Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31382e33322e302f32342d3234203d3e203435333132.roa
File:                     3130332e31382e33322e302f32342d3234203d3e203435333132.roa (raw, json)
Hash identifier:          miPILm0sv1u4V0dC56CAttwNLai/URGvqfqaRcbxuJE=
Subject key identifier:   E9:70:A6:96:7E:6C:5F:C1:F0:A3:96:77:D3:3C:9D:27:B7:35:B1:D8
Certificate issuer:       /CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
Certificate serial:       1F940A7B910687012BCD3C463E7DE1A7EBEBA981
Authority key identifier: 15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31382e33322e302f32342d3234203d3e203435333132.roa
Signing time:             Mon 31 Jul 2023 00:06:26 +0000
ROA not before:           Mon 31 Jul 2023 00:01:26 +0000
ROA not after:            Mon 29 Jul 2024 00:06:26 +0000
asID:                     45312
IP address blocks:        103.18.32.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl
                          rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 14:14:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:94:0a:7b:91:06:87:01:2b:cd:3c:46:3e:7d:e1:a7:eb:eb:a9:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=154EE03198467B96315FDB527FB3BBCCA0BFC441
        Validity
            Not Before: Jul 31 00:01:26 2023 GMT
            Not After : Jul 29 00:06:26 2024 GMT
        Subject: CN=E970A6967E6C5FC1F0A39677D33C9D27B735B1D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:87:62:99:da:45:5b:e0:c7:ef:dd:a0:8f:be:
                    29:3a:bd:be:58:4c:de:e9:79:17:76:1e:d3:a2:60:
                    1d:dc:24:48:fd:6e:15:d5:2f:ab:7b:1d:16:eb:6d:
                    34:c1:77:db:c1:d7:2b:3d:ca:c6:7c:4f:cf:e0:18:
                    46:e4:6a:e5:e2:9a:8b:b6:6c:bd:c7:85:d0:40:51:
                    6f:c1:fb:a7:f7:c5:07:c4:8e:a3:98:96:95:bc:57:
                    9b:83:b5:0b:92:6d:92:dc:c3:40:25:a8:0e:02:c5:
                    4f:d9:13:71:a2:62:7f:f9:74:83:b6:56:2b:0f:55:
                    b0:a0:90:e0:03:04:71:38:de:ea:a7:58:d7:ba:9c:
                    1c:3d:f3:ab:a9:d6:0d:14:ab:cc:28:29:ef:0a:c7:
                    3f:42:fc:cc:97:fa:64:36:14:8b:b0:6f:bb:b8:f0:
                    df:26:05:99:f3:55:1f:90:43:20:47:e3:1a:86:ce:
                    16:15:5f:c0:12:a9:b0:31:c5:3a:7e:41:80:d0:44:
                    d9:13:aa:3e:4d:3f:7e:4d:90:7d:8e:93:70:d0:e8:
                    47:3e:9b:ef:eb:f1:58:aa:67:ab:a3:6a:a5:20:11:
                    3b:bd:b5:0b:12:6f:e4:de:a4:60:91:92:0d:ce:b6:
                    fe:b4:d6:f1:8e:ae:bc:86:9f:15:e9:4b:c6:82:b1:
                    c9:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:70:A6:96:7E:6C:5F:C1:F0:A3:96:77:D3:3C:9D:27:B7:35:B1:D8
            X509v3 Authority Key Identifier:
                keyid:15:4E:E0:31:98:46:7B:96:31:5F:DB:52:7F:B3:BB:CC:A0:BF:C4:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/154EE03198467B96315FDB527FB3BBCCA0BFC441.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/154EE03198467B96315FDB527FB3BBCCA0BFC441.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/c621f753-a88e-4edf-a306-bd93d5a38fea/0/3130332e31382e33322e302f32342d3234203d3e203435333132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.18.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:04:2c:0c:cb:60:6a:0c:5f:1f:0c:67:dd:9a:63:c6:87:73:
         2e:1e:e7:55:65:66:90:dc:37:d7:78:93:2b:bc:ae:84:6b:92:
         d7:47:81:48:b2:1e:b5:ab:9d:bd:cb:eb:f2:f6:d2:ce:74:b7:
         4c:8f:e6:52:be:6e:1a:d5:26:08:73:f0:3c:a0:26:32:ec:2f:
         bb:d4:3f:92:77:d2:f7:47:74:40:1e:36:a6:ba:53:09:40:b8:
         cc:f9:0e:b0:6d:e2:d1:3b:94:2f:9f:5a:20:b7:00:22:fa:fa:
         46:be:6c:8f:ec:7b:5f:20:91:fb:f0:fa:13:04:06:03:dd:b5:
         72:c5:b7:70:99:23:f9:80:e4:48:62:ff:65:2e:6e:55:7f:83:
         0a:02:ba:9b:c8:3e:eb:c3:dc:a9:08:48:d5:e4:29:ac:a8:87:
         25:5a:93:47:8a:3e:38:f5:f4:64:85:11:7d:1d:ee:65:c9:c8:
         98:d5:f3:9e:a3:b9:5f:c9:94:e8:b8:d6:c4:24:7f:23:77:4c:
         10:a1:4e:ac:f4:25:4d:8f:c1:4a:ae:fd:d7:ec:e1:ff:ed:79:
         7e:6c:ce:fb:18:9d:8d:a9:0f:5f:60:79:c8:7a:72:00:f8:a7:
         e9:76:9d:d0:3e:bb:c4:73:fa:fe:c2:a8:83:f8:45:75:ed:c9:
         3d:b1:14:82
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUH5QKe5EGhwErzTxGPn3hp+vrqYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NB
MEJGQzQ0MTAeFw0yMzA3MzEwMDAxMjZaFw0yNDA3MjkwMDA2MjZaMDMxMTAvBgNV
BAMTKEU5NzBBNjk2N0U2QzVGQzFGMEEzOTY3N0QzM0M5RDI3QjczNUIxRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZh2KZ2kVb4Mfv3aCPvik6vb5Y
TN7peRd2HtOiYB3cJEj9bhXVL6t7HRbrbTTBd9vB1ys9ysZ8T8/gGEbkauXimou2
bL3HhdBAUW/B+6f3xQfEjqOYlpW8V5uDtQuSbZLcw0AlqA4CxU/ZE3GiYn/5dIO2
VisPVbCgkOADBHE43uqnWNe6nBw986up1g0Uq8woKe8Kxz9C/MyX+mQ2FIuwb7u4
8N8mBZnzVR+QQyBH4xqGzhYVX8ASqbAxxTp+QYDQRNkTqj5NP35NkH2Ok3DQ6Ec+
m+/r8ViqZ6ujaqUgETu9tQsSb+TepGCRkg3Otv601vGOrryGnxXpS8aCscnlAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQU6XCmln5sX8Hwo5Z30zydJ7c1sdgwHwYDVR0j
BBgwFoAUFU7gMZhGe5YxX9tSf7O7zKC/xEEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9j
NjIxZjc1My1hODhlLTRlZGYtYTMwNi1iZDkzZDVhMzhmZWEvMC8xNTRFRTAzMTk4
NDY3Qjk2MzE1RkRCNTI3RkIzQkJDQ0EwQkZDNDQxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTU0RUUwMzE5ODQ2N0I5NjMxNUZEQjUyN0ZCM0JCQ0NBMEJG
QzQ0MS5jZXIwgaAGCCsGAQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2M2MjFmNzUzLWE4OGUtNGVkZi1h
MzA2LWJkOTNkNWEzOGZlYS8wLzMxMzAzMzJlMzEzODJlMzMzMjJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDM0MzUzMzMxMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnEiAwDQYJKoZIhvcN
AQELBQADggEBAGEELAzLYGoMXx8MZ92aY8aHcy4e51VlZpDcN9d4kyu8roRrktdH
gUiyHrWrnb3L6/L20s50t0yP5lK+bhrVJghz8DygJjLsL7vUP5J30vdHdEAeNqa6
UwlAuMz5DrBt4tE7lC+fWiC3ACL6+ka+bI/se18gkfvw+hMEBgPdtXLFt3CZI/mA
5Ehi/2UublV/gwoCupvIPuvD3KkISNXkKayohyVak0eKPjj19GSFEX0d7mXJyJjV
856juV/JlOi41sQkfyN3TBChTqz0JU2PwUqu/dfs4f/teX5szvsYnY2pD19gech6
cgD4p+l2ndA+u8Rz+v7CqIP4RXXtyT2xFII=
-----END CERTIFICATE-----
Generated at Wed Mar 27 15:54:33 2024 by rpki-client on console-fra.rpki-client.org