Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/d6df2691-db62-43b9-8a57-0e06da1acc64/0/3130332e37392e3233382e302f32342d3234203d3e20313336383431.roa
File:                     3130332e37392e3233382e302f32342d3234203d3e20313336383431.roa (raw, json)
Hash identifier:          4ipSerAp5CLS6+mC2MIifVUd2hytrxPpwsxulgo1acc=
Subject key identifier:   E8:B9:04:13:42:1B:E7:A8:B0:29:50:9A:DC:E2:FE:7C:47:AA:D4:AC
Certificate issuer:       /CN=F027F0676E31F5D61FFCB99138BA71A6A6C2A888
Certificate serial:       0F2D325A60D944D68E9CB4718069F23A251F9BF2
Authority key identifier: F0:27:F0:67:6E:31:F5:D6:1F:FC:B9:91:38:BA:71:A6:A6:C2:A8:88
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F027F0676E31F5D61FFCB99138BA71A6A6C2A888.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/d6df2691-db62-43b9-8a57-0e06da1acc64/0/3130332e37392e3233382e302f32342d3234203d3e20313336383431.roa
Signing time:             Wed 07 Feb 2024 04:03:08 +0000
ROA not before:           Wed 07 Feb 2024 03:58:08 +0000
ROA not after:            Wed 05 Feb 2025 04:03:08 +0000
asID:                     136841
IP address blocks:        103.79.238.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/d6df2691-db62-43b9-8a57-0e06da1acc64/0/F027F0676E31F5D61FFCB99138BA71A6A6C2A888.crl
                          rsync://repo-rpki.idnic.net/repo/d6df2691-db62-43b9-8a57-0e06da1acc64/0/F027F0676E31F5D61FFCB99138BA71A6A6C2A888.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F027F0676E31F5D61FFCB99138BA71A6A6C2A888.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 08:05:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:2d:32:5a:60:d9:44:d6:8e:9c:b4:71:80:69:f2:3a:25:1f:9b:f2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F027F0676E31F5D61FFCB99138BA71A6A6C2A888
        Validity
            Not Before: Feb  7 03:58:08 2024 GMT
            Not After : Feb  5 04:03:08 2025 GMT
        Subject: CN=E8B90413421BE7A8B029509ADCE2FE7C47AAD4AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:23:6f:c7:73:c9:cd:6a:1f:4f:bb:1a:24:41:
                    a6:c9:42:ed:25:bd:de:cc:02:46:9c:0c:f1:00:58:
                    13:a8:12:db:b8:c2:3d:70:e0:91:c7:57:cd:38:47:
                    59:cf:e2:4e:59:de:fa:11:1b:ca:2a:e0:be:18:14:
                    b5:b2:5a:03:cd:f1:e5:ce:d2:c2:c7:d0:de:12:46:
                    2c:72:84:5c:ae:1e:61:57:16:c0:3d:75:81:65:b8:
                    d6:4e:39:50:71:bb:40:ef:04:d4:6f:db:a5:22:e7:
                    6a:29:38:67:e6:d8:29:99:c5:ef:d1:c1:23:0f:a4:
                    2c:f1:20:9e:b8:e6:94:06:ff:87:2f:9d:90:55:ec:
                    50:2b:6f:53:5d:1f:c5:35:31:ac:c5:12:49:fe:5e:
                    9d:88:07:47:dd:0f:9b:f1:5d:5d:67:85:35:09:a2:
                    23:5e:f2:3a:40:25:5f:d4:c0:50:de:19:19:29:b0:
                    b7:55:52:5d:23:d1:51:88:5c:a2:6c:a3:e8:d7:2a:
                    d6:ff:b4:09:38:61:1a:3e:e9:c9:58:3d:c0:72:9c:
                    32:b9:2a:41:56:1e:cd:ed:b0:71:4c:bc:17:97:9e:
                    e6:9a:86:04:b6:d9:cf:43:6f:7a:ae:cf:0d:58:85:
                    f9:1d:6b:cf:d5:fb:c3:fa:0b:54:2c:b8:1a:01:6b:
                    f5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:B9:04:13:42:1B:E7:A8:B0:29:50:9A:DC:E2:FE:7C:47:AA:D4:AC
            X509v3 Authority Key Identifier:
                keyid:F0:27:F0:67:6E:31:F5:D6:1F:FC:B9:91:38:BA:71:A6:A6:C2:A8:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/d6df2691-db62-43b9-8a57-0e06da1acc64/0/F027F0676E31F5D61FFCB99138BA71A6A6C2A888.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F027F0676E31F5D61FFCB99138BA71A6A6C2A888.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/d6df2691-db62-43b9-8a57-0e06da1acc64/0/3130332e37392e3233382e302f32342d3234203d3e20313336383431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.79.238.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:78:e4:da:2e:ed:00:1c:40:6f:53:4f:aa:28:da:44:83:d1:
         f0:13:18:13:ea:7f:1d:dd:ff:32:bb:ab:84:71:f6:d3:c4:88:
         50:d1:23:77:08:eb:40:cd:36:e6:48:72:bd:42:90:49:ba:92:
         78:7c:66:13:ca:67:50:53:a8:0e:62:29:68:07:f5:9f:37:24:
         84:20:af:52:ce:37:98:46:be:81:e2:72:a2:09:84:14:5c:7c:
         58:16:f4:a1:7d:b5:63:24:3a:4a:6f:51:63:b2:5a:ba:f4:e5:
         c6:bd:35:c3:d9:e9:72:fc:68:9f:43:35:4c:91:9d:3a:b2:24:
         c3:2f:7f:c6:d7:20:58:72:eb:61:76:bc:f3:31:ec:d0:51:03:
         f3:55:b1:7c:82:2b:63:a9:0c:66:ce:5c:e9:66:50:4d:01:73:
         56:7c:48:1a:e3:1b:64:e9:e6:0d:44:e8:f1:25:b9:46:94:40:
         04:70:fe:dd:c6:ed:70:db:88:9a:46:19:7b:63:a4:57:4e:93:
         b6:79:c2:f9:89:50:b1:63:02:3e:74:ab:d8:bf:9a:3b:79:d6:
         b0:88:ed:45:06:12:3e:ce:0a:aa:bb:f5:4f:bf:5a:dd:30:cd:
         ac:c5:16:08:a0:b8:9d:e4:b5:50:9a:fd:f9:23:87:74:70:8d:
         c6:b0:73:7c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUDy0yWmDZRNaOnLRxgGnyOiUfm/IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjAyN0YwNjc2RTMxRjVENjFGRkNCOTkxMzhCQTcxQTZB
NkMyQTg4ODAeFw0yNDAyMDcwMzU4MDhaFw0yNTAyMDUwNDAzMDhaMDMxMTAvBgNV
BAMTKEU4QjkwNDEzNDIxQkU3QThCMDI5NTA5QURDRTJGRTdDNDdBQUQ0QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiI2/Hc8nNah9PuxokQabJQu0l
vd7MAkacDPEAWBOoEtu4wj1w4JHHV804R1nP4k5Z3voRG8oq4L4YFLWyWgPN8eXO
0sLH0N4SRixyhFyuHmFXFsA9dYFluNZOOVBxu0DvBNRv26Ui52opOGfm2CmZxe/R
wSMPpCzxIJ645pQG/4cvnZBV7FArb1NdH8U1MazFEkn+Xp2IB0fdD5vxXV1nhTUJ
oiNe8jpAJV/UwFDeGRkpsLdVUl0j0VGIXKJso+jXKtb/tAk4YRo+6clYPcBynDK5
KkFWHs3tsHFMvBeXnuaahgS22c9Db3quzw1Yhfkda8/V+8P6C1QsuBoBa/VVAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQU6LkEE0Ib56iwKVCa3OL+fEeq1KwwHwYDVR0j
BBgwFoAU8CfwZ24x9dYf/LmROLpxpqbCqIgwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9k
NmRmMjY5MS1kYjYyLTQzYjktOGE1Ny0wZTA2ZGExYWNjNjQvMC9GMDI3RjA2NzZF
MzFGNUQ2MUZGQ0I5OTEzOEJBNzFBNkE2QzJBODg4LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvRjAyN0YwNjc2RTMxRjVENjFGRkNCOTkxMzhCQTcxQTZBNkMy
QTg4OC5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Q2ZGYyNjkxLWRiNjItNDNiOS04
YTU3LTBlMDZkYTFhY2M2NC8wLzMxMzAzMzJlMzczOTJlMzIzMzM4MmUzMDJmMzIz
NDJkMzIzNDIwM2QzZTIwMzEzMzM2MzgzNDMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ0/uMA0GCSqG
SIb3DQEBCwUAA4IBAQAKeOTaLu0AHEBvU0+qKNpEg9HwExgT6n8d3f8yu6uEcfbT
xIhQ0SN3COtAzTbmSHK9QpBJupJ4fGYTymdQU6gOYiloB/WfNySEIK9SzjeYRr6B
4nKiCYQUXHxYFvShfbVjJDpKb1Fjslq69OXGvTXD2ely/GifQzVMkZ06siTDL3/G
1yBYcuthdrzzMezQUQPzVbF8gitjqQxmzlzpZlBNAXNWfEga4xtk6eYNROjxJblG
lEAEcP7dxu1w24iaRhl7Y6RXTpO2ecL5iVCxYwI+dKvYv5o7edawiO1FBhI+zgqq
u/VPv1rdMM2sxRYIoLid5LVQmv35I4d0cI3GsHN8
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:17:49 2024 by rpki-client on console-ams.rpki-client.org