Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/93a7f34c-63b8-4973-8226-e10695b25d94/0/3130332e3135362e3231372e302f32342d3234203d3e203538333639.roa
File:                     3130332e3135362e3231372e302f32342d3234203d3e203538333639.roa (raw, json)
Hash identifier:          lzIICb5CfvygUnGnttYRbznPbsxKoFgOU+KiDMfuDAE=
Subject key identifier:   D4:04:D2:24:89:A6:75:BE:9F:A6:E5:27:6C:C5:FB:D0:FB:55:8E:83
Certificate issuer:       /CN=5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0
Certificate serial:       2FA8D057E0762B3C6F5662ABB9281F2F5E040624
Authority key identifier: 5E:68:3D:8B:34:5B:B6:E0:F6:3C:D1:A8:F3:2C:3B:5E:CC:B2:B9:B0
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/93a7f34c-63b8-4973-8226-e10695b25d94/0/3130332e3135362e3231372e302f32342d3234203d3e203538333639.roa
Signing time:             Sat 04 Nov 2023 08:00:01 +0000
ROA not before:           Sat 04 Nov 2023 07:55:01 +0000
ROA not after:            Sat 02 Nov 2024 08:00:01 +0000
asID:                     58369
IP address blocks:        103.156.217.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/93a7f34c-63b8-4973-8226-e10695b25d94/0/5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0.crl
                          rsync://repo-rpki.idnic.net/repo/93a7f34c-63b8-4973-8226-e10695b25d94/0/5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:a8:d0:57:e0:76:2b:3c:6f:56:62:ab:b9:28:1f:2f:5e:04:06:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0
        Validity
            Not Before: Nov  4 07:55:01 2023 GMT
            Not After : Nov  2 08:00:01 2024 GMT
        Subject: CN=D404D22489A675BE9FA6E5276CC5FBD0FB558E83
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:bd:98:df:a0:97:77:00:cc:34:f3:8a:ba:94:
                    c5:ec:06:09:3d:1e:e3:55:b7:2d:ec:7b:32:c5:b9:
                    eb:9c:b6:9d:66:81:d9:ee:9a:be:7f:a4:1e:5c:ad:
                    f6:81:15:4a:0b:10:d7:e0:a7:47:8e:dc:ef:7e:1c:
                    f4:42:d3:58:49:16:5f:c0:78:8a:a9:8c:0c:c7:1a:
                    63:ed:db:ee:1e:b5:6d:10:79:80:98:13:58:01:f3:
                    cc:97:d5:37:d0:77:9a:b1:78:59:3e:bf:2e:ac:5e:
                    e5:c1:2a:05:81:a9:e1:e7:96:cf:e3:35:f0:d0:4e:
                    43:6f:9c:fa:0e:63:c5:41:26:d4:4a:a6:3e:cb:af:
                    52:2e:11:2b:d4:47:1b:e6:6a:d4:66:72:50:06:5e:
                    4d:d7:5f:88:de:99:79:4b:34:b2:1f:2c:2e:2e:e9:
                    be:d8:2a:df:9a:24:77:dc:9c:d1:af:61:89:ba:13:
                    54:39:84:39:f9:98:95:a2:86:50:09:d0:7d:f7:fc:
                    09:09:01:1b:30:58:36:05:6f:2e:ef:d2:e1:a6:cd:
                    a8:99:e5:23:49:85:e2:30:ac:48:07:d7:3c:79:d1:
                    0d:17:99:98:d6:2d:a7:1c:18:e5:45:45:81:88:d0:
                    09:44:b9:77:3b:96:6e:39:7c:5d:57:ba:1e:bf:4f:
                    63:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:04:D2:24:89:A6:75:BE:9F:A6:E5:27:6C:C5:FB:D0:FB:55:8E:83
            X509v3 Authority Key Identifier:
                keyid:5E:68:3D:8B:34:5B:B6:E0:F6:3C:D1:A8:F3:2C:3B:5E:CC:B2:B9:B0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/93a7f34c-63b8-4973-8226-e10695b25d94/0/5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/5E683D8B345BB6E0F63CD1A8F32C3B5ECCB2B9B0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/93a7f34c-63b8-4973-8226-e10695b25d94/0/3130332e3135362e3231372e302f32342d3234203d3e203538333639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.156.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:88:64:6e:16:34:8e:78:6a:e1:40:a3:49:e6:2f:39:39:d5:
         1d:a6:2d:15:21:f2:64:16:68:80:2c:3e:37:50:29:90:3e:ed:
         72:12:03:28:f3:45:20:58:30:6d:ad:4d:cc:17:dd:ee:79:da:
         69:f2:2b:2f:5b:25:47:eb:61:3e:e9:37:1d:65:c4:44:5a:ca:
         89:bc:64:91:80:55:2b:de:2c:81:82:9f:a4:f4:a4:8e:07:b6:
         e8:c4:4e:73:ea:da:aa:aa:c4:4d:4d:da:99:5a:81:9e:c5:02:
         b9:9a:36:8c:0d:4e:28:97:71:af:20:6f:29:2a:52:e4:46:d3:
         f0:4a:c3:a6:9d:05:48:f1:8b:54:aa:76:b5:d9:df:62:e6:9c:
         9c:7c:66:d0:97:8b:d9:b6:d5:85:22:88:f3:1c:fc:35:d7:ef:
         9c:7b:45:b8:60:c3:2b:8b:3d:f9:78:e2:47:36:e5:4e:35:e8:
         c3:7d:22:d0:36:9a:31:f2:30:eb:1b:4e:f1:06:5b:7e:c9:5f:
         ad:11:51:b8:af:11:43:e5:1b:9e:7f:e8:37:95:ea:48:33:65:
         34:ce:8e:b5:02:97:8e:75:e5:6d:17:20:93:b6:26:67:1a:fd:
         b3:c2:94:f3:15:11:70:62:ce:59:86:15:94:0e:c9:28:f8:4a:
         40:87:40:7f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUL6jQV+B2KzxvVmKruSgfL14EBiQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUU2ODNEOEIzNDVCQjZFMEY2M0NEMUE4RjMyQzNCNUVD
Q0IyQjlCMDAeFw0yMzExMDQwNzU1MDFaFw0yNDExMDIwODAwMDFaMDMxMTAvBgNV
BAMTKEQ0MDREMjI0ODlBNjc1QkU5RkE2RTUyNzZDQzVGQkQwRkI1NThFODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6vZjfoJd3AMw084q6lMXsBgk9
HuNVty3sezLFueuctp1mgdnumr5/pB5crfaBFUoLENfgp0eO3O9+HPRC01hJFl/A
eIqpjAzHGmPt2+4etW0QeYCYE1gB88yX1TfQd5qxeFk+vy6sXuXBKgWBqeHnls/j
NfDQTkNvnPoOY8VBJtRKpj7Lr1IuESvURxvmatRmclAGXk3XX4jemXlLNLIfLC4u
6b7YKt+aJHfcnNGvYYm6E1Q5hDn5mJWihlAJ0H33/AkJARswWDYFby7v0uGmzaiZ
5SNJheIwrEgH1zx50Q0XmZjWLaccGOVFRYGI0AlEuXc7lm45fF1Xuh6/T2MPAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU1ATSJImmdb6fpuUnbMX70PtVjoMwHwYDVR0j
BBgwFoAUXmg9izRbtuD2PNGo8yw7XsyyubAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
M2E3ZjM0Yy02M2I4LTQ5NzMtODIyNi1lMTA2OTViMjVkOTQvMC81RTY4M0Q4QjM0
NUJCNkUwRjYzQ0QxQThGMzJDM0I1RUNDQjJCOUIwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNUU2ODNEOEIzNDVCQjZFMEY2M0NEMUE4RjMyQzNCNUVDQ0Iy
QjlCMC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzkzYTdmMzRjLTYzYjgtNDk3My04
MjI2LWUxMDY5NWIyNWQ5NC8wLzMxMzAzMzJlMzEzNTM2MmUzMjMxMzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNTM4MzMzNjM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5zZMA0GCSqG
SIb3DQEBCwUAA4IBAQAEiGRuFjSOeGrhQKNJ5i85OdUdpi0VIfJkFmiALD43UCmQ
Pu1yEgMo80UgWDBtrU3MF93uedpp8isvWyVH62E+6TcdZcREWsqJvGSRgFUr3iyB
gp+k9KSOB7boxE5z6tqqqsRNTdqZWoGexQK5mjaMDU4ol3GvIG8pKlLkRtPwSsOm
nQVI8YtUqna12d9i5pycfGbQl4vZttWFIojzHPw11++ce0W4YMMriz35eOJHNuVO
NejDfSLQNpox8jDrG07xBlt+yV+tEVG4rxFD5Ruef+g3lepIM2U0zo61ApeOdeVt
FyCTtiZnGv2zwpTzFRFwYs5ZhhWUDsko+EpAh0B/
-----END CERTIFICATE-----
Generated at Wed Mar 27 18:21:04 2024 by rpki-client on console-ams.rpki-client.org