Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/f9e7a28a-62f0-4d14-8702-403a5190eae1/0/3130332e3137312e33302e302f32332d3234203d3e20313331313131.roa
File:                     3130332e3137312e33302e302f32332d3234203d3e20313331313131.roa (raw, json)
Hash identifier:          mVJX9oxL4QYhiz5hVeq2v8NHUYA+ubI8hiYmT+KOby0=
Subject key identifier:   CD:A4:CD:90:14:C2:BA:03:7B:BE:FD:8D:C9:13:05:D2:68:F1:D0:07
Certificate issuer:       /CN=8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86
Certificate serial:       370C5C62E98C21E17E3B8D34D13ECEDC1D026406
Authority key identifier: 8A:4F:F8:36:58:8B:BD:C5:E5:CC:52:6B:BB:EB:66:D5:14:0D:1B:86
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/f9e7a28a-62f0-4d14-8702-403a5190eae1/0/3130332e3137312e33302e302f32332d3234203d3e20313331313131.roa
Signing time:             Wed 19 Jul 2023 04:00:40 +0000
ROA not before:           Wed 19 Jul 2023 03:55:40 +0000
ROA not after:            Wed 17 Jul 2024 04:00:40 +0000
asID:                     131111
IP address blocks:        103.171.30.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/f9e7a28a-62f0-4d14-8702-403a5190eae1/0/8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86.crl
                          rsync://repo-rpki.idnic.net/repo/f9e7a28a-62f0-4d14-8702-403a5190eae1/0/8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sat 30 Mar 2024 20:02:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:0c:5c:62:e9:8c:21:e1:7e:3b:8d:34:d1:3e:ce:dc:1d:02:64:06
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86
        Validity
            Not Before: Jul 19 03:55:40 2023 GMT
            Not After : Jul 17 04:00:40 2024 GMT
        Subject: CN=CDA4CD9014C2BA037BBEFD8DC91305D268F1D007
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:0a:71:04:0e:fd:0f:73:9f:f7:5d:27:52:57:
                    2c:b7:32:1a:6b:95:d9:7d:36:11:65:bc:71:71:07:
                    5e:49:a0:16:f5:7d:30:33:b0:80:c9:82:35:c9:5d:
                    d7:75:35:9d:53:f8:72:8c:c9:8d:ff:a8:7c:07:b5:
                    40:46:9f:b5:94:3c:19:95:6b:e5:b4:8b:bc:ed:6b:
                    05:24:65:dc:4b:3d:a7:7c:67:a2:51:c2:42:a3:86:
                    50:97:d7:00:9d:e8:90:34:40:78:f5:94:ef:6d:f6:
                    65:97:9c:f6:22:f5:56:ae:96:22:6b:92:29:11:e2:
                    e6:5e:55:97:63:0f:d9:8b:56:43:91:f1:5b:0c:b7:
                    23:43:ef:be:02:3d:5d:dd:53:27:ba:ce:8e:bd:84:
                    b4:6b:ac:60:64:27:5e:9f:57:2f:1f:e7:4d:b8:28:
                    c7:53:bc:91:25:ef:51:8d:c4:64:5d:02:bf:2f:e7:
                    98:93:ca:ad:8c:d6:90:e0:f3:92:9f:02:e6:57:7c:
                    5b:b8:42:27:c9:e5:62:9f:bf:d6:89:c8:68:75:ab:
                    b9:45:e0:ea:fa:e4:37:43:e6:78:ed:4b:16:ca:11:
                    87:52:ec:ff:ec:44:0d:bd:7f:64:4f:e2:53:57:7e:
                    28:93:d2:21:12:02:09:9a:65:d3:01:ba:09:3c:66:
                    fb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:A4:CD:90:14:C2:BA:03:7B:BE:FD:8D:C9:13:05:D2:68:F1:D0:07
            X509v3 Authority Key Identifier:
                keyid:8A:4F:F8:36:58:8B:BD:C5:E5:CC:52:6B:BB:EB:66:D5:14:0D:1B:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/f9e7a28a-62f0-4d14-8702-403a5190eae1/0/8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/8A4FF836588BBDC5E5CC526BBBEB66D5140D1B86.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/f9e7a28a-62f0-4d14-8702-403a5190eae1/0/3130332e3137312e33302e302f32332d3234203d3e20313331313131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.171.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         06:b8:45:95:01:ed:28:53:04:da:26:c7:5d:db:bf:ac:76:2d:
         0d:44:cc:4f:d1:2a:30:d1:0d:4b:ae:a8:c8:e6:10:83:c3:d5:
         7e:9e:68:e9:e4:0f:3b:5f:e5:02:dd:cb:2a:ef:80:7e:98:f6:
         73:e9:cd:09:c5:ac:45:10:90:ac:31:c5:96:52:ba:56:85:2b:
         8f:18:c3:85:62:ee:da:04:1a:f3:a2:e0:38:fe:33:f4:bf:e5:
         00:ef:0b:34:9a:96:33:52:98:5d:aa:d9:88:7b:7b:94:9f:79:
         40:5e:6f:2b:ea:02:93:57:90:85:50:c4:6c:87:ef:05:93:5d:
         a9:71:72:a5:8d:b0:c8:87:8e:50:50:78:21:b3:5c:41:ae:2e:
         91:6e:74:7d:b1:6b:2e:d8:d9:75:15:c7:e5:7a:04:7a:80:e1:
         49:5e:78:a1:12:5e:66:34:67:ce:e1:c1:a3:b1:60:99:9d:6a:
         48:d1:b7:a2:00:67:75:ea:74:7d:d4:23:27:28:93:bd:36:f7:
         7c:5c:94:29:f0:04:dd:cd:68:5a:26:82:3c:2b:14:44:04:23:
         fc:f7:fe:1a:1a:cc:22:3b:40:83:79:b2:a0:fd:da:ec:65:e7:
         da:8a:86:73:ae:9c:09:a5:c1:a8:de:6c:b2:d8:db:51:ac:74:
         17:71:37:9f
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUNwxcYumMIeF+O4000T7O3B0CZAYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEE0RkY4MzY1ODhCQkRDNUU1Q0M1MjZCQkJFQjY2RDUx
NDBEMUI4NjAeFw0yMzA3MTkwMzU1NDBaFw0yNDA3MTcwNDAwNDBaMDMxMTAvBgNV
BAMTKENEQTRDRDkwMTRDMkJBMDM3QkJFRkQ4REM5MTMwNUQyNjhGMUQwMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqCnEEDv0Pc5/3XSdSVyy3Mhpr
ldl9NhFlvHFxB15JoBb1fTAzsIDJgjXJXdd1NZ1T+HKMyY3/qHwHtUBGn7WUPBmV
a+W0i7ztawUkZdxLPad8Z6JRwkKjhlCX1wCd6JA0QHj1lO9t9mWXnPYi9VauliJr
kikR4uZeVZdjD9mLVkOR8VsMtyND774CPV3dUye6zo69hLRrrGBkJ16fVy8f5024
KMdTvJEl71GNxGRdAr8v55iTyq2M1pDg85KfAuZXfFu4QifJ5WKfv9aJyGh1q7lF
4Or65DdD5njtSxbKEYdS7P/sRA29f2RP4lNXfiiT0iESAgmaZdMBugk8ZvtNAgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUzaTNkBTCugN7vv2NyRMF0mjx0AcwHwYDVR0j
BBgwFoAUik/4NliLvcXlzFJru+tm1RQNG4YwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby9m
OWU3YTI4YS02MmYwLTRkMTQtODcwMi00MDNhNTE5MGVhZTEvMC84QTRGRjgzNjU4
OEJCREM1RTVDQzUyNkJCQkVCNjZENTE0MEQxQjg2LmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvOEE0RkY4MzY1ODhCQkRDNUU1Q0M1MjZCQkJFQjY2RDUxNDBE
MUI4Ni5jZXIwgaQGCCsGAQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5j
Oi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBvL2Y5ZTdhMjhhLTYyZjAtNGQxNC04
NzAyLTQwM2E1MTkwZWFlMS8wLzMxMzAzMzJlMzEzNzMxMmUzMzMwMmUzMDJmMzIz
MzJkMzIzNDIwM2QzZTIwMzEzMzMxMzEzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoG
CCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBZ6seMA0GCSqG
SIb3DQEBCwUAA4IBAQAGuEWVAe0oUwTaJsdd27+sdi0NRMxP0Sow0Q1LrqjI5hCD
w9V+nmjp5A87X+UC3csq74B+mPZz6c0JxaxFEJCsMcWWUrpWhSuPGMOFYu7aBBrz
ouA4/jP0v+UA7ws0mpYzUphdqtmIe3uUn3lAXm8r6gKTV5CFUMRsh+8Fk12pcXKl
jbDIh45QUHghs1xBri6RbnR9sWsu2Nl1FcflegR6gOFJXnihEl5mNGfO4cGjsWCZ
nWpI0beiAGd16nR91CMnKJO9Nvd8XJQp8ATdzWhaJoI8KxREBCP89/4aGswiO0CD
ebKg/drsZefaioZzrpwJpcGo3myy2NtRrHQXcTef
-----END CERTIFICATE-----
Generated at Thu Mar 28 00:10:23 2024 by rpki-client on console-fra.rpki-client.org