Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/3130332e3138342e36342e302f32332d3234203d3e20313439363832.roa
File:                     3130332e3138342e36342e302f32332d3234203d3e20313439363832.roa (raw, json)
Hash identifier:          WppDQZbLtIowk4IxpdQBVBACqIFMpSeToWGYOCIl8Tc=
Subject key identifier:   BC:78:F9:70:8E:BC:DB:1F:51:1E:21:E3:09:EC:A2:2D:9D:B4:BF:60
Certificate issuer:       /CN=3D93688202931D72322A7EE0053964A2DD8EB457
Certificate serial:       4521EB01F133A90C6F2CE69159519A5844E7DCAD
Authority key identifier: 3D:93:68:82:02:93:1D:72:32:2A:7E:E0:05:39:64:A2:DD:8E:B4:57
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D93688202931D72322A7EE0053964A2DD8EB457.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/3130332e3138342e36342e302f32332d3234203d3e20313439363832.roa
Signing time:             Fri 09 Feb 2024 05:00:01 +0000
ROA not before:           Fri 09 Feb 2024 04:55:01 +0000
ROA not after:            Fri 07 Feb 2025 05:00:01 +0000
asID:                     149682
IP address blocks:        103.184.64.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/3D93688202931D72322A7EE0053964A2DD8EB457.crl
                          rsync://repo-rpki.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/3D93688202931D72322A7EE0053964A2DD8EB457.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D93688202931D72322A7EE0053964A2DD8EB457.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Mon 25 Nov 2024 20:39:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:21:eb:01:f1:33:a9:0c:6f:2c:e6:91:59:51:9a:58:44:e7:dc:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3D93688202931D72322A7EE0053964A2DD8EB457
        Validity
            Not Before: Feb  9 04:55:01 2024 GMT
            Not After : Feb  7 05:00:01 2025 GMT
        Subject: CN=BC78F9708EBCDB1F511E21E309ECA22D9DB4BF60
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:db:e9:9c:1b:b7:f9:f0:fe:d8:ef:9f:11:c7:
                    36:cb:9a:29:13:65:8a:8d:6b:02:9f:1b:97:71:57:
                    5d:95:44:75:97:dd:a2:03:d0:7c:73:99:b6:bf:2a:
                    8f:be:ee:e3:1e:6b:4a:83:1b:1e:d0:38:29:0d:a8:
                    a4:76:5a:fe:8c:fe:ee:f9:d5:78:95:a2:ee:2e:c9:
                    59:79:91:f6:fc:d0:04:98:88:87:b7:e7:bb:8f:31:
                    bc:fe:50:8e:54:d8:61:e1:5e:29:d5:4c:86:0a:27:
                    37:43:29:9a:65:4c:9d:dd:5f:d0:9d:d3:1a:ff:1f:
                    d4:3d:f8:7d:21:f5:4f:7d:b9:3d:34:7e:2d:b8:b6:
                    b0:1b:49:ef:1d:5d:1f:84:6b:7d:7f:1f:04:16:d4:
                    30:6f:8c:6f:41:dd:5f:31:50:c4:ce:6a:48:25:86:
                    88:e5:f3:61:e0:b2:63:e8:f2:52:6e:8f:13:3d:81:
                    3e:dc:40:ef:71:2b:89:07:39:ae:31:a6:cc:f4:3d:
                    06:ba:31:63:17:b0:9c:ae:b0:08:0f:c2:a2:f8:27:
                    26:24:bf:5a:c0:59:c4:6a:8a:fb:72:9a:82:ac:c4:
                    3f:5f:e6:19:8c:15:7a:d2:cf:81:0e:36:36:0d:b7:
                    f0:e5:31:82:d2:6b:4d:63:09:4a:df:ba:ac:e0:1b:
                    12:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:78:F9:70:8E:BC:DB:1F:51:1E:21:E3:09:EC:A2:2D:9D:B4:BF:60
            X509v3 Authority Key Identifier:
                keyid:3D:93:68:82:02:93:1D:72:32:2A:7E:E0:05:39:64:A2:DD:8E:B4:57

