Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/D548070E052811EEB23000454AD9E6FC.roa
File:                     D548070E052811EEB23000454AD9E6FC.roa (raw, json)
Hash identifier:          Asi0DUZ5ZUrpYs6pum9j1z0rBwmLfGeeLLZ2I1fk1+Q=
Subject key identifier:   52:2A:48:1D:ED:C0:07:3D:00:86:0D:96:44:28:3D:65:8D:42:4B:51
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       16
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/D548070E052811EEB23000454AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:45:43 +0000
ROA not before:           Wed 07 Jun 2023 11:45:39 +0000
ROA not after:            Mon 30 Jun 2025 11:45:39 +0000
asID:                     37463
IP address blocks:        169.255.123.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22 (0x16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:45:39 2023 GMT
            Not After : Jun 30 11:45:39 2025 GMT
        Subject: CN=64806de7-2c6d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:d0:6e:53:92:65:b8:e5:3b:01:28:da:e4:8d:
                    ac:e3:4b:a7:5c:4e:d9:b1:97:5d:36:5a:b5:fc:e4:
                    6a:c8:81:ab:17:d5:41:26:b9:1a:6d:d8:51:9c:aa:
                    47:21:e4:fd:4b:3f:09:d3:40:5b:48:de:25:3b:2e:
                    27:01:e6:37:49:e6:e3:66:47:2d:ad:d0:87:1f:00:
                    26:c3:86:c9:f9:52:c8:7d:c4:8a:01:b8:52:d0:b1:
                    9b:06:d0:59:bc:6d:1b:ab:99:a4:46:de:33:22:a3:
                    3c:92:04:08:7d:b6:c8:ab:6a:4e:8c:79:37:a9:c5:
                    96:47:93:f7:1d:89:3e:77:0a:8f:23:7f:8b:74:14:
                    ad:81:ab:f1:ef:88:65:e3:8c:23:3a:5d:5d:55:b0:
                    36:06:fb:b8:41:7a:f3:59:3b:74:55:ff:8e:1d:28:
                    11:9b:51:bd:23:25:39:95:68:ce:4c:db:4e:14:57:
                    ff:48:ff:be:ee:68:4d:5d:8d:ba:c0:60:65:8d:b7:
                    a9:69:b6:d0:aa:d7:ed:d3:46:23:80:65:02:e7:d8:
                    b7:b2:fb:f5:48:68:fc:f8:1e:a8:85:83:68:96:af:
                    f4:1b:57:72:1a:2d:7e:0d:03:7b:1f:fc:43:72:58:
                    c9:c8:6e:6b:02:8a:c8:2d:c3:11:e9:18:6f:20:72:
                    2a:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:2A:48:1D:ED:C0:07:3D:00:86:0D:96:44:28:3D:65:8D:42:4B:51
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/D548070E052811EEB23000454AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.255.123.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:e5:c2:f1:33:8f:3b:f3:71:2f:50:7b:0f:f3:d8:2a:a4:39:
         39:a8:b4:3e:32:3e:15:59:f5:74:fc:44:a1:9d:53:c6:e5:2c:
         08:9b:89:e9:fa:54:eb:9f:79:7a:41:59:d8:53:7a:d9:3b:d1:
         14:cb:e7:1e:16:c4:5a:c0:fd:0f:6f:e4:05:bf:b2:ca:ed:ac:
         19:87:67:85:21:d7:6c:36:e1:13:af:15:13:4f:3c:1c:69:29:
         42:45:f2:6f:48:93:40:a5:8a:4f:11:a6:ab:7b:ec:cd:a9:22:
         66:3e:b1:8d:48:8e:1e:eb:b0:ee:de:6f:51:6e:7d:73:c0:b9:
         33:a7:64:6b:cd:71:b5:60:b4:02:22:e7:01:6c:a3:d5:9d:65:
         82:0c:89:79:2a:ed:27:1c:2f:62:16:6d:0c:b3:b5:b2:48:5e:
         2e:19:b4:95:e3:6e:4b:60:45:25:fa:75:44:a1:26:dc:d8:93:
         eb:7e:54:24:12:d0:17:4a:43:29:81:a0:21:9e:84:6a:60:af:
         73:5d:d1:69:90:8a:0e:68:5d:47:87:b8:27:a8:dc:8f:ec:47:
         10:93:56:fe:db:80:20:ab:2e:7d:10:0b:71:ba:ec:58:0a:83:
         57:d3:1f:e0:37:c1:e0:7b:49:9a:a1:5a:e2:3b:02:8e:10:53:
         b4:30:4b:59
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBFjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExNDUzOVoXDTI1MDYzMDExNDUzOVowGDEWMBQG
A1UEAxMNNjQ4MDZkZTctMmM2ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLQblOSZbjlOwEo2uSNrONLp1xO2bGXXTZatfzkasiBqxfVQSa5Gm3YUZyq
RyHk/Us/CdNAW0jeJTsuJwHmN0nm42ZHLa3Qhx8AJsOGyflSyH3EigG4UtCxmwbQ
WbxtG6uZpEbeMyKjPJIECH22yKtqTox5N6nFlkeT9x2JPncKjyN/i3QUrYGr8e+I
ZeOMIzpdXVWwNgb7uEF681k7dFX/jh0oEZtRvSMlOZVozkzbThRX/0j/vu5oTV2N
usBgZY23qWm20KrX7dNGI4BlAufYt7L79Uho/PgeqIWDaJav9BtXchotfg0Dex/8
Q3JYychuawKKyC3DEekYbyByKjkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRSKkgd
7cAHPQCGDZZEKD1ljUJLUTAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvRDU0ODA3MEUwNTI4MTFFRUIyMzAwMDQ1NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKn/ezANBgkqhkiG9w0BAQsFAAOC
AQEABOXC8TOPO/NxL1B7D/PYKqQ5Oai0PjI+FVn1dPxEoZ1TxuUsCJuJ6fpU6595
ekFZ2FN62TvRFMvnHhbEWsD9D2/kBb+yyu2sGYdnhSHXbDbhE68VE088HGkpQkXy
b0iTQKWKTxGmq3vszakiZj6xjUiOHuuw7t5vUW59c8C5M6dka81xtWC0AiLnAWyj
1Z1lggyJeSrtJxwvYhZtDLO1skheLhm0leNuS2BFJfp1RKEm3NiT635UJBLQF0pD
KYGgIZ6EamCvc13RaZCKDmhdR4e4J6jcj+xHEJNW/tuAIKsufRALcbrsWAqDV9Mf
4DfB4HtJmqFa4jsCjhBTtDBLWQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:01 2024 by rpki-client on console-ams.rpki-client.org