Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/42713a32-fada-484e-a68d-0cac0fffa33c/0/3130332e3138362e3136382e302f32342d3234203d3e20313439333135.roa
File:                     3130332e3138362e3136382e302f32342d3234203d3e20313439333135.roa (raw, json)
Hash identifier:          32CtrHiq3f0uTgxLibSJTROo2tOR8vYm11Wret6Aafk=
Subject key identifier:   22:CB:2F:F8:53:55:8D:DF:ED:47:32:1A:51:82:31:0B:45:CD:8F:C7
Certificate issuer:       /CN=B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45
Certificate serial:       4057CD5EEC0B19660ED80E768B651DB39D623DE3
Authority key identifier: B0:FA:6C:3E:D4:78:0E:03:2B:0A:3F:16:1E:01:8A:7C:8F:A8:2B:45
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/42713a32-fada-484e-a68d-0cac0fffa33c/0/3130332e3138362e3136382e302f32342d3234203d3e20313439333135.roa
Signing time:             Fri 22 Mar 2024 08:00:02 +0000
ROA not before:           Fri 22 Mar 2024 07:55:02 +0000
ROA not after:            Fri 21 Mar 2025 08:00:02 +0000
asID:                     149315
IP address blocks:        103.186.168.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/42713a32-fada-484e-a68d-0cac0fffa33c/0/B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45.crl
                          rsync://repo-rpki.idnic.net/repo/42713a32-fada-484e-a68d-0cac0fffa33c/0/B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 21:27:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:57:cd:5e:ec:0b:19:66:0e:d8:0e:76:8b:65:1d:b3:9d:62:3d:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45
        Validity
            Not Before: Mar 22 07:55:02 2024 GMT
            Not After : Mar 21 08:00:02 2025 GMT
        Subject: CN=22CB2FF853558DDFED47321A5182310B45CD8FC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:f9:33:ff:99:24:0d:8a:9e:b5:44:2b:f1:a0:
                    be:a5:f2:94:f4:84:83:b2:39:11:13:c7:eb:19:fb:
                    d2:99:e8:08:b0:fc:57:fe:39:46:72:92:f3:5c:a6:
                    4a:6a:f4:1b:01:49:1e:13:b9:fc:1b:2b:38:3a:b5:
                    b7:5a:69:92:24:15:65:16:7a:9b:79:fe:78:d1:69:
                    58:34:f8:7c:7f:59:98:4f:6c:5a:a9:a1:56:36:32:
                    9d:15:32:1f:1f:11:3f:fc:1a:42:32:87:17:b0:1b:
                    de:62:00:40:c3:ec:28:84:65:02:d1:0d:7f:ca:dc:
                    6e:55:b4:5f:8f:9c:04:52:70:8f:91:08:4d:ef:d2:
                    58:57:dd:8b:ee:05:5a:1e:48:48:e4:22:6e:b3:90:
                    d0:b6:58:65:22:7b:e6:dc:e2:39:d1:ac:bc:88:ae:
                    88:70:88:78:5b:0e:5b:38:e0:b5:98:42:6d:27:d2:
                    10:84:d3:a9:2b:3b:19:ed:67:25:e0:62:c1:8a:9c:
                    6f:af:4b:9d:b3:09:b3:02:5e:b5:b7:d7:08:26:04:
                    ea:9f:2d:c2:05:00:cf:db:5d:b4:2d:ab:39:d0:20:
                    5c:2f:d5:96:d2:5b:7a:6a:e9:a8:f6:e1:ec:9c:1e:
                    72:c1:6b:aa:d7:61:8f:e1:1b:5c:13:e9:3d:d4:af:
                    e6:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:CB:2F:F8:53:55:8D:DF:ED:47:32:1A:51:82:31:0B:45:CD:8F:C7
            X509v3 Authority Key Identifier:
                keyid:B0:FA:6C:3E:D4:78:0E:03:2B:0A:3F:16:1E:01:8A:7C:8F:A8:2B:45

