Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/A77E59FA052711EEACEC84414AD9E6FC.roa
File:                     A77E59FA052711EEACEC84414AD9E6FC.roa (raw, json)
Hash identifier:          I2duusHcN0cRgRE/1LSd+7AosbR1LENZE1MWNoVEd9M=
Subject key identifier:   6F:C0:78:49:8C:14:B6:E4:7F:F2:1C:B9:05:E4:28:66:C8:AC:E5:29
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       0C
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/A77E59FA052711EEACEC84414AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:37:17 +0000
ROA not before:           Wed 07 Jun 2023 11:37:13 +0000
ROA not after:            Mon 30 Jun 2025 11:37:13 +0000
asID:                     37463
IP address blocks:        160.113.18.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:37:13 2023 GMT
            Not After : Jun 30 11:37:13 2025 GMT
        Subject: CN=64806bed-bcd8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:4b:25:76:71:38:66:9d:dc:17:a1:f5:c8:2a:
                    8f:96:64:0a:de:9e:62:4a:92:e9:6c:80:f5:5a:90:
                    67:b7:1d:cc:04:60:b7:33:24:a8:2d:83:45:d2:e8:
                    71:f6:11:93:48:ca:c8:58:6a:5b:c5:23:dd:37:1d:
                    a2:9b:66:13:e8:ca:23:50:3e:54:36:9c:21:51:3d:
                    f7:bb:2d:e6:d7:a1:56:a1:5d:5e:ea:c1:7e:82:30:
                    ff:ec:7a:b8:2e:27:62:ec:1c:8b:7a:6b:06:52:3b:
                    8e:88:1b:85:5a:87:8b:1c:30:ea:a1:25:7e:55:79:
                    fe:9d:38:fa:a4:0d:32:28:d5:ec:a3:6f:ad:e3:a4:
                    99:ac:a2:94:26:b4:a8:bc:3b:ea:14:ba:77:b1:89:
                    2d:31:81:9b:6a:32:7f:f2:aa:6c:ee:5a:cf:ff:dd:
                    93:8d:81:4b:aa:2d:98:9d:d8:3b:2c:76:42:42:a1:
                    56:c3:d2:d9:36:17:90:51:a7:e9:b0:06:57:6e:d4:
                    50:af:c4:d4:97:23:bf:51:28:b2:07:ff:b0:19:47:
                    c0:72:67:05:34:78:97:d7:24:37:42:58:de:31:a7:
                    6e:45:9a:b6:9e:b7:6e:c2:22:51:c9:6f:7c:5e:69:
                    de:52:d4:e4:f1:50:6c:13:a2:83:14:37:d6:bd:a1:
                    cb:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:C0:78:49:8C:14:B6:E4:7F:F2:1C:B9:05:E4:28:66:C8:AC:E5:29
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/A77E59FA052711EEACEC84414AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.113.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         36:18:cd:3d:b1:39:92:03:ef:57:14:6f:18:c2:4e:a9:98:39:
         19:e1:91:91:4d:af:0a:28:fa:34:f0:d4:69:dd:03:62:01:2e:
         bf:40:ac:57:e9:36:06:23:f4:b3:9a:d7:46:04:5a:bd:1d:a4:
         57:06:16:b5:68:4b:76:cb:bf:42:3c:2c:43:47:39:2c:42:99:
         26:c3:86:30:f0:cf:a0:00:44:68:77:61:fa:2d:f7:0b:ca:09:
         2b:37:79:f5:34:af:8f:74:95:b2:ca:68:87:98:23:5d:a4:02:
         3f:12:62:ee:d4:a0:4a:19:ed:50:b3:0c:76:4f:cc:8e:02:50:
         26:13:2e:4c:f8:39:2e:35:81:f7:67:b2:6f:51:bb:cd:af:c7:
         9a:b3:c0:b5:3a:ea:1c:db:bd:9e:c9:30:af:33:61:73:ad:31:
         43:b0:83:eb:dc:35:f2:ec:2a:34:c8:47:92:d1:ba:f6:86:68:
         11:d5:60:d4:5e:64:61:d6:41:0f:cc:3b:5c:54:24:70:b6:7c:
         01:58:47:c8:da:51:ab:c7:f3:db:1c:bd:2a:85:24:5b:ba:8a:
         54:83:59:2f:31:96:7e:65:ad:a5:7a:f6:93:12:cf:f5:70:d6:
         53:92:53:6f:30:f0:82:35:33:b7:77:05:24:e6:1b:c8:74:61:
         c4:6a:96:ce
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExMzcxM1oXDTI1MDYzMDExMzcxM1owGDEWMBQG
A1UEAxMNNjQ4MDZiZWQtYmNkODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMBLJXZxOGad3Beh9cgqj5ZkCt6eYkqS6WyA9VqQZ7cdzARgtzMkqC2DRdLo
cfYRk0jKyFhqW8Uj3TcdoptmE+jKI1A+VDacIVE997st5tehVqFdXurBfoIw/+x6
uC4nYuwci3prBlI7jogbhVqHixww6qElflV5/p04+qQNMijV7KNvreOkmayilCa0
qLw76hS6d7GJLTGBm2oyf/KqbO5az//dk42BS6otmJ3YOyx2QkKhVsPS2TYXkFGn
6bAGV27UUK/E1Jcjv1Eosgf/sBlHwHJnBTR4l9ckN0JY3jGnbkWatp63bsIiUclv
fF5p3lLU5PFQbBOigxQ31r2hy60CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRvwHhJ
jBS25H/yHLkF5ChmyKzlKTAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvQTc3RTU5RkEwNTI3MTFFRUFDRUM4NDQxNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKBxEjANBgkqhkiG9w0BAQsFAAOC
AQEANhjNPbE5kgPvVxRvGMJOqZg5GeGRkU2vCij6NPDUad0DYgEuv0CsV+k2BiP0
s5rXRgRavR2kVwYWtWhLdsu/QjwsQ0c5LEKZJsOGMPDPoABEaHdh+i33C8oJKzd5
9TSvj3SVsspoh5gjXaQCPxJi7tSgShntULMMdk/MjgJQJhMuTPg5LjWB92eyb1G7
za/HmrPAtTrqHNu9nskwrzNhc60xQ7CD69w18uwqNMhHktG69oZoEdVg1F5kYdZB
D8w7XFQkcLZ8AVhHyNpRq8fz2xy9KoUkW7qKVINZLzGWfmWtpXr2kxLP9XDWU5JT
bzDwgjUzt3cFJOYbyHRhxGqWzg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:07 2024 by rpki-client on console-fra.rpki-client.org