Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/8ED6BADCD53311EEB2A2C36C775412E6.roa
File:                     8ED6BADCD53311EEB2A2C36C775412E6.roa (raw, json)
Hash identifier:          4/E5JqKYHi82tnNDpVDrDiMaVaUcTpYsZcy/yA05uhA=
Subject key identifier:   AE:CB:18:F9:60:20:14:61:D4:6D:69:B1:6A:29:ED:0F:6E:79:8F:9B
Certificate issuer:       /CN=F364321AAR/serialNumber=933F70DB9817B848F8C0861A824B10117DC5192C
Certificate serial:       0183
Authority key identifier: 93:3F:70:DB:98:17:B8:48:F8:C0:86:1A:82:4B:10:11:7D:C5:19:2C
Authority info access:    rsync://rpki.afrinic.net/repository/arin/kz9w25gXuEj4wIYagksQEX3FGSw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/8ED6BADCD53311EEB2A2C36C775412E6.roa
Signing time:             Tue 27 Feb 2024 05:46:31 +0000
ROA not before:           Tue 27 Feb 2024 05:46:28 +0000
ROA not after:            Wed 27 Feb 2030 05:46:28 +0000
asID:                     327697
IP address blocks:        139.26.144.0/21 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/kz9w25gXuEj4wIYagksQEX3FGSw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/kz9w25gXuEj4wIYagksQEX3FGSw.mft
                          rsync://rpki.afrinic.net/repository/arin/kz9w25gXuEj4wIYagksQEX3FGSw.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 387 (0x183)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F364321AAR/serialNumber=933F70DB9817B848F8C0861A824B10117DC5192C
        Validity
            Not Before: Feb 27 05:46:28 2024 GMT
            Not After : Feb 27 05:46:28 2030 GMT
        Subject: CN=65dd7737-9026
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:d6:04:71:da:85:1b:50:b0:71:19:52:f0:93:
                    60:29:84:19:73:3e:6d:3d:30:63:23:71:33:b8:ea:
                    ab:22:7e:71:67:fb:cf:49:d1:67:3a:a0:06:e4:aa:
                    7f:cb:a4:09:30:82:51:c6:f9:73:b1:cf:14:6b:3e:
                    69:0a:48:da:59:59:f5:fc:14:cd:50:13:33:c4:8d:
                    38:8d:53:76:4b:6d:c0:ad:3d:b5:92:2b:be:9c:a9:
                    51:b0:c8:66:34:4b:c0:bb:27:46:aa:19:18:10:89:
                    a7:44:08:cb:34:55:cb:4b:13:fa:4d:c5:a9:0c:f0:
                    85:13:11:a4:af:2c:1c:4d:06:e3:9c:26:f2:63:3a:
                    96:b4:c3:82:80:bc:2c:95:5b:3c:43:e4:bc:0e:d2:
                    ec:13:ee:f3:3b:c2:6a:4c:ee:36:2d:84:72:9c:8d:
                    d8:df:4e:d6:c8:0a:87:89:71:b4:18:c9:97:25:f8:
                    f5:df:c9:60:2f:e2:4c:2f:67:42:a5:d6:46:aa:f9:
                    f5:b3:4e:04:7b:3d:d7:c8:c9:62:6e:72:89:cb:fa:
                    e0:68:f2:bf:1c:b8:f9:b6:38:c7:45:63:1f:e0:af:
                    e9:37:2c:d4:b5:83:df:11:72:41:3d:89:89:a2:12:
                    18:8a:ba:8a:34:da:88:f8:24:f1:5e:d1:4c:2e:1a:
                    33:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:CB:18:F9:60:20:14:61:D4:6D:69:B1:6A:29:ED:0F:6E:79:8F:9B
            X509v3 Authority Key Identifier:
                keyid:93:3F:70:DB:98:17:B8:48:F8:C0:86:1A:82:4B:10:11:7D:C5:19:2C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/kz9w25gXuEj4wIYagksQEX3FGSw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/kz9w25gXuEj4wIYagksQEX3FGSw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F364321A/493E462EBCDA11EDA1FB0FB0F1222468/8ED6BADCD53311EEB2A2C36C775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  139.26.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ae:de:18:c3:50:d6:7b:77:6e:f2:a8:e7:e1:7f:5e:77:ea:f1:
         d0:c4:f2:e3:55:ff:0f:11:f5:25:ee:37:04:d8:8d:4a:a1:a7:
         6f:db:58:a8:a5:56:19:90:2c:28:d1:67:4f:a3:b8:e6:a0:94:
         8d:c6:a9:33:45:b3:e9:17:3a:f6:10:5b:6b:a6:7b:0d:d9:b3:
         bd:45:22:06:bd:5e:f0:a8:3a:2f:1c:d7:f1:b0:f0:7b:d3:d2:
         24:92:70:d8:4f:66:7b:cf:7d:bf:79:be:04:21:80:b4:07:b2:
         69:4a:f2:36:c5:31:d0:74:84:10:41:12:b6:fc:26:c3:52:2f:
         eb:34:a1:63:42:87:ef:fe:31:9a:4b:50:98:16:9c:68:ed:2b:
         d3:5a:01:ad:f8:fb:9a:37:4a:47:44:62:b2:5e:f6:0d:11:43:
         d3:ca:d7:d4:35:52:c0:fc:ba:7e:d3:b1:7d:f3:d9:7b:18:4b:
         36:a9:cc:cf:53:51:17:38:8c:a1:0e:75:fe:31:71:ea:05:d4:
         c3:eb:8d:f5:f8:e3:19:cf:bd:e3:b2:e2:ae:ce:d4:41:5e:19:
         a3:e1:17:3f:c8:9a:8d:78:22:97:5d:8f:6f:61:d0:15:d5:52:
         22:07:cc:f8:33:9e:43:12:bf:96:ed:01:5a:2b:8c:a9:5f:cc:
         c5:35:1e:68
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAYMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDMyMUFBUjExMC8GA1UEBRMoOTMzRjcwREI5ODE3Qjg0OEY4QzA4NjFBODI0QjEw
MTE3REM1MTkyQzAeFw0yNDAyMjcwNTQ2MjhaFw0zMDAyMjcwNTQ2MjhaMBgxFjAU
BgNVBAMTDTY1ZGQ3NzM3LTkwMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCz1gRx2oUbULBxGVLwk2AphBlzPm09MGMjcTO46qsifnFn+89J0Wc6oAbk
qn/LpAkwglHG+XOxzxRrPmkKSNpZWfX8FM1QEzPEjTiNU3ZLbcCtPbWSK76cqVGw
yGY0S8C7J0aqGRgQiadECMs0VctLE/pNxakM8IUTEaSvLBxNBuOcJvJjOpa0w4KA
vCyVWzxD5LwO0uwT7vM7wmpM7jYthHKcjdjfTtbICoeJcbQYyZcl+PXfyWAv4kwv
Z0Kl1kaq+fWzTgR7PdfIyWJuconL+uBo8r8cuPm2OMdFYx/gr+k3LNS1g98RckE9
iYmiEhiKuoo02oj4JPFe0UwuGjORAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUrssY
+WAgFGHUbWmxaintD255j5swHwYDVR0jBBgwFoAUkz9w25gXuEj4wIYagksQEX3F
GSwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQzMjFBLzQ5M0U0NjJFQkNEQTExRURBMUZCMEZCMEYxMjIyNDY4L2t6OXcy
NWdYdUVqNHdJWWFna3NRRVgzRkdTdy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2t6OXcyNWdYdUVqNHdJWWFna3NRRVgzRkdTdy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjQzMjFBLzQ5M0U0NjJFQkNEQTExRURBMUZCMEZCMEYxMjIy
NDY4LzhFRDZCQURDRDUzMzExRUVCMkEyQzM2Qzc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOLGpAwDQYJKoZIhvcNAQELBQAD
ggEBAK7eGMNQ1nt3bvKo5+F/Xnfq8dDE8uNV/w8R9SXuNwTYjUqhp2/bWKilVhmQ
LCjRZ0+juOaglI3GqTNFs+kXOvYQW2umew3Zs71FIga9XvCoOi8c1/Gw8HvT0iSS
cNhPZnvPfb95vgQhgLQHsmlK8jbFMdB0hBBBErb8JsNSL+s0oWNCh+/+MZpLUJgW
nGjtK9NaAa34+5o3SkdEYrJe9g0RQ9PK19Q1UsD8un7TsX3z2XsYSzapzM9TURc4
jKEOdf4xceoF1MPrjfX44xnPveOy4q7O1EFeGaPhFz/Imo14Ipddj29h0BXVUiIH
zPgznkMSv5btAVorjKlfzMU1Hmg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org