Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/09a9e835-f3a1-4c36-b47d-6f2f71eb8aa4/0/3130332e3138362e3230392e302f32342d3234203d3e20313336383733.roa
File:                     3130332e3138362e3230392e302f32342d3234203d3e20313336383733.roa (raw, json)
Hash identifier:          uJbs5EnH5ofyGacr/+95JbRIsnliCKEf/jQvFWredmo=
Subject key identifier:   C0:6E:E9:24:C2:4D:FC:E0:47:D8:D6:FC:94:D8:F9:A3:C9:5A:E8:70
Certificate issuer:       /CN=F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64
Certificate serial:       0F8F5484A0F36E81EB715E0A6AE7061257BF098D
Authority key identifier: F7:00:7F:FD:A6:6A:99:D7:58:8D:A9:3F:FA:F2:6B:DE:57:B3:CA:64
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/09a9e835-f3a1-4c36-b47d-6f2f71eb8aa4/0/3130332e3138362e3230392e302f32342d3234203d3e20313336383733.roa
Signing time:             Wed 01 May 2024 05:02:10 +0000
ROA not before:           Wed 01 May 2024 04:57:10 +0000
ROA not after:            Wed 30 Apr 2025 05:02:10 +0000
asID:                     136873
IP address blocks:        103.186.209.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/09a9e835-f3a1-4c36-b47d-6f2f71eb8aa4/0/F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64.crl
                          rsync://repo-rpki.idnic.net/repo/09a9e835-f3a1-4c36-b47d-6f2f71eb8aa4/0/F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 05:19:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:8f:54:84:a0:f3:6e:81:eb:71:5e:0a:6a:e7:06:12:57:bf:09:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64
        Validity
            Not Before: May  1 04:57:10 2024 GMT
            Not After : Apr 30 05:02:10 2025 GMT
        Subject: CN=C06EE924C24DFCE047D8D6FC94D8F9A3C95AE870
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:76:e1:fa:c1:43:e6:10:d3:96:44:eb:99:29:
                    ce:74:63:47:96:3e:9d:a3:b7:81:00:29:68:e8:89:
                    f0:f5:f1:48:88:df:e1:11:a4:95:7f:a8:e5:10:05:
                    ef:a9:da:17:00:47:6e:13:0a:73:e1:2b:5a:03:41:
                    de:8c:0b:eb:ae:48:01:52:b4:4e:9d:d6:ea:52:b4:
                    de:d9:5d:e5:bb:68:61:d7:c7:e6:3f:19:45:20:c3:
                    c0:9a:b7:90:35:3e:b3:91:63:59:0b:d7:0f:0e:8a:
                    fb:e9:1c:89:1c:8f:bb:4c:c0:8d:99:31:b3:66:79:
                    76:24:c6:64:c5:a0:0a:86:c6:80:9e:42:8f:13:cd:
                    de:90:a9:c6:9b:f6:34:00:7b:67:0e:e5:e8:92:ff:
                    c7:d5:fe:33:01:65:57:82:13:00:2c:ec:5b:95:82:
                    7f:fb:b3:0f:f1:2c:49:fe:e4:38:2f:6d:74:18:f3:
                    c6:f0:07:0a:f1:bc:99:06:08:98:26:6f:99:a8:b7:
                    66:3e:e0:69:14:af:91:41:72:86:68:6c:3b:5c:05:
                    18:35:c5:30:f4:9e:ab:0f:39:19:8c:f1:b8:33:c6:
                    fb:65:86:dd:be:d2:03:82:c7:5b:0d:48:43:e2:1c:
                    f2:4d:d6:eb:53:a4:d4:6b:c1:f5:86:ee:94:63:79:
                    ac:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:6E:E9:24:C2:4D:FC:E0:47:D8:D6:FC:94:D8:F9:A3:C9:5A:E8:70
            X509v3 Authority Key Identifier:
                keyid:F7:00:7F:FD:A6:6A:99:D7:58:8D:A9:3F:FA:F2:6B:DE:57:B3:CA:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/09a9e835-f3a1-4c36-b47d-6f2f71eb8aa4/0/F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F7007FFDA66A99D7588DA93FFAF26BDE57B3CA64.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/09a9e835-f3a1-4c36-b47d-6f2f71eb8aa4/0/3130332e3138362e3230392e302f32342d3234203d3e20313336383733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.186.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:66:03:3b:c9:88:a8:72:a1:77:59:42:57:b1:b8:0b:36:63:
         a4:59:c9:b9:1d:f1:84:7e:ce:eb:7f:0e:ff:98:81:77:fa:28:
         70:dc:11:fa:6d:bd:ca:92:de:df:79:57:41:ac:f8:c6:53:1e:
         04:58:56:55:9c:c8:65:0c:15:ee:c3:83:72:64:a4:cf:81:41:
         88:27:ac:71:07:9b:54:27:c7:e8:bc:50:5e:84:6a:20:81:7d:
         5c:4c:f0:55:46:e5:cb:9c:cc:8a:0a:1b:f3:92:67:62:50:3c:
         05:31:0d:21:b8:eb:b9:9b:d9:48:c8:af:bc:d3:d1:ff:5f:ee:
         06:ba:76:24:90:fc:aa:bc:be:27:e9:fb:01:a0:7e:43:d1:ee:
         a9:2d:13:71:43:96:7b:34:5a:80:25:29:40:ac:0c:76:b0:fa:
         19:56:e4:7c:f4:7f:46:9f:1f:50:1a:d2:6b:96:e4:e9:31:0b:
         31:a6:1c:53:68:56:b4:a5:fa:15:51:a1:ad:61:a5:b6:c0:14:
         ad:0b:91:2f:d4:d7:ed:3d:03:38:26:9d:ed:a1:46:c3:d0:99:
         2a:80:46:45:8d:6a:81:94:3d:b3:92:11:cf:97:39:f9:06:bb:
         e7:63:dc:80:d8:e9:3c:66:d6:72:a1:78:e6:17:7e:b5:16:35:
         1a:ec:ee:a8
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUD49UhKDzboHrcV4KaucGEle/CY0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjcwMDdGRkRBNjZBOTlENzU4OERBOTNGRkFGMjZCREU1
N0IzQ0E2NDAeFw0yNDA1MDEwNDU3MTBaFw0yNTA0MzAwNTAyMTBaMDMxMTAvBgNV
BAMTKEMwNkVFOTI0QzI0REZDRTA0N0Q4RDZGQzk0RDhGOUEzQzk1QUU4NzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgduH6wUPmENOWROuZKc50Y0eW
Pp2jt4EAKWjoifD18UiI3+ERpJV/qOUQBe+p2hcAR24TCnPhK1oDQd6MC+uuSAFS
tE6d1upStN7ZXeW7aGHXx+Y/GUUgw8Cat5A1PrORY1kL1w8OivvpHIkcj7tMwI2Z
MbNmeXYkxmTFoAqGxoCeQo8Tzd6Qqcab9jQAe2cO5eiS/8fV/jMBZVeCEwAs7FuV
gn/7sw/xLEn+5DgvbXQY88bwBwrxvJkGCJgmb5mot2Y+4GkUr5FBcoZobDtcBRg1
xTD0nqsPORmM8bgzxvtlht2+0gOCx1sNSEPiHPJN1utTpNRrwfWG7pRjeaxVAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUwG7pJMJN/OBH2Nb8lNj5o8la6HAwHwYDVR0j
BBgwFoAU9wB//aZqmddYjak/+vJr3lezymQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
OWE5ZTgzNS1mM2ExLTRjMzYtYjQ3ZC02ZjJmNzFlYjhhYTQvMC9GNzAwN0ZGREE2
NkE5OUQ3NTg4REE5M0ZGQUYyNkJERTU3QjNDQTY0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjcwMDdGRkRBNjZBOTlENzU4OERBOTNGRkFGMjZCREU1N0Iz
Q0E2NC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzA5YTllODM1LWYzYTEtNGMzNi1i
NDdkLTZmMmY3MWViOGFhNC8wLzMxMzAzMzJlMzEzODM2MmUzMjMwMzkyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzODM3MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnutEwDQYJ
KoZIhvcNAQELBQADggEBAD5mAzvJiKhyoXdZQlexuAs2Y6RZybkd8YR+zut/Dv+Y
gXf6KHDcEfptvcqS3t95V0Gs+MZTHgRYVlWcyGUMFe7Dg3JkpM+BQYgnrHEHm1Qn
x+i8UF6EaiCBfVxM8FVG5cuczIoKG/OSZ2JQPAUxDSG467mb2UjIr7zT0f9f7ga6
diSQ/Kq8vifp+wGgfkPR7qktE3FDlns0WoAlKUCsDHaw+hlW5Hz0f0afH1Aa0muW
5OkxCzGmHFNoVrSl+hVRoa1hpbbAFK0LkS/U1+09Azgmne2hRsPQmSqARkWNaoGU
PbOSEc+XOfkGu+dj3IDY6Txm1nKheOYXfrUWNRrs7qg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:00:08 2024 by rpki-client on console-ams.rpki-client.org