Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/836fd551-6aba-4222-8a26-986346825b38/0/3130332e3135382e31332e302f32342d3234203d3e20313338303839.roa
File:                     3130332e3135382e31332e302f32342d3234203d3e20313338303839.roa (raw, json)
Hash identifier:          DCx7j/PqY/+rgrc9ArlbSADHe4Cwa01sUUvNHN3T5RM=
Subject key identifier:   AF:5A:07:53:D1:A4:14:05:15:7F:C3:7F:4A:2D:56:ED:C2:B0:07:7A
Certificate issuer:       /CN=C8175E7E9E15E565FE697292A37E14BFE067CAF7
Certificate serial:       6FB1F3B5CABE59EA885B4C35853EA7EB07E92DDC
Authority key identifier: C8:17:5E:7E:9E:15:E5:65:FE:69:72:92:A3:7E:14:BF:E0:67:CA:F7
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8175E7E9E15E565FE697292A37E14BFE067CAF7.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/836fd551-6aba-4222-8a26-986346825b38/0/3130332e3135382e31332e302f32342d3234203d3e20313338303839.roa
Signing time:             Thu 24 Oct 2024 00:34:15 +0000
ROA not before:           Thu 24 Oct 2024 00:29:15 +0000
ROA not after:            Thu 23 Oct 2025 00:34:15 +0000
asID:                     138089
IP address blocks:        103.158.13.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/836fd551-6aba-4222-8a26-986346825b38/0/C8175E7E9E15E565FE697292A37E14BFE067CAF7.crl
                          rsync://repo-rpki.idnic.net/repo/836fd551-6aba-4222-8a26-986346825b38/0/C8175E7E9E15E565FE697292A37E14BFE067CAF7.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8175E7E9E15E565FE697292A37E14BFE067CAF7.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 00:05:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6f:b1:f3:b5:ca:be:59:ea:88:5b:4c:35:85:3e:a7:eb:07:e9:2d:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C8175E7E9E15E565FE697292A37E14BFE067CAF7
        Validity
            Not Before: Oct 24 00:29:15 2024 GMT
            Not After : Oct 23 00:34:15 2025 GMT
        Subject: CN=AF5A0753D1A41405157FC37F4A2D56EDC2B0077A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:c4:3d:75:a9:00:e2:0e:75:f2:7d:70:13:c2:
                    6a:40:5d:3a:e6:ef:d8:23:be:de:60:76:7a:fe:ed:
                    7d:71:26:fd:a5:a9:a8:1f:70:cb:5a:84:c4:a0:3b:
                    f8:5b:3a:9d:b0:86:e2:3b:a4:70:6e:0e:6e:d1:39:
                    62:d2:ea:ad:07:f3:8f:32:2b:5a:f8:13:f9:10:c3:
                    d6:b1:a0:06:d5:b7:fd:b2:94:ab:25:a5:4a:22:5e:
                    97:ff:dc:c8:f4:61:80:17:76:62:5d:b0:df:f8:0a:
                    71:69:ea:a1:56:dd:5f:dc:a7:d3:18:e9:8f:c7:59:
                    b1:31:bb:be:25:66:b4:d6:b0:e4:d0:f1:ab:b5:e4:
                    23:6c:4a:fc:10:58:a9:ec:b0:c9:50:78:02:d5:cb:
                    fd:59:38:a2:38:b5:91:42:01:cc:c9:2c:f8:60:98:
                    d0:51:e8:8c:0e:cd:41:c1:25:25:35:47:df:9f:f0:
                    a0:d0:0f:0f:5d:de:f0:be:32:f5:39:7d:36:cb:9e:
                    e1:f8:04:ce:9e:37:54:b5:dc:a4:41:3c:c5:27:10:
                    b9:6d:a2:9d:28:5a:c4:a6:16:60:87:0a:86:b5:e2:
                    13:a4:b4:b8:9a:ec:ad:6a:b1:34:f3:20:8e:ce:64:
                    95:66:d7:25:9c:7e:8e:a4:02:81:af:de:37:97:35:
                    66:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:5A:07:53:D1:A4:14:05:15:7F:C3:7F:4A:2D:56:ED:C2:B0:07:7A
            X509v3 Authority Key Identifier:
                keyid:C8:17:5E:7E:9E:15:E5:65:FE:69:72:92:A3:7E:14:BF:E0:67:CA:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/836fd551-6aba-4222-8a26-986346825b38/0/C8175E7E9E15E565FE697292A37E14BFE067CAF7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C8175E7E9E15E565FE697292A37E14BFE067CAF7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/836fd551-6aba-4222-8a26-986346825b38/0/3130332e3135382e31332e302f32342d3234203d3e20313338303839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.158.13.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:ac:b6:57:57:9e:4f:08:12:80:2d:86:ee:45:00:3c:2b:cf:
         99:8b:f4:71:31:46:31:ab:6b:37:dd:8d:06:9e:fd:7d:0a:e1:
         6e:a7:d2:02:ab:70:49:20:b0:80:3f:9b:a5:ac:f2:a9:6a:b8:
         8b:17:07:f9:75:f8:ed:3c:02:b7:df:6b:a7:4d:0d:69:5f:77:
         44:6c:97:47:c3:86:81:95:f5:1f:15:43:16:9a:75:91:57:cf:
         65:a7:ef:f2:18:aa:d0:ce:92:6b:54:b9:54:33:24:8c:e3:a2:
         7d:4a:aa:af:62:af:ef:58:46:b9:f0:ce:71:34:22:3d:f0:9b:
         c8:c7:aa:86:0e:71:66:7f:29:db:7c:f3:52:15:59:79:c7:f5:
         52:79:ba:f7:d3:a3:79:53:f8:87:4a:c5:4a:4f:96:81:0e:52:
         b3:55:cc:95:31:47:86:3c:d6:2c:b0:a9:56:dc:c6:24:35:b7:
         a6:f4:88:73:9c:76:1c:d4:42:0f:b1:b2:16:d1:e7:10:d7:13:
         ab:95:cb:41:fb:14:4b:ae:85:27:9b:21:44:b5:43:cf:e6:38:
         02:d1:cd:64:91:55:ce:d5:8b:c1:7f:10:e8:9e:b1:bd:39:51:
         2a:c8:70:5d:e2:18:21:76:22:2b:81:1d:0b:23:af:99:78:9d:
         15:d0:d4:17
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUb7Hztcq+WeqIW0w1hT6n6wfpLdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzgxNzVFN0U5RTE1RTU2NUZFNjk3MjkyQTM3RTE0QkZF
MDY3Q0FGNzAeFw0yNDEwMjQwMDI5MTVaFw0yNTEwMjMwMDM0MTVaMDMxMTAvBgNV
BAMTKEFGNUEwNzUzRDFBNDE0MDUxNTdGQzM3RjRBMkQ1NkVEQzJCMDA3N0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDixD11qQDiDnXyfXATwmpAXTrm
79gjvt5gdnr+7X1xJv2lqagfcMtahMSgO/hbOp2whuI7pHBuDm7ROWLS6q0H848y
K1r4E/kQw9axoAbVt/2ylKslpUoiXpf/3Mj0YYAXdmJdsN/4CnFp6qFW3V/cp9MY
6Y/HWbExu74lZrTWsOTQ8au15CNsSvwQWKnssMlQeALVy/1ZOKI4tZFCAczJLPhg
mNBR6IwOzUHBJSU1R9+f8KDQDw9d3vC+MvU5fTbLnuH4BM6eN1S13KRBPMUnELlt
op0oWsSmFmCHCoa14hOktLia7K1qsTTzII7OZJVm1yWcfo6kAoGv3jeXNWaxAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUr1oHU9GkFAUVf8N/Si1W7cKwB3owHwYDVR0j
BBgwFoAUyBdefp4V5WX+aXKSo34Uv+BnyvcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
MzZmZDU1MS02YWJhLTQyMjItOGEyNi05ODYzNDY4MjViMzgvMC9DODE3NUU3RTlF
MTVFNTY1RkU2OTcyOTJBMzdFMTRCRkUwNjdDQUY3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzgxNzVFN0U5RTE1RTU2NUZFNjk3MjkyQTM3RTE0QkZFMDY3
Q0FGNy5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgzNmZkNTUxLTZhYmEtNDIyMi04
YTI2LTk4NjM0NjgyNWIzOC8wLzMxMzAzMzJlMzEzNTM4MmUzMTMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM4MzAzODM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ54NMA0GCSqG
SIb3DQEBCwUAA4IBAQAmrLZXV55PCBKALYbuRQA8K8+Zi/RxMUYxq2s33Y0Gnv19
CuFup9ICq3BJILCAP5ulrPKpariLFwf5dfjtPAK332unTQ1pX3dEbJdHw4aBlfUf
FUMWmnWRV89lp+/yGKrQzpJrVLlUMySM46J9SqqvYq/vWEa58M5xNCI98JvIx6qG
DnFmfynbfPNSFVl5x/VSebr306N5U/iHSsVKT5aBDlKzVcyVMUeGPNYssKlW3MYk
Nbem9IhznHYc1EIPsbIW0ecQ1xOrlctB+xRLroUnmyFEtUPP5jgC0c1kkVXO1YvB
fxDonrG9OVEqyHBd4hghdiIrgR0LI6+ZeJ0V0NQX
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:32:59 2024 by rpki-client on console-ams.rpki-client.org