Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/3130332e3130322e3131322e302f32342d3234203d3e20313336383536.roa
File:                     3130332e3130322e3131322e302f32342d3234203d3e20313336383536.roa (raw, json)
Hash identifier:          2AJHwWgdpuXScTgYm/DeoeVMKJvtVcDa6vejlN+srWY=
Subject key identifier:   B2:37:58:12:5E:21:95:66:82:4F:2B:2E:9F:00:C4:4E:C3:70:41:82
Certificate issuer:       /CN=A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63
Certificate serial:       3D712B4F181DAA604885A40CBA66F6246FCEACED
Authority key identifier: A0:0D:BC:78:CB:2F:CD:6D:A9:4D:C1:E0:7D:FA:66:68:02:7D:1B:63
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/3130332e3130322e3131322e302f32342d3234203d3e20313336383536.roa
Signing time:             Sat 12 Aug 2023 12:00:02 +0000
ROA not before:           Sat 12 Aug 2023 11:55:02 +0000
ROA not after:            Sat 10 Aug 2024 12:00:02 +0000
asID:                     136856
IP address blocks:        103.102.112.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.crl
                          rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:71:2b:4f:18:1d:aa:60:48:85:a4:0c:ba:66:f6:24:6f:ce:ac:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63
        Validity
            Not Before: Aug 12 11:55:02 2023 GMT
            Not After : Aug 10 12:00:02 2024 GMT
        Subject: CN=B23758125E219566824F2B2E9F00C44EC3704182
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:8b:5d:7c:9a:db:e7:90:c6:0d:8f:03:12:e7:
                    4c:03:7a:89:e8:35:66:01:e9:98:cd:66:bc:1d:e7:
                    a8:8f:6f:14:9c:74:38:f8:f0:24:67:9b:34:e0:19:
                    1f:bd:62:c0:8f:52:47:68:c5:f2:66:d5:ba:44:ab:
                    59:71:dd:a0:f7:d4:5f:0b:8e:73:2c:99:46:6a:e0:
                    1e:bf:94:05:0c:f7:6d:46:e1:9f:1f:1d:05:71:33:
                    0a:7b:e2:32:24:f7:6e:ab:85:5f:f3:0d:60:4f:d5:
                    77:52:71:fb:e0:a8:79:55:42:f1:8c:89:c9:2c:cb:
                    3e:76:71:5b:79:d0:ce:78:12:d6:94:c5:9d:5a:11:
                    36:8a:be:a1:d2:f1:fc:f6:ff:93:7d:ce:e6:96:23:
                    d5:52:17:f6:e9:98:d5:8f:db:35:cc:4f:9e:0a:56:
                    9e:d3:93:f6:31:6e:9c:2f:8e:1f:dd:8d:00:c4:ac:
                    cb:f5:fa:f6:f9:a1:7e:77:cc:88:f4:35:b0:d7:b3:
                    e3:51:4b:c3:c0:bb:31:94:71:15:6e:99:d0:23:c2:
                    0c:ec:e3:cd:72:e5:c7:03:3c:85:4e:49:82:3a:bc:
                    93:de:c2:91:05:70:0d:60:79:70:85:ed:31:22:41:
                    9f:87:c5:31:47:03:1c:e1:1b:44:7b:79:7c:00:8a:
                    78:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:37:58:12:5E:21:95:66:82:4F:2B:2E:9F:00:C4:4E:C3:70:41:82
            X509v3 Authority Key Identifier:
                keyid:A0:0D:BC:78:CB:2F:CD:6D:A9:4D:C1:E0:7D:FA:66:68:02:7D:1B:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/3130332e3130322e3131322e302f32342d3234203d3e20313336383536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.102.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:ea:56:af:49:10:a2:c0:f4:0a:64:ff:ba:41:e8:ec:1b:22:
         c5:4a:8b:b9:6f:c7:7d:09:5f:1a:87:ad:37:f7:fd:b9:2b:6f:
         d0:e3:9b:37:5a:a3:d5:29:33:32:77:e6:5b:c2:fb:d7:87:42:
         32:81:34:1a:2f:e9:55:bd:3b:22:83:95:95:92:06:0c:81:1f:
         6e:19:b6:d8:8a:5a:c4:ab:1e:f1:03:9d:86:85:8b:86:0a:dc:
         21:16:fe:c1:9c:9e:54:c6:b3:8a:a9:5e:08:91:7e:66:cd:89:
         84:7d:02:22:5f:72:8a:c5:d2:76:b9:b7:68:70:64:46:0d:bf:
         df:f5:9b:fb:cb:1d:30:86:71:ec:fc:35:c5:b3:0f:b4:02:99:
         49:79:0b:4b:0b:69:bf:11:18:3d:45:55:f8:28:81:16:68:b8:
         d5:ae:e5:3c:5a:dc:1d:56:3c:d6:01:37:2b:cc:b2:39:b3:c2:
         3c:71:71:0f:e3:17:b9:bd:53:65:c8:57:70:e1:ee:dc:c9:d6:
         2b:3d:8f:b3:6f:65:af:09:6c:6f:62:28:25:24:25:7f:61:ca:
         7f:9e:9b:94:42:e9:6c:e7:3d:dc:6a:d2:a5:78:cb:0d:3b:3a:
         55:45:79:26:d5:ce:46:3a:dd:77:7d:e2:8f:dd:68:28:f5:18:
         5d:1b:f9:05
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUPXErTxgdqmBIhaQMumb2JG/OrO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTAwREJDNzhDQjJGQ0Q2REE5NERDMUUwN0RGQTY2Njgw
MjdEMUI2MzAeFw0yMzA4MTIxMTU1MDJaFw0yNDA4MTAxMjAwMDJaMDMxMTAvBgNV
BAMTKEIyMzc1ODEyNUUyMTk1NjY4MjRGMkIyRTlGMDBDNDRFQzM3MDQxODIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGi118mtvnkMYNjwMS50wDeono
NWYB6ZjNZrwd56iPbxScdDj48CRnmzTgGR+9YsCPUkdoxfJm1bpEq1lx3aD31F8L
jnMsmUZq4B6/lAUM921G4Z8fHQVxMwp74jIk926rhV/zDWBP1XdScfvgqHlVQvGM
icksyz52cVt50M54EtaUxZ1aETaKvqHS8fz2/5N9zuaWI9VSF/bpmNWP2zXMT54K
Vp7Tk/Yxbpwvjh/djQDErMv1+vb5oX53zIj0NbDXs+NRS8PAuzGUcRVumdAjwgzs
481y5ccDPIVOSYI6vJPewpEFcA1geXCF7TEiQZ+HxTFHAxzhG0R7eXwAinjVAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUsjdYEl4hlWaCTysunwDETsNwQYIwHwYDVR0j
BBgwFoAUoA28eMsvzW2pTcHgffpmaAJ9G2MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NWM3YTQwNC1lYjNmLTRjZjEtOTlmOS04Mjc5NjE2NjFmMzEvMC9BMDBEQkM3OENC
MkZDRDZEQTk0REMxRTA3REZBNjY2ODAyN0QxQjYzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTAwREJDNzhDQjJGQ0Q2REE5NERDMUUwN0RGQTY2NjgwMjdE
MUI2My5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1YzdhNDA0LWViM2YtNGNmMS05
OWY5LTgyNzk2MTY2MWYzMS8wLzMxMzAzMzJlMzEzMDMyMmUzMTMxMzIyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzODM1MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnZnAwDQYJ
KoZIhvcNAQELBQADggEBABbqVq9JEKLA9Apk/7pB6OwbIsVKi7lvx30JXxqHrTf3
/bkrb9Djmzdao9UpMzJ35lvC+9eHQjKBNBov6VW9OyKDlZWSBgyBH24ZttiKWsSr
HvEDnYaFi4YK3CEW/sGcnlTGs4qpXgiRfmbNiYR9AiJfcorF0na5t2hwZEYNv9/1
m/vLHTCGcez8NcWzD7QCmUl5C0sLab8RGD1FVfgogRZouNWu5Txa3B1WPNYBNyvM
sjmzwjxxcQ/jF7m9U2XIV3Dh7tzJ1is9j7NvZa8JbG9iKCUkJX9hyn+em5RC6Wzn
Pdxq0qV4yw07OlVFeSbVzkY63Xd94o/daCj1GF0b+QU=
-----END CERTIFICATE-----
Generated at Wed Mar 27 05:20:16 2024 by rpki-client on console-fra.rpki-client.org