Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/3e87f1d1-06fb-436b-9ce6-92daa29f1f9b/0/3130332e3137372e39362e302f32332d3234203d3e20313331313131.roa
File:                     3130332e3137372e39362e302f32332d3234203d3e20313331313131.roa (raw, json)
Hash identifier:          1QLuCRO34ugTOb/8eGjB9fW7J4ukTQIQrC/tSmj3c34=
Subject key identifier:   D1:63:12:0A:89:DB:47:7F:0F:7A:7F:40:70:91:EC:01:FE:9F:C6:EF
Certificate issuer:       /CN=1811CB623E9BFFB82945CA39C74C4C274914837F
Certificate serial:       50ABEB15B23683918540D6B042CF550215CEC41D
Authority key identifier: 18:11:CB:62:3E:9B:FF:B8:29:45:CA:39:C7:4C:4C:27:49:14:83:7F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1811CB623E9BFFB82945CA39C74C4C274914837F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/3e87f1d1-06fb-436b-9ce6-92daa29f1f9b/0/3130332e3137372e39362e302f32332d3234203d3e20313331313131.roa
Signing time:             Fri 10 Nov 2023 09:02:21 +0000
ROA not before:           Fri 10 Nov 2023 08:57:21 +0000
ROA not after:            Fri 08 Nov 2024 09:02:21 +0000
asID:                     131111
IP address blocks:        103.177.96.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/3e87f1d1-06fb-436b-9ce6-92daa29f1f9b/0/1811CB623E9BFFB82945CA39C74C4C274914837F.crl
                          rsync://repo-rpki.idnic.net/repo/3e87f1d1-06fb-436b-9ce6-92daa29f1f9b/0/1811CB623E9BFFB82945CA39C74C4C274914837F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1811CB623E9BFFB82945CA39C74C4C274914837F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 31 Mar 2024 16:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:ab:eb:15:b2:36:83:91:85:40:d6:b0:42:cf:55:02:15:ce:c4:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1811CB623E9BFFB82945CA39C74C4C274914837F
        Validity
            Not Before: Nov 10 08:57:21 2023 GMT
            Not After : Nov  8 09:02:21 2024 GMT
        Subject: CN=D163120A89DB477F0F7A7F407091EC01FE9FC6EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:48:4a:29:19:9c:96:5e:d5:d1:f3:65:2a:db:
                    52:6b:91:25:ae:3c:85:3f:29:58:ca:88:35:fb:d6:
                    e3:89:f8:9c:b2:43:11:3c:ce:4c:eb:37:5d:da:f7:
                    94:e0:28:c6:09:51:ea:e0:20:e6:d6:d0:21:56:ab:
                    0c:19:cd:c1:8b:bb:7e:73:db:b5:52:1c:67:f9:41:
                    8b:a7:b1:67:75:09:e5:88:3b:bb:aa:ad:5c:93:31:
                    cc:36:24:02:22:9f:45:69:67:80:33:9c:20:b9:bb:
                    10:cf:d7:60:d1:58:d5:ce:73:5b:14:e7:3a:6c:49:
                    9c:ca:88:cb:13:94:ce:da:3a:60:0b:c4:97:a1:1b:
                    fb:26:eb:18:19:3a:a8:72:53:ec:81:0d:4e:74:97:
                    ab:98:36:3d:99:e2:87:a8:0e:3f:aa:16:01:f0:e8:
                    18:b7:3f:52:00:cb:a1:74:74:dc:b0:be:b2:6b:8f:
                    61:c3:b4:ee:d6:d0:d0:e6:0e:7d:72:97:21:cc:ef:
                    2c:48:3d:5c:a0:ec:e2:fb:5b:bc:5e:d1:6d:72:9a:
                    85:ce:a7:33:a5:3a:08:a2:02:d6:2d:e2:52:76:95:
                    58:1b:e7:d1:40:c4:3e:95:cb:85:c2:f2:4f:3a:bc:
                    ce:d5:04:6c:09:02:4d:16:4a:80:3a:b2:25:d0:88:
                    07:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:63:12:0A:89:DB:47:7F:0F:7A:7F:40:70:91:EC:01:FE:9F:C6:EF
            X509v3 Authority Key Identifier:
                keyid:18:11:CB:62:3E:9B:FF:B8:29:45:CA:39:C7:4C:4C:27:49:14:83:7F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/3e87f1d1-06fb-436b-9ce6-92daa29f1f9b/0/1811CB623E9BFFB82945CA39C74C4C274914837F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1811CB623E9BFFB82945CA39C74C4C274914837F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/3e87f1d1-06fb-436b-9ce6-92daa29f1f9b/0/3130332e3137372e39362e302f32332d3234203d3e20313331313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.177.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         69:71:21:90:90:3c:08:f6:fd:39:af:ac:6c:d6:42:7c:9f:5a:
         8d:7b:f8:5e:48:52:af:6f:06:1b:46:22:31:cd:9f:84:31:8c:
         0f:26:c5:ed:fe:09:a2:22:5a:88:05:33:15:34:c4:10:9f:28:
         ac:5e:8c:e7:9a:02:24:6b:67:4d:26:ed:34:12:68:c3:42:ca:
         90:a2:e2:e4:c7:c0:45:fc:70:de:38:9e:b9:84:24:b6:c7:e0:
         55:b8:ed:5f:5d:fe:da:09:50:d5:33:cd:f2:3f:4f:a6:99:64:
         e6:63:d0:e2:bd:e6:19:eb:56:1f:94:0b:e4:41:47:2b:81:9e:
         03:ca:44:0b:fc:3b:32:32:67:4d:61:83:c4:ba:41:1c:35:1a:
         70:9a:66:5e:b5:ed:75:dc:6b:10:dd:60:df:e2:ce:9e:f1:17:
         8b:72:bd:00:00:16:72:a6:c6:e3:2a:cd:0b:c4:0a:17:b8:e2:
         8e:68:69:8a:05:87:df:1b:78:26:d2:1e:c5:a3:08:59:0b:c0:
         a5:00:50:a1:5c:f2:6b:5e:10:98:8f:34:0d:e0:60:dd:ef:6c:
         dd:47:f4:f2:3e:94:ca:ee:45:9c:ef:b1:2d:d2:a0:25:ca:4a:
         ba:f3:bb:bb:c9:ad:27:42:3b:a0:4c:b0:d3:6c:25:f8:32:7f:
         da:55:f4:e8
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUUKvrFbI2g5GFQNawQs9VAhXOxB0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTgxMUNCNjIzRTlCRkZCODI5NDVDQTM5Qzc0QzRDMjc0
OTE0ODM3RjAeFw0yMzExMTAwODU3MjFaFw0yNDExMDgwOTAyMjFaMDMxMTAvBgNV
BAMTKEQxNjMxMjBBODlEQjQ3N0YwRjdBN0Y0MDcwOTFFQzAxRkU5RkM2RUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwSEopGZyWXtXR82Uq21JrkSWu
PIU/KVjKiDX71uOJ+JyyQxE8zkzrN13a95TgKMYJUergIObW0CFWqwwZzcGLu35z
27VSHGf5QYunsWd1CeWIO7uqrVyTMcw2JAIin0VpZ4AznCC5uxDP12DRWNXOc1sU
5zpsSZzKiMsTlM7aOmALxJehG/sm6xgZOqhyU+yBDU50l6uYNj2Z4oeoDj+qFgHw
6Bi3P1IAy6F0dNywvrJrj2HDtO7W0NDmDn1ylyHM7yxIPVyg7OL7W7xe0W1ymoXO
pzOlOgiiAtYt4lJ2lVgb59FAxD6Vy4XC8k86vM7VBGwJAk0WSoA6siXQiAeXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU0WMSConbR38Pen9AcJHsAf6fxu8wHwYDVR0j
BBgwFoAUGBHLYj6b/7gpRco5x0xMJ0kUg38wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8z
ZTg3ZjFkMS0wNmZiLTQzNmItOWNlNi05MmRhYTI5ZjFmOWIvMC8xODExQ0I2MjNF
OUJGRkI4Mjk0NUNBMzlDNzRDNEMyNzQ5MTQ4MzdGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMTgxMUNCNjIzRTlCRkZCODI5NDVDQTM5Qzc0QzRDMjc0OTE0
ODM3Ri5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzNlODdmMWQxLTA2ZmItNDM2Yi05
Y2U2LTkyZGFhMjlmMWY5Yi8wLzMxMzAzMzJlMzEzNzM3MmUzOTM2MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzMzMxMzEzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ7FgMA0GCSqG
SIb3DQEBCwUAA4IBAQBpcSGQkDwI9v05r6xs1kJ8n1qNe/heSFKvbwYbRiIxzZ+E
MYwPJsXt/gmiIlqIBTMVNMQQnyisXoznmgIka2dNJu00EmjDQsqQouLkx8BF/HDe
OJ65hCS2x+BVuO1fXf7aCVDVM83yP0+mmWTmY9DiveYZ61YflAvkQUcrgZ4DykQL
/DsyMmdNYYPEukEcNRpwmmZete113GsQ3WDf4s6e8ReLcr0AABZypsbjKs0LxAoX
uOKOaGmKBYffG3gm0h7FowhZC8ClAFChXPJrXhCYjzQN4GDd72zdR/TyPpTK7kWc
77Et0qAlykq687u7ya0nQjugTLDTbCX4Mn/aVfTo
-----END CERTIFICATE-----
Generated at Thu Mar 28 19:38:51 2024 by rpki-client on console-fra.rpki-client.org