Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/b1f87f5a-f6f9-468d-895e-314487f5e25e/0/3130332e3138352e3139372e302f32342d3234203d3e20313333333535.roa
File:                     3130332e3138352e3139372e302f32342d3234203d3e20313333333535.roa (raw, json)
Hash identifier:          X/RSOXUq7KW+7LVhNjqX4Q2vYkD2wUSDkeHP3hdjPZw=
Subject key identifier:   B0:D8:24:78:A9:FD:E7:65:7A:2C:F4:A5:CD:D5:DE:9A:9B:43:45:79
Certificate issuer:       /CN=B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7
Certificate serial:       0B0D14358BCD6957837E5EDEA186603ABFD47D10
Authority key identifier: B9:BE:B6:0C:D6:22:4D:41:F3:33:A0:7E:18:20:F0:AF:3A:81:FF:F7
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/b1f87f5a-f6f9-468d-895e-314487f5e25e/0/3130332e3138352e3139372e302f32342d3234203d3e20313333333535.roa
Signing time:             Mon 26 Feb 2024 10:00:01 +0000
ROA not before:           Mon 26 Feb 2024 09:55:01 +0000
ROA not after:            Mon 24 Feb 2025 10:00:01 +0000
asID:                     133355
IP address blocks:        103.185.197.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/b1f87f5a-f6f9-468d-895e-314487f5e25e/0/B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7.crl
                          rsync://repo-rpki.idnic.net/repo/b1f87f5a-f6f9-468d-895e-314487f5e25e/0/B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:0d:14:35:8b:cd:69:57:83:7e:5e:de:a1:86:60:3a:bf:d4:7d:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7
        Validity
            Not Before: Feb 26 09:55:01 2024 GMT
            Not After : Feb 24 10:00:01 2025 GMT
        Subject: CN=B0D82478A9FDE7657A2CF4A5CDD5DE9A9B434579
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:6f:86:86:52:1c:4c:28:48:a0:9d:35:68:15:
                    f1:54:47:3e:c6:be:c1:a6:96:3a:25:8b:53:49:74:
                    5b:e4:2d:f2:52:d7:24:f4:df:8f:16:e3:b4:ce:43:
                    fc:dd:cb:a1:6c:21:dc:3b:0e:ea:68:12:89:df:5d:
                    9e:2e:1a:a3:bd:b6:86:8c:1b:56:6f:03:ce:7b:b5:
                    52:89:28:88:c9:98:59:eb:e9:dc:0a:61:0d:3e:ff:
                    f7:e9:30:74:e0:ff:53:1a:e7:9c:ff:4b:17:f1:a2:
                    9c:bd:d0:10:63:bd:88:af:76:e2:54:db:ca:16:26:
                    94:79:b5:a5:ed:87:79:35:45:c2:9b:b1:da:43:39:
                    1b:2f:33:a2:27:1c:22:84:b1:ec:73:8c:7b:fb:e8:
                    0e:22:b0:68:c3:4d:bf:83:a8:d2:b2:14:eb:cb:0f:
                    b9:43:a0:76:c1:40:27:84:64:c1:aa:ae:f4:0d:71:
                    63:4e:fa:0f:f3:e9:7e:9a:d9:ef:28:40:06:54:05:
                    f9:db:86:49:03:8d:b1:e8:34:c1:bb:3d:50:c8:6b:
                    e5:0c:96:11:46:9e:18:b3:fc:ab:97:02:11:f0:95:
                    5d:94:20:7f:fb:8b:5d:35:ea:38:3a:a4:44:16:fd:
                    77:60:18:c5:a6:0c:78:a1:c3:ec:d0:04:0e:c9:75:
                    f5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:D8:24:78:A9:FD:E7:65:7A:2C:F4:A5:CD:D5:DE:9A:9B:43:45:79
            X509v3 Authority Key Identifier:
                keyid:B9:BE:B6:0C:D6:22:4D:41:F3:33:A0:7E:18:20:F0:AF:3A:81:FF:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/b1f87f5a-f6f9-468d-895e-314487f5e25e/0/B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/B9BEB60CD6224D41F333A07E1820F0AF3A81FFF7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b1f87f5a-f6f9-468d-895e-314487f5e25e/0/3130332e3138352e3139372e302f32342d3234203d3e20313333333535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.185.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:1c:b1:06:96:9d:51:f1:d2:34:ce:e0:fc:b8:6c:43:ac:d2:
         9a:e5:ce:19:fd:cc:04:11:12:8c:52:93:bb:7e:4f:14:1b:d1:
         34:ea:88:bd:7e:68:8c:5a:7f:69:33:7f:94:69:b0:e6:08:91:
         cd:23:aa:cd:69:cb:5a:a8:df:0e:d2:fc:be:64:7d:83:a3:a7:
         fb:18:5e:04:08:68:7c:0d:e0:10:52:19:02:28:c8:90:d0:82:
         a1:c2:30:3b:7f:2c:3f:42:f9:68:d2:b6:d1:4b:78:a8:6f:56:
         fe:f1:55:7c:ab:4c:b9:ed:89:c7:ab:fa:0e:fd:2b:2e:18:53:
         6b:50:1e:c4:ae:db:6e:ef:3b:3c:a9:6d:f2:ad:d7:7f:4b:aa:
         70:ee:9c:5b:56:06:8b:27:30:df:39:72:ac:e5:ff:77:4f:4d:
         aa:a8:58:49:74:a6:83:8d:75:e8:14:f7:89:5b:2d:08:5a:2a:
         e1:0f:dc:19:f3:4a:91:36:b1:90:a4:d3:97:2e:69:d8:83:32:
         ca:67:e2:a8:63:61:94:3b:ad:39:a0:2a:5c:62:93:19:96:72:
         ea:02:49:bc:45:54:6c:1c:b5:38:f5:79:ba:4e:f8:86:33:ba:
         4a:0a:4d:1d:20:db:64:34:fd:03:37:a4:78:2c:ac:1a:1a:fd:
         9c:ad:e7:ba
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUCw0UNYvNaVeDfl7eoYZgOr/UfRAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjlCRUI2MENENjIyNEQ0MUYzMzNBMDdFMTgyMEYwQUYz
QTgxRkZGNzAeFw0yNDAyMjYwOTU1MDFaFw0yNTAyMjQxMDAwMDFaMDMxMTAvBgNV
BAMTKEIwRDgyNDc4QTlGREU3NjU3QTJDRjRBNUNERDVERTlBOUI0MzQ1NzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEb4aGUhxMKEignTVoFfFURz7G
vsGmljoli1NJdFvkLfJS1yT0348W47TOQ/zdy6FsIdw7DupoEonfXZ4uGqO9toaM
G1ZvA857tVKJKIjJmFnr6dwKYQ0+//fpMHTg/1Ma55z/Sxfxopy90BBjvYivduJU
28oWJpR5taXth3k1RcKbsdpDORsvM6InHCKEsexzjHv76A4isGjDTb+DqNKyFOvL
D7lDoHbBQCeEZMGqrvQNcWNO+g/z6X6a2e8oQAZUBfnbhkkDjbHoNMG7PVDIa+UM
lhFGnhiz/KuXAhHwlV2UIH/7i1016jg6pEQW/XdgGMWmDHihw+zQBA7JdfXpAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUsNgkeKn952V6LPSlzdXemptDRXkwHwYDVR0j
BBgwFoAUub62DNYiTUHzM6B+GCDwrzqB//cwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
MWY4N2Y1YS1mNmY5LTQ2OGQtODk1ZS0zMTQ0ODdmNWUyNWUvMC9COUJFQjYwQ0Q2
MjI0RDQxRjMzM0EwN0UxODIwRjBBRjNBODFGRkY3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvQjlCRUI2MENENjIyNEQ0MUYzMzNBMDdFMTgyMEYwQUYzQTgx
RkZGNy5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2IxZjg3ZjVhLWY2ZjktNDY4ZC04
OTVlLTMxNDQ4N2Y1ZTI1ZS8wLzMxMzAzMzJlMzEzODM1MmUzMTM5MzcyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzMzMzM1MzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnucUwDQYJ
KoZIhvcNAQELBQADggEBABccsQaWnVHx0jTO4Py4bEOs0prlzhn9zAQREoxSk7t+
TxQb0TTqiL1+aIxaf2kzf5RpsOYIkc0jqs1py1qo3w7S/L5kfYOjp/sYXgQIaHwN
4BBSGQIoyJDQgqHCMDt/LD9C+WjSttFLeKhvVv7xVXyrTLnticer+g79Ky4YU2tQ
HsSu227vOzypbfKt139LqnDunFtWBosnMN85cqzl/3dPTaqoWEl0poONdegU94lb
LQhaKuEP3BnzSpE2sZCk05cuadiDMspn4qhjYZQ7rTmgKlxikxmWcuoCSbxFVGwc
tTj1ebpO+IYzukoKTR0g22Q0/QM3pHgsrBoa/Zyt57o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:43:37 2024 by rpki-client on console-ams.rpki-client.org