Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/1E005EBCD53811EEA636DE73775412E6.roa
File:                     1E005EBCD53811EEA636DE73775412E6.roa (raw, json)
Hash identifier:          NZukzj3sWyjYLO9ToCsVsgQAC/kq2Oo6mzyBtHQWmD8=
Subject key identifier:   5A:2A:EB:63:F8:89:E1:27:5C:A8:B2:A0:DF:B5:B8:FD:35:A5:CE:92
Certificate issuer:       /CN=F364321AAR/serialNumber=933F70DB9817B848F8C0861A824B10117DC5192C
Certificate serial:       018F
Authority key identifier: 93:3F:70:DB:98:17:B8:48:F8:C0:86:1A:82:4B:10:11:7D:C5:19:2C
Authority info access:    rsync://rpki.afrinic.net/repository/arin/kz9w25gXuEj4wIYagksQEX3FGSw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/1E005EBCD53811EEA636DE73775412E6.roa
Signing time:             Tue 27 Feb 2024 06:19:09 +0000
ROA not before:           Tue 27 Feb 2024 06:19:06 +0000
ROA not after:            Wed 27 Feb 2030 06:19:06 +0000
asID:                     202023
IP address blocks:        139.26.16.0/21 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/kz9w25gXuEj4wIYagksQEX3FGSw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/kz9w25gXuEj4wIYagksQEX3FGSw.mft
                          rsync://rpki.afrinic.net/repository/arin/kz9w25gXuEj4wIYagksQEX3FGSw.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 399 (0x18f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F364321AAR/serialNumber=933F70DB9817B848F8C0861A824B10117DC5192C
        Validity
            Not Before: Feb 27 06:19:06 2024 GMT
            Not After : Feb 27 06:19:06 2030 GMT
        Subject: CN=65dd7edd-5694
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:d1:cd:e8:c4:9f:cc:b0:ad:14:d2:ed:7a:ad:
                    1a:7e:58:d2:d4:d1:fe:a3:84:15:f5:0a:77:04:91:
                    51:ce:29:49:f2:32:af:74:68:c3:22:e6:2a:7c:4e:
                    14:9d:a7:83:4b:40:c0:1e:9d:67:07:b9:2f:d7:fd:
                    99:3b:79:f1:5a:81:03:2d:87:0a:97:11:f1:c6:64:
                    a5:41:1e:4c:18:ce:78:40:07:4e:71:d1:dc:0b:8a:
                    65:7f:11:9f:30:be:dc:d2:f8:b0:ba:5b:96:ca:b1:
                    86:f7:a2:6b:05:21:7a:c9:8e:53:98:a6:50:0e:1a:
                    c1:2f:44:6e:eb:fe:8e:d2:a0:13:52:ea:73:26:57:
                    56:52:79:ea:b7:ea:c3:f2:cf:dc:2e:21:40:bc:2c:
                    57:cf:13:a0:d7:01:51:5a:0d:8e:bc:f3:41:c5:35:
                    32:74:35:21:cb:21:72:ba:9c:de:3d:4d:b2:6f:0e:
                    fb:ae:51:37:2f:02:07:33:6f:4e:a1:a7:c1:12:ef:
                    81:3e:f2:4f:1b:23:f6:9e:a6:c4:24:7a:35:89:46:
                    4d:16:f7:4c:aa:f8:29:af:43:a4:2c:b8:b4:f5:57:
                    cf:b8:ea:73:fb:78:da:84:97:67:58:8a:fa:e9:58:
                    cf:30:57:96:03:16:0f:ae:06:b2:fe:22:26:7e:ff:
                    35:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:2A:EB:63:F8:89:E1:27:5C:A8:B2:A0:DF:B5:B8:FD:35:A5:CE:92
            X509v3 Authority Key Identifier:
                keyid:93:3F:70:DB:98:17:B8:48:F8:C0:86:1A:82:4B:10:11:7D:C5:19:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/kz9w25gXuEj4wIYagksQEX3FGSw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/kz9w25gXuEj4wIYagksQEX3FGSw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/1E005EBCD53811EEA636DE73775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.26.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         66:8c:16:d6:88:86:6a:1b:01:9f:c6:38:00:7b:b0:90:7e:4d:
         f3:6d:98:bd:d3:95:d5:30:32:1d:7a:7e:63:6e:ad:0f:15:49:
         bd:83:8f:6f:f8:96:e0:0e:ad:9e:60:a1:5e:3d:3a:da:73:4d:
         45:d8:7f:b9:41:1c:0a:bd:5c:ec:36:2c:71:a5:fb:ef:c6:f6:
         94:dd:95:13:66:4a:ec:63:54:e2:29:66:67:8d:93:9f:0d:29:
         2d:69:4c:84:b3:d6:0b:19:4e:dc:6f:9a:ed:19:0e:a3:ed:88:
         5f:09:d6:5a:33:95:d6:ba:e5:d2:75:db:cd:38:b3:d9:af:0c:
         16:00:b3:a3:db:69:fc:57:d5:6a:a8:5b:ec:d5:32:77:59:3c:
         46:6d:1e:3f:9c:8e:49:67:dd:a0:ad:eb:53:af:b1:40:55:f0:
         a8:00:07:d4:36:71:65:2a:0b:4d:3b:61:c1:41:c9:ad:95:98:
         22:4a:db:28:62:97:a4:ef:13:95:05:5a:83:1f:88:77:85:48:
         f0:33:2c:f6:63:6a:21:43:4f:f8:6f:2f:fe:18:37:7d:56:5f:
         40:6d:9b:ec:e8:a0:c9:e8:52:16:67:02:3b:cb:28:9e:6f:29:
         51:a7:92:82:57:80:9f:69:f4:ab:14:cd:45:78:30:20:d6:6b:
         b2:cd:64:5a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAY8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDMyMUFBUjExMC8GA1UEBRMoOTMzRjcwREI5ODE3Qjg0OEY4QzA4NjFBODI0QjEw
MTE3REM1MTkyQzAeFw0yNDAyMjcwNjE5MDZaFw0zMDAyMjcwNjE5MDZaMBgxFjAU
BgNVBAMTDTY1ZGQ3ZWRkLTU2OTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCd0c3oxJ/MsK0U0u16rRp+WNLU0f6jhBX1CncEkVHOKUnyMq90aMMi5ip8
ThSdp4NLQMAenWcHuS/X/Zk7efFagQMthwqXEfHGZKVBHkwYznhAB05x0dwLimV/
EZ8wvtzS+LC6W5bKsYb3omsFIXrJjlOYplAOGsEvRG7r/o7SoBNS6nMmV1ZSeeq3
6sPyz9wuIUC8LFfPE6DXAVFaDY6880HFNTJ0NSHLIXK6nN49TbJvDvuuUTcvAgcz
b06hp8ES74E+8k8bI/aepsQkejWJRk0W90yq+CmvQ6QsuLT1V8+46nP7eNqEl2dY
ivrpWM8wV5YDFg+uBrL+IiZ+/zUxAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWirr
Y/iJ4SdcqLKg37W4/TWlzpIwHwYDVR0jBBgwFoAUkz9w25gXuEj4wIYagksQEX3F
GSwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQzMjFBLzQ5M0U0NjJFQkNEQTExRURBMUZCMEZCMEYxMjIyNDY4L2t6OXcy
NWdYdUVqNHdJWWFna3NRRVgzRkdTdy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2t6OXcyNWdYdUVqNHdJWWFna3NRRVgzRkdTdy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjQzMjFBLzQ5M0U0NjJFQkNEQTExRURBMUZCMEZCMEYxMjIy
NDY4LzFFMDA1RUJDRDUzODExRUVBNjM2REU3Mzc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOLGhAwDQYJKoZIhvcNAQELBQAD
ggEBAGaMFtaIhmobAZ/GOAB7sJB+TfNtmL3TldUwMh16fmNurQ8VSb2Dj2/4luAO
rZ5goV49OtpzTUXYf7lBHAq9XOw2LHGl++/G9pTdlRNmSuxjVOIpZmeNk58NKS1p
TISz1gsZTtxvmu0ZDqPtiF8J1lozlda65dJ12804s9mvDBYAs6PbafxX1WqoW+zV
MndZPEZtHj+cjkln3aCt61OvsUBV8KgAB9Q2cWUqC007YcFBya2VmCJK2yhil6Tv
E5UFWoMfiHeFSPAzLPZjaiFDT/hvL/4YN31WX0Btm+zooMnoUhZnAjvLKJ5vKVGn
koJXgJ9p9KsUzUV4MCDWa7LNZFo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org