Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3130332e332e37372e302f32342d3234203d3e2039333431.roa
File:                     3130332e332e37372e302f32342d3234203d3e2039333431.roa (raw, json)
Hash identifier:          ft6yY1jl1L6Sm6TarvJy8fhusfuHwlQN8d0J8OC1O0Y=
Subject key identifier:   25:B4:40:51:56:2F:F8:39:C3:99:DF:D5:51:A4:56:53:0C:C1:9E:CA
Certificate issuer:       /CN=61566F205F7037962069571320603B274357CC6D
Certificate serial:       7D7F1CB4BB6E4E874F769430C9D997CD70509925
Authority key identifier: 61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3130332e332e37372e302f32342d3234203d3e2039333431.roa
Signing time:             Sun 21 Apr 2024 05:00:01 +0000
ROA not before:           Sun 21 Apr 2024 04:55:01 +0000
ROA not after:            Sun 20 Apr 2025 05:00:01 +0000
asID:                     9341
IP address blocks:        103.3.77.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl
                          rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 03:03:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:7f:1c:b4:bb:6e:4e:87:4f:76:94:30:c9:d9:97:cd:70:50:99:25
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=61566F205F7037962069571320603B274357CC6D
        Validity
            Not Before: Apr 21 04:55:01 2024 GMT
            Not After : Apr 20 05:00:01 2025 GMT
        Subject: CN=25B44051562FF839C399DFD551A456530CC19ECA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fe:f0:bc:e9:ca:e3:e3:ff:0b:86:87:9e:d7:5d:
                    e8:59:ce:93:88:19:9d:82:60:35:01:21:fc:4c:38:
                    a2:68:ad:08:8e:e3:4b:7a:90:45:be:24:6f:b1:13:
                    e0:48:e0:26:c8:20:9b:2e:f1:f5:57:00:af:22:af:
                    25:98:4c:f8:7c:b5:6d:5f:7a:e8:9e:ce:bb:6b:35:
                    86:4e:c1:9d:cd:6d:d7:8d:a0:05:8e:92:06:56:9a:
                    03:8d:d7:ba:20:ba:fd:b4:78:f0:b8:b8:b5:7e:47:
                    61:a0:47:67:4b:66:9c:dc:0f:46:25:3c:90:16:0c:
                    fd:a2:bd:2b:eb:af:4b:6d:0d:c7:84:3f:08:fc:58:
                    0e:7f:a8:34:7a:92:2b:4f:81:1f:40:5d:a8:b2:8c:
                    2e:2a:2a:57:d8:a5:df:46:fa:a4:6d:10:f8:b7:ab:
                    a6:74:78:e0:8b:9b:12:5e:35:87:7f:87:0e:ad:3f:
                    ca:bb:ad:c6:6a:b8:24:97:b1:e6:f4:73:b8:f8:ba:
                    44:42:45:8f:5f:72:50:97:36:d2:41:bf:7c:12:5d:
                    41:ac:f5:e3:0b:1e:67:0b:58:f4:f3:d0:bf:45:46:
                    71:9b:b3:11:0a:b9:6b:10:d9:56:dc:81:92:a5:91:
                    5f:1a:17:fc:ef:97:40:2d:61:50:46:b3:c2:10:0c:
                    24:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:B4:40:51:56:2F:F8:39:C3:99:DF:D5:51:A4:56:53:0C:C1:9E:CA
            X509v3 Authority Key Identifier:
                keyid:61:56:6F:20:5F:70:37:96:20:69:57:13:20:60:3B:27:43:57:CC:6D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/61566F205F7037962069571320603B274357CC6D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/61566F205F7037962069571320603B274357CC6D.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73bdcbae-2e9d-4f3f-8ab9-3424e448484e/0/3130332e332e37372e302f32342d3234203d3e2039333431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.3.77.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:ba:70:dd:a0:9c:91:88:cd:fa:05:e0:64:7d:cb:01:bf:60:
         1e:a9:fd:8a:a6:3e:89:85:ae:fb:65:3f:27:97:97:5c:4f:85:
         9f:7a:bb:6e:1a:e2:a8:29:b3:b1:fc:ce:40:c3:42:35:94:73:
         c1:3e:cd:c3:f8:df:80:66:fd:13:6e:ec:4b:68:8c:e3:6a:f3:
         da:ba:ff:ee:c9:08:48:8f:5e:21:2c:28:c2:e3:91:d7:f1:dc:
         e1:9f:b6:a6:3e:76:2a:45:98:89:0d:00:c2:b9:6f:de:93:af:
         7a:e2:59:ae:af:8f:fb:63:2e:09:04:1b:01:24:9b:73:8f:b3:
         54:80:ce:47:8d:f9:16:77:7d:b6:f5:72:c2:87:1f:40:5d:52:
         22:21:c3:84:d6:95:aa:8f:21:0e:39:61:15:61:59:33:a4:47:
         c5:37:82:4a:c0:56:3b:1c:9b:a2:19:47:d3:43:05:cd:1f:47:
         9a:2f:5c:97:dd:17:e0:59:f4:1b:08:85:a1:09:db:2b:ca:aa:
         b7:ee:2b:8b:42:b8:5c:8a:b3:e2:8b:8c:9d:9a:f5:eb:ef:40:
         8a:e0:d2:aa:13:f7:41:d8:9b:dd:e6:1c:60:20:19:d6:6f:18:
         32:9b:50:c8:97:20:2a:50:fa:a4:1f:f4:d9:9d:da:36:a0:91:
         c2:e3:13:7c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUfX8ctLtuTodPdpQwydmXzXBQmSUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0
MzU3Q0M2RDAeFw0yNDA0MjEwNDU1MDFaFw0yNTA0MjAwNTAwMDFaMDMxMTAvBgNV
BAMTKDI1QjQ0MDUxNTYyRkY4MzlDMzk5REZENTUxQTQ1NjUzMENDMTlFQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD+8LzpyuPj/wuGh57XXehZzpOI
GZ2CYDUBIfxMOKJorQiO40t6kEW+JG+xE+BI4CbIIJsu8fVXAK8iryWYTPh8tW1f
euiezrtrNYZOwZ3NbdeNoAWOkgZWmgON17oguv20ePC4uLV+R2GgR2dLZpzcD0Yl
PJAWDP2ivSvrr0ttDceEPwj8WA5/qDR6kitPgR9AXaiyjC4qKlfYpd9G+qRtEPi3
q6Z0eOCLmxJeNYd/hw6tP8q7rcZquCSXseb0c7j4ukRCRY9fclCXNtJBv3wSXUGs
9eMLHmcLWPTz0L9FRnGbsxEKuWsQ2VbcgZKlkV8aF/zvl0AtYVBGs8IQDCTzAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQUJbRAUVYv+DnDmd/VUaRWUwzBnsowHwYDVR0j
BBgwFoAUYVZvIF9wN5YgaVcTIGA7J0NXzG0wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2JkY2JhZS0yZTlkLTRmM2YtOGFiOS0zNDI0ZTQ0ODQ4NGUvMC82MTU2NkYyMDVG
NzAzNzk2MjA2OTU3MTMyMDYwM0IyNzQzNTdDQzZELmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjE1NjZGMjA1RjcwMzc5NjIwNjk1NzEzMjA2MDNCMjc0MzU3
Q0M2RC5jZXIwgZsGCCsGAQUFBwELBIGOMIGLMIGIBggrBgEFBQcwC4Z8cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vNzNiZGNiYWUtMmU5ZC00ZjNmLThh
YjktMzQyNGU0NDg0ODRlLzAvMzEzMDMzMmUzMzJlMzczNzJlMzAyZjMyMzQyZDMy
MzQyMDNkM2UyMDM5MzMzNDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZwNNMA0GCSqGSIb3DQEBCwUA
A4IBAQARunDdoJyRiM36BeBkfcsBv2Aeqf2Kpj6Jha77ZT8nl5dcT4WfertuGuKo
KbOx/M5Aw0I1lHPBPs3D+N+AZv0TbuxLaIzjavPauv/uyQhIj14hLCjC45HX8dzh
n7amPnYqRZiJDQDCuW/ek6964lmur4/7Yy4JBBsBJJtzj7NUgM5HjfkWd3229XLC
hx9AXVIiIcOE1pWqjyEOOWEVYVkzpEfFN4JKwFY7HJuiGUfTQwXNH0eaL1yX3Rfg
WfQbCIWhCdsryqq37iuLQrhcirPii4ydmvXr70CK4NKqE/dB2Jvd5hxgIBnWbxgy
m1DIlyAqUPqkH/TZndo2oJHC4xN8
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:24:17 2024 by rpki-client on console-ams.rpki-client.org