Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/27ee6bf3-2bda-4ca4-a5e7-6e70632404b4/0/3130332e3231372e37362e302f32342d3234203d3e20313431393035.roa
File:                     3130332e3231372e37362e302f32342d3234203d3e20313431393035.roa (raw, json)
Hash identifier:          W62mqCDSCeTzLGK0Syfc4fOVTr/m++28J7V4d4tPsTg=
Subject key identifier:   E7:E6:9F:C3:6B:C6:07:35:E7:0E:94:35:C5:87:C9:67:C3:7D:F0:20
Certificate issuer:       /CN=4AAA6F5B5D0E6858FC56A304655C7BB397518DCC
Certificate serial:       0F3623BF40AFCB6C6149010C88E06713679FD32C
Authority key identifier: 4A:AA:6F:5B:5D:0E:68:58:FC:56:A3:04:65:5C:7B:B3:97:51:8D:CC
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AAA6F5B5D0E6858FC56A304655C7BB397518DCC.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/27ee6bf3-2bda-4ca4-a5e7-6e70632404b4/0/3130332e3231372e37362e302f32342d3234203d3e20313431393035.roa
Signing time:             Tue 27 Feb 2024 04:00:06 +0000
ROA not before:           Tue 27 Feb 2024 03:55:06 +0000
ROA not after:            Tue 25 Feb 2025 04:00:06 +0000
asID:                     141905
IP address blocks:        103.217.76.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/27ee6bf3-2bda-4ca4-a5e7-6e70632404b4/0/4AAA6F5B5D0E6858FC56A304655C7BB397518DCC.crl
                          rsync://repo-rpki.idnic.net/repo/27ee6bf3-2bda-4ca4-a5e7-6e70632404b4/0/4AAA6F5B5D0E6858FC56A304655C7BB397518DCC.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AAA6F5B5D0E6858FC56A304655C7BB397518DCC.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 21:27:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:36:23:bf:40:af:cb:6c:61:49:01:0c:88:e0:67:13:67:9f:d3:2c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4AAA6F5B5D0E6858FC56A304655C7BB397518DCC
        Validity
            Not Before: Feb 27 03:55:06 2024 GMT
            Not After : Feb 25 04:00:06 2025 GMT
        Subject: CN=E7E69FC36BC60735E70E9435C587C967C37DF020
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:6b:02:87:a1:56:eb:f7:ed:ad:68:de:45:f1:
                    ba:a8:da:a2:a4:f5:44:59:26:82:e9:f7:85:57:2e:
                    19:c5:39:f6:1f:28:9c:db:e1:39:b5:46:2f:e2:44:
                    df:88:27:00:42:f4:da:4c:59:eb:87:db:8b:32:3c:
                    60:e9:ee:f4:b4:7c:28:4f:b3:ff:d2:37:fe:ca:26:
                    c7:50:96:30:ae:f3:85:4f:11:be:c0:ee:4f:d4:4d:
                    44:61:f2:bd:1b:fc:4a:85:56:f8:02:71:91:0d:cc:
                    47:e4:c5:6f:33:2a:a4:cd:44:af:f0:0a:17:1f:84:
                    26:9e:1f:39:21:35:5d:41:ae:3f:a9:ce:5f:91:5a:
                    12:5c:46:dd:e2:5e:20:a1:c6:ad:c5:00:f9:7c:0b:
                    b2:c2:ef:ff:5f:8b:11:d2:87:5d:ae:58:7b:aa:a1:
                    f1:f7:92:74:92:8c:d1:84:73:7f:bc:1c:92:a8:ae:
                    d5:10:b6:74:ca:10:e0:31:db:f2:70:b2:43:37:0d:
                    39:8a:7f:a0:ca:4c:58:ce:0e:2a:d2:5e:71:cf:ec:
                    9f:2e:34:3a:ac:f4:ba:1f:e3:e2:bc:8c:52:e8:6e:
                    d3:52:0a:35:e5:f8:ca:53:76:38:4d:94:bf:0f:6c:
                    28:d4:52:28:fd:a7:3d:f7:25:87:6e:66:04:ef:ec:
                    e4:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:E6:9F:C3:6B:C6:07:35:E7:0E:94:35:C5:87:C9:67:C3:7D:F0:20
            X509v3 Authority Key Identifier:
                keyid:4A:AA:6F:5B:5D:0E:68:58:FC:56:A3:04:65:5C:7B:B3:97:51:8D:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/27ee6bf3-2bda-4ca4-a5e7-6e70632404b4/0/4AAA6F5B5D0E6858FC56A304655C7BB397518DCC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4AAA6F5B5D0E6858FC56A304655C7BB397518DCC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/27ee6bf3-2bda-4ca4-a5e7-6e70632404b4/0/3130332e3231372e37362e302f32342d3234203d3e20313431393035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.217.76.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:7d:af:6f:53:c8:58:98:f1:42:09:69:3a:09:c3:a9:7b:fb:
         bd:46:c6:d5:1c:72:5d:da:6c:0e:43:ac:5f:0f:c7:71:f6:5c:
         40:b2:c9:c0:c8:3b:31:cb:1e:9a:5b:76:46:fc:59:47:ea:cf:
         f4:1d:7b:17:ab:9f:8c:a9:1f:ff:fb:44:c0:de:c5:e8:41:29:
         81:bb:0b:48:86:41:1e:f9:2d:35:d4:54:46:8c:01:9d:aa:08:
         97:0c:4f:0a:87:20:00:18:28:07:40:b3:bd:a9:c4:39:b4:9e:
         94:4a:57:5e:84:db:bb:3e:a2:35:79:cd:9c:ae:dc:6f:1f:e6:
         61:03:ef:84:41:04:0f:99:aa:d1:80:1e:36:a3:3e:7d:7b:70:
         c7:4c:ba:7b:1f:e1:8d:6b:14:9b:15:9f:4c:e3:74:4f:0e:86:
         1f:c0:c3:c3:79:01:2f:74:bf:66:ed:ae:d5:20:7e:7a:e9:e9:
         cc:62:b8:4d:11:fd:46:77:f4:84:c5:ac:49:a3:6f:67:3f:d9:
         d6:8e:22:67:9f:e8:0c:06:24:c1:eb:b9:f9:66:19:19:dd:6f:
         60:46:cd:a0:48:2e:b4:2c:fb:2b:05:c8:35:af:f0:d3:ee:eb:
         c7:a0:60:05:be:a4:f4:ca:b1:a8:05:d9:fa:ec:5e:43:d4:2d:
         93:f1:35:5a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUDzYjv0Cvy2xhSQEMiOBnE2ef0ywwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEFBQTZGNUI1RDBFNjg1OEZDNTZBMzA0NjU1QzdCQjM5
NzUxOERDQzAeFw0yNDAyMjcwMzU1MDZaFw0yNTAyMjUwNDAwMDZaMDMxMTAvBgNV
BAMTKEU3RTY5RkMzNkJDNjA3MzVFNzBFOTQzNUM1ODdDOTY3QzM3REYwMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgawKHoVbr9+2taN5F8bqo2qKk
9URZJoLp94VXLhnFOfYfKJzb4Tm1Ri/iRN+IJwBC9NpMWeuH24syPGDp7vS0fChP
s//SN/7KJsdQljCu84VPEb7A7k/UTURh8r0b/EqFVvgCcZENzEfkxW8zKqTNRK/w
ChcfhCaeHzkhNV1Brj+pzl+RWhJcRt3iXiChxq3FAPl8C7LC7/9fixHSh12uWHuq
ofH3knSSjNGEc3+8HJKortUQtnTKEOAx2/JwskM3DTmKf6DKTFjODirSXnHP7J8u
NDqs9Lof4+K8jFLobtNSCjXl+MpTdjhNlL8PbCjUUij9pz33JYduZgTv7OQpAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU5+afw2vGBzXnDpQ1xYfJZ8N98CAwHwYDVR0j
BBgwFoAUSqpvW10OaFj8VqMEZVx7s5dRjcwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
N2VlNmJmMy0yYmRhLTRjYTQtYTVlNy02ZTcwNjMyNDA0YjQvMC80QUFBNkY1QjVE
MEU2ODU4RkM1NkEzMDQ2NTVDN0JCMzk3NTE4RENDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNEFBQTZGNUI1RDBFNjg1OEZDNTZBMzA0NjU1QzdCQjM5NzUx
OERDQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzI3ZWU2YmYzLTJiZGEtNGNhNC1h
NWU3LTZlNzA2MzI0MDRiNC8wLzMxMzAzMzJlMzIzMTM3MmUzNzM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDMxMzkzMDM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9lMMA0GCSqG
SIb3DQEBCwUAA4IBAQAmfa9vU8hYmPFCCWk6CcOpe/u9RsbVHHJd2mwOQ6xfD8dx
9lxAssnAyDsxyx6aW3ZG/FlH6s/0HXsXq5+MqR//+0TA3sXoQSmBuwtIhkEe+S01
1FRGjAGdqgiXDE8KhyAAGCgHQLO9qcQ5tJ6USldehNu7PqI1ec2crtxvH+ZhA++E
QQQPmarRgB42oz59e3DHTLp7H+GNaxSbFZ9M43RPDoYfwMPDeQEvdL9m7a7VIH56
6enMYrhNEf1Gd/SExaxJo29nP9nWjiJnn+gMBiTB67n5ZhkZ3W9gRs2gSC60LPsr
Bcg1r/DT7uvHoGAFvqT0yrGoBdn67F5D1C2T8TVa
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:42:06 2024 by rpki-client on console-ams.rpki-client.org