Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3130332e32362e342e302f32332d3234203d3e2039333431.roa
File:                     3130332e32362e342e302f32332d3234203d3e2039333431.roa (raw, json)
Hash identifier:          osF7FgmRsGyf9/Ga9TeCyfq6lAKGU3jjvldQl0LOLTw=
Subject key identifier:   4E:21:12:88:8F:39:A9:F7:D1:7A:31:3A:A4:56:99:07:4A:F7:CE:50
Certificate issuer:       /CN=61566F205F7037962069571320603B274357CC6D
Certificate serial:       5C3D0198D047752F4B01125738494404E64D353E
Authority key identifier: 61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3130332e32362e342e302f32332d3234203d3e2039333431.roa
Signing time:             Wed 07 Aug 2024 00:00:01 +0000
ROA not before:           Tue 06 Aug 2024 23:55:01 +0000
ROA not after:            Wed 06 Aug 2025 00:00:01 +0000
asID:                     9341
IP address blocks:        103.26.4.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl
                          rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 03:03:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:3d:01:98:d0:47:75:2f:4b:01:12:57:38:49:44:04:e6:4d:35:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61566F205F7037962069571320603B274357CC6D
        Validity
            Not Before: Aug  6 23:55:01 2024 GMT
            Not After : Aug  6 00:00:01 2025 GMT
        Subject: CN=4E2112888F39A9F7D17A313AA45699074AF7CE50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0d:6e:9d:b6:dd:32:09:11:49:9c:21:e4:97:
                    e7:b2:73:54:13:bd:4b:0f:9a:a2:02:6b:6b:3f:45:
                    1a:e4:4e:88:d6:2e:27:80:84:f8:88:15:45:8d:b3:
                    80:13:af:53:12:c7:cb:32:18:d7:7d:97:91:38:0d:
                    87:af:f4:91:ad:2f:8f:66:13:94:da:96:e4:0d:1c:
                    42:96:f5:b2:14:92:68:2d:fb:89:e4:f5:47:74:9d:
                    f5:6e:28:64:76:68:4b:46:e9:15:24:35:c5:78:49:
                    17:8f:24:bb:c7:ef:5b:17:eb:cb:a7:07:53:74:5f:
                    fc:9c:71:e4:e6:ee:35:1b:35:b7:45:d4:87:08:83:
                    82:9f:ce:d0:fb:31:dc:f6:7e:c0:05:d1:92:e1:5a:
                    b7:3a:d9:05:8d:89:70:51:db:42:30:ea:73:5e:e5:
                    00:b2:da:ca:48:ea:fe:ce:cf:64:4a:54:36:5c:55:
                    20:01:08:f5:83:24:39:be:84:5b:5e:bb:17:1f:72:
                    b8:c0:ea:09:bc:08:12:f2:3f:e9:f7:1b:72:12:97:
                    b1:7d:84:66:12:67:4c:1d:d7:0e:14:ed:c5:2a:a9:
                    20:35:de:9a:8d:f9:a3:02:8a:b3:f3:a2:69:76:1e:
                    c8:ee:76:ba:5f:6b:f7:23:08:67:a7:15:a3:e7:28:
                    e0:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:21:12:88:8F:39:A9:F7:D1:7A:31:3A:A4:56:99:07:4A:F7:CE:50
            X509v3 Authority Key Identifier:
