Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/11104E62CEF111EE974B8EA0775412E6.roa
File:                     11104E62CEF111EE974B8EA0775412E6.roa (raw, json)
Hash identifier:          w21QuXfiAGMWAFRhYp69TKHPA+2TQ5S4OV5lrYqZQPY=
Subject key identifier:   37:71:9B:44:BB:92:BE:90:BA:C3:A9:CE:BB:02:33:B1:6F:E0:61:52
Certificate issuer:       /CN=F362B5C8AR/serialNumber=D9E55AA8BC3464BF493D866072EF30BC46861AA8
Certificate serial:       1E
Authority key identifier: D9:E5:5A:A8:BC:34:64:BF:49:3D:86:60:72:EF:30:BC:46:86:1A:A8
Authority info access:    rsync://rpki.afrinic.net/repository/arin/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/11104E62CEF111EE974B8EA0775412E6.roa
Signing time:             Mon 19 Feb 2024 06:35:26 +0000
ROA not before:           Mon 19 Feb 2024 06:35:22 +0000
ROA not after:            Sat 19 Feb 2028 06:35:22 +0000
asID:                     37284
IP address blocks:        169.239.116.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.mft
                          rsync://rpki.afrinic.net/repository/arin/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:16:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 30 (0x1e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362B5C8AR/serialNumber=D9E55AA8BC3464BF493D866072EF30BC46861AA8
        Validity
            Not Before: Feb 19 06:35:22 2024 GMT
            Not After : Feb 19 06:35:22 2028 GMT
        Subject: CN=65d2f6ae-45c0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:66:0a:a4:cc:8e:a9:f0:03:5a:a5:ed:c1:a0:
                    33:d1:7b:b9:0f:be:bf:66:f9:0e:ec:57:b9:85:b6:
                    8b:f0:b8:78:52:3d:39:2c:1c:c7:64:ce:35:0c:e3:
                    cb:25:53:4b:3c:6f:1c:a7:8c:8e:17:df:db:5c:98:
                    2f:d7:8a:37:fe:2d:c0:ba:90:db:4a:1a:36:d6:58:
                    a2:e5:52:0c:90:ed:a5:0c:4d:34:50:60:c7:f3:10:
                    26:0c:13:0d:cd:a0:a8:3a:f6:bd:f8:fb:4c:bd:d7:
                    27:df:11:38:8d:e9:07:61:72:1d:c8:6b:24:ad:ab:
                    1b:d1:ac:64:c6:68:0f:95:11:d9:9b:a3:57:a5:03:
                    c1:fc:2b:6f:35:70:57:35:4b:74:21:6a:dd:28:73:
                    7b:82:21:1f:a3:04:40:31:56:5a:11:cd:01:1e:52:
                    d4:d7:42:a5:30:4a:14:f5:52:49:2c:f5:e3:bd:cd:
                    28:3d:00:0f:a7:2e:42:3f:d5:55:ea:18:65:3e:bd:
                    cb:d0:1e:0d:d7:12:2e:e6:51:14:70:9a:73:31:4e:
                    24:ec:81:ab:88:6c:fa:a0:0f:47:b5:ff:4d:7e:49:
                    00:84:0d:21:de:1e:d7:3e:61:38:af:f3:13:5c:55:
                    c4:10:90:77:f0:fe:5b:a8:1a:e8:cc:45:10:94:aa:
                    65:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:71:9B:44:BB:92:BE:90:BA:C3:A9:CE:BB:02:33:B1:6F:E0:61:52
            X509v3 Authority Key Identifier:
                keyid:D9:E5:5A:A8:BC:34:64:BF:49:3D:86:60:72:EF:30:BC:46:86:1A:A8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2eVaqLw0ZL9JPYZgcu8wvEaGGqg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362B5C8/A5EBEFE4BB6B11EEA0811C57775412E6/11104E62CEF111EE974B8EA0775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.239.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a9:a7:cc:46:7e:97:f7:a8:87:d1:21:4a:ec:0a:9f:61:45:54:
         40:9f:8f:60:3d:85:39:d1:31:0c:a3:a3:39:4c:4f:5e:62:d1:
         3d:37:8b:ff:28:9c:08:c2:68:a4:f9:6e:7d:36:4e:4c:b2:d3:
         ce:38:71:95:dd:4f:3a:c4:02:4b:13:2c:24:8b:33:a8:0b:80:
         28:c5:08:4d:9b:09:84:c7:4d:dc:ac:b8:d8:1f:ca:91:02:16:
         b7:3a:e4:b2:24:c5:da:df:94:83:bf:8c:bb:f9:50:2c:9b:2f:
         2e:96:e6:32:5d:9c:c0:4d:94:91:7d:9f:51:ec:bf:d4:66:6f:
         b4:c6:e9:d8:8a:45:f5:39:97:75:6e:d0:f6:48:a5:85:35:f1:
         cb:cc:77:a9:2e:0d:8d:bc:73:3c:cf:fc:5b:b7:98:1e:79:c6:
         7f:68:56:3f:96:c4:71:40:15:08:f9:a2:b4:1c:e8:8c:bb:ea:
         23:db:f3:ef:f2:1c:e4:97:5f:fb:ae:b0:6f:b1:2b:16:97:c3:
         e9:5c:5f:68:f9:8f:43:28:4a:89:f0:4e:a8:bf:e1:ea:35:29:
         d9:70:4b:4b:7e:bd:8e:3e:85:94:db:ce:40:25:fd:f8:a3:6d:
         02:a2:42:0a:f9:93:1d:9f:07:66:c3:94:57:eb:b5:5b:4e:38:
         a0:8f:9b:a7
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBHjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
QjVDOEFSMTEwLwYDVQQFEyhEOUU1NUFBOEJDMzQ2NEJGNDkzRDg2NjA3MkVGMzBC
QzQ2ODYxQUE4MB4XDTI0MDIxOTA2MzUyMloXDTI4MDIxOTA2MzUyMlowGDEWMBQG
A1UEAxMNNjVkMmY2YWUtNDVjMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM9mCqTMjqnwA1ql7cGgM9F7uQ++v2b5DuxXuYW2i/C4eFI9OSwcx2TONQzj
yyVTSzxvHKeMjhff21yYL9eKN/4twLqQ20oaNtZYouVSDJDtpQxNNFBgx/MQJgwT
Dc2gqDr2vfj7TL3XJ98ROI3pB2FyHchrJK2rG9GsZMZoD5UR2ZujV6UDwfwrbzVw
VzVLdCFq3Shze4IhH6MEQDFWWhHNAR5S1NdCpTBKFPVSSSz1473NKD0AD6cuQj/V
VeoYZT69y9AeDdcSLuZRFHCaczFOJOyBq4hs+qAPR7X/TX5JAIQNId4e1z5hOK/z
E1xVxBCQd/D+W6ga6MxFEJSqZZcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQ3cZtE
u5K+kLrDqc67AjOxb+BhUjAfBgNVHSMEGDAWgBTZ5VqovDRkv0k9hmBy7zC8RoYa
qDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MkI1QzgvQTVFQkVGRTRCQjZCMTFFRUEwODExQzU3Nzc1NDEyRTYvMmVWYXFM
dzBaTDlKUFlaZ2N1OHd2RWFHR3FnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmVWYXFMdzBaTDlKUFlaZ2N1OHd2RWFHR3FnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2MkI1QzgvQTVFQkVGRTRCQjZCMTFFRUEwODExQzU3Nzc1NDEy
RTYvMTExMDRFNjJDRUYxMTFFRTk3NEI4RUEwNzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnvdDANBgkqhkiG9w0BAQsFAAOC
AQEAqafMRn6X96iH0SFK7AqfYUVUQJ+PYD2FOdExDKOjOUxPXmLRPTeL/yicCMJo
pPlufTZOTLLTzjhxld1POsQCSxMsJIszqAuAKMUITZsJhMdN3Ky42B/KkQIWtzrk
siTF2t+Ug7+Mu/lQLJsvLpbmMl2cwE2UkX2fUey/1GZvtMbp2IpF9TmXdW7Q9kil
hTXxy8x3qS4NjbxzPM/8W7eYHnnGf2hWP5bEcUAVCPmitBzojLvqI9vz7/Ic5Jdf
+66wb7ErFpfD6VxfaPmPQyhKifBOqL/h6jUp2XBLS369jj6FlNvOQCX9+KNtAqJC
CvmTHZ8HZsOUV+u1W044oI+bpw==
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:47:38 2024 by rpki-client on console-ams.rpki-client.org