Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa
File:                     3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa (raw, json)
Hash identifier:          8m5M/QJ2yVVXmA7O3NNT2n9j+JOQK4d7VoqkmuOCwi4=
Subject key identifier:   38:10:6E:14:C6:A4:C6:3B:E4:A8:F7:E8:6A:68:EB:38:5F:06:88:65
Certificate issuer:       /CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657
Certificate serial:       6072016007CCCBCEC2279E39DB07F163A121AF17
Authority key identifier: 43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa
Signing time:             Mon 19 Feb 2024 17:00:02 +0000
ROA not before:           Mon 19 Feb 2024 16:55:02 +0000
ROA not after:            Mon 17 Feb 2025 17:00:02 +0000
asID:                     147131
IP address blocks:        103.176.96.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl
                          rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 05:19:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:72:01:60:07:cc:cb:ce:c2:27:9e:39:db:07:f1:63:a1:21:af:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657
        Validity
            Not Before: Feb 19 16:55:02 2024 GMT
            Not After : Feb 17 17:00:02 2025 GMT
        Subject: CN=38106E14C6A4C63BE4A8F7E86A68EB385F068865
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fb:01:7b:35:5e:8e:d1:16:11:22:58:8d:52:
                    3e:f5:14:95:de:3f:48:ff:7c:4d:17:88:5f:fe:07:
                    7c:cb:7d:4d:2e:de:8c:03:d8:27:cc:ff:0d:09:a2:
                    c6:e7:1c:4e:3b:53:e2:c4:82:1f:58:da:9c:7e:32:
                    e8:1b:55:30:b5:69:32:e8:1e:8b:41:84:cb:0f:ee:
                    c3:bf:95:27:49:7a:ba:f5:54:86:6d:6f:7b:ff:33:
                    85:b6:6f:a5:cd:cd:ff:bc:0b:38:21:6c:91:e8:b0:
                    ba:5b:86:4e:c9:a2:49:5a:4a:49:1f:eb:a7:34:3f:
                    f9:85:d6:51:7f:f7:58:3d:f1:35:0c:9a:2e:a9:09:
                    7a:3d:cf:3b:74:c4:ae:c3:3e:e4:f8:9e:0f:65:d2:
                    97:6c:6d:93:31:8e:91:d6:d3:4b:68:71:05:cf:c6:
                    3d:6a:d5:c0:1f:74:62:71:23:b9:b3:18:6a:ce:1f:
                    90:9f:8e:b2:a2:e3:e9:f2:a6:03:2f:4a:f8:9b:46:
                    1b:a7:a1:16:06:b0:db:89:b2:41:a0:ef:d1:17:e6:
                    66:df:1e:04:df:41:f8:1c:ea:69:52:a3:ae:79:78:
                    46:3a:2e:95:7e:ee:1f:f3:d3:23:50:72:07:0d:57:
                    84:40:85:3f:90:86:53:19:bb:9a:5f:c3:ba:d8:f7:
                    57:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:10:6E:14:C6:A4:C6:3B:E4:A8:F7:E8:6A:68:EB:38:5F:06:88:65
            X509v3 Authority Key Identifier:
                keyid:43:37:E9:FF:91:A0:CB:65:CE:1E:B8:FA:EB:61:08:F5:E3:7B:B6:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/4337E9FF91A0CB65CE1EB8FAEB6108F5E37BB657.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/5c34dc3f-308f-4de1-a365-701bd9cf1004/0/3130332e3137362e39362e302f32342d3234203d3e20313437313331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.176.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:38:1b:2c:e9:b4:07:1f:6c:1d:7c:fe:08:29:27:45:f3:bc:
         08:26:bf:ca:49:35:67:d3:35:34:15:64:a9:76:43:51:86:4d:
         6b:91:d9:68:5c:35:3f:cb:99:51:f4:c3:14:85:7d:1d:d7:ec:
         d2:6f:2e:f8:5e:e5:58:21:ca:f7:b6:12:26:eb:f7:2f:6f:0c:
         ce:bd:39:bd:d8:93:e9:4c:54:97:b8:cf:e1:4c:5c:1a:6e:6b:
         52:f2:53:73:76:ea:7a:50:7f:aa:1a:07:72:01:ca:5b:da:74:
         a2:d0:ef:57:12:79:db:b9:80:bd:d9:8c:01:bb:12:55:1d:28:
         4a:c5:2c:8a:49:68:44:33:5c:4d:d2:c9:4b:bd:fd:7f:ef:e4:
         b8:ec:f1:3c:dc:7e:c5:70:38:ca:f2:06:5c:a7:15:22:07:a2:
         d2:9c:63:7a:4b:90:cf:d2:96:49:6e:77:4e:8f:95:d7:7a:40:
         a2:6a:37:fd:c0:c0:c4:be:01:eb:46:e1:07:ac:b4:d5:8e:6d:
         0c:8b:b3:43:de:df:d4:b7:07:bf:fc:d1:39:2c:40:65:c9:36:
         49:62:a4:5a:ca:89:e4:94:5c:35:13:b8:c2:9a:54:39:dc:61:
         2c:b2:3a:17:57:ab:39:c8:ce:cd:74:e3:a1:f7:4d:c6:f1:74:
         3c:f0:d6:e4
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUYHIBYAfMy87CJ5452wfxY6EhrxcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVF
MzdCQjY1NzAeFw0yNDAyMTkxNjU1MDJaFw0yNTAyMTcxNzAwMDJaMDMxMTAvBgNV
BAMTKDM4MTA2RTE0QzZBNEM2M0JFNEE4RjdFODZBNjhFQjM4NUYwNjg4NjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM+wF7NV6O0RYRIliNUj71FJXe
P0j/fE0XiF/+B3zLfU0u3owD2CfM/w0JosbnHE47U+LEgh9Y2px+MugbVTC1aTLo
HotBhMsP7sO/lSdJerr1VIZtb3v/M4W2b6XNzf+8CzghbJHosLpbhk7JoklaSkkf
66c0P/mF1lF/91g98TUMmi6pCXo9zzt0xK7DPuT4ng9l0pdsbZMxjpHW00tocQXP
xj1q1cAfdGJxI7mzGGrOH5CfjrKi4+nypgMvSvibRhunoRYGsNuJskGg79EX5mbf
HgTfQfgc6mlSo655eEY6LpV+7h/z0yNQcgcNV4RAhT+QhlMZu5pfw7rY91f3AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUOBBuFMakxjvkqPfoamjrOF8GiGUwHwYDVR0j
BBgwFoAUQzfp/5Ggy2XOHrj662EI9eN7tlcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby81
YzM0ZGMzZi0zMDhmLTRkZTEtYTM2NS03MDFiZDljZjEwMDQvMC80MzM3RTlGRjkx
QTBDQjY1Q0UxRUI4RkFFQjYxMDhGNUUzN0JCNjU3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNDMzN0U5RkY5MUEwQ0I2NUNFMUVCOEZBRUI2MTA4RjVFMzdC
QjY1Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzVjMzRkYzNmLTMwOGYtNGRlMS1h
MzY1LTcwMWJkOWNmMTAwNC8wLzMxMzAzMzJlMzEzNzM2MmUzOTM2MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNDM3MzEzMzMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ7BgMA0GCSqG
SIb3DQEBCwUAA4IBAQBYOBss6bQHH2wdfP4IKSdF87wIJr/KSTVn0zU0FWSpdkNR
hk1rkdloXDU/y5lR9MMUhX0d1+zSby74XuVYIcr3thIm6/cvbwzOvTm92JPpTFSX
uM/hTFwabmtS8lNzdup6UH+qGgdyAcpb2nSi0O9XEnnbuYC92YwBuxJVHShKxSyK
SWhEM1xN0slLvf1/7+S47PE83H7FcDjK8gZcpxUiB6LSnGN6S5DP0pZJbndOj5XX
ekCiajf9wMDEvgHrRuEHrLTVjm0Mi7ND3t/Utwe//NE5LEBlyTZJYqRayonklFw1
E7jCmlQ53GEssjoXV6s5yM7NdOOh903G8XQ88Nbk
-----END CERTIFICATE-----
Generated at Fri Nov 22 06:33:23 2024 by rpki-client on console-ams.rpki-client.org