Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/795c1ae8-d97d-4048-9a7e-6b71b8577740/0/3130332e3138342e31322e302f32332d3234203d3e20313531303030.roa
File:                     3130332e3138342e31322e302f32332d3234203d3e20313531303030.roa (raw, json)
Hash identifier:          vlC9S2tyDS0fsBvJ2yd+n9snqoA0jfl3jFpsLnlEXDI=
Subject key identifier:   5A:04:83:EF:12:1A:B9:D2:82:EF:C8:AA:91:82:27:40:D2:1B:13:E6
Certificate issuer:       /CN=688200169D93CC55E48C5F39388BF1F8A3D61AEC
Certificate serial:       7B577533B48ADBF061622F437701C7D73AFDD62F
Authority key identifier: 68:82:00:16:9D:93:CC:55:E4:8C:5F:39:38:8B:F1:F8:A3:D6:1A:EC
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/688200169D93CC55E48C5F39388BF1F8A3D61AEC.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/795c1ae8-d97d-4048-9a7e-6b71b8577740/0/3130332e3138342e31322e302f32332d3234203d3e20313531303030.roa
Signing time:             Wed 08 May 2024 09:26:10 +0000
ROA not before:           Wed 08 May 2024 09:21:10 +0000
ROA not after:            Wed 07 May 2025 09:26:10 +0000
asID:                     151000
IP address blocks:        103.184.12.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/795c1ae8-d97d-4048-9a7e-6b71b8577740/0/688200169D93CC55E48C5F39388BF1F8A3D61AEC.crl
                          rsync://repo-rpki.idnic.net/repo/795c1ae8-d97d-4048-9a7e-6b71b8577740/0/688200169D93CC55E48C5F39388BF1F8A3D61AEC.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/688200169D93CC55E48C5F39388BF1F8A3D61AEC.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 18 Jun 2024 08:36:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:57:75:33:b4:8a:db:f0:61:62:2f:43:77:01:c7:d7:3a:fd:d6:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=688200169D93CC55E48C5F39388BF1F8A3D61AEC
        Validity
            Not Before: May  8 09:21:10 2024 GMT
            Not After : May  7 09:26:10 2025 GMT
        Subject: CN=5A0483EF121AB9D282EFC8AA91822740D21B13E6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:0d:f7:e6:d7:d4:55:c8:cf:fe:9c:2d:41:73:
                    46:35:80:be:83:49:11:ec:3e:13:e3:8e:af:98:14:
                    78:38:ca:d0:e3:c7:be:c0:96:62:32:38:dd:20:f1:
                    29:ca:db:56:09:2e:25:d7:38:f9:40:40:71:9f:18:
                    56:89:77:c1:5a:7f:14:41:b8:76:08:2e:d6:9c:e4:
                    80:c7:5c:18:16:c8:2b:4e:a6:aa:97:89:d1:0a:23:
                    50:d6:20:1c:3f:59:20:5e:4f:af:53:ee:85:23:5b:
                    ff:67:bc:24:67:fe:a9:65:db:1f:2b:89:44:1f:f4:
                    74:84:c8:6a:8f:b9:9d:da:87:6f:40:83:d6:42:df:
                    61:cf:43:0a:9a:74:a1:30:8a:d7:de:4e:40:f1:e2:
                    ef:b2:02:d7:ad:45:4e:9e:cc:b6:2f:66:fa:9a:d8:
                    72:80:27:f0:4c:20:1d:fa:a4:89:cf:67:ca:11:fd:
                    0b:8e:f3:65:06:f8:91:4f:9b:98:bc:0b:f3:85:fd:
                    ee:92:61:28:ec:f4:9b:82:cf:2b:40:4a:25:50:ca:
                    c6:38:a0:b6:0c:98:4f:3d:e8:0c:44:f8:0a:f0:a5:
                    d7:c5:57:0b:bc:5c:6b:48:4f:46:1f:7a:30:2c:f6:
                    d5:88:4f:89:19:50:0c:68:a8:1c:90:e7:e2:4c:33:
                    6b:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:04:83:EF:12:1A:B9:D2:82:EF:C8:AA:91:82:27:40:D2:1B:13:E6
            X509v3 Authority Key Identifier:
                keyid:68:82:00:16:9D:93:CC:55:E4:8C:5F:39:38:8B:F1:F8:A3:D6:1A:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/795c1ae8-d97d-4048-9a7e-6b71b8577740/0/688200169D93CC55E48C5F39388BF1F8A3D61AEC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/688200169D93CC55E48C5F39388BF1F8A3D61AEC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/795c1ae8-d97d-4048-9a7e-6b71b8577740/0/3130332e3138342e31322e302f32332d3234203d3e20313531303030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.184.12.0/23

    Signature Algorithm: sha256WithRSAEncryption
         87:65:ba:87:e9:a8:6f:c6:92:8f:f5:2a:c6:e3:b2:a5:c7:ac:
         d9:d2:35:9e:65:4b:74:57:eb:d3:26:96:44:7c:ee:fb:bb:7c:
         85:fc:90:93:24:d3:82:13:16:09:54:63:a6:fc:cf:e9:40:ec:
         ad:3e:2d:95:24:f0:59:d9:b7:03:ec:49:81:3d:8f:d8:4a:0b:
         8d:b8:bd:45:44:90:aa:3d:26:2d:3b:16:44:d0:b1:ea:cc:a9:
         ff:62:5a:1d:c5:e7:cf:71:e3:f5:d0:29:99:e7:6d:ff:6f:6c:
         6b:80:df:dc:57:0a:1e:00:87:91:fd:d8:0f:d0:21:75:bc:3a:
         14:0f:45:f9:e5:0e:71:b8:57:a8:7e:87:b1:c0:07:be:8f:56:
         db:1c:38:5d:41:65:0a:4a:c9:b0:f5:c1:8f:33:e6:d9:57:7e:
         26:29:2a:43:cb:4f:64:a8:d4:37:a2:ad:6d:cf:c7:63:32:4c:
         04:f3:e7:4c:b5:fd:5c:cd:ca:2f:6b:89:91:7a:bf:53:83:d8:
         cb:cf:f3:36:da:77:f8:33:46:ac:60:1a:f8:2c:9d:dc:ab:84:
         9e:f4:82:83:ee:d3:44:6a:86:e4:38:ff:f0:d9:51:ee:62:1c:
         b3:b7:dc:dc:4e:fb:1d:74:d7:80:38:92:58:f2:b7:80:32:da:
         fd:42:d5:76
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUe1d1M7SK2/BhYi9DdwHH1zr91i8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjg4MjAwMTY5RDkzQ0M1NUU0OEM1RjM5Mzg4QkYxRjhB
M0Q2MUFFQzAeFw0yNDA1MDgwOTIxMTBaFw0yNTA1MDcwOTI2MTBaMDMxMTAvBgNV
BAMTKDVBMDQ4M0VGMTIxQUI5RDI4MkVGQzhBQTkxODIyNzQwRDIxQjEzRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3Dffm19RVyM/+nC1Bc0Y1gL6D
SRHsPhPjjq+YFHg4ytDjx77AlmIyON0g8SnK21YJLiXXOPlAQHGfGFaJd8FafxRB
uHYILtac5IDHXBgWyCtOpqqXidEKI1DWIBw/WSBeT69T7oUjW/9nvCRn/qll2x8r
iUQf9HSEyGqPuZ3ah29Ag9ZC32HPQwqadKEwitfeTkDx4u+yAtetRU6ezLYvZvqa
2HKAJ/BMIB36pInPZ8oR/QuO82UG+JFPm5i8C/OF/e6SYSjs9JuCzytASiVQysY4
oLYMmE896AxE+ArwpdfFVwu8XGtIT0YfejAs9tWIT4kZUAxoqByQ5+JMM2sXAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUWgSD7xIaudKC78iqkYInQNIbE+YwHwYDVR0j
BBgwFoAUaIIAFp2TzFXkjF85OIvx+KPWGuwwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
OTVjMWFlOC1kOTdkLTQwNDgtOWE3ZS02YjcxYjg1Nzc3NDAvMC82ODgyMDAxNjlE
OTNDQzU1RTQ4QzVGMzkzODhCRjFGOEEzRDYxQUVDLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNjg4MjAwMTY5RDkzQ0M1NUU0OEM1RjM5Mzg4QkYxRjhBM0Q2
MUFFQy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzc5NWMxYWU4LWQ5N2QtNDA0OC05
YTdlLTZiNzFiODU3Nzc0MC8wLzMxMzAzMzJlMzEzODM0MmUzMTMyMmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNTMxMzAzMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ7gMMA0GCSqG
SIb3DQEBCwUAA4IBAQCHZbqH6ahvxpKP9SrG47Klx6zZ0jWeZUt0V+vTJpZEfO77
u3yF/JCTJNOCExYJVGOm/M/pQOytPi2VJPBZ2bcD7EmBPY/YSguNuL1FRJCqPSYt
OxZE0LHqzKn/YlodxefPceP10CmZ523/b2xrgN/cVwoeAIeR/dgP0CF1vDoUD0X5
5Q5xuFeofoexwAe+j1bbHDhdQWUKSsmw9cGPM+bZV34mKSpDy09kqNQ3oq1tz8dj
MkwE8+dMtf1czcova4mRer9Tg9jLz/M22nf4M0asYBr4LJ3cq4Se9IKD7tNEaobk
OP/w2VHuYhyzt9zcTvsddNeAOJJY8reAMtr9QtV2
-----END CERTIFICATE-----
Generated at Sat Jun 15 16:52:45 2024 by rpki-client on console-ams.rpki-client.org