Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/15F71ABA3D8811ED90C4A0C3F1222468.roa
File:                     15F71ABA3D8811ED90C4A0C3F1222468.roa (raw, json)
Hash identifier:          ZIWSZmc0YyiPZ33NmPw3XzXebX+VO4+zLCYTtQFl6w8=
Subject key identifier:   3E:87:98:A5:55:A9:1B:8E:84:4F:E2:2D:55:A9:CE:15:9A:B6:B5:F0
Certificate issuer:       /CN=F3651254AR/serialNumber=1D43E41D01CF85FF940F6606E1646147D8728B28
Certificate serial:       0862
Authority key identifier: 1D:43:E4:1D:01:CF:85:FF:94:0F:66:06:E1:64:61:47:D8:72:8B:28
Authority info access:    rsync://rpki.afrinic.net/repository/arin/HUPkHQHPhf-UD2YG4WRhR9hyiyg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/15F71ABA3D8811ED90C4A0C3F1222468.roa
Signing time:             Mon 26 Sep 2022 10:43:41 +0000
ROA not before:           Mon 26 Sep 2022 10:43:35 +0000
ROA not after:            Fri 31 Dec 2032 10:43:35 +0000
asID:                     37670
IP address blocks:        45.221.200.0/21 maxlen: 24
                          45.221.200.0/24 maxlen: 24
                          45.221.201.0/24 maxlen: 24
                          45.221.202.0/24 maxlen: 24
                          45.221.203.0/24 maxlen: 24
                          45.221.204.0/24 maxlen: 24
                          45.221.205.0/24 maxlen: 24
                          45.221.206.0/24 maxlen: 24
                          45.221.207.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/HUPkHQHPhf-UD2YG4WRhR9hyiyg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/HUPkHQHPhf-UD2YG4WRhR9hyiyg.mft
                          rsync://rpki.afrinic.net/repository/arin/HUPkHQHPhf-UD2YG4WRhR9hyiyg.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2146 (0x862)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3651254AR/serialNumber=1D43E41D01CF85FF940F6606E1646147D8728B28
        Validity
            Not Before: Sep 26 10:43:35 2022 GMT
            Not After : Dec 31 10:43:35 2032 GMT
        Subject: CN=6331825d-cdeb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:0b:23:f3:a6:ed:0e:18:68:db:29:35:4e:51:
                    d6:80:da:b5:71:15:03:51:fb:62:d2:83:09:2a:40:
                    4d:ad:9b:2f:5c:df:1d:03:07:ff:8a:72:08:b7:4e:
                    49:e3:70:2f:6a:c8:60:b6:d6:97:bc:7d:13:0a:f2:
                    08:8c:5b:78:18:df:8a:67:b8:6b:0f:4c:d0:94:04:
                    cc:f6:5f:f3:de:7d:a0:24:f2:58:04:c2:ba:9b:4b:
                    cd:44:89:ca:a0:1c:e7:fe:ac:1e:69:8f:d3:22:8b:
                    c9:48:b8:e1:fd:28:90:ec:68:5f:7c:6c:04:89:aa:
                    e6:36:40:08:41:de:db:e9:6b:5f:20:3a:d7:de:3e:
                    65:c8:22:9f:b2:6d:21:51:60:d9:10:25:94:e5:f4:
                    10:af:dd:2b:f8:f8:88:ca:00:65:4f:15:eb:99:05:
                    93:52:dd:c5:45:64:ce:de:70:23:10:df:52:9f:76:
                    5a:8d:d4:c2:4d:cb:46:fd:25:ae:9d:c5:d9:08:8f:
                    08:80:78:f6:bb:f2:da:36:4d:24:d4:83:0b:d7:15:
                    81:90:b7:ab:44:78:a6:1e:ff:f3:a1:b2:de:83:79:
                    a1:ae:d6:3b:ff:4f:70:a5:5b:9f:35:42:dc:94:06:
                    d6:8b:a7:62:5f:83:f2:33:83:64:6f:d1:40:db:7d:
                    91:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:87:98:A5:55:A9:1B:8E:84:4F:E2:2D:55:A9:CE:15:9A:B6:B5:F0
            X509v3 Authority Key Identifier:
                keyid:1D:43:E4:1D:01:CF:85:FF:94:0F:66:06:E1:64:61:47:D8:72:8B:28

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/HUPkHQHPhf-UD2YG4WRhR9hyiyg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/HUPkHQHPhf-UD2YG4WRhR9hyiyg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3651254/CD02A612C85311E69198EA57F8AEA228/15F71ABA3D8811ED90C4A0C3F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.221.200.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6a:38:ed:9a:78:9d:dd:e9:90:f5:f0:3e:88:a1:bc:f6:9e:39:
         74:46:7e:16:ff:ea:3d:0a:ce:e6:fc:f4:fa:fc:ad:33:66:a2:
         bf:e5:57:a7:cf:48:e2:cb:12:ff:f5:87:a1:9d:fd:98:2a:01:
         50:5f:08:9e:a0:5f:84:86:2e:24:88:a8:1b:29:e1:c6:2e:0b:
         69:64:fd:af:17:c3:2f:cd:3e:d6:45:c0:9b:33:7a:e9:b9:c0:
         c6:de:84:72:c4:8d:2c:1e:b9:63:13:e4:9d:df:ac:c8:d0:3f:
         a8:90:6c:42:55:c9:8a:41:d4:64:12:69:31:1b:e9:ac:48:e4:
         52:5e:c9:7b:00:ec:15:9a:11:32:2c:f8:7b:b4:dc:3c:4f:7e:
         14:f5:15:74:1f:b1:5d:30:fd:97:3a:92:1c:fb:79:44:ba:36:
         08:6b:15:7d:bf:a3:49:58:6e:73:94:9f:bb:74:9a:91:ec:89:
         5c:02:d2:47:1e:30:1f:b3:0b:a6:21:9c:be:53:14:ed:a5:70:
         6d:6f:1c:48:32:e5:20:68:83:55:58:79:9e:95:a4:99:55:c8:
         e2:df:5f:26:2c:f2:99:c2:95:fd:75:be:6a:bd:16:08:3d:a7:
         08:e7:a7:90:d7:a9:3c:0f:74:03:8b:8d:0b:1e:af:63:89:75:
         05:1e:86:e6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICCGIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTEyNTRBUjExMC8GA1UEBRMoMUQ0M0U0MUQwMUNGODVGRjk0MEY2NjA2RTE2NDYx
NDdEODcyOEIyODAeFw0yMjA5MjYxMDQzMzVaFw0zMjEyMzExMDQzMzVaMBgxFjAU
BgNVBAMMDTYzMzE4MjVkLWNkZWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLCyPzpu0OGGjbKTVOUdaA2rVxFQNR+2LSgwkqQE2tmy9c3x0DB/+Kcgi3
TknjcC9qyGC21pe8fRMK8giMW3gY34pnuGsPTNCUBMz2X/PefaAk8lgEwrqbS81E
icqgHOf+rB5pj9Mii8lIuOH9KJDsaF98bASJquY2QAhB3tvpa18gOtfePmXIIp+y
bSFRYNkQJZTl9BCv3Sv4+IjKAGVPFeuZBZNS3cVFZM7ecCMQ31KfdlqN1MJNy0b9
Ja6dxdkIjwiAePa78to2TSTUgwvXFYGQt6tEeKYe//Ohst6DeaGu1jv/T3ClW581
QtyUBtaLp2Jfg/Izg2Rv0UDbfZH9AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUPoeY
pVWpG46ET+ItVanOFZq2tfAwHwYDVR0jBBgwFoAUHUPkHQHPhf+UD2YG4WRhR9hy
iygwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjUxMjU0L0NEMDJBNjEyQzg1MzExRTY5MTk4RUE1N0Y4QUVBMjI4L0hVUGtI
UUhQaGYtVUQyWUc0V1JoUjloeWl5Zy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0hVUGtIUUhQaGYtVUQyWUc0V1JoUjloeWl5Zy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjUxMjU0L0NEMDJBNjEyQzg1MzExRTY5MTk4RUE1N0Y4QUVB
MjI4LzE1RjcxQUJBM0Q4ODExRUQ5MEM0QTBDM0YxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMt3cgwDQYJKoZIhvcNAQELBQAD
ggEBAGo47Zp4nd3pkPXwPoihvPaeOXRGfhb/6j0Kzub89Pr8rTNmor/lV6fPSOLL
Ev/1h6Gd/ZgqAVBfCJ6gX4SGLiSIqBsp4cYuC2lk/a8Xwy/NPtZFwJszeum5wMbe
hHLEjSweuWMT5J3frMjQP6iQbEJVyYpB1GQSaTEb6axI5FJeyXsA7BWaETIs+Hu0
3DxPfhT1FXQfsV0w/Zc6khz7eUS6NghrFX2/o0lYbnOUn7t0mpHsiVwC0kceMB+z
C6YhnL5TFO2lcG1vHEgy5SBog1VYeZ6VpJlVyOLfXyYs8pnClf11vmq9Fgg9pwjn
p5DXqTwPdAOLjQser2OJdQUehuY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org