Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/47D41504052611EEAEBB733D4AD9E6FC.roa
File:                     47D41504052611EEAEBB733D4AD9E6FC.roa (raw, json)
Hash identifier:          Dv9rPjX2wErd2k5bw9yKoX+OaqgtdREzA3gM3zF+dK0=
Subject key identifier:   9E:A7:97:9A:E2:2B:87:E0:3E:F8:8D:9B:42:2B:B7:9E:3E:55:60:2C
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       04
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/47D41504052611EEAEBB733D4AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:27:27 +0000
ROA not before:           Wed 07 Jun 2023 11:27:23 +0000
ROA not after:            Sat 07 Jun 2025 11:27:23 +0000
asID:                     37463
IP address blocks:        160.113.1.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:27:23 2023 GMT
            Not After : Jun  7 11:27:23 2025 GMT
        Subject: CN=6480699f-dd48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:bc:65:76:a9:cc:1c:8b:ee:e9:d7:42:43:95:
                    d2:f0:2e:f7:9e:23:da:d0:c5:d7:d3:8e:b9:c6:f3:
                    f4:1b:ca:15:5c:65:cd:90:9c:96:a0:a3:a5:be:69:
                    70:2a:c9:b7:f9:51:e7:a5:3a:c9:3b:fb:bb:61:3a:
                    66:73:30:9b:6d:bd:bf:4d:49:90:14:8c:8d:50:13:
                    f4:1f:cf:0e:8d:60:7e:30:39:ce:2f:6c:c6:c7:ff:
                    10:dc:4d:76:21:04:28:7d:0c:a6:3c:29:72:58:cd:
                    6f:db:bd:ff:d9:35:3a:f6:45:a5:56:bd:f4:7a:72:
                    98:8a:5c:4a:7a:db:d7:f8:d0:e9:a9:98:84:95:42:
                    e6:8a:c3:48:2f:19:8f:1f:26:d3:77:d9:fa:a5:b1:
                    c0:02:f6:fc:86:22:7a:7a:73:ad:d9:5e:90:db:12:
                    db:1b:e6:0d:56:61:34:92:59:34:52:a0:2d:fe:23:
                    3f:81:b5:87:d3:96:ab:b3:19:81:8c:aa:e5:3d:22:
                    28:12:26:80:79:66:98:02:df:01:cb:50:5e:0a:36:
                    e9:3a:42:63:d1:39:12:e6:5c:85:8a:55:2c:d3:89:
                    c1:f2:33:c4:88:e1:fe:8f:df:79:ad:c1:fd:95:28:
                    7f:1b:ba:d2:14:2e:39:01:d5:76:36:1c:e6:e9:3b:
                    5c:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:A7:97:9A:E2:2B:87:E0:3E:F8:8D:9B:42:2B:B7:9E:3E:55:60:2C
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/47D41504052611EEAEBB733D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.113.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:c1:5c:6a:bf:2a:87:1a:26:f9:09:ac:ee:0b:0f:6a:7a:94:
         c0:82:ba:b1:bd:2d:fa:55:e4:52:be:28:e4:d9:b2:92:9b:c9:
         7b:f6:b4:30:da:81:4a:c1:3c:d6:43:ae:08:bb:27:71:42:cd:
         3f:62:63:0a:0d:10:0b:95:b3:37:ca:0a:10:dd:d8:64:97:86:
         5d:b1:3b:65:9b:36:12:4c:49:c1:fc:75:22:0f:b4:1c:34:ea:
         f3:bf:14:3d:ad:ed:cd:11:8e:18:7f:ea:bb:93:4a:e4:bc:2b:
         a6:42:ac:dd:ac:9e:ee:3f:7f:86:0c:f1:f7:0c:07:72:ba:45:
         38:d0:f8:e7:64:f0:94:3d:f4:94:fa:6d:ae:12:23:b7:13:12:
         9e:63:18:b9:aa:b2:7b:ab:45:e3:fd:4e:5d:ef:8b:48:ea:9c:
         63:43:2b:0b:64:72:1b:a8:b4:a5:8b:bb:22:a4:ed:e4:2a:65:
         1b:b3:d7:67:bb:c7:14:bf:db:4c:a8:72:41:f4:16:39:df:41:
         bf:58:e3:4f:06:9e:57:5a:d0:1b:4d:4c:e6:03:9f:11:9f:82:
         9c:31:be:78:7e:a4:35:d4:02:e7:bd:2c:6d:27:ff:9a:bc:5c:
         b4:5e:58:9e:9b:ef:d1:45:df:a6:e6:11:f5:f4:a0:6e:46:f4:
         f7:23:d9:00
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExMjcyM1oXDTI1MDYwNzExMjcyM1owGDEWMBQG
A1UEAxMNNjQ4MDY5OWYtZGQ0ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOG8ZXapzByL7unXQkOV0vAu954j2tDF19OOucbz9BvKFVxlzZCclqCjpb5p
cCrJt/lR56U6yTv7u2E6ZnMwm229v01JkBSMjVAT9B/PDo1gfjA5zi9sxsf/ENxN
diEEKH0MpjwpcljNb9u9/9k1OvZFpVa99HpymIpcSnrb1/jQ6amYhJVC5orDSC8Z
jx8m03fZ+qWxwAL2/IYienpzrdlekNsS2xvmDVZhNJJZNFKgLf4jP4G1h9OWq7MZ
gYyq5T0iKBImgHlmmALfActQXgo26TpCY9E5EuZchYpVLNOJwfIzxIjh/o/fea3B
/ZUofxu60hQuOQHVdjYc5uk7XM0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSep5ea
4iuH4D74jZtCK7eePlVgLDAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvNDdENDE1MDQwNTI2MTFFRUFFQkI3MzNENEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKBxATANBgkqhkiG9w0BAQsFAAOC
AQEAC8Fcar8qhxom+Qms7gsPanqUwIK6sb0t+lXkUr4o5NmykpvJe/a0MNqBSsE8
1kOuCLsncULNP2JjCg0QC5WzN8oKEN3YZJeGXbE7ZZs2EkxJwfx1Ig+0HDTq878U
Pa3tzRGOGH/qu5NK5LwrpkKs3aye7j9/hgzx9wwHcrpFOND452TwlD30lPptrhIj
txMSnmMYuaqye6tF4/1OXe+LSOqcY0MrC2RyG6i0pYu7IqTt5CplG7PXZ7vHFL/b
TKhyQfQWOd9Bv1jjTwaeV1rQG01M5gOfEZ+CnDG+eH6kNdQC570sbSf/mrxctF5Y
npvv0UXfpuYR9fSgbkb09yPZAA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:01 2024 by rpki-client on console-ams.rpki-client.org