Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/7c636a46-38ff-4496-9721-8c03cf046345/0/3130332e35352e3235342e302f32342d3234203d3e20333936393832.roa
File:                     3130332e35352e3235342e302f32342d3234203d3e20333936393832.roa (raw, json)
Hash identifier:          cHQto6P6TIVQtaM1DEs00WcL/RRBFASuOiqpPBLn24c=
Subject key identifier:   A2:6C:93:B5:4F:54:4E:AB:D2:D7:05:64:4C:94:5E:B3:2B:61:D6:8E
Certificate issuer:       /CN=73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9
Certificate serial:       65D2885104BF7A3E56DF964CCAE48D631A82BAF3
Authority key identifier: 73:27:9D:AD:B4:EB:9B:31:B8:8C:CA:B5:F6:83:DD:A0:55:F4:F0:A9
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/7c636a46-38ff-4496-9721-8c03cf046345/0/3130332e35352e3235342e302f32342d3234203d3e20333936393832.roa
Signing time:             Wed 27 Mar 2024 17:44:42 +0000
ROA not before:           Wed 27 Mar 2024 17:39:42 +0000
ROA not after:            Wed 26 Mar 2025 17:44:42 +0000
asID:                     396982
IP address blocks:        103.55.254.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/7c636a46-38ff-4496-9721-8c03cf046345/0/73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9.crl
                          rsync://repo-rpki.idnic.net/repo/7c636a46-38ff-4496-9721-8c03cf046345/0/73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 21:27:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:d2:88:51:04:bf:7a:3e:56:df:96:4c:ca:e4:8d:63:1a:82:ba:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9
        Validity
            Not Before: Mar 27 17:39:42 2024 GMT
            Not After : Mar 26 17:44:42 2025 GMT
        Subject: CN=A26C93B54F544EABD2D705644C945EB32B61D68E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:bc:00:97:60:9a:60:da:45:da:83:8c:7c:04:
                    29:48:0a:f0:ae:2f:b2:e9:18:7e:98:e9:81:5d:02:
                    37:04:b7:7e:f3:99:e2:8e:b9:1e:a3:90:5b:ec:b8:
                    5c:7f:4e:d2:8c:47:06:45:85:47:13:0c:f6:66:2c:
                    ac:cb:04:48:bc:6b:1b:cd:25:e1:50:21:30:10:54:
                    29:7c:13:4e:b9:0d:cc:71:1e:63:14:c5:cc:23:40:
                    0b:17:b0:a6:5f:e8:6f:bd:92:5e:6b:38:c3:16:98:
                    52:f9:06:47:18:5e:02:e2:85:a0:b7:7f:da:d2:ed:
                    04:88:30:6b:f2:81:15:4e:ec:27:cb:93:94:c1:b6:
                    21:0f:62:9c:ce:9b:1c:69:3c:ab:55:fe:ac:4b:a2:
                    cd:4a:52:5c:df:31:67:96:fb:40:9c:63:46:e5:6f:
                    d7:07:33:eb:8f:5b:12:57:9e:78:79:f3:64:ea:0e:
                    38:75:20:25:b1:37:ce:6d:c2:35:92:df:d1:12:a5:
                    e6:7f:e4:c8:14:72:99:bd:ba:94:d9:4c:aa:c8:4b:
                    f1:59:84:25:56:e6:ff:2e:22:74:36:f3:3c:2e:9b:
                    f8:c4:df:f7:25:c6:a7:54:a5:c5:0f:52:1f:a3:6d:
                    0e:8d:91:da:09:05:e3:31:9a:c4:21:0a:06:99:3b:
                    1d:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:6C:93:B5:4F:54:4E:AB:D2:D7:05:64:4C:94:5E:B3:2B:61:D6:8E
            X509v3 Authority Key Identifier:
