Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/4b048064-87de-4de7-b0bd-12fa0deb8e32/0/3130332e37312e3139312e302f32342d3234203d3e20313335343732.roa
File:                     3130332e37312e3139312e302f32342d3234203d3e20313335343732.roa (raw, json)
Hash identifier:          SMYYurY0SEO2jZThWJbzWbXaP4HTkeYhENGpVK8uUQA=
Subject key identifier:   CB:C1:93:8D:93:9D:15:9B:9C:DF:78:F3:3C:24:76:38:B4:85:E3:DA
Certificate issuer:       /CN=59B19DD1D646793F5F17D89C42AC2F6399FB1854
Certificate serial:       6EC641724E58F1E28875E33C78C8E59E79BB3B37
Authority key identifier: 59:B1:9D:D1:D6:46:79:3F:5F:17:D8:9C:42:AC:2F:63:99:FB:18:54
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/59B19DD1D646793F5F17D89C42AC2F6399FB1854.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/4b048064-87de-4de7-b0bd-12fa0deb8e32/0/3130332e37312e3139312e302f32342d3234203d3e20313335343732.roa
Signing time:             Mon 01 Jul 2024 01:05:51 +0000
ROA not before:           Mon 01 Jul 2024 01:00:51 +0000
ROA not after:            Mon 30 Jun 2025 01:05:51 +0000
asID:                     135472
IP address blocks:        103.71.191.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/4b048064-87de-4de7-b0bd-12fa0deb8e32/0/59B19DD1D646793F5F17D89C42AC2F6399FB1854.crl
                          rsync://repo-rpki.idnic.net/repo/4b048064-87de-4de7-b0bd-12fa0deb8e32/0/59B19DD1D646793F5F17D89C42AC2F6399FB1854.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/59B19DD1D646793F5F17D89C42AC2F6399FB1854.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 01:21:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:c6:41:72:4e:58:f1:e2:88:75:e3:3c:78:c8:e5:9e:79:bb:3b:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=59B19DD1D646793F5F17D89C42AC2F6399FB1854
        Validity
            Not Before: Jul  1 01:00:51 2024 GMT
            Not After : Jun 30 01:05:51 2025 GMT
        Subject: CN=CBC1938D939D159B9CDF78F33C247638B485E3DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:39:e7:04:35:80:24:80:62:a7:52:ab:8d:34:
                    ee:81:9d:84:2d:64:f1:d0:88:4f:be:30:81:26:0f:
                    cf:45:45:aa:9f:cd:9b:98:3c:dc:93:38:3e:ed:bd:
                    87:08:b2:b7:1e:40:53:cb:a4:22:f9:0c:9a:e0:5d:
                    6e:a7:e4:ec:51:59:21:2b:7b:70:85:4c:83:61:08:
                    b8:d5:42:f6:c0:be:87:2b:cf:ab:5b:ed:38:52:0c:
                    38:3c:c0:e8:b5:56:e2:20:03:c9:d3:05:86:9b:df:
                    c8:c1:18:6c:d4:53:6f:59:f8:c4:18:ad:58:72:72:
                    15:0b:1c:95:f3:97:54:b4:2c:be:76:df:2e:34:30:
                    9d:c9:fe:65:33:cf:58:90:60:54:00:8c:d0:1e:8f:
                    91:13:ae:eb:6f:d5:7b:77:51:4e:88:cc:73:9f:f2:
                    b3:6f:d4:81:47:ce:e9:2c:88:e4:40:bf:05:1d:e3:
                    49:61:46:f9:15:4d:dc:ef:6c:c9:95:10:ca:88:33:
                    99:78:92:d1:84:4b:d8:77:05:29:e5:d0:d3:45:06:
                    18:65:19:32:ad:9a:a3:ac:64:c4:dd:10:05:2d:c9:
                    1e:c9:c8:71:80:cf:4a:7f:6d:80:ca:c6:e3:4a:14:
                    48:6a:05:c4:71:20:80:ed:86:0e:05:15:c8:f0:4f:
                    cc:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:C1:93:8D:93:9D:15:9B:9C:DF:78:F3:3C:24:76:38:B4:85:E3:DA
            X509v3 Authority Key Identifier:
                keyid:59:B1:9D:D1:D6:46:79:3F:5F:17:D8:9C:42:AC:2F:63:99:FB:18:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/4b048064-87de-4de7-b0bd-12fa0deb8e32/0/59B19DD1D646793F5F17D89C42AC2F6399FB1854.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/59B19DD1D646793F5F17D89C42AC2F6399FB1854.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/4b048064-87de-4de7-b0bd-12fa0deb8e32/0/3130332e37312e3139312e302f32342d3234203d3e20313335343732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.71.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:ff:71:b0:84:a3:cf:26:1b:00:0c:69:16:41:8b:7e:6d:fa:
         de:58:fa:80:b2:a9:24:b2:fe:e5:b8:22:40:da:a1:49:53:fb:
         7d:14:76:59:44:61:a1:11:69:dd:c6:71:82:38:60:77:b1:38:
         8e:d5:aa:8e:87:8d:b3:ba:14:9a:d5:e1:a2:42:51:71:44:1b:
         ba:2c:a3:f1:8c:79:99:27:34:8d:9d:aa:7a:fb:74:9d:75:8c:
         bc:63:c7:84:e3:e8:c1:82:88:a1:58:6a:11:63:35:f6:1a:19:
         5c:10:58:e5:c6:6e:12:67:2d:3d:76:87:7c:a9:37:2d:c4:7d:
         c0:09:af:fe:db:d6:cf:48:14:7c:f1:ae:ae:84:b0:e4:ef:a3:
         1d:af:cd:47:db:01:a1:d0:01:b5:7b:30:0a:96:25:e6:f5:bd:
         4f:ee:10:9e:2f:5e:e6:9c:9f:18:4a:13:37:34:9a:d3:08:e3:
         6b:b1:7b:2d:54:c0:96:90:17:1d:4b:eb:32:c1:35:50:ca:dd:
         52:62:4a:36:8f:9a:97:39:4e:8a:35:96:3d:21:54:10:50:e4:
         d6:ad:71:c3:95:ef:c7:fe:87:e5:fb:a7:b0:57:df:bc:c0:16:
         b6:1a:cb:04:6d:26:87:ab:85:f8:3b:f6:69:b7:62:85:e2:7a:
         83:4b:1d:04
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUbsZBck5Y8eKIdeM8eMjlnnm7OzcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTlCMTlERDFENjQ2NzkzRjVGMTdEODlDNDJBQzJGNjM5
OUZCMTg1NDAeFw0yNDA3MDEwMTAwNTFaFw0yNTA2MzAwMTA1NTFaMDMxMTAvBgNV
BAMTKENCQzE5MzhEOTM5RDE1OUI5Q0RGNzhGMzNDMjQ3NjM4QjQ4NUUzREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5OecENYAkgGKnUquNNO6BnYQt
ZPHQiE++MIEmD89FRaqfzZuYPNyTOD7tvYcIsrceQFPLpCL5DJrgXW6n5OxRWSEr
e3CFTINhCLjVQvbAvocrz6tb7ThSDDg8wOi1VuIgA8nTBYab38jBGGzUU29Z+MQY
rVhychULHJXzl1S0LL523y40MJ3J/mUzz1iQYFQAjNAej5ETrutv1Xt3UU6IzHOf
8rNv1IFHzuksiORAvwUd40lhRvkVTdzvbMmVEMqIM5l4ktGES9h3BSnl0NNFBhhl
GTKtmqOsZMTdEAUtyR7JyHGAz0p/bYDKxuNKFEhqBcRxIIDthg4FFcjwT8yRAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUy8GTjZOdFZuc33jzPCR2OLSF49owHwYDVR0j
BBgwFoAUWbGd0dZGeT9fF9icQqwvY5n7GFQwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby80
YjA0ODA2NC04N2RlLTRkZTctYjBiZC0xMmZhMGRlYjhlMzIvMC81OUIxOUREMUQ2
NDY3OTNGNUYxN0Q4OUM0MkFDMkY2Mzk5RkIxODU0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNTlCMTlERDFENjQ2NzkzRjVGMTdEODlDNDJBQzJGNjM5OUZC
MTg1NC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzRiMDQ4MDY0LTg3ZGUtNGRlNy1i
MGJkLTEyZmEwZGViOGUzMi8wLzMxMzAzMzJlMzczMTJlMzEzOTMxMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM1MzQzNzMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0e/MA0GCSqG
SIb3DQEBCwUAA4IBAQC1/3GwhKPPJhsADGkWQYt+bfreWPqAsqkksv7luCJA2qFJ
U/t9FHZZRGGhEWndxnGCOGB3sTiO1aqOh42zuhSa1eGiQlFxRBu6LKPxjHmZJzSN
nap6+3SddYy8Y8eE4+jBgoihWGoRYzX2GhlcEFjlxm4SZy09dod8qTctxH3ACa/+
29bPSBR88a6uhLDk76Mdr81H2wGh0AG1ezAKliXm9b1P7hCeL17mnJ8YShM3NJrT
CONrsXstVMCWkBcdS+sywTVQyt1SYko2j5qXOU6KNZY9IVQQUOTWrXHDle/H/ofl
+6ewV9+8wBa2GssEbSaHq4X4O/Zpt2KF4nqDSx0E
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:33:06 2024 by rpki-client on console-fra.rpki-client.org