Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/543cc6a8-e7aa-4f37-bd08-f2eb57e88736/0/3130332e3136362e3132322e302f32332d3233203d3e20313431393435.roa
File:                     3130332e3136362e3132322e302f32332d3233203d3e20313431393435.roa (raw, json)
Hash identifier:          Vy7RmXv6YbxOhDGsW/Z69ao7mBnWT2K/NkTuN4Glb7A=
Subject key identifier:   3B:1F:4F:F2:15:A4:8F:4C:2C:B3:BB:B6:A3:5B:8C:69:F5:7C:6D:5F
Certificate issuer:       /CN=EFBA99D11F5C07B48EC639EB1119AB525D8050AF
Certificate serial:       044706EBEB627652B7F7AF3CA3604B5E2FF53338
Authority key identifier: EF:BA:99:D1:1F:5C:07:B4:8E:C6:39:EB:11:19:AB:52:5D:80:50:AF
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EFBA99D11F5C07B48EC639EB1119AB525D8050AF.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/543cc6a8-e7aa-4f37-bd08-f2eb57e88736/0/3130332e3136362e3132322e302f32332d3233203d3e20313431393435.roa
Signing time:             Wed 16 Oct 2024 07:00:33 +0000
ROA not before:           Wed 16 Oct 2024 06:55:33 +0000
ROA not after:            Wed 15 Oct 2025 07:00:33 +0000
asID:                     141945
IP address blocks:        103.166.122.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/543cc6a8-e7aa-4f37-bd08-f2eb57e88736/0/EFBA99D11F5C07B48EC639EB1119AB525D8050AF.crl
                          rsync://repo-rpki.idnic.net/repo/543cc6a8-e7aa-4f37-bd08-f2eb57e88736/0/EFBA99D11F5C07B48EC639EB1119AB525D8050AF.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EFBA99D11F5C07B48EC639EB1119AB525D8050AF.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 17:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:47:06:eb:eb:62:76:52:b7:f7:af:3c:a3:60:4b:5e:2f:f5:33:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EFBA99D11F5C07B48EC639EB1119AB525D8050AF
        Validity
            Not Before: Oct 16 06:55:33 2024 GMT
            Not After : Oct 15 07:00:33 2025 GMT
        Subject: CN=3B1F4FF215A48F4C2CB3BBB6A35B8C69F57C6D5F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:73:89:6c:fa:9f:74:50:3c:ef:9b:27:11:96:
                    2f:83:d9:40:82:be:26:6a:2e:a4:02:34:6a:95:c7:
                    ac:4a:93:45:c2:7c:55:2b:bb:6c:57:51:0c:54:ef:
                    f0:0d:36:3c:78:80:52:6c:4c:11:27:85:40:14:84:
                    f8:aa:3c:c1:03:00:57:c4:03:d4:8b:15:a6:c9:d0:
                    65:70:b6:1a:97:ec:a2:5f:06:03:39:7d:61:8b:6a:
                    3a:7b:87:8e:78:bc:22:66:51:c2:f6:8f:76:1b:02:
                    f6:71:7d:bc:04:1a:ec:85:81:ac:00:fc:ed:68:2c:
                    0b:b5:42:07:89:fc:35:b4:d6:69:6a:1a:db:d7:b1:
                    12:92:be:88:83:50:71:84:1a:fd:92:7b:63:6a:8f:
                    86:08:a7:a1:1c:18:54:93:ed:cc:6e:3c:38:7e:c9:
                    da:fa:d8:55:10:96:f0:4d:fb:be:ff:1b:ad:fc:de:
                    57:f2:3b:ad:76:7e:31:5c:a9:b2:38:66:36:17:89:
                    d7:b6:29:27:73:48:1d:30:6c:2b:0b:2d:d2:7c:90:
                    41:9c:3a:6a:85:1d:25:5f:f2:c6:2f:df:cd:51:62:
                    72:fd:f3:3b:78:d0:08:87:c9:4d:72:b1:35:c9:4e:
                    94:43:8d:9d:6a:95:47:27:1a:c6:36:50:d1:9e:0b:
                    a3:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:1F:4F:F2:15:A4:8F:4C:2C:B3:BB:B6:A3:5B:8C:69:F5:7C:6D:5F
            X509v3 Authority Key Identifier:
