Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31342e34342e302f32332d3233203d3e203435333132.roa
File:                     3130332e31342e34342e302f32332d3233203d3e203435333132.roa (raw, json)
Hash identifier:          DBqy4UMcW9xzRCoi34mq/M1Jck0rPq+CSKH035MdaEU=
Subject key identifier:   24:44:4D:C4:80:81:E7:C5:58:D2:87:2F:58:E5:BB:00:FE:BF:83:79
Certificate issuer:       /CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Certificate serial:       0F2474B7892A26E17B94F208AA1D63921F1FB32F
Authority key identifier: 15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31342e34342e302f32332d3233203d3e203435333132.roa
Signing time:             Mon 31 Jul 2023 00:06:24 +0000
ROA not before:           Mon 31 Jul 2023 00:01:24 +0000
ROA not after:            Mon 29 Jul 2024 00:06:24 +0000
asID:                     45312
IP address blocks:        103.14.44.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl
                          rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 14:14:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:24:74:b7:89:2a:26:e1:7b:94:f2:08:aa:1d:63:92:1f:1f:b3:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
        Validity
            Not Before: Jul 31 00:01:24 2023 GMT
            Not After : Jul 29 00:06:24 2024 GMT
        Subject: CN=24444DC48081E7C558D2872F58E5BB00FEBF8379
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:43:eb:14:92:1b:f0:01:73:de:70:8f:38:26:
                    01:ef:91:d1:a4:30:f3:cf:ee:84:06:b4:95:cd:d7:
                    4d:90:3f:fc:e8:db:f4:04:4f:aa:f9:12:d2:17:a6:
                    63:8d:a7:e1:03:6c:39:f9:da:45:44:c2:7b:92:fe:
                    c0:79:a6:c8:a2:88:7e:fa:23:a1:82:14:c2:6a:ca:
                    19:26:1a:fe:8d:e5:f3:03:1c:1e:59:48:26:67:6c:
                    b9:57:a7:fa:41:67:1a:e2:3c:4c:b6:fa:38:40:46:
                    1c:0e:0a:89:0a:5f:b3:27:eb:96:c0:0f:01:f2:68:
                    95:14:90:4f:91:a7:06:a4:1d:6a:1a:18:2d:f7:6a:
                    8d:ac:d0:88:0e:28:8f:17:dc:5a:47:b4:b5:40:f7:
                    eb:94:52:57:ae:ed:cb:49:db:5a:71:f6:ba:39:02:
                    7e:87:e2:65:30:c3:66:77:38:c9:a4:a8:9f:d9:5c:
                    9b:c3:19:cd:22:ba:be:45:7c:7d:9a:79:eb:20:d4:
                    89:d1:34:30:d5:1f:71:28:04:80:f6:73:d0:58:91:
                    0d:84:14:2f:c4:88:73:6e:39:cc:29:34:8e:3f:2d:
                    a4:03:e9:cf:10:5f:33:bd:08:aa:27:59:97:d4:bb:
                    09:59:73:60:ab:81:4f:1d:c1:1b:d1:6f:48:fb:1a:
                    81:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:44:4D:C4:80:81:E7:C5:58:D2:87:2F:58:E5:BB:00:FE:BF:83:79
            X509v3 Authority Key Identifier:
                keyid:15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31342e34342e302f32332d3233203d3e203435333132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.14.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         41:4b:0a:64:38:0a:bb:8c:0b:8f:3e:97:22:13:b0:55:97:a1:
         b3:7a:88:0b:2c:c7:80:27:71:b8:e5:3c:33:6d:df:7c:21:ef:
         64:50:cb:0e:b0:62:fd:e7:3d:4c:ce:21:e5:df:a3:ad:4a:74:
         ab:cb:e4:64:39:cb:21:64:62:8f:b6:49:2e:fb:a1:41:0a:af:
         6d:c5:3a:c6:51:ca:10:c6:f2:24:9f:f8:fa:c5:b3:fd:25:f9:
         4b:49:9f:73:f4:3f:28:63:53:0b:63:ae:cc:11:5f:85:db:e4:
         15:4f:5b:b8:23:60:f1:83:a9:10:0d:9c:cc:a8:87:5a:1a:5f:
         a5:7f:53:2a:19:c1:09:2a:5a:09:b3:ac:df:1e:9b:80:ce:f0:
         90:fb:8f:c4:53:1b:c0:01:a9:6a:00:7a:52:f9:4e:70:11:4b:
         08:15:4b:84:28:22:03:b9:e1:79:75:36:4a:3c:21:de:4d:de:
         45:51:00:0b:f1:d7:a3:06:ca:b8:71:41:04:5f:00:9e:2d:9c:
         8a:cd:06:46:6b:98:c9:4a:22:19:2d:81:03:68:6f:d0:22:92:
         bc:77:35:46:c4:d3:60:b9:a6:b2:83:62:27:aa:91:3e:7a:f1:
         f0:69:01:26:0d:ca:fc:54:af:fd:19:d8:15:b1:ce:08:cc:43:
         fd:00:73:74
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUDyR0t4kqJuF7lPIIqh1jkh8fsy8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NB
MEJGQzQ0MTAeFw0yMzA3MzEwMDAxMjRaFw0yNDA3MjkwMDA2MjRaMDMxMTAvBgNV
BAMTKDI0NDQ0REM0ODA4MUU3QzU1OEQyODcyRjU4RTVCQjAwRkVCRjgzNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgQ+sUkhvwAXPecI84JgHvkdGk
MPPP7oQGtJXN102QP/zo2/QET6r5EtIXpmONp+EDbDn52kVEwnuS/sB5psiiiH76
I6GCFMJqyhkmGv6N5fMDHB5ZSCZnbLlXp/pBZxriPEy2+jhARhwOCokKX7Mn65bA
DwHyaJUUkE+RpwakHWoaGC33ao2s0IgOKI8X3FpHtLVA9+uUUleu7ctJ21px9ro5
An6H4mUww2Z3OMmkqJ/ZXJvDGc0iur5FfH2aeesg1InRNDDVH3EoBID2c9BYkQ2E
FC/EiHNuOcwpNI4/LaQD6c8QXzO9CKonWZfUuwlZc2CrgU8dwRvRb0j7GoHpAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUJERNxICB58VY0ocvWOW7AP6/g3kwHwYDVR0j
BBgwFoAUFU7gMZhGe5YxX9tSf7O7zKC/xEEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NjIxZjc1My1hODhlLTRlZGYtYTMwNi1iZDkzZDVhMzhmZWEvMC8xNTRFRTAzMTk4
NDY3Qjk2MzE1RkRCNTI3RkIzQkJDQ0EwQkZDNDQxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NBMEJG
QzQ0MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2MjFmNzUzLWE4OGUtNGVkZi1h
MzA2LWJkOTNkNWEzOGZlYS8wLzMxMzAzMzJlMzEzNDJlMzQzNDJlMzAyZjMyMzMy
ZDMyMzMyMDNkM2UyMDM0MzUzMzMxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnDiwwDQYJKoZIhvcN
AQELBQADggEBAEFLCmQ4CruMC48+lyITsFWXobN6iAssx4AncbjlPDNt33wh72RQ
yw6wYv3nPUzOIeXfo61KdKvL5GQ5yyFkYo+2SS77oUEKr23FOsZRyhDG8iSf+PrF
s/0l+UtJn3P0PyhjUwtjrswRX4Xb5BVPW7gjYPGDqRANnMyoh1oaX6V/UyoZwQkq
WgmzrN8em4DO8JD7j8RTG8ABqWoAelL5TnARSwgVS4QoIgO54Xl1Nko8Id5N3kVR
AAvx16MGyrhxQQRfAJ4tnIrNBkZrmMlKIhktgQNob9Aikrx3NUbE02C5prKDYieq
kT568fBpASYNyvxUr/0Z2BWxzgjMQ/0Ac3Q=
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:54:33 2024 by rpki-client on console-fra.rpki-client.org