Route Origin Authorization

$ rpki-client -vvf repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141892.roa
File:                     AS141892.roa (raw, json)
Hash identifier:          Naox5Pkaa1D80A23RTt3Oef3TifDMcD/4bBwp2JEamY=
Subject key identifier:   0B:2C:42:09:A4:A4:45:60:BD:5B:14:AF:3E:BF:BA:A3:15:B4:48:89
Certificate issuer:       /CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
Certificate serial:       626502A101770F1B96DAD391DB1BD89B1A20F22A
Authority key identifier: BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
Subject info access:      rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141892.roa
Signing time:             Thu 15 Feb 2024 08:00:00 +0000
ROA not before:           Thu 15 Feb 2024 07:55:00 +0000
ROA not after:            Thu 13 Feb 2025 08:00:00 +0000
asID:                     141892
IP address blocks:        103.163.161.0/24 maxlen: 24
                          103.186.30.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl
                          rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Thu 28 Nov 2024 22:23:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:65:02:a1:01:77:0f:1b:96:da:d3:91:db:1b:d8:9b:1a:20:f2:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91862140000/serialNumber=BA8F77D21E58FE9C939A6B70E2585617E183376B
        Validity
            Not Before: Feb 15 07:55:00 2024 GMT
            Not After : Feb 13 08:00:00 2025 GMT
        Subject: CN=0B2C4209A4A44560BD5B14AF3EBFBAA315B44889
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:e9:6f:9b:1b:3d:f3:90:62:dc:7f:78:59:95:
                    1e:16:a0:f8:1e:0b:88:69:10:24:49:c6:db:95:e6:
                    aa:d7:c0:cc:8f:7f:30:e3:70:1d:f6:c2:ca:d3:fb:
                    71:d8:4d:f0:f5:4f:62:d8:c2:74:03:97:c4:bf:86:
                    2d:b3:a7:65:da:ca:ba:64:9e:95:4b:a5:f6:d1:e8:
                    5b:5f:41:9d:41:6c:85:88:7c:3c:98:7e:bb:01:85:
                    64:4d:a1:a6:3b:84:c2:01:e0:02:52:e3:00:93:e5:
                    eb:e8:65:67:83:61:4b:53:be:bf:03:70:9f:7a:87:
                    e6:0f:43:63:b2:bd:33:6a:99:4b:e6:f1:4e:1b:8c:
                    d9:38:a4:7e:93:6a:ac:6b:e1:d3:34:04:24:60:c7:
                    5d:fb:cb:17:bf:85:bb:ba:cf:0c:4e:81:c0:1d:e4:
                    96:99:c7:5a:95:db:10:95:b3:ed:02:2e:ad:1e:0b:
                    d4:df:0c:35:24:40:9c:47:32:f5:89:a1:47:7f:b9:
                    63:b0:b4:e5:4a:18:a7:58:6e:1b:0e:e0:52:e2:9e:
                    c8:c2:d2:10:d6:ed:f3:90:37:12:49:e1:e8:45:e4:
                    33:49:3d:3e:f2:91:31:9c:3a:32:eb:4d:76:cd:11:
                    a6:39:c4:ed:22:4d:1f:b3:53:1e:0a:93:e5:a0:8f:
                    a3:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:2C:42:09:A4:A4:45:60:BD:5B:14:AF:3E:BF:BA:A3:15:B4:48:89
            X509v3 Authority Key Identifier:
                keyid:BA:8F:77:D2:1E:58:FE:9C:93:9A:6B:70:E2:58:56:17:E1:83:37:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/AS141892.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.163.161.0/24