                keyid:61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3130332e32362e342e302f32332d3234203d3e2039333431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.26.4.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a2:fa:b3:7d:8a:4d:2f:67:72:d3:3a:66:fa:50:ee:fb:1e:71:
         32:c8:b3:d4:45:27:9c:73:56:bd:df:25:3d:52:0e:0f:88:82:
         59:b9:c3:4c:26:e7:c3:bb:43:e8:ee:f6:8d:9e:d3:27:7b:c1:
         fb:de:10:64:99:db:1b:21:77:21:31:34:51:75:00:c0:02:44:
         d3:05:8d:ee:73:7a:85:f8:ff:84:c2:f7:32:a0:b2:22:ff:e3:
         60:b3:9a:3e:9f:b3:ec:67:05:49:bd:25:d4:d0:c2:b9:6e:af:
         37:fd:0e:43:f8:a6:0c:ef:c5:ed:96:d8:2a:0c:cd:ad:2d:12:
         2c:cc:b7:34:32:05:29:e5:a7:6e:df:83:09:68:6e:cf:34:4b:
         d3:b6:a9:db:12:70:4a:91:df:1b:42:fb:9d:82:d8:68:72:8d:
         52:2a:34:73:46:c4:11:8b:dc:ef:f2:b3:ca:b6:c4:8d:d0:da:
         f5:e3:c8:f4:1c:5a:4d:5c:13:59:eb:d0:de:79:be:1f:9f:d4:
         1a:ad:0e:8d:4c:9a:b4:85:53:41:08:41:20:9c:e3:92:1e:96:
         f4:4a:c4:ad:20:90:16:2c:be:7c:c1:e3:16:02:78:27:63:e5:
         f6:b3:8d:2a:d6:65:f5:7c:45:1e:7e:94:f6:ce:8d:de:b7:d0:
         27:45:94:43
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUXD0BmNBHdS9LARJXOElEBOZNNT4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0
MzU3Q0M2RDAeFw0yNDA4MDYyMzU1MDFaFw0yNTA4MDYwMDAwMDFaMDMxMTAvBgNV
BAMTKDRFMjExMjg4OEYzOUE5RjdEMTdBMzEzQUE0NTY5OTA3NEFGN0NFNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKDW6dtt0yCRFJnCHkl+eyc1QT
vUsPmqICa2s/RRrkTojWLieAhPiIFUWNs4ATr1MSx8syGNd9l5E4DYev9JGtL49m
E5TaluQNHEKW9bIUkmgt+4nk9Ud0nfVuKGR2aEtG6RUkNcV4SRePJLvH71sX68un
B1N0X/ycceTm7jUbNbdF1IcIg4KfztD7Mdz2fsAF0ZLhWrc62QWNiXBR20Iw6nNe
5QCy2spI6v7Oz2RKVDZcVSABCPWDJDm+hFteuxcfcrjA6gm8CBLyP+n3G3ISl7F9
hGYSZ0wd1w4U7cUqqSA13pqN+aMCirPzoml2Hsjudrpfa/cjCGenFaPnKOCFAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQUTiESiI85qffRejE6pFaZB0r3zlAwHwYDVR0j
BBgwFoAUYVZvIF9wN5YgaVcTIGA7J0NXzG0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2JkY2JhZS0yZTlkLTRmM2YtOGFiOS0zNDI0ZTQ0ODQ4NGUvMC82MTU2NkYyMDVG
NzAzNzk2MjA2OTU3MTMyMDYwM0IyNzQzNTdDQzZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0MzU3
Q0M2RC5jZXIwgZsGCCsGAQUFBwELBIGOMIGLMIGIBggrBgEFBQcwC4Z8cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzNiZGNiYWUtMmU5ZC00ZjNmLThh
YjktMzQyNGU0NDg0ODRlLzAvMzEzMDMzMmUzMjM2MmUzNDJlMzAyZjMyMzMyZDMy
MzQyMDNkM2UyMDM5MzMzNDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZxoEMA0GCSqGSIb3DQEBCwUA
A4IBAQCi+rN9ik0vZ3LTOmb6UO77HnEyyLPURSecc1a93yU9Ug4PiIJZucNMJufD
u0Po7vaNntMne8H73hBkmdsbIXchMTRRdQDAAkTTBY3uc3qF+P+EwvcyoLIi/+Ng
s5o+n7PsZwVJvSXU0MK5bq83/Q5D+KYM78XtltgqDM2tLRIszLc0MgUp5adu34MJ
aG7PNEvTtqnbEnBKkd8bQvudgthoco1SKjRzRsQRi9zv8rPKtsSN0Nr148j0HFpN
XBNZ69Deeb4fn9QarQ6NTJq0hVNBCEEgnOOSHpb0SsStIJAWLL58weMWAngnY+X2
s40q1mX1fEUefpT2zo3et9AnRZRD
-----END CERTIFICATE-----
Generated at Thu Nov 21 00:19:20 2024 by rpki-client on console-fra.rpki-client.org