Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/8a493be1-f064-49e6-949a-cb3ecbfc8f46/0/3130332e3233312e38332e302f32342d3234203d3e20313331373335.roa
File:                     3130332e3233312e38332e302f32342d3234203d3e20313331373335.roa (raw, json)
Hash identifier:          aea2W9WYQPl/1TtNtg5p/r8zRHe+55gj7tNmZIC5BG8=
Subject key identifier:   46:4E:F0:D5:0D:5E:0A:C6:CB:65:9C:82:56:6C:7A:58:AD:7D:76:4B
Certificate issuer:       /CN=2BB13827423575141DA0F1C57B33E7DE5D7A63A6
Certificate serial:       55A05F5C8F52239DC258011153B43950318CECA5
Authority key identifier: 2B:B1:38:27:42:35:75:14:1D:A0:F1:C5:7B:33:E7:DE:5D:7A:63:A6
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2BB13827423575141DA0F1C57B33E7DE5D7A63A6.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/8a493be1-f064-49e6-949a-cb3ecbfc8f46/0/3130332e3233312e38332e302f32342d3234203d3e20313331373335.roa
Signing time:             Sat 06 Jul 2024 07:00:01 +0000
ROA not before:           Sat 06 Jul 2024 06:55:01 +0000
ROA not after:            Sat 05 Jul 2025 07:00:01 +0000
asID:                     131735
IP address blocks:        103.231.83.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/8a493be1-f064-49e6-949a-cb3ecbfc8f46/0/2BB13827423575141DA0F1C57B33E7DE5D7A63A6.crl
                          rsync://repo-rpki.idnic.net/repo/8a493be1-f064-49e6-949a-cb3ecbfc8f46/0/2BB13827423575141DA0F1C57B33E7DE5D7A63A6.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2BB13827423575141DA0F1C57B33E7DE5D7A63A6.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 09:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:a0:5f:5c:8f:52:23:9d:c2:58:01:11:53:b4:39:50:31:8c:ec:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2BB13827423575141DA0F1C57B33E7DE5D7A63A6
        Validity
            Not Before: Jul  6 06:55:01 2024 GMT
            Not After : Jul  5 07:00:01 2025 GMT
        Subject: CN=464EF0D50D5E0AC6CB659C82566C7A58AD7D764B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:4d:d0:7c:c2:cd:2b:41:15:4f:5a:d2:9e:39:
                    2b:d1:37:4f:6e:51:98:b6:86:82:7b:f7:89:1b:a0:
                    60:27:9e:08:d0:13:35:1e:e5:9b:ea:17:8f:11:b0:
                    45:95:48:03:ad:e8:47:f9:1f:b2:6a:da:87:da:98:
                    64:75:4c:9b:c1:bb:96:38:66:41:dd:5f:64:10:b7:
                    25:b3:6a:ed:f3:85:fb:27:62:3a:34:fc:58:ab:1c:
                    2a:34:8f:a0:ac:e9:ec:e2:77:de:1e:ea:bf:19:c4:
                    04:42:a8:f0:8e:2f:e7:46:07:7a:4a:0e:4a:1a:ad:
                    c7:3d:7a:e1:af:5c:41:69:ee:70:18:97:a3:a4:ca:
                    e2:f2:e7:28:e2:1d:70:9f:0d:db:b1:c7:aa:5c:e6:
                    76:e1:5f:d2:c3:c4:f0:39:10:58:56:a0:ce:ce:b8:
                    68:25:1c:5e:fc:00:8f:94:61:36:c0:da:75:3b:99:
                    78:a2:8f:e4:4a:ca:2a:65:10:3d:fd:be:92:f3:86:
                    e4:5f:fd:94:f9:b6:f3:fb:29:e1:ef:31:5b:75:ab:
                    b4:9b:3a:ec:69:e3:3a:dc:8b:6c:25:48:8f:8b:66:
                    80:d1:5a:4d:d0:dd:10:48:00:be:ee:5c:68:21:d8:
                    f8:85:aa:fe:d1:1d:88:cd:77:7b:29:35:26:04:cc:
                    32:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:4E:F0:D5:0D:5E:0A:C6:CB:65:9C:82:56:6C:7A:58:AD:7D:76:4B
            X509v3 Authority Key Identifier:
                keyid:2B:B1:38:27:42:35:75:14:1D:A0:F1:C5:7B:33:E7:DE:5D:7A:63:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/8a493be1-f064-49e6-949a-cb3ecbfc8f46/0/2BB13827423575141DA0F1C57B33E7DE5D7A63A6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/2BB13827423575141DA0F1C57B33E7DE5D7A63A6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8a493be1-f064-49e6-949a-cb3ecbfc8f46/0/3130332e3233312e38332e302f32342d3234203d3e20313331373335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.231.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         55:dd:c8:c6:9f:61:5c:6e:5e:b8:e3:11:02:ab:9a:34:cc:65:
         cb:f8:de:b6:05:2c:00:3f:71:ac:a7:3c:df:1d:c6:95:dd:38:
         44:93:27:d5:41:3d:92:05:d0:d4:05:3c:cb:bd:d0:4f:a7:fa:
         9b:b7:a6:bf:e0:cd:01:d9:c5:40:13:fb:2c:33:be:2c:8a:3b:
         64:f1:38:d0:2c:0e:af:9d:a1:e3:21:04:17:50:2b:e9:48:24:
         5c:fe:f1:46:4f:d7:9f:dc:18:68:5b:26:80:99:d5:a9:06:0e:
         ba:93:da:a6:25:8f:9a:d8:fb:70:3a:2f:03:cb:85:83:27:c0:
         fd:71:f7:8d:e8:12:7a:ed:ce:30:61:80:ff:87:46:84:20:05:
         b2:5c:06:06:c6:24:cc:58:52:21:c0:7b:5c:fe:6f:41:45:0b:
         9f:3b:eb:dc:8e:5d:0b:5c:0e:ed:cf:6e:c7:20:5c:54:16:c7:
         01:86:9f:88:ca:fb:18:0e:64:b9:e5:9e:f5:0b:06:07:23:9b:
         ed:df:c1:dc:02:35:0a:68:9c:81:f5:44:b5:22:40:49:e8:23:
         ac:31:1c:57:82:83:6d:b8:b2:6b:22:cc:49:5a:1b:cd:13:88:
         dc:fa:b2:a5:20:67:06:8c:87:0b:5b:c9:aa:2d:f9:ec:43:d5:
         29:6e:60:c0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUVaBfXI9SI53CWAERU7Q5UDGM7KUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkJCMTM4Mjc0MjM1NzUxNDFEQTBGMUM1N0IzM0U3REU1
RDdBNjNBNjAeFw0yNDA3MDYwNjU1MDFaFw0yNTA3MDUwNzAwMDFaMDMxMTAvBgNV
BAMTKDQ2NEVGMEQ1MEQ1RTBBQzZDQjY1OUM4MjU2NkM3QTU4QUQ3RDc2NEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaTdB8ws0rQRVPWtKeOSvRN09u
UZi2hoJ794kboGAnngjQEzUe5ZvqF48RsEWVSAOt6Ef5H7Jq2ofamGR1TJvBu5Y4
ZkHdX2QQtyWzau3zhfsnYjo0/FirHCo0j6Cs6ezid94e6r8ZxARCqPCOL+dGB3pK
Dkoarcc9euGvXEFp7nAYl6OkyuLy5yjiHXCfDduxx6pc5nbhX9LDxPA5EFhWoM7O
uGglHF78AI+UYTbA2nU7mXiij+RKyiplED39vpLzhuRf/ZT5tvP7KeHvMVt1q7Sb
Ouxp4zrci2wlSI+LZoDRWk3Q3RBIAL7uXGgh2PiFqv7RHYjNd3spNSYEzDIFAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQURk7w1Q1eCsbLZZyCVmx6WK19dkswHwYDVR0j
BBgwFoAUK7E4J0I1dRQdoPHFezPn3l16Y6YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84
YTQ5M2JlMS1mMDY0LTQ5ZTYtOTQ5YS1jYjNlY2JmYzhmNDYvMC8yQkIxMzgyNzQy
MzU3NTE0MURBMEYxQzU3QjMzRTdERTVEN0E2M0E2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMkJCMTM4Mjc0MjM1NzUxNDFEQTBGMUM1N0IzM0U3REU1RDdB
NjNBNi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvLzhhNDkzYmUxLWYwNjQtNDllNi05
NDlhLWNiM2VjYmZjOGY0Ni8wLzMxMzAzMzJlMzIzMzMxMmUzODMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzMxMzczMzM1LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+dTMA0GCSqG
SIb3DQEBCwUAA4IBAQBV3cjGn2Fcbl644xECq5o0zGXL+N62BSwAP3GspzzfHcaV
3ThEkyfVQT2SBdDUBTzLvdBPp/qbt6a/4M0B2cVAE/ssM74sijtk8TjQLA6vnaHj
IQQXUCvpSCRc/vFGT9ef3BhoWyaAmdWpBg66k9qmJY+a2PtwOi8Dy4WDJ8D9cfeN
6BJ67c4wYYD/h0aEIAWyXAYGxiTMWFIhwHtc/m9BRQufO+vcjl0LXA7tz27HIFxU
FscBhp+IyvsYDmS55Z71CwYHI5vt38HcAjUKaJyB9US1IkBJ6COsMRxXgoNtuLJr
IsxJWhvNE4jc+rKlIGcGjIcLW8mqLfnsQ9UpbmDA
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:04 2024 by rpki-client on console-ams.rpki-client.org