Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/BE159522052511EEB508123C4AD9E6FC.roa
File:                     BE159522052511EEB508123C4AD9E6FC.roa (raw, json)
Hash identifier:          nrxVx3hg1LrybYNYQ+fBdRPD5BkdkoERGTn0M8DTnb4=
Subject key identifier:   6C:46:34:23:60:59:D7:80:9C:9B:D7:E0:E5:A0:47:AC:55:EC:CE:37
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       02
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/BE159522052511EEB508123C4AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:23:36 +0000
ROA not before:           Wed 07 Jun 2023 11:23:30 +0000
ROA not after:            Sat 07 Jun 2025 11:23:30 +0000
asID:                     37463
IP address blocks:        160.113.0.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:23:30 2023 GMT
            Not After : Jun  7 11:23:30 2025 GMT
        Subject: CN=648068b7-af02
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a8:dd:bb:bc:65:e6:f4:62:e7:36:f2:34:3a:
                    10:f1:e5:5b:a8:e7:98:4b:91:3f:f1:fb:3e:73:07:
                    5a:aa:af:32:9d:fc:a9:c0:48:ea:3d:ec:4b:1a:cd:
                    77:92:bf:bc:df:46:71:b2:59:08:9e:23:76:5c:8b:
                    26:09:ee:76:e4:26:db:17:18:dd:cf:ea:4f:24:fc:
                    0b:2f:34:b9:97:cc:e4:e6:05:88:ce:72:6e:9e:76:
                    81:d6:ec:cc:13:f7:72:48:79:aa:03:a8:46:30:b9:
                    9d:c3:7d:12:4e:78:7d:84:28:98:55:87:ee:25:4c:
                    5d:36:4b:38:f1:8c:c3:ab:ee:e0:0b:6a:c1:e3:b7:
                    ad:98:03:be:a7:f4:00:ce:0b:96:87:4a:e7:e3:13:
                    40:be:7f:6a:07:bf:f5:ac:61:3f:4d:80:78:6c:c3:
                    53:f8:0b:10:a2:2a:3c:cb:bf:82:24:97:59:6f:e2:
                    ff:3b:06:b6:72:b9:c3:bb:08:6c:d6:93:72:a7:96:
                    3b:61:44:54:12:a4:b0:0b:55:df:76:1c:9e:e0:79:
                    40:24:ad:67:3a:9c:f0:5e:e7:80:57:32:49:1f:be:
                    07:45:c9:fe:db:5e:e6:cc:49:cf:70:99:79:54:1b:
                    ad:be:ca:d1:8b:76:77:1f:76:3c:5e:a7:cc:37:80:
                    f2:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:46:34:23:60:59:D7:80:9C:9B:D7:E0:E5:A0:47:AC:55:EC:CE:37
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/BE159522052511EEB508123C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.113.0.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:be:ec:c6:96:b7:17:92:b0:79:2d:a4:0e:b5:0f:b2:24:1d:
         f5:47:a4:37:4b:a6:c9:e6:03:25:fe:43:8a:e5:d0:a2:06:6a:
         d3:38:e8:14:b7:34:4d:ea:14:5f:04:9d:17:4f:2d:95:36:14:
         01:c2:7f:1b:99:28:b1:7c:80:80:2f:dc:25:aa:fc:f5:42:9b:
         da:ca:e3:93:a2:1a:b1:1e:9a:72:dd:df:c8:bb:4f:55:19:10:
         fd:61:bf:ca:b1:fe:d8:80:55:15:e7:60:bf:05:a4:8d:c4:af:
         8f:10:16:b6:b0:91:45:46:b2:d2:20:f0:af:d3:35:4b:17:3a:
         b4:b2:1e:04:e5:4a:c7:ff:7c:be:41:94:a4:2d:15:8c:50:fa:
         47:08:d0:6f:82:4b:e9:13:10:8a:a0:8e:17:95:99:c1:52:4f:
         52:69:ac:db:54:c3:a0:72:a5:2b:5c:7e:62:c6:6e:7d:dc:fb:
         9a:7a:89:46:57:8e:0c:b0:cc:ef:b8:86:29:e6:b9:96:13:04:
         76:d4:0c:a2:fe:de:8b:31:5a:7c:e0:5c:59:4b:e1:c0:d3:bb:
         42:30:0a:d6:8b:b8:77:f4:46:0c:05:81:af:31:8d:14:86:cf:
         5a:60:3e:d7:ba:fb:40:28:50:06:8c:18:73:c4:02:13:d6:53:
         a0:6b:d1:9f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExMjMzMFoXDTI1MDYwNzExMjMzMFowGDEWMBQG
A1UEAxMNNjQ4MDY4YjctYWYwMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALio3bu8Zeb0Yuc28jQ6EPHlW6jnmEuRP/H7PnMHWqqvMp38qcBI6j3sSxrN
d5K/vN9GcbJZCJ4jdlyLJgnuduQm2xcY3c/qTyT8Cy80uZfM5OYFiM5ybp52gdbs
zBP3ckh5qgOoRjC5ncN9Ek54fYQomFWH7iVMXTZLOPGMw6vu4AtqweO3rZgDvqf0
AM4LlodK5+MTQL5/age/9axhP02AeGzDU/gLEKIqPMu/giSXWW/i/zsGtnK5w7sI
bNaTcqeWO2FEVBKksAtV33YcnuB5QCStZzqc8F7ngFcySR++B0XJ/tte5sxJz3CZ
eVQbrb7K0Yt2dx92PF6nzDeA8i0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRsRjQj
YFnXgJyb1+DloEesVezONzAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvQkUxNTk1MjIwNTI1MTFFRUI1MDgxMjNDNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKBxADANBgkqhkiG9w0BAQsFAAOC
AQEAUb7sxpa3F5KweS2kDrUPsiQd9UekN0umyeYDJf5DiuXQogZq0zjoFLc0TeoU
XwSdF08tlTYUAcJ/G5kosXyAgC/cJar89UKb2srjk6IasR6act3fyLtPVRkQ/WG/
yrH+2IBVFedgvwWkjcSvjxAWtrCRRUay0iDwr9M1Sxc6tLIeBOVKx/98vkGUpC0V
jFD6RwjQb4JL6RMQiqCOF5WZwVJPUmms21TDoHKlK1x+YsZufdz7mnqJRleODLDM
77iGKea5lhMEdtQMov7eizFafOBcWUvhwNO7QjAK1ou4d/RGDAWBrzGNFIbPWmA+
17r7QChQBowYc8QCE9ZToGvRnw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:07 2024 by rpki-client on console-fra.rpki-client.org