Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/b5632d99-32b2-467b-b7fe-0d25f853bfa6/0/3130332e3130322e3134332e302f32342d3234203d3e20313336383534.roa
File:                     3130332e3130322e3134332e302f32342d3234203d3e20313336383534.roa (raw, json)
Hash identifier:          sYw+A0wNoY4n1RM44RfdRZuPue/7GiaLni4kityHoV8=
Subject key identifier:   2D:CA:FA:8E:56:30:A8:F1:A3:3B:52:04:69:21:7F:97:88:5B:BA:2A
Certificate issuer:       /CN=1D6001A4F46548B37ED871CA5CF088F7AF50D754
Certificate serial:       3CDFA7DF74F4FDC4BD9B33D16A200A6F407DCDFF
Authority key identifier: 1D:60:01:A4:F4:65:48:B3:7E:D8:71:CA:5C:F0:88:F7:AF:50:D7:54
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1D6001A4F46548B37ED871CA5CF088F7AF50D754.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/b5632d99-32b2-467b-b7fe-0d25f853bfa6/0/3130332e3130322e3134332e302f32342d3234203d3e20313336383534.roa
Signing time:             Tue 27 Feb 2024 09:02:01 +0000
ROA not before:           Tue 27 Feb 2024 08:57:01 +0000
ROA not after:            Tue 25 Feb 2025 09:02:01 +0000
asID:                     136854
IP address blocks:        103.102.143.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/b5632d99-32b2-467b-b7fe-0d25f853bfa6/0/1D6001A4F46548B37ED871CA5CF088F7AF50D754.crl
                          rsync://repo-rpki.idnic.net/repo/b5632d99-32b2-467b-b7fe-0d25f853bfa6/0/1D6001A4F46548B37ED871CA5CF088F7AF50D754.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1D6001A4F46548B37ED871CA5CF088F7AF50D754.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Tue 26 Nov 2024 21:27:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:df:a7:df:74:f4:fd:c4:bd:9b:33:d1:6a:20:0a:6f:40:7d:cd:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1D6001A4F46548B37ED871CA5CF088F7AF50D754
        Validity
            Not Before: Feb 27 08:57:01 2024 GMT
            Not After : Feb 25 09:02:01 2025 GMT
        Subject: CN=2DCAFA8E5630A8F1A33B520469217F97885BBA2A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:48:68:96:49:5c:33:b1:78:5e:ae:93:fd:8a:
                    b4:d3:9a:17:cc:0c:09:2f:f4:c7:de:9f:50:7d:18:
                    12:b9:b7:1d:f5:4a:ae:fb:39:99:38:c3:f4:1e:82:
                    dc:43:33:c3:9f:99:de:bb:14:4b:1d:b8:37:80:02:
                    e5:d8:7e:03:cc:27:14:9d:f1:36:e4:e9:9c:cc:a7:
                    9f:7c:f8:94:97:40:48:75:09:ee:a0:c6:13:2b:b4:
                    ba:57:6c:40:bc:10:b6:b4:b1:cb:2c:bd:61:ce:86:
                    56:92:38:b7:84:87:b2:f2:65:1a:97:c1:ef:f7:82:
                    3e:3e:85:4e:a4:27:e3:36:fe:1a:51:fe:e3:f0:a9:
                    f8:9f:64:8f:64:a6:7f:cd:0d:86:0c:41:ec:99:cf:
                    65:72:ff:9e:fc:ca:28:79:45:a0:08:4d:8e:63:1b:
                    69:7f:9e:5d:17:4b:81:20:4d:40:42:c3:fc:62:7b:
                    0a:dc:7c:4b:48:5b:1d:cc:3a:cd:99:df:55:61:d8:
                    d1:94:3a:11:f8:c1:aa:9e:21:1e:e0:8f:b4:9c:3c:
                    17:14:60:12:7f:0a:09:5a:84:0d:b7:d1:7b:fe:2c:
                    4c:2f:eb:dd:32:b9:97:c7:fb:f1:24:5b:64:f0:53:
                    10:ad:d9:0c:15:ce:bb:50:87:91:57:19:72:79:e6:
                    54:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2D:CA:FA:8E:56:30:A8:F1:A3:3B:52:04:69:21:7F:97:88:5B:BA:2A
            X509v3 Authority Key Identifier:
                keyid:1D:60:01:A4:F4:65:48:B3:7E:D8:71:CA:5C:F0:88:F7:AF:50:D7:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/b5632d99-32b2-467b-b7fe-0d25f853bfa6/0/1D6001A4F46548B37ED871CA5CF088F7AF50D754.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/1D6001A4F46548B37ED871CA5CF088F7AF50D754.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b5632d99-32b2-467b-b7fe-0d25f853bfa6/0/3130332e3130322e3134332e302f32342d3234203d3e20313336383534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.102.143.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:15:44:cb:2a:42:39:b3:10:76:f7:dc:b7:10:85:ba:e7:39:
         c2:03:22:2e:da:d7:cb:6a:a5:70:3b:80:15:4e:2d:7b:5f:cc:
         8e:21:ca:7d:37:29:0a:3e:24:d6:2e:fc:1b:e1:2a:10:a3:3b:
         6e:6e:bf:b2:79:24:b1:1a:73:6d:3e:e2:63:ee:d1:5e:9c:58:
         1d:f3:e5:b8:b9:c2:6c:d2:0b:5b:86:6d:11:ad:f5:6f:5f:6b:
         86:93:19:b7:26:66:a1:04:4d:9f:b5:c0:fb:9a:e3:ec:04:62:
         93:57:b2:29:10:91:02:8d:68:7e:7d:b4:a2:8b:c5:a8:34:18:
         87:9d:3b:61:48:e6:7c:19:9e:6e:61:63:c3:1b:d7:6f:3a:45:
         7d:32:b7:d3:74:47:f3:ab:93:d1:3f:15:e9:cc:be:f3:b4:4b:
         df:f8:c4:36:8a:7d:10:c5:8f:c9:d9:3c:3a:14:e3:35:c7:b2:
         25:e6:dd:c9:2a:76:2e:2d:5b:4a:34:96:2a:a6:77:ec:29:bd:
         8f:c0:6f:39:0d:2a:ab:48:48:ae:e4:5d:79:f8:38:9f:09:ce:
         57:8a:3a:eb:8a:30:51:b8:3e:a7:a0:0e:21:7a:66:e2:38:8b:
         3c:ba:b9:71:3e:34:92:75:f6:40:16:88:ec:3b:64:8d:fc:ac:
         98:41:e7:1a
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUPN+n33T0/cS9mzPRaiAKb0B9zf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUQ2MDAxQTRGNDY1NDhCMzdFRDg3MUNBNUNGMDg4RjdB
RjUwRDc1NDAeFw0yNDAyMjcwODU3MDFaFw0yNTAyMjUwOTAyMDFaMDMxMTAvBgNV
BAMTKDJEQ0FGQThFNTYzMEE4RjFBMzNCNTIwNDY5MjE3Rjk3ODg1QkJBMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsSGiWSVwzsXherpP9irTTmhfM
DAkv9Mfen1B9GBK5tx31Sq77OZk4w/QegtxDM8Ofmd67FEsduDeAAuXYfgPMJxSd
8Tbk6ZzMp598+JSXQEh1Ce6gxhMrtLpXbEC8ELa0scssvWHOhlaSOLeEh7LyZRqX
we/3gj4+hU6kJ+M2/hpR/uPwqfifZI9kpn/NDYYMQeyZz2Vy/578yih5RaAITY5j
G2l/nl0XS4EgTUBCw/xiewrcfEtIWx3MOs2Z31Vh2NGUOhH4waqeIR7gj7ScPBcU
YBJ/CglahA230Xv+LEwv690yuZfH+/EkW2TwUxCt2QwVzrtQh5FXGXJ55lQ9AgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQULcr6jlYwqPGjO1IEaSF/l4hbuiowHwYDVR0j
BBgwFoAUHWABpPRlSLN+2HHKXPCI969Q11QwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
NTYzMmQ5OS0zMmIyLTQ2N2ItYjdmZS0wZDI1Zjg1M2JmYTYvMC8xRDYwMDFBNEY0
NjU0OEIzN0VEODcxQ0E1Q0YwODhGN0FGNTBENzU0LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMUQ2MDAxQTRGNDY1NDhCMzdFRDg3MUNBNUNGMDg4RjdBRjUw
RDc1NC5jZXIwgaYGCCsGAQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I1NjMyZDk5LTMyYjItNDY3Yi1i
N2ZlLTBkMjVmODUzYmZhNi8wLzMxMzAzMzJlMzEzMDMyMmUzMTM0MzMyZTMwMmYz
MjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzODM1MzQucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABnZo8wDQYJ
KoZIhvcNAQELBQADggEBAJYVRMsqQjmzEHb33LcQhbrnOcIDIi7a18tqpXA7gBVO
LXtfzI4hyn03KQo+JNYu/BvhKhCjO25uv7J5JLEac20+4mPu0V6cWB3z5bi5wmzS
C1uGbRGt9W9fa4aTGbcmZqEETZ+1wPua4+wEYpNXsikQkQKNaH59tKKLxag0GIed
O2FI5nwZnm5hY8Mb1286RX0yt9N0R/Ork9E/FenMvvO0S9/4xDaKfRDFj8nZPDoU
4zXHsiXm3ckqdi4tW0o0liqmd+wpvY/AbzkNKqtISK7kXXn4OJ8JzleKOuuKMFG4
PqegDiF6ZuI4izy6uXE+NJJ19kAWiOw7ZI38rJhB5xo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 15:29:10 2024 by rpki-client on console-ams.rpki-client.org