Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/56D5937E052711EEBBDF9B404AD9E6FC.roa
File:                     56D5937E052711EEBBDF9B404AD9E6FC.roa (raw, json)
Hash identifier:          NB/ohirGqxcI0fYRY3U1av2ZbVXjjScIBdk6n8SLMTE=
Subject key identifier:   31:FF:B5:5A:F3:5D:99:29:3C:10:DF:A5:43:4A:FC:C4:2A:8B:0B:36
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       0A
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/56D5937E052711EEBBDF9B404AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:35:01 +0000
ROA not before:           Wed 07 Jun 2023 11:34:58 +0000
ROA not after:            Mon 30 Jun 2025 11:34:58 +0000
asID:                     37463
IP address blocks:        160.113.15.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:34:58 2023 GMT
            Not After : Jun 30 11:34:58 2025 GMT
        Subject: CN=64806b65-6086
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:2e:32:45:21:0f:4c:d3:a6:a3:98:46:61:7a:
                    31:61:ff:09:d4:0c:08:89:9c:2b:06:61:69:3c:ea:
                    f9:62:14:90:8a:bf:49:2a:0c:2c:72:22:b4:6d:53:
                    ba:09:4c:57:61:9d:c4:5c:9a:fd:10:89:f6:43:cd:
                    c7:39:22:98:2d:ee:f2:81:4d:ab:e2:54:88:c4:a5:
                    3f:5a:a6:e2:92:e2:ac:da:ab:ea:7b:33:6a:f5:be:
                    38:c7:aa:fa:16:f9:aa:3a:2d:64:e2:f9:3b:0b:a5:
                    05:ea:ee:8e:17:d3:10:e8:38:7f:26:4e:9e:51:a5:
                    03:18:7b:de:ac:15:e9:ea:0e:48:72:24:e2:d4:b6:
                    36:64:a8:2e:b4:90:84:2d:5f:32:ae:15:79:fd:8f:
                    d9:69:26:94:7b:04:bb:60:45:e4:c9:62:5f:db:37:
                    a6:72:51:ea:55:d1:8d:0d:8e:7b:02:80:b9:a6:d0:
                    06:8e:65:89:c9:35:e9:b3:8f:25:59:5b:31:73:cb:
                    19:a7:b9:78:50:6c:54:14:d5:2b:82:82:1c:e9:a4:
                    a6:11:46:7b:69:af:1e:36:b5:2b:99:5e:b6:6b:26:
                    c0:52:b4:90:0f:0f:b7:97:fc:03:ef:84:96:a9:ba:
                    22:c5:db:4d:f1:3a:ed:83:5a:5a:fe:bb:b5:06:75:
                    e9:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:FF:B5:5A:F3:5D:99:29:3C:10:DF:A5:43:4A:FC:C4:2A:8B:0B:36
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/56D5937E052711EEBBDF9B404AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.113.15.0/24

    Signature Algorithm: sha256WithRSAEncryption
         43:b9:60:cf:39:12:7a:21:be:31:62:c7:64:60:ec:a7:4a:01:
         f4:6b:c3:36:e0:3f:98:45:1d:ab:c0:d6:6c:36:66:8c:af:5d:
         84:af:43:97:8c:41:4f:8c:eb:92:e0:59:94:11:ce:92:c4:40:
         44:25:46:8a:28:8f:64:5e:88:6a:2f:e4:91:b8:0c:0e:28:77:
         14:30:56:6b:e9:f8:59:97:6f:e9:73:f5:ae:2e:bf:8c:e4:48:
         3f:60:54:ff:3f:c3:59:79:82:31:df:e3:e6:cb:20:3c:64:b0:
         ab:3a:e1:4e:08:be:7a:ae:54:91:0a:46:91:d0:52:b2:27:6c:
         4c:87:80:63:cd:44:a3:8f:4f:b8:77:36:bb:13:d7:80:17:2f:
         2b:13:71:76:77:3b:d0:86:6d:63:95:18:ee:84:ec:31:10:af:
         22:50:4f:0b:51:cd:59:a6:15:46:fb:e4:be:91:03:e8:c9:de:
         9d:14:16:12:99:52:27:f3:1a:dc:9b:45:8a:6f:ee:db:75:56:
         55:38:87:23:35:25:66:35:36:67:41:bb:dc:52:d3:dc:33:6e:
         07:b6:24:d8:72:67:70:ec:99:83:12:aa:9f:c7:3c:5a:33:58:
         2c:fa:96:5a:7e:8d:c8:3e:f6:96:aa:98:55:b1:ae:98:95:14:
         e7:3f:f7:6c
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBCjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExMzQ1OFoXDTI1MDYzMDExMzQ1OFowGDEWMBQG
A1UEAxMNNjQ4MDZiNjUtNjA4NjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMQuMkUhD0zTpqOYRmF6MWH/CdQMCImcKwZhaTzq+WIUkIq/SSoMLHIitG1T
uglMV2GdxFya/RCJ9kPNxzkimC3u8oFNq+JUiMSlP1qm4pLirNqr6nszavW+OMeq
+hb5qjotZOL5OwulBerujhfTEOg4fyZOnlGlAxh73qwV6eoOSHIk4tS2NmSoLrSQ
hC1fMq4Vef2P2WkmlHsEu2BF5MliX9s3pnJR6lXRjQ2OewKAuabQBo5lick16bOP
JVlbMXPLGae5eFBsVBTVK4KCHOmkphFGe2mvHja1K5letmsmwFK0kA8Pt5f8A++E
lqm6IsXbTfE67YNaWv67tQZ16XUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQx/7Va
812ZKTwQ36VDSvzEKosLNjAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvNTZENTkzN0UwNTI3MTFFRUJCREY5QjQwNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKBxDzANBgkqhkiG9w0BAQsFAAOC
AQEAQ7lgzzkSeiG+MWLHZGDsp0oB9GvDNuA/mEUdq8DWbDZmjK9dhK9Dl4xBT4zr
kuBZlBHOksRARCVGiiiPZF6Iai/kkbgMDih3FDBWa+n4WZdv6XP1ri6/jORIP2BU
/z/DWXmCMd/j5ssgPGSwqzrhTgi+eq5UkQpGkdBSsidsTIeAY81Eo49PuHc2uxPX
gBcvKxNxdnc70IZtY5UY7oTsMRCvIlBPC1HNWaYVRvvkvpED6MnenRQWEplSJ/Ma
3JtFim/u23VWVTiHIzUlZjU2Z0G73FLT3DNuB7Yk2HJncOyZgxKqn8c8WjNYLPqW
Wn6NyD72lqqYVbGumJUU5z/3bA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:07 2024 by rpki-client on console-fra.rpki-client.org