Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa
File:                     3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa (raw, json)
Hash identifier:          nxYOm0XXR50V6GnhRaIQYUBF2UG5sIA0HyaLTjhPLDc=
Subject key identifier:   23:14:46:7B:AB:8F:E3:77:DE:FA:FA:BF:7A:7B:B1:23:F8:F7:EC:1E
Certificate issuer:       /CN=CB8106D827747D008C9DE9181B4EC6739C8EE800
Certificate serial:       03D2E14A614B5DB5FCC192A1BD43AB65E73D4C5D
Authority key identifier: CB:81:06:D8:27:74:7D:00:8C:9D:E9:18:1B:4E:C6:73:9C:8E:E8:00
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB8106D827747D008C9DE9181B4EC6739C8EE800.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa
Signing time:             Mon 01 Jul 2024 01:05:42 +0000
ROA not before:           Mon 01 Jul 2024 01:00:42 +0000
ROA not after:            Mon 30 Jun 2025 01:05:42 +0000
asID:                     131746
IP address blocks:        103.248.196.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/CB8106D827747D008C9DE9181B4EC6739C8EE800.crl
                          rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/CB8106D827747D008C9DE9181B4EC6739C8EE800.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB8106D827747D008C9DE9181B4EC6739C8EE800.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 21:27:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:d2:e1:4a:61:4b:5d:b5:fc:c1:92:a1:bd:43:ab:65:e7:3d:4c:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CB8106D827747D008C9DE9181B4EC6739C8EE800
        Validity
            Not Before: Jul  1 01:00:42 2024 GMT
            Not After : Jun 30 01:05:42 2025 GMT
        Subject: CN=2314467BAB8FE377DEFAFABF7A7BB123F8F7EC1E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:06:41:4b:d3:16:fa:ee:2e:c5:8c:4a:75:c0:
                    37:af:2f:48:69:59:37:f0:07:7c:b2:fb:71:db:3f:
                    10:0d:40:b2:98:c5:2b:9a:60:e2:7b:8c:ad:c6:c5:
                    79:97:ca:aa:ae:08:94:bd:d8:18:0e:a0:2a:2c:d9:
                    8e:5b:2b:02:26:25:49:83:72:aa:04:58:b0:1b:f4:
                    2c:09:b1:7f:d6:01:97:8c:e5:74:61:cd:12:75:c0:
                    27:a3:48:71:db:1e:08:37:98:60:59:41:74:c4:ee:
                    bc:d1:73:8e:0c:1f:f6:95:0d:35:da:5e:72:f9:c6:
                    7e:af:35:bd:56:17:95:1e:a0:b5:99:17:c5:e7:89:
                    c1:08:0e:c0:e3:0d:71:08:4f:98:d6:07:9b:ed:9c:
                    4e:d5:ea:3f:4c:65:12:9f:da:7c:6e:8b:f3:fd:74:
                    74:ea:7e:4e:c8:4d:ca:12:3f:14:6f:b9:bc:32:f8:
                    72:e4:36:2e:ea:5b:74:76:f4:29:8d:d0:3b:35:d1:
                    c4:bf:2e:a0:91:ad:fe:f8:d9:89:a5:b6:c9:e6:f7:
                    51:cd:eb:61:82:08:b6:c3:bb:d7:af:2e:40:25:b6:
                    8c:07:b8:06:a2:58:30:cb:f6:22:02:cb:33:55:b6:
                    68:b5:d9:af:86:90:d5:68:77:9e:2b:af:cb:ac:f8:
                    d9:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:14:46:7B:AB:8F:E3:77:DE:FA:FA:BF:7A:7B:B1:23:F8:F7:EC:1E
            X509v3 Authority Key Identifier:
                keyid:CB:81:06:D8:27:74:7D:00:8C:9D:E9:18:1B:4E:C6:73:9C:8E:E8:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/CB8106D827747D008C9DE9181B4EC6739C8EE800.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/CB8106D827747D008C9DE9181B4EC6739C8EE800.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/6be578d0-d3aa-4f0f-bb9d-f74b49c6a655/0/3130332e3234382e3139362e302f32322d3234203d3e20313331373436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.248.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         04:aa:11:1c:3a:1f:f3:fd:73:cc:23:eb:27:91:a5:fc:dc:b1:
         33:68:11:e7:08:d2:b3:2d:bc:d5:1f:97:18:49:f0:ca:f1:7b:
         c9:49:33:a9:92:31:64:8a:a9:44:8f:b5:26:eb:92:8d:ef:e2:
         10:2e:87:fa:0a:9d:89:4d:a7:dc:87:1e:9a:42:00:46:1c:af:
         da:ca:12:1c:31:09:42:ed:02:13:43:2a:3d:18:44:7f:18:e9:
         53:c8:ff:a1:02:16:a1:9b:8c:86:62:db:f9:64:11:92:48:d4:
         36:57:0f:53:3c:10:33:84:d0:e9:3a:33:99:89:6e:6a:31:ee:
         f9:aa:a6:59:4f:64:b9:86:09:81:00:f4:0d:69:1b:0f:64:66:
         10:19:b1:d9:ea:0b:ae:f4:0e:00:ba:26:2c:5d:23:b7:ca:02:
         85:88:37:63:9a:bb:d0:ac:9f:4a:f8:6f:df:de:6f:69:59:f3:
         45:2c:94:99:99:7f:74:23:cf:f5:3b:f5:24:e6:39:32:c8:ba:
         58:60:66:a9:f6:ff:ca:15:f1:cf:bb:82:cb:d8:64:0f:7f:24:
         cc:0c:68:a5:1f:18:ab:e5:eb:e3:90:04:40:b3:f1:79:f8:bf:
         59:50:c2:08:f6:f1:fa:03:bd:96:eb:cf:89:45:b8:24:0b:66:
         60:af:8f:6e
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUA9LhSmFLXbX8wZKhvUOrZec9TF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0I4MTA2RDgyNzc0N0QwMDhDOURFOTE4MUI0RUM2NzM5
QzhFRTgwMDAeFw0yNDA3MDEwMTAwNDJaFw0yNTA2MzAwMTA1NDJaMDMxMTAvBgNV
BAMTKDIzMTQ0NjdCQUI4RkUzNzdERUZBRkFCRjdBN0JCMTIzRjhGN0VDMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMBkFL0xb67i7FjEp1wDevL0hp
WTfwB3yy+3HbPxANQLKYxSuaYOJ7jK3GxXmXyqquCJS92BgOoCos2Y5bKwImJUmD
cqoEWLAb9CwJsX/WAZeM5XRhzRJ1wCejSHHbHgg3mGBZQXTE7rzRc44MH/aVDTXa
XnL5xn6vNb1WF5UeoLWZF8XnicEIDsDjDXEIT5jWB5vtnE7V6j9MZRKf2nxui/P9
dHTqfk7ITcoSPxRvubwy+HLkNi7qW3R29CmN0Ds10cS/LqCRrf742Ymltsnm91HN
62GCCLbDu9evLkAltowHuAaiWDDL9iICyzNVtmi12a+GkNVod54rr8us+NlVAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUIxRGe6uP43fe+vq/enuxI/j37B4wHwYDVR0j
BBgwFoAUy4EG2Cd0fQCMnekYG07Gc5yO6AAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby82
YmU1NzhkMC1kM2FhLTRmMGYtYmI5ZC1mNzRiNDljNmE2NTUvMC9DQjgxMDZEODI3
NzQ3RDAwOEM5REU5MTgxQjRFQzY3MzlDOEVFODAwLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQ0I4MTA2RDgyNzc0N0QwMDhDOURFOTE4MUI0RUM2NzM5QzhF
RTgwMC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzZiZTU3OGQwLWQzYWEtNGYwZi1i
YjlkLWY3NGI0OWM2YTY1NS8wLzMxMzAzMzJlMzIzNDM4MmUzMTM5MzYyZTMwMmYz
MjMyMmQzMjM0MjAzZDNlMjAzMTMzMzEzNzM0MzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJn+MQwDQYJ
KoZIhvcNAQELBQADggEBAASqERw6H/P9c8wj6yeRpfzcsTNoEecI0rMtvNUflxhJ
8Mrxe8lJM6mSMWSKqUSPtSbrko3v4hAuh/oKnYlNp9yHHppCAEYcr9rKEhwxCULt
AhNDKj0YRH8Y6VPI/6ECFqGbjIZi2/lkEZJI1DZXD1M8EDOE0Ok6M5mJbmox7vmq
pllPZLmGCYEA9A1pGw9kZhAZsdnqC670DgC6JixdI7fKAoWIN2Oau9Csn0r4b9/e
b2lZ80UslJmZf3Qjz/U79STmOTLIulhgZqn2/8oV8c+7gsvYZA9/JMwMaKUfGKvl
6+OQBECz8Xn4v1lQwgj28foDvZbrz4lFuCQLZmCvj24=
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:52:35 2024 by rpki-client on console-fra.rpki-client.org