Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/9c2c4948-687b-4020-87f4-28ee4b63aa47/0/3130332e31352e3234302e302f32322d3234203d3e20313331373335.roa
File:                     3130332e31352e3234302e302f32322d3234203d3e20313331373335.roa (raw, json)
Hash identifier:          +HCkmhf0tOZF7EhRxBA5J8OVCGxCtLFkC+XWTVcv5EU=
Subject key identifier:   5F:CC:3B:10:5F:4F:62:9B:1F:AB:80:5E:5A:67:12:D3:F7:A8:08:B0
Certificate issuer:       /CN=91982855FD8C4C119B32F9D536B640804091001C
Certificate serial:       5B4C8A685C552B9F0BAAE711D342C530E33FDAB5
Authority key identifier: 91:98:28:55:FD:8C:4C:11:9B:32:F9:D5:36:B6:40:80:40:91:00:1C
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/91982855FD8C4C119B32F9D536B640804091001C.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/9c2c4948-687b-4020-87f4-28ee4b63aa47/0/3130332e31352e3234302e302f32322d3234203d3e20313331373335.roa
Signing time:             Mon 31 Jul 2023 00:07:25 +0000
ROA not before:           Mon 31 Jul 2023 00:02:25 +0000
ROA not after:            Mon 29 Jul 2024 00:07:25 +0000
asID:                     131735
IP address blocks:        103.15.240.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/9c2c4948-687b-4020-87f4-28ee4b63aa47/0/91982855FD8C4C119B32F9D536B640804091001C.crl
                          rsync://repo-rpki.idnic.net/repo/9c2c4948-687b-4020-87f4-28ee4b63aa47/0/91982855FD8C4C119B32F9D536B640804091001C.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/91982855FD8C4C119B32F9D536B640804091001C.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 18:02:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:4c:8a:68:5c:55:2b:9f:0b:aa:e7:11:d3:42:c5:30:e3:3f:da:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91982855FD8C4C119B32F9D536B640804091001C
        Validity
            Not Before: Jul 31 00:02:25 2023 GMT
            Not After : Jul 29 00:07:25 2024 GMT
        Subject: CN=5FCC3B105F4F629B1FAB805E5A6712D3F7A808B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:62:2e:4a:a0:0a:bb:5a:27:2f:dc:35:42:cf:
                    f3:86:49:c6:f6:08:74:af:1b:c6:d5:7b:96:f1:5c:
                    dc:8f:76:28:4c:ff:be:12:f3:3f:c2:58:b2:8d:89:
                    59:c5:c5:de:d2:c4:3d:ce:93:14:57:f7:ca:87:66:
                    33:b1:86:f8:9c:35:a0:87:e5:fc:50:f8:4d:84:71:
                    c2:be:11:39:7e:0e:02:c7:d5:e3:bd:14:20:4e:65:
                    7f:b3:9e:95:49:b9:ad:b5:e3:d0:97:34:a8:23:2b:
                    13:f5:c0:34:6b:bd:38:39:1f:b6:04:84:9c:ac:d9:
                    b5:98:6c:15:24:54:74:79:12:f2:61:a4:cb:60:ce:
                    f7:e8:5d:e8:37:b0:66:27:8e:8b:7b:4f:52:23:2b:
                    1c:97:8e:8a:9b:5f:9e:65:38:07:46:d4:f9:93:0b:
                    33:4a:01:89:81:94:1c:50:77:76:31:04:97:73:91:
                    43:97:23:1a:b9:eb:62:99:50:7f:18:56:69:a8:bf:
                    31:33:b6:e0:d8:4b:a8:fa:c7:e5:ba:1a:2e:a1:ca:
                    8a:3d:d9:22:ad:1b:7e:54:e8:44:98:c6:61:d7:50:
                    1d:c4:7f:69:10:4c:05:e1:5e:32:66:9c:ba:b2:5a:
                    e1:b5:d0:61:4a:bc:5b:46:48:87:32:00:06:d2:de:
                    2c:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:CC:3B:10:5F:4F:62:9B:1F:AB:80:5E:5A:67:12:D3:F7:A8:08:B0
            X509v3 Authority Key Identifier:
                keyid:91:98:28:55:FD:8C:4C:11:9B:32:F9:D5:36:B6:40:80:40:91:00:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/9c2c4948-687b-4020-87f4-28ee4b63aa47/0/91982855FD8C4C119B32F9D536B640804091001C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/91982855FD8C4C119B32F9D536B640804091001C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/9c2c4948-687b-4020-87f4-28ee4b63aa47/0/3130332e31352e3234302e302f32322d3234203d3e20313331373335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.15.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:5d:02:eb:2c:16:71:8a:64:31:05:5b:e4:42:a9:89:63:53:
         11:c4:64:7a:fd:c5:9e:22:55:cd:a6:3c:3b:64:c8:ab:54:e5:
         2e:80:40:38:44:70:92:6e:df:6b:0e:43:d5:03:15:d3:dc:be:
         89:d7:aa:92:75:6e:2a:67:81:5e:4c:aa:ad:7a:21:e4:9f:27:
         61:6c:cd:73:99:cc:54:84:7d:a4:a6:c1:8f:16:ca:be:41:f2:
         f2:12:7a:c5:a5:f1:f2:65:13:9b:19:1a:3e:6d:ed:6c:70:ed:
         e3:8e:ae:2d:c9:7f:ff:fd:d3:62:30:0c:fd:df:1d:2d:d7:9c:
         9a:37:8e:14:c8:a0:69:7c:b9:a4:91:c9:75:c8:49:0a:b4:ea:
         d3:b3:83:04:c6:8d:f2:d5:f6:de:ba:b3:1b:df:30:e7:27:ef:
         3d:e0:ea:bb:32:1a:fa:b0:2c:16:20:9a:42:a1:ca:6b:c1:e8:
         66:9f:3b:cd:28:d5:52:c2:a7:13:c7:72:36:d1:7a:99:64:08:
         d2:e4:ff:be:7b:c6:ef:ee:12:d7:8f:0a:a7:11:9d:fd:92:db:
         72:00:15:57:0e:ef:8c:97:0c:7f:0c:b2:44:39:2b:6f:84:dd:
         d9:7c:e7:17:2e:06:62:44:36:73:2e:6f:0b:73:84:55:9c:57:
         eb:c5:85:07
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUW0yKaFxVK58LqucR00LFMOM/2rUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTE5ODI4NTVGRDhDNEMxMTlCMzJGOUQ1MzZCNjQwODA0
MDkxMDAxQzAeFw0yMzA3MzEwMDAyMjVaFw0yNDA3MjkwMDA3MjVaMDMxMTAvBgNV
BAMTKDVGQ0MzQjEwNUY0RjYyOUIxRkFCODA1RTVBNjcxMkQzRjdBODA4QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkYi5KoAq7Wicv3DVCz/OGScb2
CHSvG8bVe5bxXNyPdihM/74S8z/CWLKNiVnFxd7SxD3OkxRX98qHZjOxhvicNaCH
5fxQ+E2EccK+ETl+DgLH1eO9FCBOZX+znpVJua2149CXNKgjKxP1wDRrvTg5H7YE
hJys2bWYbBUkVHR5EvJhpMtgzvfoXeg3sGYnjot7T1IjKxyXjoqbX55lOAdG1PmT
CzNKAYmBlBxQd3YxBJdzkUOXIxq562KZUH8YVmmovzEztuDYS6j6x+W6Gi6hyoo9
2SKtG35U6ESYxmHXUB3Ef2kQTAXhXjJmnLqyWuG10GFKvFtGSIcyAAbS3iyHAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUX8w7EF9PYpsfq4BeWmcS0/eoCLAwHwYDVR0j
BBgwFoAUkZgoVf2MTBGbMvnVNrZAgECRABwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby85
YzJjNDk0OC02ODdiLTQwMjAtODdmNC0yOGVlNGI2M2FhNDcvMC85MTk4Mjg1NUZE
OEM0QzExOUIzMkY5RDUzNkI2NDA4MDQwOTEwMDFDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOTE5ODI4NTVGRDhDNEMxMTlCMzJGOUQ1MzZCNjQwODA0MDkx
MDAxQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzljMmM0OTQ4LTY4N2ItNDAyMC04
N2Y0LTI4ZWU0YjYzYWE0Ny8wLzMxMzAzMzJlMzEzNTJlMzIzNDMwMmUzMDJmMzIz
MjJkMzIzNDIwM2QzZTIwMzEzMzMxMzczMzM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCZw/wMA0GCSqG
SIb3DQEBCwUAA4IBAQBoXQLrLBZximQxBVvkQqmJY1MRxGR6/cWeIlXNpjw7ZMir
VOUugEA4RHCSbt9rDkPVAxXT3L6J16qSdW4qZ4FeTKqteiHknydhbM1zmcxUhH2k
psGPFsq+QfLyEnrFpfHyZRObGRo+be1scO3jjq4tyX///dNiMAz93x0t15yaN44U
yKBpfLmkkcl1yEkKtOrTs4MExo3y1fbeurMb3zDnJ+894Oq7Mhr6sCwWIJpCocpr
wehmnzvNKNVSwqcTx3I20XqZZAjS5P++e8bv7hLXjwqnEZ39kttyABVXDu+Mlwx/
DLJEOStvhN3ZfOcXLgZiRDZzLm8Lc4RVnFfrxYUH
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:17:13 2024 by rpki-client on console-fra.rpki-client.org