                keyid:73:27:9D:AD:B4:EB:9B:31:B8:8C:CA:B5:F6:83:DD:A0:55:F4:F0:A9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/7c636a46-38ff-4496-9721-8c03cf046345/0/73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/73279DADB4EB9B31B88CCAB5F683DDA055F4F0A9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/7c636a46-38ff-4496-9721-8c03cf046345/0/3130332e35352e3235342e302f32342d3234203d3e20333936393832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.55.254.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ce:66:c0:62:44:95:6e:72:5a:a2:1c:40:8b:ac:79:4f:4d:f9:
         d3:98:65:12:1e:12:a1:32:ee:9a:97:0f:51:79:62:98:9c:c1:
         b7:33:7f:c2:24:b1:ea:a9:38:21:3d:29:a0:0f:40:d6:09:81:
         21:39:4e:cd:7e:12:b3:bb:19:db:6e:f4:4b:46:6e:26:b1:83:
         d2:5c:2b:60:19:5d:f4:bd:3f:5c:ca:05:b8:4a:67:7a:9f:84:
         61:b7:b7:a7:14:60:1c:02:21:dd:96:5a:4b:9b:81:f3:86:70:
         5b:2d:be:af:49:81:07:68:53:b4:2b:48:c0:ec:e9:e5:35:3a:
         38:e2:86:d3:c3:2c:68:91:d8:4d:32:e7:83:54:8f:c1:7e:72:
         d5:01:5f:96:c5:d6:78:7b:02:52:09:29:35:17:a4:8a:f3:48:
         01:6c:fb:28:fc:55:b5:cf:1b:7c:98:20:ff:00:87:b5:9d:b4:
         65:59:52:4a:d4:3e:88:72:42:4d:c4:a3:b7:4e:6d:ca:37:be:
         aa:ae:7d:d7:a0:18:07:08:5f:e3:0d:a4:69:7d:f3:20:ca:14:
         10:3d:d3:aa:c4:37:20:16:bc:9b:36:46:e0:c6:e1:b0:15:8d:
         c1:3b:6c:a8:e4:a6:b9:b7:fe:d0:f5:19:b4:5d:d4:20:9e:05:
         0f:6a:11:e5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUZdKIUQS/ej5W35ZMyuSNYxqCuvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzMyNzlEQURCNEVCOUIzMUI4OENDQUI1RjY4M0REQTA1
NUY0RjBBOTAeFw0yNDAzMjcxNzM5NDJaFw0yNTAzMjYxNzQ0NDJaMDMxMTAvBgNV
BAMTKEEyNkM5M0I1NEY1NDRFQUJEMkQ3MDU2NDRDOTQ1RUIzMkI2MUQ2OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCevACXYJpg2kXag4x8BClICvCu
L7LpGH6Y6YFdAjcEt37zmeKOuR6jkFvsuFx/TtKMRwZFhUcTDPZmLKzLBEi8axvN
JeFQITAQVCl8E065DcxxHmMUxcwjQAsXsKZf6G+9kl5rOMMWmFL5BkcYXgLihaC3
f9rS7QSIMGvygRVO7CfLk5TBtiEPYpzOmxxpPKtV/qxLos1KUlzfMWeW+0CcY0bl
b9cHM+uPWxJXnnh582TqDjh1ICWxN85twjWS39ESpeZ/5MgUcpm9upTZTKrIS/FZ
hCVW5v8uInQ28zwum/jE3/clxqdUpcUPUh+jbQ6NkdoJBeMxmsQhCgaZOx1NAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUomyTtU9UTqvS1wVkTJResyth1o4wHwYDVR0j
BBgwFoAUcyedrbTrmzG4jMq19oPdoFX08KkwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby83
YzYzNmE0Ni0zOGZmLTQ0OTYtOTcyMS04YzAzY2YwNDYzNDUvMC83MzI3OURBREI0
RUI5QjMxQjg4Q0NBQjVGNjgzRERBMDU1RjRGMEE5LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvNzMyNzlEQURCNEVCOUIzMUI4OENDQUI1RjY4M0REQTA1NUY0
RjBBOS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzdjNjM2YTQ2LTM4ZmYtNDQ5Ni05
NzIxLThjMDNjZjA0NjM0NS8wLzMxMzAzMzJlMzUzNTJlMzIzNTM0MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzMzOTM2MzkzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZzf+MA0GCSqG
SIb3DQEBCwUAA4IBAQDOZsBiRJVuclqiHECLrHlPTfnTmGUSHhKhMu6alw9ReWKY
nMG3M3/CJLHqqTghPSmgD0DWCYEhOU7NfhKzuxnbbvRLRm4msYPSXCtgGV30vT9c
ygW4Smd6n4Rht7enFGAcAiHdllpLm4HzhnBbLb6vSYEHaFO0K0jA7OnlNTo44obT
wyxokdhNMueDVI/BfnLVAV+WxdZ4ewJSCSk1F6SK80gBbPso/FW1zxt8mCD/AIe1
nbRlWVJK1D6IckJNxKO3Tm3KN76qrn3XoBgHCF/jDaRpffMgyhQQPdOqxDcgFryb
NkbgxuGwFY3BO2yo5Ka5t/7Q9Rm0XdQgngUPahHl
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:56:43 2024 by rpki-client on console-fra.rpki-client.org