Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3645590/761A322227F811EF968FC2157DDC24C2/0630E34C27F911EF99C5B7167DDC24C2.roa
File:                     0630E34C27F911EF99C5B7167DDC24C2.roa (raw, json)
Hash identifier:          u1Kgum9/rIa3gu9tEpPcpHBCjsDs7Hpw84FU4EIS7uY=
Subject key identifier:   3D:9F:BA:79:EF:3F:3A:3D:52:48:18:22:F9:0A:4F:43:73:DB:AC:41
Certificate issuer:       /CN=F3645590AR/serialNumber=B38AE0D84367DF40822FBE585070F6983CD18059
Certificate serial:       02
Authority key identifier: B3:8A:E0:D8:43:67:DF:40:82:2F:BE:58:50:70:F6:98:3C:D1:80:59
Authority info access:    rsync://rpki.afrinic.net/repository/arin/s4rg2ENn30CCL75YUHD2mDzRgFk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3645590/761A322227F811EF968FC2157DDC24C2/0630E34C27F911EF99C5B7167DDC24C2.roa
Signing time:             Tue 11 Jun 2024 13:46:38 +0000
ROA not before:           Tue 11 Jun 2024 13:46:34 +0000
ROA not after:            Wed 30 Jun 2027 13:46:34 +0000
asID:                     328596
IP address blocks:        192.145.128.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3645590/761A322227F811EF968FC2157DDC24C2/s4rg2ENn30CCL75YUHD2mDzRgFk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3645590/761A322227F811EF968FC2157DDC24C2/s4rg2ENn30CCL75YUHD2mDzRgFk.mft
                          rsync://rpki.afrinic.net/repository/arin/s4rg2ENn30CCL75YUHD2mDzRgFk.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3645590AR/serialNumber=B38AE0D84367DF40822FBE585070F6983CD18059
        Validity
            Not Before: Jun 11 13:46:34 2024 GMT
            Not After : Jun 30 13:46:34 2027 GMT
        Subject: CN=6668553d-26f5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:ac:60:fd:e8:ea:ce:2b:9a:20:b4:88:c2:77:
                    9c:32:ee:13:74:b6:08:16:85:08:48:e6:dc:7e:52:
                    dc:d0:44:7e:f2:72:5b:a9:26:34:c3:95:6c:29:20:
                    8d:8b:2a:bf:30:33:00:93:ab:98:b0:e6:26:d3:18:
                    c9:e5:52:fa:f6:2d:94:71:be:f5:e6:42:a3:46:23:
                    1a:50:6a:cc:e7:92:24:6c:d6:68:d6:a1:45:03:67:
                    6f:e5:4c:3e:8a:12:de:09:36:ae:26:9b:67:f4:91:
                    1e:df:bd:fd:76:ba:50:5b:40:bd:b4:71:38:17:95:
                    fc:6a:4c:f5:86:40:64:18:60:c6:68:53:6a:62:7b:
                    d0:45:6e:a7:db:d5:a1:09:0b:3b:d6:95:d3:9a:b4:
                    98:c4:49:b8:4a:f6:55:56:a0:e1:58:b7:44:28:d7:
                    18:7e:e9:09:19:98:c8:01:71:28:5b:0a:12:10:df:
                    eb:09:79:e1:50:33:36:89:00:26:b0:53:fd:a5:a9:
                    69:4e:63:df:9e:28:a0:19:95:d7:43:f6:98:f9:16:
                    67:79:95:05:54:4e:f0:8a:18:e2:08:ff:2b:9e:6d:
                    cd:de:0b:09:54:4c:f2:79:08:24:eb:d9:82:88:58:
                    31:25:33:b9:f4:cc:1c:25:da:36:46:de:d8:49:e1:
                    7f:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3D:9F:BA:79:EF:3F:3A:3D:52:48:18:22:F9:0A:4F:43:73:DB:AC:41
            X509v3 Authority Key Identifier:
                keyid:B3:8A:E0:D8:43:67:DF:40:82:2F:BE:58:50:70:F6:98:3C:D1:80:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3645590/761A322227F811EF968FC2157DDC24C2/s4rg2ENn30CCL75YUHD2mDzRgFk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/s4rg2ENn30CCL75YUHD2mDzRgFk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3645590/761A322227F811EF968FC2157DDC24C2/0630E34C27F911EF99C5B7167DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.145.128.0/19

    Signature Algorithm: sha256WithRSAEncryption
         8c:b6:f6:6c:ac:e1:93:b0:ed:52:09:2e:ee:18:e8:98:94:37:
         39:76:a9:85:3c:95:32:42:11:f8:89:c0:4f:11:2f:af:da:de:
         7b:9d:9e:c9:78:25:b8:66:3f:fc:3f:41:6c:dc:9d:b6:1a:a3:
         09:25:ee:ae:4e:cd:38:9a:82:d3:3b:99:1e:a7:46:fd:47:a2:
         4e:94:c0:c1:a5:ab:a2:b9:f6:e6:36:df:a8:f1:42:a5:6c:d5:
         61:90:f8:95:90:85:91:8c:33:e4:0c:dc:bc:bc:f0:8d:f2:86:
         80:7d:76:cb:77:67:bf:08:0b:f2:c3:56:f5:25:97:49:cd:f3:
         38:87:ce:fe:42:74:78:f2:6d:0c:f1:e2:92:bc:21:f7:d2:95:
         05:e0:95:ea:28:9a:ca:3c:80:bc:6d:61:76:6e:69:62:b0:fa:
         15:d2:57:e2:07:d1:3b:0d:ce:7a:39:1f:75:da:a8:da:46:85:
         2d:67:82:e5:fb:07:f8:b7:96:50:27:d1:12:80:13:e9:30:26:
         4c:04:6a:b9:0f:e8:61:bf:80:0c:98:fa:39:7c:9b:8d:27:a6:
         ce:9e:51:a6:50:2b:01:53:0e:5d:ae:53:a4:0a:96:c5:05:13:
         ff:c6:12:6d:93:71:c4:f6:7c:dc:5e:be:5b:d6:8c:5d:58:a6:
         eb:2e:aa:b4
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
NTU5MEFSMTEwLwYDVQQFEyhCMzhBRTBEODQzNjdERjQwODIyRkJFNTg1MDcwRjY5
ODNDRDE4MDU5MB4XDTI0MDYxMTEzNDYzNFoXDTI3MDYzMDEzNDYzNFowGDEWMBQG
A1UEAxMNNjY2ODU1M2QtMjZmNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPGsYP3o6s4rmiC0iMJ3nDLuE3S2CBaFCEjm3H5S3NBEfvJyW6kmNMOVbCkg
jYsqvzAzAJOrmLDmJtMYyeVS+vYtlHG+9eZCo0YjGlBqzOeSJGzWaNahRQNnb+VM
PooS3gk2riabZ/SRHt+9/Xa6UFtAvbRxOBeV/GpM9YZAZBhgxmhTamJ70EVup9vV
oQkLO9aV05q0mMRJuEr2VVag4Vi3RCjXGH7pCRmYyAFxKFsKEhDf6wl54VAzNokA
JrBT/aWpaU5j354ooBmV10P2mPkWZ3mVBVRO8IoY4gj/K55tzd4LCVRM8nkIJOvZ
gohYMSUzufTMHCXaNkbe2EnhfwkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQ9n7p5
7z86PVJIGCL5Ck9Dc9usQTAfBgNVHSMEGDAWgBSziuDYQ2ffQIIvvlhQcPaYPNGA
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDU1OTAvNzYxQTMyMjIyN0Y4MTFFRjk2OEZDMjE1N0REQzI0QzIvczRyZzJF
Tm4zMENDTDc1WVVIRDJtRHpSZ0ZrLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
czRyZzJFTm4zMENDTDc1WVVIRDJtRHpSZ0ZrLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NDU1OTAvNzYxQTMyMjIyN0Y4MTFFRjk2OEZDMjE1N0REQzI0
QzIvMDYzMEUzNEMyN0Y5MTFFRjk5QzVCNzE2N0REQzI0QzIucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcCRgDANBgkqhkiG9w0BAQsFAAOC
AQEAjLb2bKzhk7DtUgku7hjomJQ3OXaphTyVMkIR+InATxEvr9ree52eyXgluGY/
/D9BbNydthqjCSXurk7NOJqC0zuZHqdG/UeiTpTAwaWrorn25jbfqPFCpWzVYZD4
lZCFkYwz5AzcvLzwjfKGgH12y3dnvwgL8sNW9SWXSc3zOIfO/kJ0ePJtDPHikrwh
99KVBeCV6iiayjyAvG1hdm5pYrD6FdJX4gfROw3Oejkfddqo2kaFLWeC5fsH+LeW
UCfREoAT6TAmTARquQ/oYb+ADJj6OXybjSemzp5RplArAVMOXa5TpAqWxQUT/8YS
bZNxxPZ83F6+W9aMXVim6y6qtA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org