Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/a1633b8e-0df9-44ac-9cae-d6f6765a52c9/0/3130332e3233322e3234332e302f32342d3234203d3e203633343937.roa
File:                     3130332e3233322e3234332e302f32342d3234203d3e203633343937.roa (raw, json)
Hash identifier:          CKZqBz5RzUJDxeDRQjwvwDjhTydwwJ4qsh8D2GYetBs=
Subject key identifier:   1B:1F:15:EA:58:0C:AF:8E:FF:0D:74:61:9C:51:5D:5C:56:8A:77:39
Certificate issuer:       /CN=0321984F98230A4F94667E82C0A3DEB1151C5EDB
Certificate serial:       0CC0E46DA3D142B6485149DA8A6AE55CB4CAD954
Authority key identifier: 03:21:98:4F:98:23:0A:4F:94:66:7E:82:C0:A3:DE:B1:15:1C:5E:DB
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321984F98230A4F94667E82C0A3DEB1151C5EDB.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/a1633b8e-0df9-44ac-9cae-d6f6765a52c9/0/3130332e3233322e3234332e302f32342d3234203d3e203633343937.roa
Signing time:             Mon 01 Jul 2024 01:04:49 +0000
ROA not before:           Mon 01 Jul 2024 00:59:49 +0000
ROA not after:            Mon 30 Jun 2025 01:04:49 +0000
asID:                     63497
IP address blocks:        103.232.243.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/a1633b8e-0df9-44ac-9cae-d6f6765a52c9/0/0321984F98230A4F94667E82C0A3DEB1151C5EDB.crl
                          rsync://repo-rpki.idnic.net/repo/a1633b8e-0df9-44ac-9cae-d6f6765a52c9/0/0321984F98230A4F94667E82C0A3DEB1151C5EDB.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321984F98230A4F94667E82C0A3DEB1151C5EDB.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 17:27:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:c0:e4:6d:a3:d1:42:b6:48:51:49:da:8a:6a:e5:5c:b4:ca:d9:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0321984F98230A4F94667E82C0A3DEB1151C5EDB
        Validity
            Not Before: Jul  1 00:59:49 2024 GMT
            Not After : Jun 30 01:04:49 2025 GMT
        Subject: CN=1B1F15EA580CAF8EFF0D74619C515D5C568A7739
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:83:97:8f:8a:9a:3b:20:bc:6a:9d:93:55:8a:
                    8e:53:35:02:c0:c0:9a:9d:fe:10:ae:f6:54:25:02:
                    88:6d:f7:a3:aa:8c:d9:dd:24:08:74:18:3e:b0:f8:
                    6a:76:30:ff:ad:64:8a:5b:67:7d:e4:bf:ed:c6:8a:
                    15:a3:6f:66:9b:6b:d8:80:0b:a7:24:58:1e:1a:af:
                    3a:50:cb:13:9a:58:b4:77:76:7f:15:85:d0:bc:21:
                    02:dd:11:3c:9a:05:36:4b:49:e9:7b:d1:5e:86:6a:
                    51:6c:8e:fb:11:8f:ea:f5:68:02:26:fa:d3:c1:ce:
                    29:2c:5a:76:6b:d9:66:33:65:ff:90:3e:e5:92:7c:
                    d9:3e:ad:53:b9:48:0b:4e:29:3b:d2:e0:1e:29:6a:
                    11:29:60:7a:36:7d:8c:43:5d:89:95:43:13:b2:4f:
                    ba:29:c3:ba:7e:5f:79:56:37:b8:3c:dc:15:37:61:
                    2a:f6:a7:d7:99:cd:0a:e4:d5:e8:a4:0c:95:ca:73:
                    f3:41:90:ab:59:43:2e:36:7c:28:fc:b7:30:c2:ea:
                    f8:c5:11:15:05:81:65:17:1b:3f:a5:88:e0:b7:76:
                    4c:c0:b0:14:3a:e6:11:9a:d8:b2:0f:7e:37:ea:5b:
                    ae:e7:3d:95:7c:e4:5d:3d:fd:25:ef:a8:49:cb:6e:
                    87:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:1F:15:EA:58:0C:AF:8E:FF:0D:74:61:9C:51:5D:5C:56:8A:77:39
            X509v3 Authority Key Identifier:
