Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/0bb29378-45f0-49d3-a6af-573be7dca6d0/0/3130332e3137352e33382e302f32332d3234203d3e20313437313038.roa
File:                     3130332e3137352e33382e302f32332d3234203d3e20313437313038.roa (raw, json)
Hash identifier:          MJveUDHHKCs24S4XkZveJi95FO/ZRzpAvr7f8xFl65E=
Subject key identifier:   D6:7A:BE:F2:A5:18:02:50:35:C8:0C:40:60:88:2D:22:86:2D:0E:C7
Certificate issuer:       /CN=E014E6ED03537E453565D06E7B8A31AA8A0525A1
Certificate serial:       70F0BDFF1B3765BF33DD6A318675C551943EEFD9
Authority key identifier: E0:14:E6:ED:03:53:7E:45:35:65:D0:6E:7B:8A:31:AA:8A:05:25:A1
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E014E6ED03537E453565D06E7B8A31AA8A0525A1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/0bb29378-45f0-49d3-a6af-573be7dca6d0/0/3130332e3137352e33382e302f32332d3234203d3e20313437313038.roa
Signing time:             Mon 02 Sep 2024 16:00:01 +0000
ROA not before:           Mon 02 Sep 2024 15:55:01 +0000
ROA not after:            Mon 01 Sep 2025 16:00:01 +0000
asID:                     147108
IP address blocks:        103.175.38.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/0bb29378-45f0-49d3-a6af-573be7dca6d0/0/E014E6ED03537E453565D06E7B8A31AA8A0525A1.crl
                          rsync://repo-rpki.idnic.net/repo/0bb29378-45f0-49d3-a6af-573be7dca6d0/0/E014E6ED03537E453565D06E7B8A31AA8A0525A1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E014E6ED03537E453565D06E7B8A31AA8A0525A1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 06:00:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:f0:bd:ff:1b:37:65:bf:33:dd:6a:31:86:75:c5:51:94:3e:ef:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E014E6ED03537E453565D06E7B8A31AA8A0525A1
        Validity
            Not Before: Sep  2 15:55:01 2024 GMT
            Not After : Sep  1 16:00:01 2025 GMT
        Subject: CN=D67ABEF2A518025035C80C4060882D22862D0EC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:2b:d5:c9:40:96:36:74:c2:a9:f6:d9:06:ca:
                    3d:dc:67:3d:cf:84:88:e2:a4:2b:b7:b8:67:4c:6c:
                    c5:e4:3d:6a:4f:f7:9e:35:b6:9e:83:9a:8b:07:66:
                    c0:02:20:b3:c8:46:bb:0e:5e:aa:f6:b3:22:83:e2:
                    f1:8a:ba:86:3c:ab:d7:cc:e0:8b:4b:70:bc:53:a8:
                    b9:1c:fa:22:00:57:de:8d:fb:6a:a0:70:b4:8c:5b:
                    14:cf:93:50:9b:2e:1b:b2:06:18:d2:af:08:a0:cc:
                    3a:fb:1c:c0:35:44:0d:14:c8:95:9d:36:6a:6e:7e:
                    35:4a:7d:ec:70:c1:50:43:78:72:37:06:bc:a1:d3:
                    61:7e:c2:ff:c1:dc:5b:85:84:be:5c:2a:aa:c2:40:
                    02:8a:02:1d:b2:15:57:3c:ef:6e:a4:66:f2:57:74:
                    31:95:04:08:45:3e:3c:3f:31:df:e5:b8:ae:e5:1a:
                    58:c4:07:48:13:29:c7:b3:fd:eb:06:c4:a9:6a:0c:
                    e2:3a:44:da:5c:19:b3:f4:d5:dc:64:05:a8:4a:31:
                    f7:17:74:6e:98:00:38:aa:8c:b8:28:15:5b:14:1e:
                    06:35:f9:74:f1:be:fc:5c:d7:ab:26:be:1b:41:22:
                    b6:ea:37:0f:a8:db:26:0e:c8:53:a7:a5:a3:d1:2c:
                    20:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:7A:BE:F2:A5:18:02:50:35:C8:0C:40:60:88:2D:22:86:2D:0E:C7
            X509v3 Authority Key Identifier:
                keyid:E0:14:E6:ED:03:53:7E:45:35:65:D0:6E:7B:8A:31:AA:8A:05:25:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/0bb29378-45f0-49d3-a6af-573be7dca6d0/0/E014E6ED03537E453565D06E7B8A31AA8A0525A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/E014E6ED03537E453565D06E7B8A31AA8A0525A1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/0bb29378-45f0-49d3-a6af-573be7dca6d0/0/3130332e3137352e33382e302f32332d3234203d3e20313437313038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.175.38.0/23

    Signature Algorithm: sha256WithRSAEncryption
         55:a5:6d:4a:80:8c:54:88:91:cc:7e:b8:71:19:d5:5e:f2:3c:
         25:37:17:02:c9:a7:33:dc:4b:ad:de:10:cb:7b:bb:c9:d5:a9:
         b0:12:77:72:f9:cc:18:d2:3a:52:22:2d:02:90:39:59:43:43:
         87:6a:53:4a:e9:d3:b9:25:a8:c3:19:91:3b:ed:e9:de:f9:80:
         fd:8d:1c:fd:be:4e:bd:19:e9:ca:95:d2:af:0b:8e:be:bf:4d:
         95:41:f1:78:3b:b7:78:3a:dd:b1:d5:7a:c7:18:71:f3:00:5f:
         48:8f:06:b4:a3:8c:08:14:eb:75:b8:91:33:cb:2e:ab:ab:3f:
         fd:23:87:e8:cc:15:14:f1:6e:57:d1:43:57:8f:80:ce:b7:14:
         fa:86:b7:bf:93:62:2f:7b:a1:6f:f4:f9:fb:1b:fb:e1:07:26:
         d2:79:0b:03:2f:bf:4c:a1:5d:2f:11:02:91:e7:ef:9d:b2:54:
         ac:3a:ed:0e:04:9e:f2:43:29:c3:f0:ef:53:81:80:e1:59:d0:
         2b:78:31:7d:bf:df:d1:75:36:3a:87:04:08:04:98:a5:b4:57:
         32:26:2a:2e:fb:a9:fa:93:38:f5:07:47:b7:52:0a:50:e6:85:
         60:3f:39:21:b9:55:d4:ad:3e:7c:50:6f:20:51:fe:57:8e:13:
         04:c7:7b:0b
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUcPC9/xs3Zb8z3WoxhnXFUZQ+79kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTAxNEU2RUQwMzUzN0U0NTM1NjVEMDZFN0I4QTMxQUE4
QTA1MjVBMTAeFw0yNDA5MDIxNTU1MDFaFw0yNTA5MDExNjAwMDFaMDMxMTAvBgNV
BAMTKEQ2N0FCRUYyQTUxODAyNTAzNUM4MEM0MDYwODgyRDIyODYyRDBFQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgK9XJQJY2dMKp9tkGyj3cZz3P
hIjipCu3uGdMbMXkPWpP9541tp6DmosHZsACILPIRrsOXqr2syKD4vGKuoY8q9fM
4ItLcLxTqLkc+iIAV96N+2qgcLSMWxTPk1CbLhuyBhjSrwigzDr7HMA1RA0UyJWd
NmpufjVKfexwwVBDeHI3Bryh02F+wv/B3FuFhL5cKqrCQAKKAh2yFVc8726kZvJX
dDGVBAhFPjw/Md/luK7lGljEB0gTKcez/esGxKlqDOI6RNpcGbP01dxkBahKMfcX
dG6YADiqjLgoFVsUHgY1+XTxvvxc16smvhtBIrbqNw+o2yYOyFOnpaPRLCA7AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU1nq+8qUYAlA1yAxAYIgtIoYtDscwHwYDVR0j
BBgwFoAU4BTm7QNTfkU1ZdBue4oxqooFJaEwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8w
YmIyOTM3OC00NWYwLTQ5ZDMtYTZhZi01NzNiZTdkY2E2ZDAvMC9FMDE0RTZFRDAz
NTM3RTQ1MzU2NUQwNkU3QjhBMzFBQThBMDUyNUExLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRTAxNEU2RUQwMzUzN0U0NTM1NjVEMDZFN0I4QTMxQUE4QTA1
MjVBMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzBiYjI5Mzc4LTQ1ZjAtNDlkMy1h
NmFmLTU3M2JlN2RjYTZkMC8wLzMxMzAzMzJlMzEzNzM1MmUzMzM4MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNDM3MzEzMDM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ68mMA0GCSqG
SIb3DQEBCwUAA4IBAQBVpW1KgIxUiJHMfrhxGdVe8jwlNxcCyacz3Eut3hDLe7vJ
1amwEndy+cwY0jpSIi0CkDlZQ0OHalNK6dO5JajDGZE77ene+YD9jRz9vk69GenK
ldKvC46+v02VQfF4O7d4Ot2x1XrHGHHzAF9Ijwa0o4wIFOt1uJEzyy6rqz/9I4fo
zBUU8W5X0UNXj4DOtxT6hre/k2Ive6Fv9Pn7G/vhBybSeQsDL79MoV0vEQKR5++d
slSsOu0OBJ7yQynD8O9TgYDhWdAreDF9v9/RdTY6hwQIBJiltFcyJiou+6n6kzj1
B0e3UgpQ5oVgPzkhuVXUrT58UG8gUf5XjhMEx3sL
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:02 2024 by rpki-client on console-ams.rpki-client.org