                  103.186.30.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:3d:54:4e:89:33:37:34:d6:22:b0:7d:36:51:fa:a4:81:e3:
         27:39:9a:4e:7b:10:88:be:5f:f0:37:55:5d:7d:df:ae:b6:29:
         34:b1:66:05:81:14:89:01:10:7e:46:f7:88:90:ae:f9:f5:2a:
         07:68:57:53:d0:9c:2e:58:d1:b9:6c:4d:8e:b7:05:fd:4b:da:
         ab:8d:39:f5:1d:75:59:7f:cb:d0:e8:2f:d1:c4:de:d8:1e:8c:
         c6:38:6d:45:d4:d1:04:01:0d:53:c5:c9:00:e7:e7:4b:f5:3b:
         7e:30:20:3c:04:ac:ff:cc:e7:97:27:2f:ff:53:fb:57:01:05:
         af:9f:3a:ce:9c:fd:16:3b:69:f2:c8:f2:c2:21:c6:9f:bf:9a:
         82:dc:60:25:d7:0e:18:f0:32:fa:fe:20:91:cd:bd:a7:c4:f2:
         bb:a8:fe:f0:9c:ff:ea:f1:5b:bf:43:42:46:7e:9f:8e:e5:ff:
         c9:fc:fa:e3:c0:89:f4:64:a7:bf:ee:94:ee:ff:02:fb:50:4f:
         37:86:d7:03:5e:39:f0:4c:fc:76:3c:16:d3:40:2e:27:14:30:
         3f:bf:ac:88:37:e1:6c:90:bd:2e:5f:30:1f:a1:2b:d3:9b:5c:
         be:e4:c8:f6:9c:b4:c4:87:9c:85:3d:1b:25:f3:48:27:d7:e7:
         ed:05:a7:ed
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUYmUCoQF3DxuW2tOR2xvYmxog8iowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODYyMTQwMDAwMTEwLwYDVQQFEyhCQThGNzdEMjFF
NThGRTlDOTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCMB4XDTI0MDIxNTA3NTUwMFoX
DTI1MDIxMzA4MDAwMFowMzExMC8GA1UEAxMoMEIyQzQyMDlBNEE0NDU2MEJENUIx
NEFGM0VCRkJBQTMxNUI0NDg4OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALTpb5sbPfOQYtx/eFmVHhag+B4LiGkQJEnG25XmqtfAzI9/MONwHfbCytP7
cdhN8PVPYtjCdAOXxL+GLbOnZdrKumSelUul9tHoW19BnUFshYh8PJh+uwGFZE2h
pjuEwgHgAlLjAJPl6+hlZ4NhS1O+vwNwn3qH5g9DY7K9M2qZS+bxThuM2TikfpNq
rGvh0zQEJGDHXfvLF7+Fu7rPDE6BwB3klpnHWpXbEJWz7QIurR4L1N8MNSRAnEcy
9YmhR3+5Y7C05UoYp1huGw7gUuKeyMLSENbt85A3Eknh6EXkM0k9PvKRMZw6MutN
ds0RpjnE7SJNH7NTHgqT5aCPo7kCAwEAAaOCAdYwggHSMB0GA1UdDgQWBBQLLEIJ
pKRFYL1bFK8+v7qjFbRIiTAfBgNVHSMEGDAWgBS6j3fSHlj+nJOaa3DiWFYX4YM3
azAOBgNVHQ8BAf8EBAMCB4AwaQYDVR0fBGIwYDBeoFygWoZYcnN5bmM6Ly9yZXBv
LXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9CQThGNzdEMjFFNThGRTlD
OTM5QTZCNzBFMjU4NTYxN0UxODMzNzZCLmNybDB+BggrBgEFBQcBAQRyMHAwbgYI
KwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3
RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi91bzkzMGg1WV9weVRtbXR3NGxo
V0YtR0ROMnMuY2VyMFQGCCsGAQUFBwELBEgwRjBEBggrBgEFBQcwC4Y4cnN5bmM6
Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vSUROSUMtSUQvMi9BUzE0MTg5Mi5y
b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQw
EgQCAAEwDAMEAGejoQMEAWe6HjANBgkqhkiG9w0BAQsFAAOCAQEAMz1UTokzNzTW
IrB9NlH6pIHjJzmaTnsQiL5f8DdVXX3frrYpNLFmBYEUiQEQfkb3iJCu+fUqB2hX
U9CcLljRuWxNjrcF/Uvaq4059R11WX/L0Ogv0cTe2B6MxjhtRdTRBAENU8XJAOfn
S/U7fjAgPASs/8znlycv/1P7VwEFr586zpz9Fjtp8sjywiHGn7+agtxgJdcOGPAy
+v4gkc29p8Tyu6j+8Jz/6vFbv0NCRn6fjuX/yfz648CJ9GSnv+6U7v8C+1BPN4bX
A1458Ez8djwW00AuJxQwP7+siDfhbJC9Ll8wH6Er05tcvuTI9py0xIechT0bJfNI
J9fn7QWn7Q==
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:01:55 2024 by rpki-client on console-fra.rpki-client.org