                keyid:03:21:98:4F:98:23:0A:4F:94:66:7E:82:C0:A3:DE:B1:15:1C:5E:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/a1633b8e-0df9-44ac-9cae-d6f6765a52c9/0/0321984F98230A4F94667E82C0A3DEB1151C5EDB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/0321984F98230A4F94667E82C0A3DEB1151C5EDB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/a1633b8e-0df9-44ac-9cae-d6f6765a52c9/0/3130332e3233322e3234332e302f32342d3234203d3e203633343937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.232.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:4d:34:d4:31:63:55:20:40:4d:fd:23:23:1c:28:47:61:3d:
         a5:62:d8:aa:72:27:e6:01:72:80:13:f5:23:77:1c:42:65:f7:
         98:ce:01:4d:6f:cc:e6:2d:0a:67:e6:b5:5b:76:be:b9:30:2d:
         b3:9c:12:b5:3e:f1:fb:a1:5d:d5:d0:40:1b:23:ba:51:9b:4e:
         ce:5e:09:be:dd:c5:fe:49:54:fd:a4:8d:9c:af:76:1e:5f:d0:
         86:36:44:c8:72:2c:9d:af:e2:1c:a3:1a:c5:c7:3f:0a:d5:29:
         b9:6a:f1:97:4d:83:38:2d:db:20:40:da:df:e9:ef:4f:7c:b5:
         57:c8:76:0d:fa:bf:bb:2d:68:df:83:64:9c:62:fc:eb:d5:fd:
         51:bc:b8:bb:0b:91:df:f9:bb:45:2d:29:d7:5d:a8:4a:aa:c2:
         b6:c3:90:e1:f3:38:49:43:51:86:fa:86:37:cf:e3:7d:38:67:
         c2:57:22:8c:1c:8c:85:48:1e:50:cc:8a:14:69:81:b3:0f:80:
         db:9d:2d:b8:e5:a0:36:18:bd:97:b6:0d:1f:2e:3c:19:90:2e:
         43:c4:7f:4a:27:ad:e7:52:e5:8d:9c:82:94:8d:0b:4d:e0:05:
         17:95:53:1a:fa:40:9a:93:84:75:e0:09:0d:df:74:8b:9c:db:
         60:fe:c4:8f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUDMDkbaPRQrZIUUnaimrlXLTK2VQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDMyMTk4NEY5ODIzMEE0Rjk0NjY3RTgyQzBBM0RFQjEx
NTFDNUVEQjAeFw0yNDA3MDEwMDU5NDlaFw0yNTA2MzAwMTA0NDlaMDMxMTAvBgNV
BAMTKDFCMUYxNUVBNTgwQ0FGOEVGRjBENzQ2MTlDNTE1RDVDNTY4QTc3MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8g5ePipo7ILxqnZNVio5TNQLA
wJqd/hCu9lQlAoht96OqjNndJAh0GD6w+Gp2MP+tZIpbZ33kv+3GihWjb2aba9iA
C6ckWB4arzpQyxOaWLR3dn8VhdC8IQLdETyaBTZLSel70V6GalFsjvsRj+r1aAIm
+tPBziksWnZr2WYzZf+QPuWSfNk+rVO5SAtOKTvS4B4pahEpYHo2fYxDXYmVQxOy
T7opw7p+X3lWN7g83BU3YSr2p9eZzQrk1eikDJXKc/NBkKtZQy42fCj8tzDC6vjF
ERUFgWUXGz+liOC3dkzAsBQ65hGa2LIPfjfqW67nPZV85F09/SXvqEnLboc3AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUGx8V6lgMr47/DXRhnFFdXFaKdzkwHwYDVR0j
BBgwFoAUAyGYT5gjCk+UZn6CwKPesRUcXtswDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
MTYzM2I4ZS0wZGY5LTQ0YWMtOWNhZS1kNmY2NzY1YTUyYzkvMC8wMzIxOTg0Rjk4
MjMwQTRGOTQ2NjdFODJDMEEzREVCMTE1MUM1RURCLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMDMyMTk4NEY5ODIzMEE0Rjk0NjY3RTgyQzBBM0RFQjExNTFD
NUVEQi5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2ExNjMzYjhlLTBkZjktNDRhYy05
Y2FlLWQ2ZjY3NjVhNTJjOS8wLzMxMzAzMzJlMzIzMzMyMmUzMjM0MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzOTM3LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ+jzMA0GCSqG
SIb3DQEBCwUAA4IBAQCmTTTUMWNVIEBN/SMjHChHYT2lYtiqcifmAXKAE/UjdxxC
ZfeYzgFNb8zmLQpn5rVbdr65MC2znBK1PvH7oV3V0EAbI7pRm07OXgm+3cX+SVT9
pI2cr3YeX9CGNkTIciydr+IcoxrFxz8K1Sm5avGXTYM4LdsgQNrf6e9PfLVXyHYN
+r+7LWjfg2ScYvzr1f1RvLi7C5Hf+btFLSnXXahKqsK2w5Dh8zhJQ1GG+oY3z+N9
OGfCVyKMHIyFSB5QzIoUaYGzD4DbnS245aA2GL2Xtg0fLjwZkC5DxH9KJ63nUuWN
nIKUjQtN4AUXlVMa+kCak4R14AkN33SLnNtg/sSP
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:10 2024 by rpki-client on console-fra.rpki-client.org