Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/03ba0d38-ca62-4c2b-90e2-8eeeeb831860/0/3130332e3139382e312e302f32342d3234203d3e20313530393436.roa
File:                     3130332e3139382e312e302f32342d3234203d3e20313530393436.roa (raw, json)
Hash identifier:          rNw8XZOHw3lMwWczuogNI1v9nvrQ2EEz92/tlSSuXFw=
Subject key identifier:   77:29:95:72:EB:EE:84:89:38:02:88:25:E4:33:CD:4B:E2:B1:4A:63
Certificate issuer:       /CN=E2E2B18618062AFE568198DD60631314C3847291
Certificate serial:       1C9D5AC1283AD72C0EC068611B5A4E093EE3BF49
Authority key identifier: E2:E2:B1:86:18:06:2A:FE:56:81:98:DD:60:63:13:14:C3:84:72:91
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E2E2B18618062AFE568198DD60631314C3847291.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/03ba0d38-ca62-4c2b-90e2-8eeeeb831860/0/3130332e3139382e312e302f32342d3234203d3e20313530393436.roa
Signing time:             Sun 17 Mar 2024 10:00:00 +0000
ROA not before:           Sun 17 Mar 2024 09:55:00 +0000
ROA not after:            Sun 16 Mar 2025 10:00:00 +0000
asID:                     150946
IP address blocks:        103.198.1.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/03ba0d38-ca62-4c2b-90e2-8eeeeb831860/0/E2E2B18618062AFE568198DD60631314C3847291.crl
                          rsync://repo-rpki.idnic.net/repo/03ba0d38-ca62-4c2b-90e2-8eeeeb831860/0/E2E2B18618062AFE568198DD60631314C3847291.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E2E2B18618062AFE568198DD60631314C3847291.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 09:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:9d:5a:c1:28:3a:d7:2c:0e:c0:68:61:1b:5a:4e:09:3e:e3:bf:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E2E2B18618062AFE568198DD60631314C3847291
        Validity
            Not Before: Mar 17 09:55:00 2024 GMT
            Not After : Mar 16 10:00:00 2025 GMT
        Subject: CN=77299572EBEE848938028825E433CD4BE2B14A63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:dc:d1:b6:4b:56:75:4a:ba:f2:de:66:08:96:
                    76:7c:29:f8:38:a1:0f:03:59:bc:3d:5c:5c:75:a9:
                    b1:db:a1:a2:a9:7a:05:be:46:78:d3:66:8c:c1:82:
                    6f:7d:ce:1f:f7:b5:b6:e0:b1:4d:37:af:88:80:2b:
                    69:a7:9b:95:47:42:bf:13:05:30:f2:56:a0:0c:67:
                    69:db:0a:15:28:dc:10:9d:25:d0:2e:09:09:a4:a2:
                    ff:31:63:7c:33:dd:8a:64:86:c2:2b:13:5e:0d:87:
                    99:e3:1f:6d:22:2c:37:5c:c0:9e:9d:39:d6:a1:36:
                    5e:94:d5:80:b5:56:19:2f:db:49:91:9d:97:08:ab:
                    cf:7c:95:3f:49:dc:6a:d0:22:95:4e:ad:dd:96:7f:
                    12:28:5d:41:00:db:4e:00:33:f3:93:9b:6e:61:62:
                    23:45:db:5f:eb:54:36:05:d9:54:b1:ee:f0:f6:5a:
                    5b:1c:3d:2b:90:9d:49:5e:c1:bd:1e:91:d9:01:1e:
                    84:9e:91:3f:01:f1:11:9d:29:31:12:50:21:56:23:
                    07:85:0e:b3:45:d1:fc:bf:bb:c3:12:04:4e:df:89:
                    7c:0c:3d:60:3b:9f:7f:3b:5c:a8:bd:18:f5:46:23:
                    83:ab:b5:68:40:9c:61:83:85:e6:9e:88:df:be:95:
                    3f:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:29:95:72:EB:EE:84:89:38:02:88:25:E4:33:CD:4B:E2:B1:4A:63
            X509v3 Authority Key Identifier:
                keyid:E2:E2:B1:86:18:06:2A:FE:56:81:98:DD:60:63:13:14:C3:84:72:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/03ba0d38-ca62-4c2b-90e2-8eeeeb831860/0/E2E2B18618062AFE568198DD60631314C3847291.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E2E2B18618062AFE568198DD60631314C3847291.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/03ba0d38-ca62-4c2b-90e2-8eeeeb831860/0/3130332e3139382e312e302f32342d3234203d3e20313530393436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.198.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:5c:b0:cb:54:ea:59:3d:e9:d4:eb:17:28:c3:fa:70:11:fa:
         25:8e:b5:b8:c0:8e:3e:ab:fc:4c:04:ef:2a:c7:e0:d2:87:a2:
         80:90:7c:be:c3:43:e3:9a:1a:d3:2a:91:b2:7e:1b:d1:de:42:
         76:18:6a:ec:43:d0:cf:7f:60:fc:58:07:20:7e:2e:70:bc:bd:
         74:8b:ef:96:86:c0:ff:29:28:c0:23:c6:93:8c:98:74:72:0c:
         7f:7a:c1:42:12:55:29:8c:7f:e0:e1:2a:47:32:84:ba:ce:c9:
         b0:b6:8c:3d:e1:c4:39:38:00:61:4e:81:b5:43:76:26:c8:06:
         40:6b:76:5b:0c:f5:3a:c7:6e:66:65:eb:71:27:8d:a0:fa:16:
         f0:b3:ea:2a:b1:11:b1:78:a5:15:bb:1e:39:4c:b7:df:17:b0:
         32:14:30:97:14:b5:a6:2a:27:de:e3:6a:37:58:a5:60:c7:4b:
         85:5c:6b:8e:26:2e:da:1a:e1:98:e7:76:e2:79:a6:e6:43:3f:
         26:13:3f:2b:80:58:1c:2f:d7:11:e5:29:ed:c0:be:a8:7a:ff:
         5b:15:76:17:21:69:b0:2b:3e:b9:ff:8d:85:04:21:9a:ae:23:
         40:e0:ab:e3:27:82:f7:c3:f1:15:8e:9a:fa:0d:db:98:58:9a:
         d6:e6:9a:9c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIUHJ1awSg61ywOwGhhG1pOCT7jv0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTJFMkIxODYxODA2MkFGRTU2ODE5OERENjA2MzEzMTRD
Mzg0NzI5MTAeFw0yNDAzMTcwOTU1MDBaFw0yNTAzMTYxMDAwMDBaMDMxMTAvBgNV
BAMTKDc3Mjk5NTcyRUJFRTg0ODkzODAyODgyNUU0MzNDRDRCRTJCMTRBNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD3NG2S1Z1Srry3mYIlnZ8Kfg4
oQ8DWbw9XFx1qbHboaKpegW+RnjTZozBgm99zh/3tbbgsU03r4iAK2mnm5VHQr8T
BTDyVqAMZ2nbChUo3BCdJdAuCQmkov8xY3wz3YpkhsIrE14Nh5njH20iLDdcwJ6d
OdahNl6U1YC1Vhkv20mRnZcIq898lT9J3GrQIpVOrd2WfxIoXUEA204AM/OTm25h
YiNF21/rVDYF2VSx7vD2WlscPSuQnUlewb0ekdkBHoSekT8B8RGdKTESUCFWIweF
DrNF0fy/u8MSBE7fiXwMPWA7n387XKi9GPVGI4OrtWhAnGGDheaeiN++lT9vAgMB
AAGjggIyMIICLjAdBgNVHQ4EFgQUdymVcuvuhIk4Aogl5DPNS+KxSmMwHwYDVR0j
BBgwFoAU4uKxhhgGKv5WgZjdYGMTFMOEcpEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
M2JhMGQzOC1jYTYyLTRjMmItOTBlMi04ZWVlZWI4MzE4NjAvMC9FMkUyQjE4NjE4
MDYyQUZFNTY4MTk4REQ2MDYzMTMxNEMzODQ3MjkxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTJFMkIxODYxODA2MkFGRTU2ODE5OERENjA2MzEzMTRDMzg0
NzI5MS5jZXIwgaIGCCsGAQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzAzYmEwZDM4LWNhNjItNGMyYi05
MGUyLThlZWVlYjgzMTg2MC8wLzMxMzAzMzJlMzEzOTM4MmUzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMxMzUzMDM5MzQzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGfGATANBgkqhkiG
9w0BAQsFAAOCAQEAMVywy1TqWT3p1OsXKMP6cBH6JY61uMCOPqv8TATvKsfg0oei
gJB8vsND45oa0yqRsn4b0d5Cdhhq7EPQz39g/FgHIH4ucLy9dIvvlobA/ykowCPG
k4yYdHIMf3rBQhJVKYx/4OEqRzKEus7JsLaMPeHEOTgAYU6BtUN2JsgGQGt2Wwz1
OsduZmXrcSeNoPoW8LPqKrERsXilFbseOUy33xewMhQwlxS1pion3uNqN1ilYMdL
hVxrjiYu2hrhmOd24nmm5kM/JhM/K4BYHC/XEeUp7cC+qHr/WxV2FyFpsCs+uf+N
hQQhmq4jQOCr4yeC98PxFY6a+g3bmFia1uaanA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:03 2024 by rpki-client on console-ams.rpki-client.org