Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/ae92243a-763d-44b8-987d-08bd0da9ee3d/0/3130332e3131362e38332e302f32342d3234203d3e20313530393539.roa
File:                     3130332e3131362e38332e302f32342d3234203d3e20313530393539.roa (raw, json)
Hash identifier:          FMYk5HCjeGpXdb3JbQ5F9yr5C8bHAGuqhGFzwleRT4g=
Subject key identifier:   35:1D:E5:E0:59:3C:A5:EF:D3:49:41:8C:72:AC:17:50:3B:5A:73:AF
Certificate issuer:       /CN=C58E232004125E8B46AB63B600900D92EB71A3B1
Certificate serial:       6B1215E624DE542D86E98D1BD6B6E5EB9220DEBA
Authority key identifier: C5:8E:23:20:04:12:5E:8B:46:AB:63:B6:00:90:0D:92:EB:71:A3:B1
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C58E232004125E8B46AB63B600900D92EB71A3B1.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/ae92243a-763d-44b8-987d-08bd0da9ee3d/0/3130332e3131362e38332e302f32342d3234203d3e20313530393539.roa
Signing time:             Wed 06 Mar 2024 16:00:01 +0000
ROA not before:           Wed 06 Mar 2024 15:55:01 +0000
ROA not after:            Wed 05 Mar 2025 16:00:01 +0000
asID:                     150959
IP address blocks:        103.116.83.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/ae92243a-763d-44b8-987d-08bd0da9ee3d/0/C58E232004125E8B46AB63B600900D92EB71A3B1.crl
                          rsync://repo-rpki.idnic.net/repo/ae92243a-763d-44b8-987d-08bd0da9ee3d/0/C58E232004125E8B46AB63B600900D92EB71A3B1.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C58E232004125E8B46AB63B600900D92EB71A3B1.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 06:42:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:12:15:e6:24:de:54:2d:86:e9:8d:1b:d6:b6:e5:eb:92:20:de:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C58E232004125E8B46AB63B600900D92EB71A3B1
        Validity
            Not Before: Mar  6 15:55:01 2024 GMT
            Not After : Mar  5 16:00:01 2025 GMT
        Subject: CN=351DE5E0593CA5EFD349418C72AC17503B5A73AF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:b8:84:c2:8f:fe:00:ff:dd:01:78:ec:16:ed:
                    37:88:7c:80:19:70:fa:e1:ad:a4:50:f1:a5:0f:7f:
                    e5:35:c5:f0:a6:c2:6c:0c:7b:50:61:40:f8:df:40:
                    1d:41:3c:d2:ba:df:d8:a3:8a:ef:73:7e:46:03:2b:
                    1a:5d:de:69:65:b3:bc:06:c3:65:8a:ce:71:5a:88:
                    8b:97:75:df:22:0b:63:f7:be:58:bd:fb:ff:d3:e0:
                    33:50:13:06:22:00:ca:ab:43:e0:ae:2a:fa:7e:a8:
                    c9:4f:ff:94:5d:74:39:97:e0:d4:33:50:26:2a:d2:
                    70:90:aa:4a:f7:40:f3:82:34:13:ee:f3:79:d0:be:
                    4e:69:55:03:10:26:e0:be:54:13:f1:f2:e9:b6:eb:
                    44:99:77:d7:df:fd:0e:3d:b4:3d:5b:8a:39:30:cd:
                    8b:d0:df:6d:93:f8:68:14:b5:26:88:49:18:15:9b:
                    5b:37:29:3c:e7:0b:d2:be:86:41:c4:06:88:43:f9:
                    57:14:01:84:ac:63:2d:24:c6:c4:26:92:88:e6:a3:
                    8c:00:9c:0a:29:ec:96:b4:4b:5e:6d:45:72:9f:04:
                    6b:d0:aa:e9:29:52:78:8a:c4:fa:e1:d4:c4:27:e5:
                    06:35:94:84:9f:bc:fd:9e:c4:b9:a4:7b:bc:d2:3a:
                    3a:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:1D:E5:E0:59:3C:A5:EF:D3:49:41:8C:72:AC:17:50:3B:5A:73:AF
            X509v3 Authority Key Identifier:
                keyid:C5:8E:23:20:04:12:5E:8B:46:AB:63:B6:00:90:0D:92:EB:71:A3:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/ae92243a-763d-44b8-987d-08bd0da9ee3d/0/C58E232004125E8B46AB63B600900D92EB71A3B1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/C58E232004125E8B46AB63B600900D92EB71A3B1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/ae92243a-763d-44b8-987d-08bd0da9ee3d/0/3130332e3131362e38332e302f32342d3234203d3e20313530393539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.116.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4b:29:91:d4:d0:88:3a:41:65:19:82:96:ec:1e:65:4f:37:25:
         18:cc:0e:c9:60:f8:bb:3d:a3:7c:c9:b1:af:0b:cd:bf:4b:51:
         06:a2:36:fc:8b:8f:13:ae:03:75:9d:f8:3a:f3:e2:14:72:c5:
         70:16:9e:76:3e:fb:01:85:50:7e:d8:b7:e6:fa:25:c6:3f:e6:
         f2:be:3f:d2:82:d5:f0:73:bf:01:7a:cc:18:01:9d:58:33:f4:
         9f:2f:12:6f:98:36:77:44:d5:61:e8:85:7a:7c:27:12:b4:35:
         52:eb:18:eb:9f:d7:a5:de:89:58:14:4a:e4:e1:ca:e8:23:37:
         bc:bf:94:2e:16:97:e2:f3:99:a6:2a:ad:b3:af:2f:49:20:83:
         13:67:e4:2b:28:bd:e1:6d:e4:a8:ad:ca:df:81:f9:5b:53:a7:
         b2:d2:2c:89:cb:21:9e:5a:d5:03:c0:da:70:7e:90:72:9b:bd:
         4e:62:64:9d:62:c3:48:82:a8:b1:53:fe:28:7e:ad:2b:5b:d2:
         27:49:c1:d6:57:e3:78:95:63:5b:35:1c:f3:1c:6b:1f:f8:5f:
         95:e4:ba:fc:59:11:54:0a:e1:44:0b:73:3f:a9:6a:93:b4:91:
         25:98:1a:27:4b:1b:fb:3b:02:dc:7a:d1:37:e3:af:9d:db:0f:
         63:f9:45:4e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUaxIV5iTeVC2G6Y0b1rbl65Ig3rowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzU4RTIzMjAwNDEyNUU4QjQ2QUI2M0I2MDA5MDBEOTJF
QjcxQTNCMTAeFw0yNDAzMDYxNTU1MDFaFw0yNTAzMDUxNjAwMDFaMDMxMTAvBgNV
BAMTKDM1MURFNUUwNTkzQ0E1RUZEMzQ5NDE4QzcyQUMxNzUwM0I1QTczQUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5uITCj/4A/90BeOwW7TeIfIAZ
cPrhraRQ8aUPf+U1xfCmwmwMe1BhQPjfQB1BPNK639ijiu9zfkYDKxpd3mlls7wG
w2WKznFaiIuXdd8iC2P3vli9+//T4DNQEwYiAMqrQ+CuKvp+qMlP/5RddDmX4NQz
UCYq0nCQqkr3QPOCNBPu83nQvk5pVQMQJuC+VBPx8um260SZd9ff/Q49tD1bijkw
zYvQ322T+GgUtSaISRgVm1s3KTznC9K+hkHEBohD+VcUAYSsYy0kxsQmkojmo4wA
nAop7Ja0S15tRXKfBGvQqukpUniKxPrh1MQn5QY1lISfvP2exLmke7zSOjoZAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUNR3l4Fk8pe/TSUGMcqwXUDtac68wHwYDVR0j
BBgwFoAUxY4jIAQSXotGq2O2AJANkutxo7EwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9h
ZTkyMjQzYS03NjNkLTQ0YjgtOTg3ZC0wOGJkMGRhOWVlM2QvMC9DNThFMjMyMDA0
MTI1RThCNDZBQjYzQjYwMDkwMEQ5MkVCNzFBM0IxLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQzU4RTIzMjAwNDEyNUU4QjQ2QUI2M0I2MDA5MDBEOTJFQjcx
QTNCMS5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2FlOTIyNDNhLTc2M2QtNDRiOC05
ODdkLTA4YmQwZGE5ZWUzZC8wLzMxMzAzMzJlMzEzMTM2MmUzODMzMmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzNTMwMzkzNTM5LnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ3RTMA0GCSqG
SIb3DQEBCwUAA4IBAQBLKZHU0Ig6QWUZgpbsHmVPNyUYzA7JYPi7PaN8ybGvC82/
S1EGojb8i48TrgN1nfg68+IUcsVwFp52PvsBhVB+2Lfm+iXGP+byvj/SgtXwc78B
eswYAZ1YM/SfLxJvmDZ3RNVh6IV6fCcStDVS6xjrn9el3olYFErk4croIze8v5Qu
Fpfi85mmKq2zry9JIIMTZ+QrKL3hbeSorcrfgflbU6ey0iyJyyGeWtUDwNpwfpBy
m71OYmSdYsNIgqixU/4ofq0rW9InScHWV+N4lWNbNRzzHGsf+F+V5Lr8WRFUCuFE
C3M/qWqTtJElmBonSxv7OwLcetE346+d2w9j+UVO
-----END CERTIFICATE-----
Generated at Mon Nov 25 06:03:22 2024 by rpki-client on console-fra.rpki-client.org