Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/3130332e38372e3232382e302f32342d3234203d3e20313336303838.roa
File:                     3130332e38372e3232382e302f32342d3234203d3e20313336303838.roa (raw, json)
Hash identifier:          /zK7CEVP2D1oK60+Ri5gPSf/K/E0Nwq8cp5N8By1eaQ=
Subject key identifier:   2A:3A:C3:1C:A4:C8:E2:30:5B:DE:00:5C:14:FB:AB:18:DA:18:79:5C
Certificate issuer:       /CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
Certificate serial:       DCF2149862405F96662EDDD4661E8D2140C38D
Authority key identifier: D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/3130332e38372e3232382e302f32342d3234203d3e20313336303838.roa
Signing time:             Mon 01 Jul 2024 01:04:18 +0000
ROA not before:           Mon 01 Jul 2024 00:59:18 +0000
ROA not after:            Mon 30 Jun 2025 01:04:18 +0000
asID:                     136088
IP address blocks:        103.87.228.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl
                          rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 08:51:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            dc:f2:14:98:62:40:5f:96:66:2e:dd:d4:66:1e:8d:21:40:c3:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F
        Validity
            Not Before: Jul  1 00:59:18 2024 GMT
            Not After : Jun 30 01:04:18 2025 GMT
        Subject: CN=2A3AC31CA4C8E2305BDE005C14FBAB18DA18795C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:1d:26:e1:33:b5:22:0c:12:7a:82:fd:ef:fc:
                    27:a9:09:e2:ce:bf:cd:7b:dc:d1:f2:d4:f3:64:f0:
                    a9:86:31:d7:89:11:e4:be:07:95:18:58:0e:10:0b:
                    b5:57:53:2c:7e:1b:21:a0:6f:84:88:45:a7:13:e7:
                    f2:2b:4e:d5:85:cb:a4:4c:2a:c5:46:28:05:6c:99:
                    39:f5:0f:f9:cb:d6:4b:a3:5c:06:75:9e:9e:27:ea:
                    1b:f8:52:1d:4a:42:06:25:b8:d5:65:0e:16:ca:72:
                    f0:1d:aa:17:35:d4:89:ff:df:50:1c:3f:58:d5:17:
                    86:02:1b:83:93:a0:00:dc:da:0c:f8:79:0c:00:da:
                    71:60:dd:26:d4:45:a7:35:48:d9:4f:b2:cd:78:72:
                    f6:53:5a:b5:e9:23:22:6e:42:12:4e:1b:46:68:e7:
                    0b:c2:7b:42:56:e6:9d:d3:40:73:51:f5:09:5f:6a:
                    9b:96:23:f8:c5:69:88:31:b1:0b:aa:d4:7b:41:fb:
                    61:50:2c:5e:03:f2:99:57:39:b6:2d:aa:46:2a:c8:
                    e6:dc:63:c6:88:47:ec:f5:35:c7:bd:6b:5a:a2:a9:
                    96:1a:72:9b:09:4b:e9:5d:81:c3:68:53:7b:71:27:
                    0f:c2:29:e3:74:9d:ed:8e:9d:0d:e7:6f:21:e2:68:
                    20:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:3A:C3:1C:A4:C8:E2:30:5B:DE:00:5C:14:FB:AB:18:DA:18:79:5C
            X509v3 Authority Key Identifier:
                keyid:D3:FB:61:D7:46:A4:47:67:D4:51:8D:6E:9F:D1:FB:D8:D0:BE:92:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/D3FB61D746A44767D4518D6E9FD1FBD8D0BE923F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/73f4ec1c-9535-4cbf-9c7a-fd32c830edba/0/3130332e38372e3232382e302f32342d3234203d3e20313336303838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.87.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:da:28:79:a3:dd:44:96:f2:28:e8:44:db:6c:71:b2:01:25:
         cf:7e:0a:24:9c:4c:c8:d1:38:27:1a:0a:5d:16:14:14:53:68:
         a5:fb:3a:c9:e0:44:6d:39:c5:84:fe:ca:93:6d:a9:61:8d:8d:
         f4:55:76:ff:ea:4e:9c:4d:b1:54:57:a3:e2:de:10:28:0b:ba:
         ed:d5:f1:a3:69:91:54:1d:76:2e:9a:39:34:ee:65:43:a5:28:
         27:80:93:b1:de:17:47:44:2a:4a:db:6a:1f:2c:93:05:ed:b5:
         26:30:34:7f:00:2c:11:d8:fb:ee:17:b0:73:20:18:0d:de:87:
         7d:39:2d:81:29:16:95:48:91:91:1f:de:4c:7c:ef:27:81:2c:
         a7:7f:c1:91:b0:c8:58:2d:92:af:47:e4:fd:74:70:8b:5f:43:
         f3:c4:1f:45:91:e5:28:33:ef:a4:9b:08:39:6f:66:27:b5:fa:
         99:29:40:11:0e:64:bc:5a:85:7e:40:55:4f:01:f3:8a:e3:df:
         71:5a:58:f4:a9:87:ce:30:f7:00:0e:e8:8f:08:98:c2:cd:f8:
         bc:06:6c:d4:56:37:27:2a:42:f3:b8:d4:c3:65:a4:f2:3f:19:
         af:f2:e8:71:fc:c2:53:09:0d:36:32:8d:ae:83:b5:d6:a2:56:
         3e:7f:c2:03
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUANzyFJhiQF+WZi7d1GYejSFAw40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhE
MEJFOTIzRjAeFw0yNDA3MDEwMDU5MThaFw0yNTA2MzAwMTA0MThaMDMxMTAvBgNV
BAMTKDJBM0FDMzFDQTRDOEUyMzA1QkRFMDA1QzE0RkJBQjE4REExODc5NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGHSbhM7UiDBJ6gv3v/CepCeLO
v8173NHy1PNk8KmGMdeJEeS+B5UYWA4QC7VXUyx+GyGgb4SIRacT5/IrTtWFy6RM
KsVGKAVsmTn1D/nL1kujXAZ1np4n6hv4Uh1KQgYluNVlDhbKcvAdqhc11In/31Ac
P1jVF4YCG4OToADc2gz4eQwA2nFg3SbURac1SNlPss14cvZTWrXpIyJuQhJOG0Zo
5wvCe0JW5p3TQHNR9QlfapuWI/jFaYgxsQuq1HtB+2FQLF4D8plXObYtqkYqyObc
Y8aIR+z1Nce9a1qiqZYacpsJS+ldgcNoU3txJw/CKeN0ne2OnQ3nbyHiaCBjAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUKjrDHKTI4jBb3gBcFPurGNoYeVwwHwYDVR0j
BBgwFoAU0/th10akR2fUUY1un9H72NC+kj8wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
M2Y0ZWMxYy05NTM1LTRjYmYtOWM3YS1mZDMyYzgzMGVkYmEvMC9EM0ZCNjFENzQ2
QTQ0NzY3RDQ1MThENkU5RkQxRkJEOEQwQkU5MjNGLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRDNGQjYxRDc0NkE0NDc2N0Q0NTE4RDZFOUZEMUZCRDhEMEJF
OTIzRi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzczZjRlYzFjLTk1MzUtNGNiZi05
YzdhLWZkMzJjODMwZWRiYS8wLzMxMzAzMzJlMzgzNzJlMzIzMjM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzAzODM4LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ1fkMA0GCSqG
SIb3DQEBCwUAA4IBAQBp2ih5o91ElvIo6ETbbHGyASXPfgoknEzI0TgnGgpdFhQU
U2il+zrJ4ERtOcWE/sqTbalhjY30VXb/6k6cTbFUV6Pi3hAoC7rt1fGjaZFUHXYu
mjk07mVDpSgngJOx3hdHRCpK22ofLJMF7bUmMDR/ACwR2PvuF7BzIBgN3od9OS2B
KRaVSJGRH95MfO8ngSynf8GRsMhYLZKvR+T9dHCLX0PzxB9FkeUoM++kmwg5b2Yn
tfqZKUARDmS8WoV+QFVPAfOK499xWlj0qYfOMPcADuiPCJjCzfi8BmzUVjcnKkLz
uNTDZaTyPxmv8uhx/MJTCQ02Mo2ug7XWolY+f8ID
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:59:38 2024 by rpki-client on console-ams.rpki-client.org