Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/3130332e32342e3130352e302f32342d3234203d3e203436303233.roa
File:                     3130332e32342e3130352e302f32342d3234203d3e203436303233.roa (raw, json)
Hash identifier:          EHVzgqv1ZNZgvMKIvfHJzUgB4nbevvdQfvX2ueKINPs=
Subject key identifier:   C8:24:53:77:81:93:96:ED:71:DE:E6:21:0F:E8:1D:4D:9B:08:B2:50
Certificate issuer:       /CN=7DF6602C113DDEE922AA019C74EF4283764A4695
Certificate serial:       7DB20EF1918C866CD113C163978C988EDF376CEA
Authority key identifier: 7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/3130332e32342e3130352e302f32342d3234203d3e203436303233.roa
Signing time:             Mon 12 Aug 2024 15:21:24 +0000
ROA not before:           Mon 12 Aug 2024 15:16:24 +0000
ROA not after:            Mon 11 Aug 2025 15:21:24 +0000
asID:                     46023
IP address blocks:        103.24.105.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.crl
                          rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 09:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:b2:0e:f1:91:8c:86:6c:d1:13:c1:63:97:8c:98:8e:df:37:6c:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7DF6602C113DDEE922AA019C74EF4283764A4695
        Validity
            Not Before: Aug 12 15:16:24 2024 GMT
            Not After : Aug 11 15:21:24 2025 GMT
        Subject: CN=C8245377819396ED71DEE6210FE81D4D9B08B250
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:32:e1:76:a2:7d:79:13:8f:2b:27:18:69:60:
                    82:dc:18:23:c5:4c:21:73:cb:6e:5a:d7:4b:60:98:
                    6d:05:ca:15:79:68:6a:f0:19:e6:d7:b8:ec:a3:21:
                    7d:64:fe:44:b0:27:45:fc:1d:01:12:62:71:b8:19:
                    a3:4c:30:fa:22:c7:c8:a2:17:cc:e5:6b:c2:3f:ff:
                    2c:07:58:47:ab:da:e2:f0:f3:18:c6:0f:30:dd:69:
                    74:5d:ed:97:ad:1f:cc:56:52:a2:07:e4:f0:4b:e6:
                    e8:f6:de:65:74:32:a2:61:62:31:bc:2b:a3:38:db:
                    52:7c:89:f8:8d:95:e6:fa:c6:40:db:9f:e0:0f:9a:
                    de:5f:8c:03:93:ee:60:b5:9c:6c:9f:03:27:cd:d9:
                    f5:27:16:ff:9a:29:83:8f:ef:ec:e2:18:6c:0e:f9:
                    bf:20:17:05:cf:9c:db:17:a8:35:0c:4d:96:fe:4f:
                    54:18:c5:52:e2:fe:4a:15:a1:f9:ac:d3:95:ab:e9:
                    73:95:65:d7:37:55:ef:7e:4d:25:1f:ea:b2:73:ea:
                    5c:e7:d5:43:d1:11:52:00:12:ea:61:9f:c7:2b:b6:
                    14:b8:67:e9:7f:01:56:34:81:68:47:be:58:7a:6b:
                    b6:78:67:91:23:b4:df:50:c0:99:37:3b:ad:4b:bb:
                    ee:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:24:53:77:81:93:96:ED:71:DE:E6:21:0F:E8:1D:4D:9B:08:B2:50
            X509v3 Authority Key Identifier:
