Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/3130332e36362e36332e302f32342d3234203d3e20313530353131.roa
File:                     3130332e36362e36332e302f32342d3234203d3e20313530353131.roa (raw, json)
Hash identifier:          rx1be9bd2H9AbdGCHzV+lvyxlXl77my3lmdM4MqYlKk=
Subject key identifier:   D3:C8:85:5B:1D:13:B5:AF:57:18:36:8F:EB:E6:1B:DF:5A:09:47:B9
Certificate issuer:       /CN=E7953AD51AF5D89FB7129E253DEEFE8072247264
Certificate serial:       12492B6BC4D0BFFD8B761A390EA9D0058FFFD70A
Authority key identifier: E7:95:3A:D5:1A:F5:D8:9F:B7:12:9E:25:3D:EE:FE:80:72:24:72:64
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E7953AD51AF5D89FB7129E253DEEFE8072247264.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/3130332e36362e36332e302f32342d3234203d3e20313530353131.roa
Signing time:             Wed 17 Jan 2024 08:00:27 +0000
ROA not before:           Wed 17 Jan 2024 07:55:27 +0000
ROA not after:            Wed 15 Jan 2025 08:00:27 +0000
asID:                     150511
IP address blocks:        103.66.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/E7953AD51AF5D89FB7129E253DEEFE8072247264.crl
                          rsync://repo-rpki.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/E7953AD51AF5D89FB7129E253DEEFE8072247264.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E7953AD51AF5D89FB7129E253DEEFE8072247264.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 19 Jun 2024 03:09:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            12:49:2b:6b:c4:d0:bf:fd:8b:76:1a:39:0e:a9:d0:05:8f:ff:d7:0a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E7953AD51AF5D89FB7129E253DEEFE8072247264
        Validity
            Not Before: Jan 17 07:55:27 2024 GMT
            Not After : Jan 15 08:00:27 2025 GMT
        Subject: CN=D3C8855B1D13B5AF5718368FEBE61BDF5A0947B9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:3a:dd:13:1a:7f:be:f4:fe:2e:77:d9:f5:f4:
                    4f:6c:85:dc:52:32:6d:78:ee:11:cf:ae:c1:09:be:
                    72:f0:2b:fc:d4:d1:af:bd:e4:1c:f5:36:d2:c3:57:
                    af:4e:4d:46:11:0d:fb:de:ff:d5:01:2c:50:96:0b:
                    97:f5:1d:9b:34:1d:d6:fe:7d:85:19:cc:f8:78:45:
                    21:6e:1f:c2:f6:4b:b8:9f:ab:29:a7:f8:52:05:1b:
                    b0:b0:7f:3a:fa:f7:90:7e:d5:c1:ee:a5:02:be:6d:
                    39:de:f3:e4:91:1e:9a:d3:3f:69:b4:17:e5:3a:1d:
                    9f:bf:e1:2a:ed:e5:f3:c9:6f:0a:a4:21:ed:1a:fa:
                    f0:24:bb:40:ef:29:c5:9c:97:1a:fe:0f:a7:f8:bb:
                    ba:2b:66:f1:a9:5d:8e:ab:77:b2:15:43:e1:e9:13:
                    c4:47:27:5a:52:a2:63:49:65:62:23:55:50:25:99:
                    22:e7:54:83:5b:7e:d9:a0:ab:de:55:7a:12:5a:1f:
                    9b:8f:80:fc:37:12:2a:01:5b:80:c4:d6:58:e2:11:
                    ad:1c:55:a6:3b:c1:3b:f4:99:ab:a8:65:c9:dd:ec:
                    38:89:94:26:cc:38:da:a8:ad:8e:7b:d5:69:27:92:
                    6e:0b:9d:4d:7a:79:dd:55:1a:b4:b8:4e:b8:31:7d:
                    47:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:C8:85:5B:1D:13:B5:AF:57:18:36:8F:EB:E6:1B:DF:5A:09:47:B9
            X509v3 Authority Key Identifier:
                keyid:E7:95:3A:D5:1A:F5:D8:9F:B7:12:9E:25:3D:EE:FE:80:72:24:72:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/E7953AD51AF5D89FB7129E253DEEFE8072247264.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E7953AD51AF5D89FB7129E253DEEFE8072247264.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/aba90944-656d-4aa7-9173-591280833f81/0/3130332e36362e36332e302f32342d3234203d3e20313530353131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.66.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:63:d8:45:e5:9e:d9:fd:1a:7f:99:a1:60:7c:6e:bf:a9:ac:
         cb:26:3b:39:22:1d:a6:bf:f9:f4:99:0b:5d:e6:cc:39:1f:e0:
         08:83:5b:73:1d:3b:d1:6f:4c:0e:24:ff:f0:89:f3:03:67:d0:
         e5:49:49:18:37:ec:3b:70:25:ee:47:29:9d:94:2c:63:07:fe:
         f7:20:b9:db:a4:bd:0d:fd:74:ed:f0:dd:f8:b1:31:50:6d:82:
         fc:bb:ea:78:85:14:a8:69:0e:6b:ff:57:4a:fb:64:fd:20:28:
         d7:ac:ee:b2:44:d9:56:44:ba:ed:15:4b:94:2a:e0:6a:4a:a4:
         63:a0:4c:5c:fb:2e:54:49:d6:70:d3:81:29:8e:d7:89:25:43:
         16:57:f6:db:8b:3a:58:4f:aa:e4:c5:85:d7:38:58:e9:86:9b:
         8e:0b:c7:b3:ba:e3:a6:e3:7d:e5:3c:08:85:2b:9a:68:38:a1:
         bf:4d:f0:e0:ec:ae:a4:11:40:30:a6:90:b3:5f:e7:0e:bd:63:
         00:0b:c7:a0:21:79:10:65:d9:28:6e:44:1c:7d:55:ad:c7:84:
         2c:09:0c:50:60:0f:72:f1:76:e9:69:87:f3:9f:b4:51:d5:49:
         c6:26:09:b4:e5:51:2d:0d:8a:03:95:25:db:cb:a1:3e:44:00:
         d6:2d:f5:87
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUEkkra8TQv/2Ldho5DqnQBY//1wowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTc5NTNBRDUxQUY1RDg5RkI3MTI5RTI1M0RFRUZFODA3
MjI0NzI2NDAeFw0yNDAxMTcwNzU1MjdaFw0yNTAxMTUwODAwMjdaMDMxMTAvBgNV
BAMTKEQzQzg4NTVCMUQxM0I1QUY1NzE4MzY4RkVCRTYxQkRGNUEwOTQ3QjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVOt0TGn++9P4ud9n19E9shdxS
Mm147hHPrsEJvnLwK/zU0a+95Bz1NtLDV69OTUYRDfve/9UBLFCWC5f1HZs0Hdb+
fYUZzPh4RSFuH8L2S7ifqymn+FIFG7Cwfzr695B+1cHupQK+bTne8+SRHprTP2m0
F+U6HZ+/4Srt5fPJbwqkIe0a+vAku0DvKcWclxr+D6f4u7orZvGpXY6rd7IVQ+Hp
E8RHJ1pSomNJZWIjVVAlmSLnVINbftmgq95VehJaH5uPgPw3EioBW4DE1ljiEa0c
VaY7wTv0mauoZcnd7DiJlCbMONqorY571Wknkm4LnU16ed1VGrS4TrgxfUe9AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQU08iFWx0Tta9XGDaP6+Yb31oJR7kwHwYDVR0j
BBgwFoAU55U61Rr12J+3Ep4lPe7+gHIkcmQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
YmE5MDk0NC02NTZkLTRhYTctOTE3My01OTEyODA4MzNmODEvMC9FNzk1M0FENTFB
RjVEODlGQjcxMjlFMjUzREVFRkU4MDcyMjQ3MjY0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTc5NTNBRDUxQUY1RDg5RkI3MTI5RTI1M0RFRUZFODA3MjI0
NzI2NC5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FiYTkwOTQ0LTY1NmQtNGFhNy05
MTczLTU5MTI4MDgzM2Y4MS8wLzMxMzAzMzJlMzYzNjJlMzYzMzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDM1MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGdCPzANBgkqhkiG
9w0BAQsFAAOCAQEAMGPYReWe2f0af5mhYHxuv6msyyY7OSIdpr/59JkLXebMOR/g
CINbcx070W9MDiT/8InzA2fQ5UlJGDfsO3Al7kcpnZQsYwf+9yC526S9Df107fDd
+LExUG2C/LvqeIUUqGkOa/9XSvtk/SAo16zuskTZVkS67RVLlCrgakqkY6BMXPsu
VEnWcNOBKY7XiSVDFlf224s6WE+q5MWF1zhY6YabjgvHs7rjpuN95TwIhSuaaDih
v03w4OyupBFAMKaQs1/nDr1jAAvHoCF5EGXZKG5EHH1VrceELAkMUGAPcvF26WmH
85+0UdVJxiYJtOVRLQ2KA5Ul28uhPkQA1i31hw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 01:44:57 2024 by rpki-client on console-fra.rpki-client.org