Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/D930C4E2052711EEAC8D3B424AD9E6FC.roa
File:                     D930C4E2052711EEAC8D3B424AD9E6FC.roa (raw, json)
Hash identifier:          Id26cJ7y111iXZc38z2r0eS3yMEd6s+7MNAhtgNKVFY=
Subject key identifier:   A4:6E:C0:5A:C3:5E:02:85:D7:3F:DA:89:B8:D3:21:6A:B0:F2:B0:FC
Certificate issuer:       /CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
Certificate serial:       0E
Authority key identifier: AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/D930C4E2052711EEAC8D3B424AD9E6FC.roa
Signing time:             Wed 07 Jun 2023 11:38:40 +0000
ROA not before:           Wed 07 Jun 2023 11:38:36 +0000
ROA not after:            Mon 30 Jun 2025 11:38:36 +0000
asID:                     37463
IP address blocks:        160.113.19.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.mft
                          rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:16:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3620C16AR/serialNumber=AE51293627F1BD7A9F53788E2A65EA041346A702
        Validity
            Not Before: Jun  7 11:38:36 2023 GMT
            Not After : Jun 30 11:38:36 2025 GMT
        Subject: CN=64806c40-1126
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:40:49:86:27:68:0d:cf:43:21:65:92:d3:45:
                    5b:82:3f:d1:be:8f:11:57:17:53:33:af:a1:62:d5:
                    c4:f9:b1:a7:80:94:64:67:8e:11:25:30:99:48:94:
                    46:c6:c2:45:1c:8c:fa:bb:86:4d:9a:75:63:bb:92:
                    da:50:f7:dd:6f:dc:88:1b:cc:29:9b:ef:35:8f:23:
                    5f:ec:c8:62:ca:8f:5a:e3:c3:56:a2:20:7b:1f:67:
                    3d:48:4e:82:6c:88:e4:94:b4:1f:d6:5d:8d:2a:3f:
                    28:7a:49:c9:d7:82:b7:3e:69:30:c4:7b:31:6b:0f:
                    23:ad:4a:3a:11:ed:75:a0:ee:a1:0a:e3:2a:c7:47:
                    97:2c:18:f8:a4:8b:77:48:c4:20:4e:75:ac:f9:4c:
                    34:b5:af:05:55:ed:9d:97:bd:b4:0d:c0:0b:e3:0c:
                    59:81:57:0f:53:64:d2:db:9a:95:81:2b:54:42:d2:
                    fa:f6:25:65:e3:2f:ba:39:48:50:d6:15:db:0b:0c:
                    f7:18:9d:42:8e:7e:74:c5:8c:7d:9c:49:c4:f2:db:
                    52:08:c6:8a:a7:b8:95:16:23:a7:9e:42:60:4e:9f:
                    a7:83:14:50:44:3f:0d:fc:6d:23:10:7b:47:df:0e:
                    fd:a9:06:6d:e0:3d:a6:84:10:98:99:0c:11:9b:3c:
                    b5:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:6E:C0:5A:C3:5E:02:85:D7:3F:DA:89:B8:D3:21:6A:B0:F2:B0:FC
            X509v3 Authority Key Identifier:
                keyid:AE:51:29:36:27:F1:BD:7A:9F:53:78:8E:2A:65:EA:04:13:46:A7:02