                keyid:EF:BA:99:D1:1F:5C:07:B4:8E:C6:39:EB:11:19:AB:52:5D:80:50:AF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/543cc6a8-e7aa-4f37-bd08-f2eb57e88736/0/EFBA99D11F5C07B48EC639EB1119AB525D8050AF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/EFBA99D11F5C07B48EC639EB1119AB525D8050AF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/543cc6a8-e7aa-4f37-bd08-f2eb57e88736/0/3130332e3136362e3132322e302f32332d3233203d3e20313431393435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.166.122.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1c:43:ae:ce:18:71:24:87:5c:cd:18:9f:cf:20:9a:cf:7d:6e:
         9b:8d:1a:f8:b3:2b:17:8d:18:84:59:f0:a2:87:34:23:db:c0:
         12:34:84:40:c5:1f:b2:eb:c3:d7:25:2f:de:ab:5e:23:47:ee:
         b4:8a:a2:0d:90:ee:3e:15:3d:58:dc:93:55:a4:d7:b9:02:d2:
         b3:a0:15:2c:13:53:50:00:c0:ab:1f:bc:34:a0:ac:b1:44:a7:
         e0:ec:30:2c:fc:b0:ac:a2:30:85:67:22:32:8a:1b:bd:50:64:
         81:69:5e:7f:c1:ff:06:a1:ba:84:57:3a:4b:55:80:5d:bc:2b:
         88:f8:a6:c2:45:1a:55:08:e1:e1:40:b6:0f:4a:34:e4:df:a1:
         50:9c:ea:65:4f:6f:f5:ed:3d:49:2a:12:fc:5b:9b:46:5e:1d:
         36:49:e4:68:ff:72:b8:56:7f:c4:ab:ae:39:50:6a:35:33:ed:
         c0:1c:c6:5d:72:f3:86:4d:5f:f9:f0:04:d0:ad:59:8d:0c:b3:
         f6:2e:68:43:ce:90:a8:d7:26:bb:05:38:af:8c:52:d6:06:1c:
         e0:a9:92:56:38:e2:d6:38:6e:ca:e9:e2:9b:1a:8f:60:f1:a3:
         82:28:15:8e:66:c0:42:5f:5e:1c:f6:05:6a:3a:ef:8b:ed:6b:
         ad:49:cf:65
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUBEcG6+tidlK39688o2BLXi/1MzgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUZCQTk5RDExRjVDMDdCNDhFQzYzOUVCMTExOUFCNTI1
RDgwNTBBRjAeFw0yNDEwMTYwNjU1MzNaFw0yNTEwMTUwNzAwMzNaMDMxMTAvBgNV
BAMTKDNCMUY0RkYyMTVBNDhGNEMyQ0IzQkJCNkEzNUI4QzY5RjU3QzZENUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMc4ls+p90UDzvmycRli+D2UCC
viZqLqQCNGqVx6xKk0XCfFUru2xXUQxU7/ANNjx4gFJsTBEnhUAUhPiqPMEDAFfE
A9SLFabJ0GVwthqX7KJfBgM5fWGLajp7h454vCJmUcL2j3YbAvZxfbwEGuyFgawA
/O1oLAu1QgeJ/DW01mlqGtvXsRKSvoiDUHGEGv2Se2Nqj4YIp6EcGFST7cxuPDh+
ydr62FUQlvBN+77/G6383lfyO612fjFcqbI4ZjYXide2KSdzSB0wbCsLLdJ8kEGc
OmqFHSVf8sYv381RYnL98zt40AiHyU1ysTXJTpRDjZ1qlUcnGsY2UNGeC6PTAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUOx9P8hWkj0wss7u2o1uMafV8bV8wHwYDVR0j
BBgwFoAU77qZ0R9cB7SOxjnrERmrUl2AUK8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
NDNjYzZhOC1lN2FhLTRmMzctYmQwOC1mMmViNTdlODg3MzYvMC9FRkJBOTlEMTFG
NUMwN0I0OEVDNjM5RUIxMTE5QUI1MjVEODA1MEFGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRUZCQTk5RDExRjVDMDdCNDhFQzYzOUVCMTExOUFCNTI1RDgw
NTBBRi5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzU0M2NjNmE4LWU3YWEtNGYzNy1i
ZDA4LWYyZWI1N2U4ODczNi8wLzMxMzAzMzJlMzEzNjM2MmUzMTMyMzIyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM0MzEzOTM0MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFnpnowDQYJ
KoZIhvcNAQELBQADggEBABxDrs4YcSSHXM0Yn88gms99bpuNGvizKxeNGIRZ8KKH
NCPbwBI0hEDFH7Lrw9clL96rXiNH7rSKog2Q7j4VPVjck1Wk17kC0rOgFSwTU1AA
wKsfvDSgrLFEp+DsMCz8sKyiMIVnIjKKG71QZIFpXn/B/wahuoRXOktVgF28K4j4
psJFGlUI4eFAtg9KNOTfoVCc6mVPb/XtPUkqEvxbm0ZeHTZJ5Gj/crhWf8SrrjlQ
ajUz7cAcxl1y84ZNX/nwBNCtWY0Ms/YuaEPOkKjXJrsFOK+MUtYGHOCpklY44tY4
bsrp4psaj2Dxo4IoFY5mwEJfXhz2BWo674vta61Jz2U=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:19:26 2024 by rpki-client on console-ams.rpki-client.org