Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/AS147168.roa
File:                     AS147168.roa (raw, json)
Hash identifier:          e20CGZZgjTyz3kNZT3WXZXnYEX1ApqROokbLe+6uHIA=
Subject key identifier:   F9:2D:E6:A1:22:A1:BF:A2:50:4E:E3:27:8F:06:FB:B0:E9:B2:4A:21
Certificate issuer:       /CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
Certificate serial:       4FD64BB0FDA852EC6C319BC43964CED716477410
Authority key identifier: 22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12
Authority info access:    rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/AS147168.roa
Signing time:             Wed 23 Oct 2024 10:02:25 +0000
ROA not before:           Wed 23 Oct 2024 09:57:25 +0000
ROA not after:            Wed 22 Oct 2025 10:02:25 +0000
asID:                     147168
IP address blocks:        103.178.8.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl
                          rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.mft
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Sun 24 Nov 2024 09:00:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:d6:4b:b0:fd:a8:52:ec:6c:31:9b:c4:39:64:ce:d7:16:47:74:10
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=229866508D6D624523EDAD2A0DE1E82AE2C3B512
        Validity
            Not Before: Oct 23 09:57:25 2024 GMT
            Not After : Oct 22 10:02:25 2025 GMT
        Subject: CN=F92DE6A122A1BFA2504EE3278F06FBB0E9B24A21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:35:e9:f0:be:d7:5c:ae:a9:52:59:a2:7f:34:
                    ba:30:86:d1:9e:af:4b:90:1a:0e:5d:1d:28:66:ba:
                    34:a5:e8:ef:f3:df:96:fc:94:5b:4a:2d:f8:fb:0d:
                    9c:11:47:d2:18:3c:80:63:43:b6:89:a3:30:b9:8a:
                    21:74:f5:15:79:ad:48:15:68:a0:5f:ba:13:a7:10:
                    7b:f7:8c:17:0d:86:56:8b:0c:dc:74:3e:bf:4c:d8:
                    77:b9:13:71:ae:ab:da:16:8f:c4:9c:ee:71:f5:ac:
                    51:2e:19:d7:e3:bd:b5:b8:a9:ff:f5:7f:e6:54:1a:
                    6b:a2:39:49:04:76:2a:f9:fd:56:ff:97:4f:4b:17:
                    a3:72:ae:d3:4e:aa:ec:3f:e7:cf:3f:93:19:6f:f5:
                    2f:d6:24:0d:28:7e:96:ae:68:b7:c0:7b:d3:0e:89:
                    a3:52:e4:7a:f3:4a:75:56:55:a3:b7:4c:2a:5f:80:
                    cf:0a:22:c4:9e:b2:e4:3e:e7:03:7a:b9:15:97:88:
                    ae:6b:29:9a:cb:19:a9:dd:1a:06:99:8f:b5:43:32:
                    21:3f:5b:1a:7f:78:29:5c:6b:b3:0c:f0:28:39:3f:
                    55:41:c1:3e:51:bb:6d:c2:1b:86:ab:c7:9c:f2:c2:
                    20:21:1c:05:08:01:f7:ab:21:70:ca:ee:5f:dd:77:
                    82:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:2D:E6:A1:22:A1:BF:A2:50:4E:E3:27:8F:06:FB:B0:E9:B2:4A:21
            X509v3 Authority Key Identifier:
                keyid:22:98:66:50:8D:6D:62:45:23:ED:AD:2A:0D:E1:E8:2A:E2:C3:B5:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/229866508D6D624523EDAD2A0DE1E82AE2C3B512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/229866508D6D624523EDAD2A0DE1E82AE2C3B512.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/2fb70818-2366-42e0-9dbd-254381069e57/0/AS147168.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.178.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:c3:87:31:b9:99:fd:9e:8a:88:d6:51:db:37:fc:72:71:c8:
         dd:3c:89:02:48:66:97:a3:64:6a:52:b3:0a:7c:ba:9a:0c:25:
         de:ed:51:62:c2:ad:13:02:d2:3e:23:9c:f3:bd:cf:d6:5e:48:
         88:c5:d1:97:4e:d5:f2:e3:1d:a5:dd:f3:3b:6b:fe:41:38:cb:
         43:0d:bf:a0:30:97:cd:f5:42:27:24:0e:aa:73:1a:c5:b1:98:
         6b:fc:d0:34:f6:9e:86:d0:73:15:6f:8e:c1:81:a9:10:3a:e1:
         68:75:03:6b:19:11:7c:8d:83:07:97:d0:f2:56:20:70:28:04:
         9e:9e:30:6e:f7:1b:8c:5a:93:ad:05:f1:3b:db:fc:50:64:cd:
         0e:16:b9:42:df:27:ac:72:2c:1e:ee:9f:9a:d2:cf:38:cf:c9:
         be:3b:16:9f:7e:dd:1d:50:12:3f:0e:3f:5b:93:c1:cd:23:34:
         42:1b:e7:f3:33:97:84:25:73:9d:05:20:59:8e:90:cd:29:aa:
         f6:e0:0b:70:52:56:e8:ad:fb:7a:69:9c:46:a1:6b:32:81:52:
         ab:1a:4c:4f:c5:3a:87:a5:2f:e9:80:cd:e1:8e:9c:e0:70:34:
         63:4a:a3:05:7e:79:38:4e:6c:49:6c:8a:fc:2f:f7:93:d0:36:
         a9:19:9d:9e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIUT9ZLsP2oUuxsMZvEOWTO1xZHdBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFF
MkMzQjUxMjAeFw0yNDEwMjMwOTU3MjVaFw0yNTEwMjIxMDAyMjVaMDMxMTAvBgNV
BAMTKEY5MkRFNkExMjJBMUJGQTI1MDRFRTMyNzhGMDZGQkIwRTlCMjRBMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnNenwvtdcrqlSWaJ/NLowhtGe
r0uQGg5dHShmujSl6O/z35b8lFtKLfj7DZwRR9IYPIBjQ7aJozC5iiF09RV5rUgV
aKBfuhOnEHv3jBcNhlaLDNx0Pr9M2He5E3Guq9oWj8Sc7nH1rFEuGdfjvbW4qf/1
f+ZUGmuiOUkEdir5/Vb/l09LF6NyrtNOquw/588/kxlv9S/WJA0ofpauaLfAe9MO
iaNS5HrzSnVWVaO3TCpfgM8KIsSesuQ+5wN6uRWXiK5rKZrLGandGgaZj7VDMiE/
Wxp/eClca7MM8Cg5P1VBwT5Ru23CG4arx5zywiAhHAUIAferIXDK7l/dd4KrAgMB
AAGjggH/MIIB+zAdBgNVHQ4EFgQU+S3moSKhv6JQTuMnjwb7sOmySiEwHwYDVR0j
BBgwFoAUIphmUI1tYkUj7a0qDeHoKuLDtRIwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby8y
ZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0yNTQzODEwNjllNTcvMC8yMjk4NjY1MDhE
NkQ2MjQ1MjNFREFEMkEwREUxRTgyQUUyQzNCNTEyLmNybDB0BggrBgEFBQcBAQRo
MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv
L0lETklDLUlELzIvMjI5ODY2NTA4RDZENjI0NTIzRURBRDJBMERFMUU4MkFFMkMz
QjUxMi5jZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jl
cG8tcnBraS5pZG5pYy5uZXQvcmVwby8yZmI3MDgxOC0yMzY2LTQyZTAtOWRiZC0y
NTQzODEwNjllNTcvMC9BUzE0NzE2OC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAGeyCDANBgkqhkiG9w0B
AQsFAAOCAQEAAMOHMbmZ/Z6KiNZR2zf8cnHI3TyJAkhml6NkalKzCny6mgwl3u1R
YsKtEwLSPiOc873P1l5IiMXRl07V8uMdpd3zO2v+QTjLQw2/oDCXzfVCJyQOqnMa
xbGYa/zQNPaehtBzFW+OwYGpEDrhaHUDaxkRfI2DB5fQ8lYgcCgEnp4wbvcbjFqT
rQXxO9v8UGTNDha5Qt8nrHIsHu6fmtLPOM/JvjsWn37dHVASPw4/W5PBzSM0Qhvn
8zOXhCVznQUgWY6QzSmq9uALcFJW6K37emmcRqFrMoFSqxpMT8U6h6Uv6YDN4Y6c
4HA0Y0qjBX55OE5sSWyK/C/3k9A2qRmdng==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:03 2024 by rpki-client on console-ams.rpki-client.org