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/42713a32-fada-484e-a68d-0cac0fffa33c/0/B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B0FA6C3ED4780E032B0A3F161E018A7C8FA82B45.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/42713a32-fada-484e-a68d-0cac0fffa33c/0/3130332e3138362e3136382e302f32342d3234203d3e20313439333135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.186.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:e0:86:6c:12:87:1f:ff:32:09:29:4a:f7:6d:df:e6:1d:33:
         58:57:cf:c8:ff:a0:c6:ac:2b:7b:e6:92:8c:dc:bb:43:34:ef:
         40:54:0f:0c:09:df:45:42:0e:4e:49:08:20:7f:44:6e:c6:1e:
         23:80:bb:2c:96:6f:13:6e:8f:4c:04:ce:fe:ca:44:71:ce:fa:
         46:cc:8b:28:d2:f2:2b:5c:09:ef:52:a9:3c:d4:62:9e:b4:da:
         88:d6:8d:67:7b:dd:ca:a9:00:d6:ae:2a:8b:25:0f:a4:37:4e:
         35:93:2e:be:4e:27:91:8e:b8:55:e9:00:5c:3c:2a:25:d1:46:
         1d:3e:28:8c:58:ae:91:96:ec:cc:8f:50:8e:58:fd:56:40:e3:
         62:dc:5e:6f:07:2c:f4:a4:da:77:b0:e0:22:a6:b9:52:5d:65:
         3e:14:4b:43:6e:05:76:ba:56:57:d6:af:43:43:6c:4a:ff:19:
         c6:c9:72:4c:fc:5b:83:7e:ba:46:ce:b9:0a:0d:50:9d:fb:12:
         69:64:06:f5:a5:62:28:03:d9:01:3b:76:bf:5c:80:d4:65:31:
         10:6e:f0:94:0d:33:1e:97:40:c5:6b:fe:38:f3:d4:8f:e6:49:
         6c:db:3c:a3:d3:17:68:9e:4e:b2:12:b6:97:12:b5:81:c9:20:
         ed:7d:15:fd
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUQFfNXuwLGWYO2A52i2Uds51iPeMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjBGQTZDM0VENDc4MEUwMzJCMEEzRjE2MUUwMThBN0M4
RkE4MkI0NTAeFw0yNDAzMjIwNzU1MDJaFw0yNTAzMjEwODAwMDJaMDMxMTAvBgNV
BAMTKDIyQ0IyRkY4NTM1NThEREZFRDQ3MzIxQTUxODIzMTBCNDVDRDhGQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDu+TP/mSQNip61RCvxoL6l8pT0
hIOyORETx+sZ+9KZ6Aiw/Ff+OUZykvNcpkpq9BsBSR4TufwbKzg6tbdaaZIkFWUW
ept5/njRaVg0+Hx/WZhPbFqpoVY2Mp0VMh8fET/8GkIyhxewG95iAEDD7CiEZQLR
DX/K3G5VtF+PnARScI+RCE3v0lhX3YvuBVoeSEjkIm6zkNC2WGUie+bc4jnRrLyI
rohwiHhbDls44LWYQm0n0hCE06krOxntZyXgYsGKnG+vS52zCbMCXrW31wgmBOqf
LcIFAM/bXbQtqznQIFwv1ZbSW3pq6aj24eycHnLBa6rXYY/hG1wT6T3Ur+b5AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUIssv+FNVjd/tRzIaUYIxC0XNj8cwHwYDVR0j
BBgwFoAUsPpsPtR4DgMrCj8WHgGKfI+oK0UwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
MjcxM2EzMi1mYWRhLTQ4NGUtYTY4ZC0wY2FjMGZmZmEzM2MvMC9CMEZBNkMzRUQ0
NzgwRTAzMkIwQTNGMTYxRTAxOEE3QzhGQTgyQjQ1LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjBGQTZDM0VENDc4MEUwMzJCMEEzRjE2MUUwMThBN0M4RkE4
MkI0NS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzQyNzEzYTMyLWZhZGEtNDg0ZS1h
NjhkLTBjYWMwZmZmYTMzYy8wLzMxMzAzMzJlMzEzODM2MmUzMTM2MzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzMzMxMzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnuqgwDQYJ
KoZIhvcNAQELBQADggEBABbghmwShx//MgkpSvdt3+YdM1hXz8j/oMasK3vmkozc
u0M070BUDwwJ30VCDk5JCCB/RG7GHiOAuyyWbxNuj0wEzv7KRHHO+kbMiyjS8itc
Ce9SqTzUYp602ojWjWd73cqpANauKoslD6Q3TjWTLr5OJ5GOuFXpAFw8KiXRRh0+
KIxYrpGW7MyPUI5Y/VZA42LcXm8HLPSk2new4CKmuVJdZT4US0NuBXa6VlfWr0ND
bEr/GcbJckz8W4N+ukbOuQoNUJ37EmlkBvWlYigD2QE7dr9cgNRlMRBu8JQNMx6X
QMVr/jjz1I/mSWzbPKPTF2ieTrIStpcStYHJIO19Ff0=
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:33:16 2024 by rpki-client on console-fra.rpki-client.org