Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/8392f899-e83c-4706-a9a1-82256bd48236/0/3130332e3137372e3138382e302f32342d3234203d3e20313439333533.roa
File:                     3130332e3137372e3138382e302f32342d3234203d3e20313439333533.roa (raw, json)
Hash identifier:          MH4tMh/bjSiTVwxtUrrU8CNsu1hsXrl0cABIA1tFw48=
Subject key identifier:   AB:25:AD:9F:CC:C4:BE:18:BC:62:7D:51:94:BE:39:DB:61:D4:BD:76
Certificate issuer:       /CN=1C49A098778B751B36DDC816E9E5106C08F3E99E
Certificate serial:       40A0001377C6BE39B4224C15D843B8E848CA11E5
Authority key identifier: 1C:49:A0:98:77:8B:75:1B:36:DD:C8:16:E9:E5:10:6C:08:F3:E9:9E
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1C49A098778B751B36DDC816E9E5106C08F3E99E.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8392f899-e83c-4706-a9a1-82256bd48236/0/3130332e3137372e3138382e302f32342d3234203d3e20313439333533.roa
Signing time:             Tue 28 May 2024 14:00:01 +0000
ROA not before:           Tue 28 May 2024 13:55:01 +0000
ROA not after:            Tue 27 May 2025 14:00:01 +0000
asID:                     149353
IP address blocks:        103.177.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/8392f899-e83c-4706-a9a1-82256bd48236/0/1C49A098778B751B36DDC816E9E5106C08F3E99E.crl
                          rsync://repo-rpki.idnic.net/repo/8392f899-e83c-4706-a9a1-82256bd48236/0/1C49A098778B751B36DDC816E9E5106C08F3E99E.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1C49A098778B751B36DDC816E9E5106C08F3E99E.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 19:54:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            40:a0:00:13:77:c6:be:39:b4:22:4c:15:d8:43:b8:e8:48:ca:11:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1C49A098778B751B36DDC816E9E5106C08F3E99E
        Validity
            Not Before: May 28 13:55:01 2024 GMT
            Not After : May 27 14:00:01 2025 GMT
        Subject: CN=AB25AD9FCCC4BE18BC627D5194BE39DB61D4BD76
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6f:61:d3:f0:eb:6e:ce:22:39:ec:05:be:9e:
                    a9:fe:77:3c:85:cf:6b:b7:d8:13:0b:f2:99:ce:4b:
                    e5:9c:95:a1:72:b6:73:e9:79:b7:87:8a:d1:e7:85:
                    8a:30:18:e5:dd:4d:73:a3:3a:df:03:e9:ce:4a:f2:
                    fb:e5:b4:73:c1:53:12:0b:23:3c:cf:5b:62:95:72:
                    82:07:19:73:2a:ab:b9:cf:8f:b9:34:2f:0c:11:dd:
                    43:4e:6d:1a:e1:c8:75:45:75:eb:33:c4:81:34:71:
                    4b:b0:30:5a:4c:61:55:a7:c4:60:99:81:f3:bc:04:
                    d1:52:02:bc:91:c2:79:9a:c9:b3:c6:ec:6a:b2:fe:
                    51:c7:0d:04:30:87:f4:0f:f5:29:61:b7:f1:df:51:
                    08:5b:52:e7:98:9f:11:25:fd:6c:e1:cf:19:82:a8:
                    3d:67:5e:8e:05:cc:58:ba:ff:43:48:89:bf:3d:93:
                    5f:05:2b:ae:82:85:e9:2e:cd:32:2c:1a:07:8e:93:
                    65:5b:d4:af:47:fe:ef:05:d1:28:0b:62:cf:ad:54:
                    2e:18:70:56:14:86:13:c7:cf:56:94:65:fe:0e:ed:
                    3f:e5:4e:7c:22:00:c1:1b:d2:8c:b3:9a:eb:39:3b:
                    3d:13:db:27:fb:e1:00:4c:b1:8c:3f:51:65:d1:4b:
                    7c:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:25:AD:9F:CC:C4:BE:18:BC:62:7D:51:94:BE:39:DB:61:D4:BD:76
            X509v3 Authority Key Identifier:
                keyid:1C:49:A0:98:77:8B:75:1B:36:DD:C8:16:E9:E5:10:6C:08:F3:E9:9E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8392f899-e83c-4706-a9a1-82256bd48236/0/1C49A098778B751B36DDC816E9E5106C08F3E99E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1C49A098778B751B36DDC816E9E5106C08F3E99E.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8392f899-e83c-4706-a9a1-82256bd48236/0/3130332e3137372e3138382e302f32342d3234203d3e20313439333533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.177.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:17:79:c3:1b:cd:e1:d3:5d:e3:7f:5d:79:66:65:73:8f:1d:
         aa:d3:20:85:ac:cf:cc:fb:c0:d2:80:63:7d:7e:75:be:8b:2e:
         04:4a:c5:2e:d8:9d:5d:6d:16:db:43:ce:7d:55:92:c5:27:2d:
         87:fa:ac:f1:71:3c:e6:41:3d:4f:de:83:fc:84:3c:b6:45:ba:
         30:e5:24:0a:3c:60:84:23:78:75:d6:be:0d:f4:91:e6:95:73:
         af:5b:8d:1d:67:6f:06:8d:73:60:df:9e:b3:11:f8:c7:9f:16:
         d1:fb:d1:5e:51:e0:78:b1:b1:e9:59:b8:f2:d4:a5:8e:fa:b4:
         26:3a:44:83:59:e6:95:38:90:ab:ea:1c:c8:ab:c6:86:28:0b:
         28:9f:56:a0:20:1a:da:2a:2e:37:1b:8e:17:29:ae:ec:7d:80:
         99:e1:bc:78:d7:ed:29:06:b9:ba:99:1d:9c:22:4c:f7:75:0f:
         c4:89:da:a7:55:c2:2f:e2:4b:0d:9f:1a:40:d5:6f:88:10:eb:
         b5:bb:de:70:75:fc:9a:26:7f:10:8f:dd:19:c6:f8:a0:9b:28:
         68:91:ef:a0:e3:43:dc:42:3b:39:6f:f3:51:1d:42:8e:17:b1:
         a4:ea:ca:60:26:a6:4e:a6:23:0b:e9:96:db:4b:72:41:be:4e:
         47:d4:c4:ab
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUQKAAE3fGvjm0IkwV2EO46EjKEeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUM0OUEwOTg3NzhCNzUxQjM2RERDODE2RTlFNTEwNkMw
OEYzRTk5RTAeFw0yNDA1MjgxMzU1MDFaFw0yNTA1MjcxNDAwMDFaMDMxMTAvBgNV
BAMTKEFCMjVBRDlGQ0NDNEJFMThCQzYyN0Q1MTk0QkUzOURCNjFENEJENzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDb2HT8OtuziI57AW+nqn+dzyF
z2u32BML8pnOS+WclaFytnPpebeHitHnhYowGOXdTXOjOt8D6c5K8vvltHPBUxIL
IzzPW2KVcoIHGXMqq7nPj7k0LwwR3UNObRrhyHVFdeszxIE0cUuwMFpMYVWnxGCZ
gfO8BNFSAryRwnmaybPG7Gqy/lHHDQQwh/QP9Slht/HfUQhbUueYnxEl/WzhzxmC
qD1nXo4FzFi6/0NIib89k18FK66ChekuzTIsGgeOk2Vb1K9H/u8F0SgLYs+tVC4Y
cFYUhhPHz1aUZf4O7T/lTnwiAMEb0oyzmus5Oz0T2yf74QBMsYw/UWXRS3wvAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUqyWtn8zEvhi8Yn1RlL4522HUvXYwHwYDVR0j
BBgwFoAUHEmgmHeLdRs23cgW6eUQbAjz6Z4wDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
MzkyZjg5OS1lODNjLTQ3MDYtYTlhMS04MjI1NmJkNDgyMzYvMC8xQzQ5QTA5ODc3
OEI3NTFCMzZEREM4MTZFOUU1MTA2QzA4RjNFOTlFLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUM0OUEwOTg3NzhCNzUxQjM2RERDODE2RTlFNTEwNkMwOEYz
RTk5RS5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzgzOTJmODk5LWU4M2MtNDcwNi1h
OWExLTgyMjU2YmQ0ODIzNi8wLzMxMzAzMzJlMzEzNzM3MmUzMTM4MzgyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTM0MzkzMzM1MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnsbwwDQYJ
KoZIhvcNAQELBQADggEBAAsXecMbzeHTXeN/XXlmZXOPHarTIIWsz8z7wNKAY31+
db6LLgRKxS7YnV1tFttDzn1VksUnLYf6rPFxPOZBPU/eg/yEPLZFujDlJAo8YIQj
eHXWvg30keaVc69bjR1nbwaNc2DfnrMR+MefFtH70V5R4HixselZuPLUpY76tCY6
RINZ5pU4kKvqHMirxoYoCyifVqAgGtoqLjcbjhcprux9gJnhvHjX7SkGubqZHZwi
TPd1D8SJ2qdVwi/iSw2fGkDVb4gQ67W73nB1/JomfxCP3RnG+KCbKGiR76DjQ9xC
Ozlv81EdQo4XsaTqymAmpk6mIwvplttLckG+TkfUxKs=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:43:02 2024 by rpki-client on console-ams.rpki-client.org