Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31342e34342e302f32342d3234203d3e203435333132.roa
File:                     3130332e31342e34342e302f32342d3234203d3e203435333132.roa (raw, json)
Hash identifier:          tPAA19RZgnwanmUBpp1fNMtk1oeHwU76PcUloHFi5n8=
Subject key identifier:   03:1E:14:F4:97:19:3D:1F:AB:2A:B3:90:F4:1A:6F:BA:56:8C:BF:AC
Certificate issuer:       /CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Certificate serial:       04B5D81154D17BEA7E22BC0F916907F8009346D8
Authority key identifier: 15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31342e34342e302f32342d3234203d3e203435333132.roa
Signing time:             Mon 31 Jul 2023 00:06:25 +0000
ROA not before:           Mon 31 Jul 2023 00:01:25 +0000
ROA not after:            Mon 29 Jul 2024 00:06:25 +0000
asID:                     45312
IP address blocks:        103.14.44.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl
                          rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 14:14:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:b5:d8:11:54:d1:7b:ea:7e:22:bc:0f:91:69:07:f8:00:93:46:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
        Validity
            Not Before: Jul 31 00:01:25 2023 GMT
            Not After : Jul 29 00:06:25 2024 GMT
        Subject: CN=031E14F497193D1FAB2AB390F41A6FBA568CBFAC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:e2:6a:87:4c:18:91:bb:1c:9a:87:c5:bd:95:
                    28:da:48:f8:6b:56:0b:2f:75:2a:ef:b0:f6:7c:25:
                    62:9a:bf:67:5c:8f:cc:0b:11:86:1f:fa:16:ee:7d:
                    af:da:c6:b6:4f:bb:94:e2:ca:2b:f3:1f:af:ea:dc:
                    a6:52:97:05:28:e6:38:ba:e4:23:65:eb:01:b8:0d:
                    b6:18:fe:c1:33:d7:31:36:1d:b6:dd:3b:33:22:b2:
                    90:ec:4b:4f:80:fe:61:88:b0:24:14:09:cb:2a:0b:
                    ae:de:c6:71:ef:8c:bf:b1:b9:74:d2:a4:20:86:7e:
                    1c:6e:6c:67:8a:82:75:10:13:9e:98:81:56:89:73:
                    bd:be:b5:18:31:e8:d8:20:9c:ec:26:b4:8f:d9:7e:
                    33:90:cd:10:c9:c4:fc:d0:2b:f2:00:5d:a1:eb:7a:
                    c6:14:bd:ed:c3:34:9b:90:6e:af:8d:75:25:c3:2d:
                    49:04:88:b2:16:d0:e6:2e:43:d4:34:2f:73:0f:ec:
                    e9:1c:bc:c0:93:29:23:aa:f0:ea:11:10:57:b9:a2:
                    c7:5e:b2:ec:65:13:0d:d9:55:22:1b:d9:68:19:ab:
                    00:3c:e5:20:d9:50:37:ea:db:e1:8c:64:83:8e:38:
                    46:cc:46:c5:b3:8e:8e:7c:29:11:e8:fe:65:41:7a:
                    9f:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:1E:14:F4:97:19:3D:1F:AB:2A:B3:90:F4:1A:6F:BA:56:8C:BF:AC
            X509v3 Authority Key Identifier:
                keyid:15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31342e34342e302f32342d3234203d3e203435333132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.14.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3f:6e:ba:f8:b1:61:0b:93:eb:7f:92:70:41:2d:8c:a0:1a:cc:
         19:8e:c1:53:a5:32:fc:e2:be:0c:d3:0b:37:f7:c2:6c:95:21:
         f6:d6:76:b1:ab:c1:02:88:3e:28:ca:62:25:ba:2e:62:1f:05:
         e3:10:8f:0f:e9:ac:0f:f2:dc:fa:82:6e:de:7b:ad:d3:8e:1d:
         7d:27:df:99:b2:45:06:e0:e6:84:b3:f8:b6:b8:a9:24:68:3f:
         a2:92:32:4c:d9:65:65:3f:81:ae:2d:bd:e6:d5:74:c9:36:dd:
         6e:dd:8a:4c:5a:79:cd:7c:d0:d4:4e:bc:d6:16:86:c8:75:38:
         69:a7:1f:e0:06:20:0a:cf:3c:c9:20:49:d3:35:0e:8a:ed:68:
         44:4f:8c:0d:3f:2d:42:c3:6c:87:40:66:45:40:cd:ac:6b:2d:
         11:41:1f:4f:ac:46:24:d6:df:26:28:ee:ec:de:ea:8f:1a:1c:
         75:d0:85:75:31:d1:23:ba:18:33:a5:61:11:0e:1d:e7:5e:85:
         ae:ff:19:23:1c:49:06:69:7a:19:56:7d:47:89:bf:10:fa:39:
         44:f0:d9:58:57:90:b5:1e:3b:09:11:33:d5:06:ec:56:08:38:
         c8:66:9a:25:b6:c3:46:c4:95:67:96:a2:2a:2f:f9:4d:68:d1:
         c6:3b:63:18
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUBLXYEVTRe+p+IrwPkWkH+ACTRtgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NB
MEJGQzQ0MTAeFw0yMzA3MzEwMDAxMjVaFw0yNDA3MjkwMDA2MjVaMDMxMTAvBgNV
BAMTKDAzMUUxNEY0OTcxOTNEMUZBQjJBQjM5MEY0MUE2RkJBNTY4Q0JGQUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp4mqHTBiRuxyah8W9lSjaSPhr
VgsvdSrvsPZ8JWKav2dcj8wLEYYf+hbufa/axrZPu5TiyivzH6/q3KZSlwUo5ji6
5CNl6wG4DbYY/sEz1zE2HbbdOzMispDsS0+A/mGIsCQUCcsqC67exnHvjL+xuXTS
pCCGfhxubGeKgnUQE56YgVaJc72+tRgx6NggnOwmtI/ZfjOQzRDJxPzQK/IAXaHr
esYUve3DNJuQbq+NdSXDLUkEiLIW0OYuQ9Q0L3MP7OkcvMCTKSOq8OoREFe5osde
suxlEw3ZVSIb2WgZqwA85SDZUDfq2+GMZIOOOEbMRsWzjo58KRHo/mVBep8dAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUAx4U9JcZPR+rKrOQ9BpvulaMv6wwHwYDVR0j
BBgwFoAUFU7gMZhGe5YxX9tSf7O7zKC/xEEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NjIxZjc1My1hODhlLTRlZGYtYTMwNi1iZDkzZDVhMzhmZWEvMC8xNTRFRTAzMTk4
NDY3Qjk2MzE1RkRCNTI3RkIzQkJDQ0EwQkZDNDQxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NBMEJG
QzQ0MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2MjFmNzUzLWE4OGUtNGVkZi1h
MzA2LWJkOTNkNWEzOGZlYS8wLzMxMzAzMzJlMzEzNDJlMzQzNDJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM0MzUzMzMxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnDiwwDQYJKoZIhvcN
AQELBQADggEBAD9uuvixYQuT63+ScEEtjKAazBmOwVOlMvzivgzTCzf3wmyVIfbW
drGrwQKIPijKYiW6LmIfBeMQjw/prA/y3PqCbt57rdOOHX0n35myRQbg5oSz+La4
qSRoP6KSMkzZZWU/ga4tvebVdMk23W7dikxaec180NROvNYWhsh1OGmnH+AGIArP
PMkgSdM1DortaERPjA0/LULDbIdAZkVAzaxrLRFBH0+sRiTW3yYo7uze6o8aHHXQ
hXUx0SO6GDOlYREOHedeha7/GSMcSQZpehlWfUeJvxD6OUTw2VhXkLUeOwkRM9UG
7FYIOMhmmiW2w0bElWeWoiov+U1o0cY7Yxg=
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:34:04 2024 by rpki-client on console-ams.rpki-client.org