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/rlEpNifxvXqfU3iOKmXqBBNGpwI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rlEpNifxvXqfU3iOKmXqBBNGpwI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3620C16/9DD0C388052311EE98AFF3354AD9E6FC/D930C4E2052711EEAC8D3B424AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.113.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:5a:ad:d7:33:43:f4:a0:7c:88:dc:f4:6d:35:04:60:d6:c6:
         9e:05:10:51:6f:72:a5:14:27:52:d8:8a:bb:00:f7:ae:bb:7d:
         d5:8c:89:33:10:a5:76:8e:97:91:0a:4c:46:c4:af:3f:74:7f:
         a0:00:a6:5a:74:1e:a2:97:53:9c:59:af:46:d8:17:be:50:d4:
         67:91:99:d1:4b:78:c1:41:70:89:e3:47:df:5f:82:b4:48:66:
         87:6d:44:19:0e:d0:4d:d0:5f:cd:d3:a8:b0:75:1a:21:d8:bc:
         0c:e6:f6:29:b9:3c:b8:46:41:1a:ad:bb:59:0e:d6:06:6c:7e:
         5d:3f:fc:47:b7:ff:34:89:1f:a7:5f:ea:f6:b7:b8:69:04:88:
         ae:0c:5e:56:c0:f8:33:91:9b:8f:ad:f4:db:18:f7:9d:96:93:
         84:33:fb:87:ca:cd:7e:5b:4f:13:54:fc:3f:2d:45:bf:90:46:
         f1:84:bd:e4:91:43:11:37:d6:10:45:0d:6c:99:c0:e8:38:0b:
         9f:a9:c3:4d:50:98:21:51:f8:6d:bf:6c:ac:31:30:c0:b3:0f:
         74:1b:f1:c6:65:89:de:ba:b1:82:5f:39:bf:c3:15:46:7d:5e:
         8d:e2:4d:e6:f7:c3:c9:5c:d0:14:ec:4c:7e:67:0e:4d:5c:3d:
         3c:c7:8b:42
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
MEMxNkFSMTEwLwYDVQQFEyhBRTUxMjkzNjI3RjFCRDdBOUY1Mzc4OEUyQTY1RUEw
NDEzNDZBNzAyMB4XDTIzMDYwNzExMzgzNloXDTI1MDYzMDExMzgzNlowGDEWMBQG
A1UEAxMNNjQ4MDZjNDAtMTEyNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAORASYYnaA3PQyFlktNFW4I/0b6PEVcXUzOvoWLVxPmxp4CUZGeOESUwmUiU
RsbCRRyM+ruGTZp1Y7uS2lD33W/ciBvMKZvvNY8jX+zIYsqPWuPDVqIgex9nPUhO
gmyI5JS0H9ZdjSo/KHpJydeCtz5pMMR7MWsPI61KOhHtdaDuoQrjKsdHlywY+KSL
d0jEIE51rPlMNLWvBVXtnZe9tA3AC+MMWYFXD1Nk0tualYErVELS+vYlZeMvujlI
UNYV2wsM9xidQo5+dMWMfZxJxPLbUgjGiqe4lRYjp55CYE6fp4MUUEQ/DfxtIxB7
R98O/akGbeA9poQQmJkMEZs8tT8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSkbsBa
w14Chdc/2om40yFqsPKw/DAfBgNVHSMEGDAWgBSuUSk2J/G9ep9TeI4qZeoEE0an
AjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2RkMvcmxFcE5p
Znh2WHFmVTNpT0ttWHFCQk5HcHdJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
cmxFcE5pZnh2WHFmVTNpT0ttWHFCQk5HcHdJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MjBDMTYvOUREMEMzODgwNTIzMTFFRTk4QUZGMzM1NEFEOUU2
RkMvRDkzMEM0RTIwNTI3MTFFRUFDOEQzQjQyNEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKBxEzANBgkqhkiG9w0BAQsFAAOC
AQEAWFqt1zND9KB8iNz0bTUEYNbGngUQUW9ypRQnUtiKuwD3rrt91YyJMxCldo6X
kQpMRsSvP3R/oACmWnQeopdTnFmvRtgXvlDUZ5GZ0Ut4wUFwieNH31+CtEhmh21E
GQ7QTdBfzdOosHUaIdi8DOb2Kbk8uEZBGq27WQ7WBmx+XT/8R7f/NIkfp1/q9re4
aQSIrgxeVsD4M5Gbj6302xj3nZaThDP7h8rNfltPE1T8Py1Fv5BG8YS95JFDETfW
EEUNbJnA6DgLn6nDTVCYIVH4bb9srDEwwLMPdBvxxmWJ3rqxgl85v8MVRn1ejeJN
5vfDyVzQFOxMfmcOTVw9PMeLQg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:45:07 2024 by rpki-client on console-fra.rpki-client.org