Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/8784F33A783911EF9F858C44762E951A.roa
File:                     8784F33A783911EF9F858C44762E951A.roa (raw, json)
Hash identifier:          hIWxFQxDj+ptIohIYjSlVXPkKf+GIrXgvl1fh/xb2HA=
Subject key identifier:   89:91:3B:D2:64:24:57:CE:4C:56:EE:93:89:62:95:57:8D:1A:E8:B2
Certificate issuer:       /CN=F3644574AR/serialNumber=F608628A4682F553804AF3AB2E58A19C30A8ADD2
Certificate serial:       19
Authority key identifier: F6:08:62:8A:46:82:F5:53:80:4A:F3:AB:2E:58:A1:9C:30:A8:AD:D2
Authority info access:    rsync://rpki.afrinic.net/repository/arin/9ghiikaC9VOASvOrLlihnDCordI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/8784F33A783911EF9F858C44762E951A.roa
Signing time:             Sat 21 Sep 2024 16:49:55 +0000
ROA not before:           Sat 21 Sep 2024 16:49:52 +0000
ROA not after:            Sun 21 Sep 2031 16:49:52 +0000
asID:                     328543
IP address blocks:        45.221.96.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/9ghiikaC9VOASvOrLlihnDCordI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/9ghiikaC9VOASvOrLlihnDCordI.mft
                          rsync://rpki.afrinic.net/repository/arin/9ghiikaC9VOASvOrLlihnDCordI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 26 Oct 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25 (0x19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3644574AR/serialNumber=F608628A4682F553804AF3AB2E58A19C30A8ADD2
        Validity
            Not Before: Sep 21 16:49:52 2024 GMT
            Not After : Sep 21 16:49:52 2031 GMT
        Subject: CN=66eef933-0557
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:b7:17:c4:3f:4f:a7:dc:c9:45:6f:59:06:08:
                    8e:bb:51:f0:e6:1c:66:78:0b:d9:8c:20:e6:d8:76:
                    b4:1f:b6:24:37:a9:dc:8a:eb:6b:b8:65:ee:db:6b:
                    da:5d:e9:6c:27:1e:05:2e:2b:1a:1e:92:98:d1:c8:
                    21:ad:73:9d:ef:a6:d9:9a:a0:c0:a0:93:6e:98:12:
                    84:3b:63:8d:30:fe:90:ec:8f:16:ee:1d:0e:b1:6f:
                    0a:be:f9:84:54:78:3a:f3:60:a2:84:61:20:36:47:
                    70:71:cf:6a:89:a2:a0:19:42:50:16:0d:33:e1:38:
                    2e:51:7b:d1:12:84:0e:0e:87:32:97:b7:fb:60:06:
                    b4:5d:c8:5f:9f:a5:cd:64:0a:0b:91:c1:5b:bf:5e:
                    ec:ec:98:8f:30:ef:4d:b1:6b:e6:f4:80:6a:2e:98:
                    fb:9b:63:b0:e1:26:b0:0a:b7:d2:4a:9b:24:55:36:
                    59:df:f6:8b:ca:b1:b2:37:16:44:01:5c:e8:43:dc:
                    d0:2a:46:1e:33:79:6e:61:64:23:51:8f:71:39:d8:
                    08:36:e7:e6:9c:76:9c:58:8d:d4:8b:f9:98:ff:ab:
                    fa:55:a1:7c:38:89:3e:79:97:73:f0:6f:a1:03:ac:
                    4e:a1:9a:b5:df:74:e0:a8:a2:56:14:b3:61:da:18:
                    17:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:91:3B:D2:64:24:57:CE:4C:56:EE:93:89:62:95:57:8D:1A:E8:B2
            X509v3 Authority Key Identifier:
                keyid:F6:08:62:8A:46:82:F5:53:80:4A:F3:AB:2E:58:A1:9C:30:A8:AD:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/9ghiikaC9VOASvOrLlihnDCordI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/9ghiikaC9VOASvOrLlihnDCordI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3644574/37DB92B2778011EFA6D72EB2762E951A/8784F33A783911EF9F858C44762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.221.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         12:cc:75:e5:7f:17:63:37:d8:df:f1:36:84:d6:fd:95:33:7c:
         02:fa:2a:ff:f0:e8:42:c0:12:a3:b2:18:92:e4:8a:f7:b5:17:
         75:ef:d8:d1:ef:3d:ea:bf:ca:6c:04:c5:e3:59:69:7a:2e:94:
         e0:34:de:62:79:39:b9:b5:9e:91:fb:ac:8c:28:34:68:ef:76:
         45:ef:74:4e:0e:6d:83:93:5f:0d:f6:96:37:ac:42:c9:b2:ba:
         4f:0f:01:33:4a:c8:ff:3d:68:c6:63:9f:03:33:aa:89:86:6a:
         97:18:c4:d5:72:3f:5b:f0:58:82:03:a0:c8:57:9e:a0:47:c7:
         f4:92:3b:62:72:9d:b1:7a:4c:cb:1e:ce:41:30:12:59:b9:b8:
         b3:bf:de:07:bd:df:52:dd:32:27:55:4d:1b:66:6e:01:04:5c:
         83:a2:da:ae:40:62:72:24:cd:b4:81:59:5c:36:37:bd:8c:5e:
         6b:b8:53:e1:61:4b:bb:93:ac:3d:16:91:e6:53:75:51:02:3c:
         06:fc:a2:d9:de:94:cc:a7:b0:67:ca:cd:a0:ba:c9:7e:03:7f:
         c0:e4:6a:9c:94:a7:5b:56:d2:a9:b7:0a:c6:1f:54:2b:d0:35:
         84:d4:49:8a:c5:ac:f0:b9:81:99:2c:53:23:c4:fc:0f:ad:f1:
         3b:84:20:ea
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBGTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NDU3NEFSMTEwLwYDVQQFEyhGNjA4NjI4QTQ2ODJGNTUzODA0QUYzQUIyRTU4QTE5
QzMwQThBREQyMB4XDTI0MDkyMTE2NDk1MloXDTMxMDkyMTE2NDk1MlowGDEWMBQG
A1UEAxMNNjZlZWY5MzMtMDU1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANO3F8Q/T6fcyUVvWQYIjrtR8OYcZngL2Ywg5th2tB+2JDep3Irra7hl7ttr
2l3pbCceBS4rGh6SmNHIIa1zne+m2ZqgwKCTbpgShDtjjTD+kOyPFu4dDrFvCr75
hFR4OvNgooRhIDZHcHHPaomioBlCUBYNM+E4LlF70RKEDg6HMpe3+2AGtF3IX5+l
zWQKC5HBW79e7OyYjzDvTbFr5vSAai6Y+5tjsOEmsAq30kqbJFU2Wd/2i8qxsjcW
RAFc6EPc0CpGHjN5bmFkI1GPcTnYCDbn5px2nFiN1Iv5mP+r+lWhfDiJPnmXc/Bv
oQOsTqGatd904KiiVhSzYdoYF78CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSJkTvS
ZCRXzkxW7pOJYpVXjRrosjAfBgNVHSMEGDAWgBT2CGKKRoL1U4BK86suWKGcMKit
0jAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDQ1NzQvMzdEQjkyQjI3NzgwMTFFRkE2RDcyRUIyNzYyRTk1MUEvOWdoaWlr
YUM5Vk9BU3ZPckxsaWhuRENvcmRJLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
OWdoaWlrYUM5Vk9BU3ZPckxsaWhuRENvcmRJLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NDQ1NzQvMzdEQjkyQjI3NzgwMTFFRkE2RDcyRUIyNzYyRTk1
MUEvODc4NEYzM0E3ODM5MTFFRjlGODU4QzQ0NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBS3dYDANBgkqhkiG9w0BAQsFAAOC
AQEAEsx15X8XYzfY3/E2hNb9lTN8Avoq//DoQsASo7IYkuSK97UXde/Y0e896r/K
bATF41lpei6U4DTeYnk5ubWekfusjCg0aO92Re90Tg5tg5NfDfaWN6xCybK6Tw8B
M0rI/z1oxmOfAzOqiYZqlxjE1XI/W/BYggOgyFeeoEfH9JI7YnKdsXpMyx7OQTAS
Wbm4s7/eB73fUt0yJ1VNG2ZuAQRcg6LarkBiciTNtIFZXDY3vYxea7hT4WFLu5Os
PRaR5lN1UQI8Bvyi2d6UzKewZ8rNoLrJfgN/wORqnJSnW1bSqbcKxh9UK9A1hNRJ
isWs8LmBmSxTI8T8D63xO4Qg6g==
-----END CERTIFICATE-----