Route Origin Authorization

$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47152.roa
File:                     AS47152.roa (raw, json)
Hash identifier:          YQAfzLuagyF5JvcprmDuq8VSP23VivFNOdqpliH+sjE=
Subject key identifier:   64:42:E5:BB:B7:84:44:01:A5:31:0A:73:72:29:19:4C:0E:9E:95:8C
Certificate issuer:       /CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
Certificate serial:       2286D86DD279C346374490B7C3D435A029CC492A
Authority key identifier: 79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
Subject info access:      rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47152.roa
Signing time:             Thu 03 Oct 2024 10:39:59 +0000
ROA not before:           Thu 03 Oct 2024 10:34:59 +0000
ROA not after:            Thu 02 Oct 2025 10:39:59 +0000
asID:                     47152
IP address blocks:        103.230.140.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 13 Mar 2025 15:28:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:86:d8:6d:d2:79:c3:46:37:44:90:b7:c3:d4:35:a0:29:cc:49:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=799438f1b1762aeef8a35cf4e6cbae97699bd020
        Validity
            Not Before: Oct  3 10:34:59 2024 GMT
            Not After : Oct  2 10:39:59 2025 GMT
        Subject: CN=6442E5BBB7844401A5310A737229194C0E9E958C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:1e:fb:61:99:bd:c9:a3:6a:48:fe:df:e5:ac:
                    f7:30:c2:37:a0:e5:4d:15:32:5c:6d:91:08:ea:8e:
                    d2:43:fa:f4:3d:ee:59:f7:6d:89:2d:70:0f:77:c5:
                    3f:03:54:ff:f4:86:b4:7b:f8:55:d7:79:d1:d8:6e:
                    dc:1d:77:fd:3f:d2:8c:22:11:d7:d8:d9:70:73:1f:
                    53:f3:6c:81:b6:dd:a3:15:f0:43:a4:7b:02:66:fb:
                    1e:30:b0:e2:8b:cc:61:51:2a:45:d2:fa:1e:f9:7f:
                    72:cb:72:d4:6f:70:93:bb:61:70:ba:ee:10:46:bb:
                    bc:1d:d6:11:d8:a8:bc:9c:0a:9b:cc:7b:47:88:70:
                    42:2c:75:75:7a:01:72:ed:7f:27:ec:34:04:79:13:
                    66:54:68:16:ff:41:86:f6:79:19:f4:87:25:bf:20:
                    fe:4e:32:bf:47:92:86:b1:34:44:5f:6e:0a:91:85:
                    7e:40:5b:fc:b6:3b:6e:f3:8b:4a:d2:5d:d8:5f:3c:
                    aa:bc:4d:71:c8:1e:67:32:9b:c9:3a:18:ed:62:e0:
                    04:40:98:f5:00:87:c3:84:79:fc:94:c1:bb:7d:a1:
                    4d:b9:fe:88:41:bd:06:91:ea:07:bb:fa:a6:f5:10:
                    99:a5:3d:09:42:ae:35:1d:9f:f4:6c:fb:8c:ec:6f:
                    31:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:42:E5:BB:B7:84:44:01:A5:31:0A:73:72:29:19:4C:0E:9E:95:8C
            X509v3 Authority Key Identifier:
                keyid:79:94:38:F1:B1:76:2A:EE:F8:A3:5C:F4:E6:CB:AE:97:69:9B:D0:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/799438F1B1762AEEF8A35CF4E6CBAE97699BD020.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eZQ48bF2Ku74o1z05suul2mb0CA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/2/AS47152.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.230.140.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:9b:c2:2d:c7:11:3d:e0:79:cc:de:98:0a:b5:5f:0a:64:10:
         0d:3a:d1:32:f1:56:0b:6d:1c:87:90:7c:fb:f3:ff:33:0a:cd:
         33:12:a7:7d:90:9c:75:73:e0:c4:6c:0f:8b:12:48:b5:c3:2d:
         80:64:6b:bf:f2:45:0a:4f:82:b8:7a:94:45:39:f1:9d:01:34:
         11:1a:aa:d9:e2:e9:95:22:66:cf:37:a0:05:c1:fe:dd:d6:6a:
         ae:d0:db:89:ea:09:15:79:6c:33:c3:89:b2:ed:cc:9f:5d:f4:
         8d:30:10:0c:10:3e:aa:a7:85:b4:b0:4e:b9:6e:2b:4f:e6:7d:
         4f:b8:cc:fe:5c:c4:99:69:9f:08:5c:1a:4c:03:37:f2:64:c5:
         f9:d0:e6:85:1f:ca:e5:93:9f:42:10:36:7e:35:96:c3:09:bd:
         27:77:d1:7d:41:bf:d1:e9:03:45:09:20:74:46:b9:2e:4e:9c:
         d6:43:44:31:a5:c3:57:e1:c3:a8:54:ef:d0:64:c5:27:b3:ba:
         85:ff:06:39:ae:51:a3:38:ea:4c:8a:72:02:f3:d8:42:4b:57:
         f6:92:79:de:ba:a9:f5:2f:39:bb:22:04:3b:2b:52:ee:21:82:
         78:8e:a8:d0:32:ef:12:d9:6f:6d:e8:ce:c6:30:97:e8:93:22:
         33:09:17:62
-----BEGIN CERTIFICATE-----
MIIE5DCCA8ygAwIBAgIUIobYbdJ5w0Y3RJC3w9Q1oCnMSSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzk5NDM4ZjFiMTc2MmFlZWY4YTM1Y2Y0ZTZjYmFlOTc2
OTliZDAyMDAeFw0yNDEwMDMxMDM0NTlaFw0yNTEwMDIxMDM5NTlaMDMxMTAvBgNV
BAMTKDY0NDJFNUJCQjc4NDQ0MDFBNTMxMEE3MzcyMjkxOTRDMEU5RTk1OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFHvthmb3Jo2pI/t/lrPcwwjeg
5U0VMlxtkQjqjtJD+vQ97ln3bYktcA93xT8DVP/0hrR7+FXXedHYbtwdd/0/0owi
EdfY2XBzH1PzbIG23aMV8EOkewJm+x4wsOKLzGFRKkXS+h75f3LLctRvcJO7YXC6
7hBGu7wd1hHYqLycCpvMe0eIcEIsdXV6AXLtfyfsNAR5E2ZUaBb/QYb2eRn0hyW/
IP5OMr9HkoaxNERfbgqRhX5AW/y2O27zi0rSXdhfPKq8TXHIHmcym8k6GO1i4ARA
mPUAh8OEefyUwbt9oU25/ohBvQaR6ge7+qb1EJmlPQlCrjUdn/Rs+4zsbzH3AgMB
AAGjggHuMIIB6jAdBgNVHQ4EFgQUZELlu7eERAGlMQpzcikZTA6elYwwHwYDVR0j
BBgwFoAUeZQ48bF2Ku74o1z05suul2mb0CAwDgYDVR0PAQH/BAQDAgeAMIGFBgNV
HR8EfjB8MHqgeKB2hnRyc3luYzovL3Jwa2ktcnBzLmFyaW4ubmV0L3JlcG9zaXRv
cnkvOGE4NDhhZGY4NTBkMDYzZTAxODU3NTVjOTFiZTNmOWQvMi83OTk0MzhGMUIx
NzYyQUVFRjhBMzVDRjRFNkNCQUU5NzY5OUJEMDIwLmNybDBkBggrBgEFBQcBAQRY
MFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZVpRNDhiRjJLdTc0bzF6MDVzdXVsMm1iMENBLmNlcjBvBggrBgEF
BQcBCwRjMGEwXwYIKwYBBQUHMAuGU3JzeW5jOi8vcnBraS1ycHMuYXJpbi5uZXQv
cmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5ZC8yL0FT
NDcxNTIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBABn5owwDQYJKoZIhvcNAQELBQADggEBAEKbwi3HET3g
eczemAq1XwpkEA060TLxVgttHIeQfPvz/zMKzTMSp32QnHVz4MRsD4sSSLXDLYBk
a7/yRQpPgrh6lEU58Z0BNBEaqtni6ZUiZs83oAXB/t3Waq7Q24nqCRV5bDPDibLt
zJ9d9I0wEAwQPqqnhbSwTrluK0/mfU+4zP5cxJlpnwhcGkwDN/JkxfnQ5oUfyuWT
n0IQNn41lsMJvSd30X1Bv9HpA0UJIHRGuS5OnNZDRDGlw1fhw6hU79BkxSezuoX/
BjmuUaM46kyKcgLz2EJLV/aSed66qfUvObsiBDsrUu4hgniOqNAy7xLZb23ozsYw
l+iTIjMJF2I=
-----END CERTIFICATE-----