Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/342c1f32-81ac-4118-be2f-574ca5b541ea/0/3130332e3232392e3133312e302f32342d3234203d3e20313530393632.roa
File:                     3130332e3232392e3133312e302f32342d3234203d3e20313530393632.roa (raw, json)
Hash identifier:          0vqEjbzJ2oTN8YUg5plSL7bME0j1cq9HckeFz0ga7Y8=
Subject key identifier:   66:E9:B0:CB:48:0B:CC:62:F2:33:5C:40:19:17:68:A5:01:5E:96:75
Certificate issuer:       /CN=FF96D30557BDACE26C511E1F48A3514643130EA8
Certificate serial:       2F05062F43737A56531796FDFF04D95267CB6223
Authority key identifier: FF:96:D3:05:57:BD:AC:E2:6C:51:1E:1F:48:A3:51:46:43:13:0E:A8
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FF96D30557BDACE26C511E1F48A3514643130EA8.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/342c1f32-81ac-4118-be2f-574ca5b541ea/0/3130332e3232392e3133312e302f32342d3234203d3e20313530393632.roa
Signing time:             Sun 11 Aug 2024 09:10:19 +0000
ROA not before:           Sun 11 Aug 2024 09:05:19 +0000
ROA not after:            Sun 10 Aug 2025 09:10:19 +0000
asID:                     150962
IP address blocks:        103.229.131.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/342c1f32-81ac-4118-be2f-574ca5b541ea/0/FF96D30557BDACE26C511E1F48A3514643130EA8.crl
                          rsync://repo-rpki.idnic.net/repo/342c1f32-81ac-4118-be2f-574ca5b541ea/0/FF96D30557BDACE26C511E1F48A3514643130EA8.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FF96D30557BDACE26C511E1F48A3514643130EA8.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 01:21:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:05:06:2f:43:73:7a:56:53:17:96:fd:ff:04:d9:52:67:cb:62:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF96D30557BDACE26C511E1F48A3514643130EA8
        Validity
            Not Before: Aug 11 09:05:19 2024 GMT
            Not After : Aug 10 09:10:19 2025 GMT
        Subject: CN=66E9B0CB480BCC62F2335C40191768A5015E9675
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:9f:5f:46:6b:41:d8:d8:a2:7b:3b:1d:48:de:
                    80:20:24:87:21:16:b2:df:98:7a:69:28:36:6e:e2:
                    04:1a:30:4c:9d:f6:56:95:4b:38:d8:07:ee:53:9e:
                    2b:2e:cd:e9:2e:aa:c1:bd:b9:6f:85:dd:cd:ca:a2:
                    5c:56:ad:fb:cb:5a:3a:74:47:5f:af:65:ef:0f:44:
                    b7:3c:5b:8d:30:07:66:17:dd:ff:a5:6f:8a:48:dc:
                    7b:4b:87:98:b6:8c:da:47:3d:97:a0:99:c5:2e:63:
                    56:aa:6e:72:c9:74:d6:a3:2e:fc:51:16:30:0c:df:
                    27:97:e4:0c:27:e9:46:fa:40:5e:c8:cc:f4:01:ce:
                    cf:e0:1e:c6:08:32:0b:a4:8c:24:46:da:b7:9e:31:
                    3c:43:a2:38:58:d3:36:86:af:b8:77:d8:15:c4:66:
                    cb:73:fc:4a:85:6f:ef:51:d3:2a:88:cd:f7:3c:b5:
                    59:0d:24:72:2e:5b:85:b3:6a:1c:a8:12:8a:98:65:
                    be:13:ce:75:9b:c6:11:eb:ae:c9:7a:8b:f1:f3:d9:
                    58:af:2c:d7:28:1b:60:ab:60:aa:f1:3b:d4:27:c5:
                    a8:07:8d:65:95:32:4f:d8:87:ac:49:2f:35:05:6a:
                    36:d8:1b:d4:d8:4a:df:54:88:52:f2:f3:c4:6d:ed:
                    28:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:E9:B0:CB:48:0B:CC:62:F2:33:5C:40:19:17:68:A5:01:5E:96:75
            X509v3 Authority Key Identifier:
                keyid:FF:96:D3:05:57:BD:AC:E2:6C:51:1E:1F:48:A3:51:46:43:13:0E:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/342c1f32-81ac-4118-be2f-574ca5b541ea/0/FF96D30557BDACE26C511E1F48A3514643130EA8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/FF96D30557BDACE26C511E1F48A3514643130EA8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/342c1f32-81ac-4118-be2f-574ca5b541ea/0/3130332e3232392e3133312e302f32342d3234203d3e20313530393632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.229.131.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:e5:82:71:1c:b2:05:73:3c:a1:5b:e3:f9:5c:57:e5:77:3a:
         aa:b2:dd:0e:6f:72:f8:6e:8c:f1:9f:fd:d4:f9:a6:fd:c1:54:
         ea:c7:2f:16:81:6f:6f:f5:77:aa:51:cb:42:32:82:10:24:28:
         88:9e:4c:62:e2:3b:5c:39:5f:58:a4:b2:e2:62:94:8e:e7:84:
         b1:e6:dd:e8:4d:3c:b5:f4:35:a6:61:08:e0:83:e4:5c:6c:f2:
         4d:74:04:2d:79:f5:a7:1b:d5:6f:94:a8:6a:9f:42:7b:3c:d3:
         68:e1:ce:ab:8c:11:71:94:bc:60:8e:92:52:94:5a:b6:10:01:
         14:e5:04:b3:5c:77:2c:24:c6:b0:7f:bb:4a:85:da:cd:fc:49:
         04:03:1d:b6:e2:b4:98:19:95:5b:f5:e1:a8:55:be:8d:04:59:
         f9:7f:eb:38:0a:ca:47:a3:20:23:6e:ef:23:60:7f:f8:db:73:
         5a:8e:16:45:e4:77:80:24:e0:50:71:73:52:25:3f:7a:88:d1:
         0e:bb:64:61:46:53:7a:b7:fc:b1:ab:9f:02:ad:a5:8e:ae:42:
         c9:91:c9:a6:f9:d2:85:3f:ae:f7:d3:05:f7:fb:a1:0b:6e:ac:
         0f:e4:b2:a5:25:1d:87:37:5b:6c:53:27:fe:c7:e4:fd:eb:9d:
         38:58:a0:b9
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIULwUGL0NzelZTF5b9/wTZUmfLYiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkY5NkQzMDU1N0JEQUNFMjZDNTExRTFGNDhBMzUxNDY0
MzEzMEVBODAeFw0yNDA4MTEwOTA1MTlaFw0yNTA4MTAwOTEwMTlaMDMxMTAvBgNV
BAMTKDY2RTlCMENCNDgwQkNDNjJGMjMzNUM0MDE5MTc2OEE1MDE1RTk2NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5n19Ga0HY2KJ7Ox1I3oAgJIch
FrLfmHppKDZu4gQaMEyd9laVSzjYB+5TnisuzekuqsG9uW+F3c3KolxWrfvLWjp0
R1+vZe8PRLc8W40wB2YX3f+lb4pI3HtLh5i2jNpHPZegmcUuY1aqbnLJdNajLvxR
FjAM3yeX5Awn6Ub6QF7IzPQBzs/gHsYIMgukjCRG2reeMTxDojhY0zaGr7h32BXE
Zstz/EqFb+9R0yqIzfc8tVkNJHIuW4WzahyoEoqYZb4TznWbxhHrrsl6i/Hz2Viv
LNcoG2CrYKrxO9QnxagHjWWVMk/Yh6xJLzUFajbYG9TYSt9UiFLy88Rt7SjDAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUZumwy0gLzGLyM1xAGRdopQFelnUwHwYDVR0j
BBgwFoAU/5bTBVe9rOJsUR4fSKNRRkMTDqgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
NDJjMWYzMi04MWFjLTQxMTgtYmUyZi01NzRjYTViNTQxZWEvMC9GRjk2RDMwNTU3
QkRBQ0UyNkM1MTFFMUY0OEEzNTE0NjQzMTMwRUE4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRkY5NkQzMDU1N0JEQUNFMjZDNTExRTFGNDhBMzUxNDY0MzEz
MEVBOC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzM0MmMxZjMyLTgxYWMtNDExOC1i
ZTJmLTU3NGNhNWI1NDFlYS8wLzMxMzAzMzJlMzIzMjM5MmUzMTMzMzEyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM1MzAzOTM2MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn5YMwDQYJ
KoZIhvcNAQELBQADggEBAJLlgnEcsgVzPKFb4/lcV+V3Oqqy3Q5vcvhujPGf/dT5
pv3BVOrHLxaBb2/1d6pRy0IyghAkKIieTGLiO1w5X1iksuJilI7nhLHm3ehNPLX0
NaZhCOCD5Fxs8k10BC159acb1W+UqGqfQns802jhzquMEXGUvGCOklKUWrYQARTl
BLNcdywkxrB/u0qF2s38SQQDHbbitJgZlVv14ahVvo0EWfl/6zgKykejICNu7yNg
f/jbc1qOFkXkd4Ak4FBxc1IlP3qI0Q67ZGFGU3q3/LGrnwKtpY6uQsmRyab50oU/
rvfTBff7oQturA/ksqUlHYc3W2xTJ/7H5P3rnThYoLk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:05:56 2024 by rpki-client on console-fra.rpki-client.org