5A:44:38:A5:0F:F5:0B:6B:9B:9D:6A:3F:53:F3:48:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/9141f884-d5c9-4336-9a5c-777419e56dce/0/63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/63FD8DEE5A4438A50FF50B6B9B9D6A3F53F348DC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9141f884-d5c9-4336-9a5c-777419e56dce/0/3130332e35302e3231362e302f32342d3234203d3e20313332313634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.50.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         70:a0:24:c3:c9:7f:50:46:bd:b7:40:4e:75:cb:75:96:31:30:
         1f:22:30:65:45:97:ca:11:9f:f9:38:f5:fc:66:66:9a:e2:24:
         e8:be:7c:a3:60:63:37:3b:d0:c0:b4:1b:b5:32:10:1b:74:41:
         c5:40:c5:6a:39:ec:4a:80:cb:53:ae:be:8c:f2:00:3d:94:8b:
         42:cf:27:59:de:d2:88:44:e7:a7:9d:7a:0a:7e:88:96:a7:d8:
         fc:23:1b:e2:74:6a:40:41:4d:d2:93:bf:96:b5:b6:61:54:fc:
         56:59:18:e9:bb:c1:78:1d:9e:76:c0:9d:da:a2:3e:dd:26:d6:
         7c:f4:79:1f:2d:d4:4e:b4:06:b1:0a:6f:cd:18:8f:f6:37:06:
         ff:73:08:90:b0:f0:bc:ff:05:c6:69:a7:31:f8:f3:2b:3b:a9:
         ec:17:24:21:cd:be:e5:88:50:63:d1:ff:7c:3b:e7:f3:dd:99:
         d5:ed:04:be:b1:e6:bc:c3:cd:9f:c9:31:da:ec:69:9f:ab:ac:
         06:4a:07:4d:29:a0:11:f2:2a:9c:78:99:a5:1b:24:fe:a2:05:
         25:ae:e5:99:dd:79:84:83:24:11:7f:ba:87:a3:ee:65:69:57:
         45:77:3a:ef:10:fd:c3:ec:32:88:c8:50:8f:8c:bf:26:06:02:
         75:16:b7:8c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUONisSrPFbrA5bvKc6tJsuYkSM5UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjNGRDhERUU1QTQ0MzhBNTBGRjUwQjZCOUI5RDZBM0Y1
M0YzNDhEQzAeFw0yMzA3MzAyMzU5MjNaFw0yNDA3MjkwMDA0MjNaMDMxMTAvBgNV
BAMTKDE5MTNGMjdGNzdBNEYyMzlCQ0E5MjFBNkU0MEEwOTk0QUY3NTFBMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpRyaz+g+EgrDho5YdrQ2bkYp2
2GBTFqWsQxwdHaTOyGoAI3pUDf+UpyOTpNCgLPyD9nIaHApKZqQYSsZCcrHQIqSK
FF9HdiazxAOPDTjeK2f0FUYAxtV5J2y5hurRiIVa/kLe/scvG4g18R9zKFZPNyec
andaZgG9+p68xWTuyWjvi5R7KGub4zE/0K1ZzjxHed+171PBEBRKGc7UPeKU2qjw
RMLDoLCwdwWz0aCRhiPbcpm0r1XKgH9+gim2Xw7SG0Ajncs3YjaLA/p8AqsN1uvF
0FL09EpCX5gHQKdLPa0cg+Xk+2NWW3N/Fw+zPgIPag/sVdO0cAC7SOL6dI61AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUGRPyf3ek8jm8qSGm5AoJlK91GikwHwYDVR0j
BBgwFoAUY/2N7lpEOKUP9Qtrm51qP1PzSNwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
MTQxZjg4NC1kNWM5LTQzMzYtOWE1Yy03Nzc0MTllNTZkY2UvMC82M0ZEOERFRTVB
NDQzOEE1MEZGNTBCNkI5QjlENkEzRjUzRjM0OERDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjNGRDhERUU1QTQ0MzhBNTBGRjUwQjZCOUI5RDZBM0Y1M0Yz
NDhEQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkxNDFmODg0LWQ1YzktNDMzNi05
YTVjLTc3NzQxOWU1NmRjZS8wLzMxMzAzMzJlMzUzMDJlMzIzMTM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMyMzEzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZzLYMA0GCSqG
SIb3DQEBCwUAA4IBAQBwoCTDyX9QRr23QE51y3WWMTAfIjBlRZfKEZ/5OPX8Zmaa
4iTovnyjYGM3O9DAtBu1MhAbdEHFQMVqOexKgMtTrr6M8gA9lItCzydZ3tKIROen
nXoKfoiWp9j8IxvidGpAQU3Sk7+WtbZhVPxWWRjpu8F4HZ52wJ3aoj7dJtZ89Hkf
LdROtAaxCm/NGI/2Nwb/cwiQsPC8/wXGaacx+PMrO6nsFyQhzb7liFBj0f98O+fz
3ZnV7QS+sea8w82fyTHa7Gmfq6wGSgdNKaAR8iqceJmlGyT+ogUlruWZ3XmEgyQR
f7qHo+5laVdFdzrvEP3D7DKIyFCPjL8mBgJ1FreM
-----END CERTIFICATE-----
Generated at Fri Mar 29 04:03:22 2024 by rpki-client on console-ams.rpki-client.org