Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/1CAB23C0052811EE8C8FE6424AD9E6FC.roa
File:                     1CAB23C0052811EE8C8FE6424AD9E6FC.roa (raw, json)
Hash identifier:          F0OLnLg7oFpyoO8gfhWg7jZUgz6a5kX35k/NjHhBIDA=
Subject key identifier:   6C:45:66:D0:37:ED:20:4C:34:80:D7:0F:69:D2:EA:B9:8B:1F:73:AF
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       10
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/1CAB23C0052811EE8C8FE6424AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:40:33 +0000
ROA not before:           Wed 07 Jun 2023 11:40:30 +0000
ROA not after:            Mon 30 Jun 2025 11:40:30 +0000
asID:                     37463
IP address blocks:        160.113.2.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16 (0x10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:40:30 2023 GMT
            Not After : Jun 30 11:40:30 2025 GMT
        Subject: CN=64806cb1-3096
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:71:37:fa:99:4f:68:35:51:d5:cc:e9:93:0c:
                    0a:e0:93:1c:75:67:98:62:15:dc:3e:02:1e:1e:4d:
                    d9:d1:5c:2e:c6:02:35:e0:f3:46:0f:40:c9:b8:3a:
                    fd:91:ea:09:3e:e9:fb:03:a4:67:60:0b:04:4c:fe:
                    11:c9:31:60:70:c3:b6:14:6f:c8:5c:05:46:28:67:
                    80:85:27:5b:dd:ad:61:0d:f3:7d:12:0f:be:0f:1b:
                    30:59:8d:10:d6:ec:95:1e:b7:38:f9:15:a1:df:38:
                    79:c9:33:3d:f7:ca:c0:a5:11:4c:1a:a9:89:42:d0:
                    2a:6e:ff:0f:0b:c7:5c:53:77:14:5a:67:d6:42:98:
                    86:80:ae:ae:32:c9:61:2d:5b:e4:26:5f:bc:29:70:
                    3c:f9:9d:f8:d0:94:1f:aa:2b:49:ea:09:19:86:ca:
                    47:67:13:cb:bd:e1:cd:5b:11:c8:ac:82:51:9d:17:
                    04:85:82:59:23:ce:fd:07:38:28:5b:85:42:8d:54:
                    dc:bb:8f:c9:66:01:fe:aa:cc:fd:8f:cc:d6:7b:fc:
                    ae:80:3f:08:9f:a2:e7:d1:19:86:60:41:78:ad:ca:
                    cc:dd:db:8f:0c:37:55:4b:f9:16:f3:23:d2:72:75:
                    94:56:4b:9b:78:1f:bb:95:a7:ff:04:1e:7d:75:fb:
                    ae:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:45:66:D0:37:ED:20:4C:34:80:D7:0F:69:D2:EA:B9:8B:1F:73:AF
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/1CAB23C0052811EE8C8FE6424AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.113.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:21:bb:17:b2:68:46:b3:8c:e8:bf:69:c8:b5:9f:a1:75:9e:
         ec:c0:b5:23:f2:b2:db:9e:69:42:80:ad:a8:f3:a0:a4:e0:8c:
         32:09:ab:5f:9f:5c:e7:af:f0:c6:d1:c8:a9:40:78:fb:33:8b:
         2b:94:b4:86:99:76:8a:75:8f:b2:64:4e:3d:95:cb:d8:2c:cc:
         d1:39:81:eb:2d:8a:94:dd:1c:97:b0:97:4e:bb:33:f4:d6:80:
         71:5b:33:3a:81:83:79:77:4a:fe:35:02:11:fd:57:99:a2:2e:
         84:0f:bc:17:4d:32:2a:ef:00:31:43:ba:0d:b2:97:a0:eb:3b:
         42:bf:46:0a:b7:f1:c5:1e:a9:87:71:4b:61:ca:63:dd:40:23:
         0e:fe:ea:0b:f3:c6:ae:ae:db:fa:6c:58:06:9e:ee:ce:b8:3c:
         71:04:56:f6:d3:fb:11:fb:6d:cf:2e:92:b2:e8:18:11:a5:f6:
         72:f1:8d:f7:21:b8:eb:14:9d:74:34:1a:1f:68:c1:6c:5e:16:
         ec:50:06:4a:44:c1:33:a3:ba:d4:6b:21:2c:41:17:c5:e7:89:
         03:10:b2:89:eb:c9:1d:be:3c:47:59:da:d4:8d:23:99:4d:b4:
         3f:59:ea:9e:98:0c:94:4b:c6:dc:a2:01:76:91:31:d8:fc:ba:
         43:c8:5b:ef
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExNDAzMFoXDTI1MDYzMDExNDAzMFowGDEWMBQG
A1UEAxMNNjQ4MDZjYjEtMzA5NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRxN/qZT2g1UdXM6ZMMCuCTHHVnmGIV3D4CHh5N2dFcLsYCNeDzRg9Aybg6
/ZHqCT7p+wOkZ2ALBEz+EckxYHDDthRvyFwFRihngIUnW92tYQ3zfRIPvg8bMFmN
ENbslR63OPkVod84eckzPffKwKURTBqpiULQKm7/DwvHXFN3FFpn1kKYhoCurjLJ
YS1b5CZfvClwPPmd+NCUH6orSeoJGYbKR2cTy73hzVsRyKyCUZ0XBIWCWSPO/Qc4
KFuFQo1U3LuPyWYB/qrM/Y/M1nv8roA/CJ+i59EZhmBBeK3KzN3bjww3VUv5FvMj
0nJ1lFZLm3gfu5Wn/wQefXX7rj8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRsRWbQ
N+0gTDSA1w9p0uq5ix9zrzAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvMUNBQjIzQzAwNTI4MTFFRThDOEZFNjQyNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKBxAjANBgkqhkiG9w0BAQsFAAOC
AQEAYCG7F7JoRrOM6L9pyLWfoXWe7MC1I/Ky255pQoCtqPOgpOCMMgmrX59c56/w
xtHIqUB4+zOLK5S0hpl2inWPsmROPZXL2CzM0TmB6y2KlN0cl7CXTrsz9NaAcVsz
OoGDeXdK/jUCEf1XmaIuhA+8F00yKu8AMUO6DbKXoOs7Qr9GCrfxxR6ph3FLYcpj
3UAjDv7qC/PGrq7b+mxYBp7uzrg8cQRW9tP7Efttzy6SsugYEaX2cvGN9yG46xSd
dDQaH2jBbF4W7FAGSkTBM6O61GshLEEXxeeJAxCyievJHb48R1na1I0jmU20P1nq
npgMlEvG3KIBdpEx2Py6Q8hb7w==
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:17:49 2024 by rpki-client on console-ams.rpki-client.org