                keyid:7D:F6:60:2C:11:3D:DE:E9:22:AA:01:9C:74:EF:42:83:76:4A:46:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/7DF6602C113DDEE922AA019C74EF4283764A4695.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/7DF6602C113DDEE922AA019C74EF4283764A4695.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/00a985b0-e17a-421b-9655-03245a01aef8/0/3130332e32342e3130352e302f32342d3234203d3e203436303233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.24.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:90:96:d1:fa:53:63:fa:8f:fc:48:a8:3b:80:34:d5:35:d4:
         57:5a:3c:23:b5:ca:78:03:7b:1a:c9:7b:d3:74:cd:68:61:3f:
         73:a5:db:32:f1:3e:22:81:01:2f:c4:ce:96:dc:76:93:60:e2:
         e3:17:2e:8f:07:7f:ef:98:f3:ff:44:01:ee:3c:38:7e:5b:ae:
         b2:9d:63:47:4a:81:4f:1e:cc:75:4d:76:a6:c4:44:97:53:8e:
         46:fc:4c:79:35:7a:ed:fc:69:ea:21:9a:1d:2f:22:04:e3:09:
         b5:d9:6a:d5:76:5b:a7:73:2e:ea:3b:89:0c:37:bd:c0:ee:55:
         2c:a8:bf:4e:32:cc:a9:fc:34:b0:dc:6d:2b:4d:03:f6:d1:4d:
         2d:3f:94:cf:5e:e4:8c:f8:bd:bf:67:4d:a8:12:58:ea:e5:ee:
         47:ad:29:f3:08:50:01:35:f7:0c:59:00:e3:e3:11:55:0d:1a:
         3c:c5:20:48:4a:5d:26:1a:74:44:81:8e:18:1a:48:70:b4:80:
         00:bc:d4:bf:83:b5:44:c6:95:74:9e:4c:74:86:8f:8f:92:fd:
         e5:27:89:a0:20:e1:7a:fb:a1:d1:07:aa:75:17:8f:d1:83:42:
         20:46:a2:23:2c:d7:61:3e:04:25:41:e2:b9:5a:c7:f8:d6:d9:
         e5:be:ab:cd
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUfbIO8ZGMhmzRE8Fjl4yYjt83bOowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3
NjRBNDY5NTAeFw0yNDA4MTIxNTE2MjRaFw0yNTA4MTExNTIxMjRaMDMxMTAvBgNV
BAMTKEM4MjQ1Mzc3ODE5Mzk2RUQ3MURFRTYyMTBGRTgxRDREOUIwOEIyNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUMuF2on15E48rJxhpYILcGCPF
TCFzy25a10tgmG0FyhV5aGrwGebXuOyjIX1k/kSwJ0X8HQESYnG4GaNMMPoix8ii
F8zla8I//ywHWEer2uLw8xjGDzDdaXRd7ZetH8xWUqIH5PBL5uj23mV0MqJhYjG8
K6M421J8ifiNleb6xkDbn+APmt5fjAOT7mC1nGyfAyfN2fUnFv+aKYOP7+ziGGwO
+b8gFwXPnNsXqDUMTZb+T1QYxVLi/koVofms05Wr6XOVZdc3Ve9+TSUf6rJz6lzn
1UPREVIAEuphn8crthS4Z+l/AVY0gWhHvlh6a7Z4Z5EjtN9QwJk3O61Lu+65AgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUyCRTd4GTlu1x3uYhD+gdTZsIslAwHwYDVR0j
BBgwFoAUffZgLBE93ukiqgGcdO9Cg3ZKRpUwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
MGE5ODViMC1lMTdhLTQyMWItOTY1NS0wMzI0NWEwMWFlZjgvMC83REY2NjAyQzEx
M0RERUU5MjJBQTAxOUM3NEVGNDI4Mzc2NEE0Njk1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvN0RGNjYwMkMxMTNEREVFOTIyQUEwMTlDNzRFRjQyODM3NjRB
NDY5NS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAwYTk4NWIwLWUxN2EtNDIxYi05
NjU1LTAzMjQ1YTAxYWVmOC8wLzMxMzAzMzJlMzIzNDJlMzEzMDM1MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzQzNjMwMzIzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGcYaTANBgkqhkiG
9w0BAQsFAAOCAQEAF5CW0fpTY/qP/EioO4A01TXUV1o8I7XKeAN7Gsl703TNaGE/
c6XbMvE+IoEBL8TOltx2k2Di4xcujwd/75jz/0QB7jw4fluusp1jR0qBTx7MdU12
psREl1OORvxMeTV67fxp6iGaHS8iBOMJtdlq1XZbp3Mu6juJDDe9wO5VLKi/TjLM
qfw0sNxtK00D9tFNLT+Uz17kjPi9v2dNqBJY6uXuR60p8whQATX3DFkA4+MRVQ0a
PMUgSEpdJhp0RIGOGBpIcLSAALzUv4O1RMaVdJ5MdIaPj5L95SeJoCDhevuh0Qeq
dReP0YNCIEaiIyzXYT4EJUHiuVrH+NbZ5b6rzQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:37:45 2024 by rpki-client on console-ams.rpki-client.org