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/3D93688202931D72322A7EE0053964A2DD8EB457.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/3D93688202931D72322A7EE0053964A2DD8EB457.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/b6d88496-b2ba-4d13-9825-ae38aff1da15/0/3130332e3138342e36342e302f32332d3234203d3e20313439363832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.184.64.0/23

    Signature Algorithm: sha256WithRSAEncryption
         62:6f:a2:44:b3:65:77:d4:fc:dc:12:0a:d9:3d:50:d7:91:99:
         de:16:e5:b8:25:6d:21:d1:a4:5e:6b:9c:d3:b5:23:a5:f5:8b:
         17:3b:42:7f:b2:4f:9d:bb:f2:13:ad:96:30:7f:f3:7a:b3:09:
         84:4a:12:a2:e7:15:6f:fe:cb:dd:1b:c0:8f:c2:d7:6c:59:7e:
         31:b7:87:da:63:71:2c:37:e1:0e:4e:a1:4d:ef:68:f2:72:ac:
         3f:6f:df:74:cc:70:4c:2e:9f:9e:30:ed:2d:c7:bf:31:5c:b3:
         d5:86:a4:88:56:4f:8f:af:d7:a0:18:2e:37:88:96:55:e0:fc:
         d8:d1:23:ae:db:7d:ff:9f:a8:b9:99:84:39:41:13:cf:3d:cc:
         52:c2:c3:c5:a5:06:88:58:e7:e2:39:bc:d2:43:c5:03:f6:4d:
         32:c2:33:32:ed:f2:30:90:86:e4:8a:6b:a2:90:43:ed:99:d2:
         bd:e8:74:72:24:44:58:fb:bb:69:30:db:14:aa:b6:88:a9:a5:
         04:02:d7:db:86:cd:fa:ed:62:88:37:9e:c7:10:ff:39:ce:f2:
         ae:39:52:7a:3c:83:62:5c:81:36:19:a7:af:f0:8e:c0:7e:4a:
         db:69:e1:e6:02:51:06:91:84:77:0d:58:03:df:dd:0d:dc:d9:
         13:8e:3d:a5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIURSHrAfEzqQxvLOaRWVGaWETn3K0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0Q5MzY4ODIwMjkzMUQ3MjMyMkE3RUUwMDUzOTY0QTJE
RDhFQjQ1NzAeFw0yNDAyMDkwNDU1MDFaFw0yNTAyMDcwNTAwMDFaMDMxMTAvBgNV
BAMTKEJDNzhGOTcwOEVCQ0RCMUY1MTFFMjFFMzA5RUNBMjJEOURCNEJGNjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM2+mcG7f58P7Y758RxzbLmikT
ZYqNawKfG5dxV12VRHWX3aID0Hxzmba/Ko++7uMea0qDGx7QOCkNqKR2Wv6M/u75
1XiVou4uyVl5kfb80ASYiIe357uPMbz+UI5U2GHhXinVTIYKJzdDKZplTJ3dX9Cd
0xr/H9Q9+H0h9U99uT00fi24trAbSe8dXR+Ea31/HwQW1DBvjG9B3V8xUMTOakgl
hojl82HgsmPo8lJujxM9gT7cQO9xK4kHOa4xpsz0PQa6MWMXsJyusAgPwqL4JyYk
v1rAWcRqivtymoKsxD9f5hmMFXrSz4EONjYNt/DlMYLSa01jCUrfuqzgGxLnAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUvHj5cI682x9RHiHjCeyiLZ20v2AwHwYDVR0j
BBgwFoAUPZNoggKTHXIyKn7gBTlkot2OtFcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9i
NmQ4ODQ5Ni1iMmJhLTRkMTMtOTgyNS1hZTM4YWZmMWRhMTUvMC8zRDkzNjg4MjAy
OTMxRDcyMzIyQTdFRTAwNTM5NjRBMkREOEVCNDU3LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvM0Q5MzY4ODIwMjkzMUQ3MjMyMkE3RUUwMDUzOTY0QTJERDhF
QjQ1Ny5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2I2ZDg4NDk2LWIyYmEtNGQxMy05
ODI1LWFlMzhhZmYxZGExNS8wLzMxMzAzMzJlMzEzODM0MmUzNjM0MmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzNDM5MzYzODMyLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ7hAMA0GCSqG
SIb3DQEBCwUAA4IBAQBib6JEs2V31PzcEgrZPVDXkZneFuW4JW0h0aRea5zTtSOl
9YsXO0J/sk+du/ITrZYwf/N6swmEShKi5xVv/svdG8CPwtdsWX4xt4faY3EsN+EO
TqFN72jycqw/b990zHBMLp+eMO0tx78xXLPVhqSIVk+Pr9egGC43iJZV4PzY0SOu
233/n6i5mYQ5QRPPPcxSwsPFpQaIWOfiObzSQ8UD9k0ywjMy7fIwkIbkimuikEPt
mdK96HRyJERY+7tpMNsUqraIqaUEAtfbhs367WKIN57HEP85zvKuOVJ6PINiXIE2
Gaev8I7AfkrbaeHmAlEGkYR3DVgD390N3NkTjj2l
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:43:37 2024 by rpki-client on console-ams.rpki-client.org