Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/3130332e3130322e3131352e302f32342d3234203d3e20313336383536.roa
File:                     3130332e3130322e3131352e302f32342d3234203d3e20313336383536.roa (raw, json)
Hash identifier:          Wg3rwLssx46aTqk+/Xtfr/fCRWeLjKbHMnBPIfvqa84=
Subject key identifier:   45:78:4D:BC:83:88:F8:61:63:FC:55:9A:A3:11:B7:31:0A:D2:47:27
Certificate issuer:       /CN=A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63
Certificate serial:       2F04CDA4D2317DA30B30FBDC752935559126BD72
Authority key identifier: A0:0D:BC:78:CB:2F:CD:6D:A9:4D:C1:E0:7D:FA:66:68:02:7D:1B:63
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/3130332e3130322e3131352e302f32342d3234203d3e20313336383536.roa
Signing time:             Sat 12 Aug 2023 12:00:01 +0000
ROA not before:           Sat 12 Aug 2023 11:55:01 +0000
ROA not after:            Sat 10 Aug 2024 12:00:01 +0000
asID:                     136856
IP address blocks:        103.102.115.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.crl
                          rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Fri 29 Mar 2024 16:36:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:04:cd:a4:d2:31:7d:a3:0b:30:fb:dc:75:29:35:55:91:26:bd:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63
        Validity
            Not Before: Aug 12 11:55:01 2023 GMT
            Not After : Aug 10 12:00:01 2024 GMT
        Subject: CN=45784DBC8388F86163FC559AA311B7310AD24727
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:c6:45:24:46:78:2d:d4:8c:16:73:c4:3e:55:
                    5b:a1:ac:87:70:e1:71:25:05:e9:52:b5:70:10:41:
                    e7:df:af:dd:fe:82:de:f1:ea:e3:52:77:58:4a:6a:
                    00:a3:f0:3a:79:4e:c6:a8:0a:d8:c8:24:cf:1b:1a:
                    e8:d2:9f:33:6c:97:1b:1d:10:70:e1:32:9e:e7:b1:
                    0d:7b:a4:f0:c8:47:ec:ae:d2:30:7c:42:d7:69:ae:
                    10:8b:d8:0c:77:98:bf:24:80:d9:6d:e5:ed:e2:e2:
                    87:23:b9:08:a0:d1:c1:4e:29:26:51:4b:b3:73:d5:
                    db:65:dc:a5:3f:32:58:be:a3:ab:f4:82:e9:25:ec:
                    07:18:1a:b8:b0:0b:dd:e0:f2:29:b9:7c:07:be:21:
                    6d:52:c7:d0:c3:42:ef:d5:12:c7:9e:28:8c:38:17:
                    27:a1:e6:7a:bd:81:5d:1f:c2:ab:f0:bd:0b:ca:a5:
                    eb:aa:ef:09:2b:f6:5f:b8:27:14:f5:71:b5:33:33:
                    fc:12:59:e2:6d:7d:6d:30:df:05:bc:c3:45:fe:cd:
                    a1:01:1e:c0:07:90:43:e6:52:66:c3:49:bb:b3:49:
                    56:8f:90:c2:35:9e:ec:6d:87:f2:1b:a8:6a:b2:3d:
                    fd:16:d0:2a:fe:99:cf:6c:9e:9d:24:da:10:2d:96:
                    31:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:78:4D:BC:83:88:F8:61:63:FC:55:9A:A3:11:B7:31:0A:D2:47:27
            X509v3 Authority Key Identifier:
                keyid:A0:0D:BC:78:CB:2F:CD:6D:A9:4D:C1:E0:7D:FA:66:68:02:7D:1B:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/A00DBC78CB2FCD6DA94DC1E07DFA6668027D1B63.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a5c7a404-eb3f-4cf1-99f9-827961661f31/0/3130332e3130322e3131352e302f32342d3234203d3e20313336383536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.102.115.0/24

    Signature Algorithm: sha256WithRSAEncryption
         95:c0:f2:70:16:22:64:ce:88:b3:13:00:fe:0d:82:ca:be:a4:
         f8:03:68:59:ba:a1:bb:1d:b6:56:f5:c5:b1:f8:21:8b:47:7f:
         48:4e:28:c3:95:2b:14:d3:ca:be:a6:52:98:6e:59:c7:78:30:
         bf:e1:d6:71:8f:73:5a:68:ff:ad:34:6e:fc:5f:f8:b3:ce:e7:
         9e:e8:7f:75:e5:d5:b8:d3:23:0f:2f:b6:30:7e:55:1d:7f:79:
         dc:13:8f:55:ac:a2:ae:c6:47:80:29:de:c3:0e:36:f6:5f:02:
         58:32:9d:b0:75:cd:e2:9a:5d:8b:e0:1b:6b:21:cd:ca:98:85:
         ab:c0:0d:9b:3f:a8:a0:2e:fb:b1:91:1c:a8:d7:71:5f:3a:a1:
         38:50:f7:ab:73:9b:1b:4e:8b:82:ef:77:81:34:35:dd:1e:20:
         5a:96:de:36:1e:57:99:8b:cc:d9:89:36:81:79:13:7d:08:7d:
         bb:82:e1:1f:ea:fc:47:83:a4:6b:66:7e:a5:21:fb:25:2b:fe:
         30:0a:72:f2:da:9c:b9:ec:2a:f4:1b:0d:b5:73:0c:4b:8b:de:
         b3:9e:24:5c:fe:e7:b7:a7:07:37:d1:43:c2:67:d6:0e:ca:96:
         f2:01:68:07:66:52:90:d0:7f:10:14:34:97:ee:6a:1c:d6:7d:
         e0:21:a5:88
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIULwTNpNIxfaMLMPvcdSk1VZEmvXIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTAwREJDNzhDQjJGQ0Q2REE5NERDMUUwN0RGQTY2Njgw
MjdEMUI2MzAeFw0yMzA4MTIxMTU1MDFaFw0yNDA4MTAxMjAwMDFaMDMxMTAvBgNV
BAMTKDQ1Nzg0REJDODM4OEY4NjE2M0ZDNTU5QUEzMTFCNzMxMEFEMjQ3MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQxkUkRngt1IwWc8Q+VVuhrIdw
4XElBelStXAQQeffr93+gt7x6uNSd1hKagCj8Dp5TsaoCtjIJM8bGujSnzNslxsd
EHDhMp7nsQ17pPDIR+yu0jB8QtdprhCL2Ax3mL8kgNlt5e3i4ocjuQig0cFOKSZR
S7Nz1dtl3KU/Mli+o6v0gukl7AcYGriwC93g8im5fAe+IW1Sx9DDQu/VEseeKIw4
Fyeh5nq9gV0fwqvwvQvKpeuq7wkr9l+4JxT1cbUzM/wSWeJtfW0w3wW8w0X+zaEB
HsAHkEPmUmbDSbuzSVaPkMI1nuxth/IbqGqyPf0W0Cr+mc9snp0k2hAtljEbAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQURXhNvIOI+GFj/FWaoxG3MQrSRycwHwYDVR0j
BBgwFoAUoA28eMsvzW2pTcHgffpmaAJ9G2MwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
NWM3YTQwNC1lYjNmLTRjZjEtOTlmOS04Mjc5NjE2NjFmMzEvMC9BMDBEQkM3OENC
MkZDRDZEQTk0REMxRTA3REZBNjY2ODAyN0QxQjYzLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQTAwREJDNzhDQjJGQ0Q2REE5NERDMUUwN0RGQTY2NjgwMjdE
MUI2My5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2E1YzdhNDA0LWViM2YtNGNmMS05
OWY5LTgyNzk2MTY2MWYzMS8wLzMxMzAzMzJlMzEzMDMyMmUzMTMxMzUyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzODM1MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnZnMwDQYJ
KoZIhvcNAQELBQADggEBAJXA8nAWImTOiLMTAP4Ngsq+pPgDaFm6obsdtlb1xbH4
IYtHf0hOKMOVKxTTyr6mUphuWcd4ML/h1nGPc1po/600bvxf+LPO557of3Xl1bjT
Iw8vtjB+VR1/edwTj1Wsoq7GR4Ap3sMONvZfAlgynbB1zeKaXYvgG2shzcqYhavA
DZs/qKAu+7GRHKjXcV86oThQ96tzmxtOi4Lvd4E0Nd0eIFqW3jYeV5mLzNmJNoF5
E30IfbuC4R/q/EeDpGtmfqUh+yUr/jAKcvLanLnsKvQbDbVzDEuL3rOeJFz+57en
BzfRQ8Jn1g7KlvIBaAdmUpDQfxAUNJfuahzWfeAhpYg=
-----END CERTIFICATE-----
Generated at Wed Mar 27 05:20:16 2024 by rpki-client on console-fra.rpki-client.org