Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36580B0/0AC199A441CE11EEBCA91D114AD9E6FC/60251E1041CF11EE97BA22154AD9E6FC.roa
File:                     60251E1041CF11EE97BA22154AD9E6FC.roa (raw, json)
Hash identifier:          +/KON4UBgEg4d/T2YNBvCgKU2dUseDYpvvtJTHIMNow=
Subject key identifier:   0C:A6:2C:4F:84:DB:97:A1:B8:4D:7D:6C:6E:71:B8:53:69:4D:1A:82
Certificate issuer:       /CN=F36580B0AR/serialNumber=E8A285E7A9119CC130CA29F73579DB06824F83B5
Certificate serial:       02
Authority key identifier: E8:A2:85:E7:A9:11:9C:C1:30:CA:29:F7:35:79:DB:06:82:4F:83:B5
Authority info access:    rsync://rpki.afrinic.net/repository/arin/6KKF56kRnMEwyin3NXnbBoJPg7U.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36580B0/0AC199A441CE11EEBCA91D114AD9E6FC/60251E1041CF11EE97BA22154AD9E6FC.roa
Signing time:             Wed 23 Aug 2023 16:09:02 +0000
ROA not before:           Wed 23 Aug 2023 16:08:52 +0000
ROA not after:            Tue 23 Aug 2033 16:08:52 +0000
asID:                     327992
IP address blocks:        169.239.248.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36580B0/0AC199A441CE11EEBCA91D114AD9E6FC/6KKF56kRnMEwyin3NXnbBoJPg7U.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36580B0/0AC199A441CE11EEBCA91D114AD9E6FC/6KKF56kRnMEwyin3NXnbBoJPg7U.mft
                          rsync://rpki.afrinic.net/repository/arin/6KKF56kRnMEwyin3NXnbBoJPg7U.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 28 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36580B0AR/serialNumber=E8A285E7A9119CC130CA29F73579DB06824F83B5
        Validity
            Not Before: Aug 23 16:08:52 2023 GMT
            Not After : Aug 23 16:08:52 2033 GMT
        Subject: CN=64e62f1e-b312
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:35:8e:0c:63:70:ab:7a:a3:19:9c:41:dd:73:
                    01:52:66:26:c9:bd:53:53:a5:ab:53:6e:f6:26:48:
                    d5:68:94:30:f1:9c:3e:53:f9:e6:a9:82:6d:45:0c:
                    35:0a:41:4f:75:04:c9:59:6f:0f:e4:ba:fc:c8:8f:
                    a4:49:af:1b:7b:91:e3:19:4f:61:32:2e:38:66:5e:
                    36:2b:89:63:19:7d:ce:6c:fa:99:ce:01:b3:a4:11:
                    9a:aa:c6:75:64:1c:b2:8a:07:58:89:44:41:78:a5:
                    a9:6c:40:ff:39:39:8e:c9:7d:58:44:eb:ed:d5:ca:
                    85:b2:bb:60:ea:56:f2:e4:5a:31:1b:a3:4c:c3:46:
                    52:00:41:25:47:ae:f2:33:4e:89:a9:77:82:1f:ce:
                    36:26:87:d5:97:74:4c:2e:7a:5f:b8:99:58:42:50:
                    39:67:14:7b:29:78:55:b9:92:c8:5b:b0:4d:8b:4c:
                    42:88:d4:58:26:be:69:70:20:9d:3c:6f:58:ed:4e:
                    3d:5d:07:b0:d7:ac:14:4d:b6:c0:7a:fc:ed:9d:f9:
                    ef:f5:93:a1:fb:88:94:b1:e1:60:2e:fd:26:c1:79:
                    66:28:7e:8b:40:e0:bc:8f:74:5e:ff:bc:d6:0c:e2:
                    96:1d:ab:d6:45:9a:96:15:c8:55:c0:52:a4:77:e0:
                    2d:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0C:A6:2C:4F:84:DB:97:A1:B8:4D:7D:6C:6E:71:B8:53:69:4D:1A:82
            X509v3 Authority Key Identifier:
                keyid:E8:A2:85:E7:A9:11:9C:C1:30:CA:29:F7:35:79:DB:06:82:4F:83:B5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36580B0/0AC199A441CE11EEBCA91D114AD9E6FC/6KKF56kRnMEwyin3NXnbBoJPg7U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/6KKF56kRnMEwyin3NXnbBoJPg7U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36580B0/0AC199A441CE11EEBCA91D114AD9E6FC/60251E1041CF11EE97BA22154AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.239.248.0/22

    Signature Algorithm: sha256WithRSAEncryption
         11:cf:1e:f0:cb:de:fd:ab:ff:3d:b2:7c:c5:f9:d4:10:45:48:
         c5:49:d4:8e:0f:0a:12:2d:59:b9:3a:72:f1:57:a9:c2:ba:bc:
         db:67:dd:61:62:2b:e5:b3:a3:c9:99:83:8c:99:56:82:32:d7:
         02:cf:e0:83:53:aa:e9:d9:fa:9e:73:65:f0:7e:ae:90:6a:3c:
         bf:14:1e:72:bf:28:e8:c9:5a:1c:fc:66:e9:d2:1e:2a:e5:fc:
         13:ce:fc:fb:4b:11:54:42:cc:55:fc:6a:fe:a8:43:53:e6:44:
         ee:00:e0:d9:92:4f:79:7b:c3:66:74:eb:9a:72:d4:2e:14:28:
         7d:a7:67:b8:62:84:40:14:1b:bc:cf:26:01:b6:12:6a:a4:58:
         bc:31:33:41:8e:c7:d1:ff:f1:b2:3f:ed:64:07:14:a4:4d:12:
         09:bd:3d:e2:1c:49:d9:a7:57:9b:7c:6f:7c:9f:65:49:6b:46:
         49:19:7d:20:c5:98:fb:8e:63:a8:5e:36:f9:ef:80:56:b2:85:
         cd:1d:be:49:a5:8d:50:91:21:7b:eb:e3:5b:0d:8b:67:ea:1f:
         1d:a6:9f:57:9f:eb:c5:f9:34:5d:e6:b2:ed:a1:ef:6b:76:dd:
         33:b0:c4:ca:d3:81:d0:d5:42:8a:4f:15:f2:82:00:b4:ec:e2:
         70:f7:53:9a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
ODBCMEFSMTEwLwYDVQQFEyhFOEEyODVFN0E5MTE5Q0MxMzBDQTI5RjczNTc5REIw
NjgyNEY4M0I1MB4XDTIzMDgyMzE2MDg1MloXDTMzMDgyMzE2MDg1MlowGDEWMBQG
A1UEAxMNNjRlNjJmMWUtYjMxMjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKM1jgxjcKt6oxmcQd1zAVJmJsm9U1Olq1Nu9iZI1WiUMPGcPlP55qmCbUUM
NQpBT3UEyVlvD+S6/MiPpEmvG3uR4xlPYTIuOGZeNiuJYxl9zmz6mc4Bs6QRmqrG
dWQcsooHWIlEQXilqWxA/zk5jsl9WETr7dXKhbK7YOpW8uRaMRujTMNGUgBBJUeu
8jNOial3gh/ONiaH1Zd0TC56X7iZWEJQOWcUeyl4VbmSyFuwTYtMQojUWCa+aXAg
nTxvWO1OPV0HsNesFE22wHr87Z357/WTofuIlLHhYC79JsF5Zih+i0DgvI90Xv+8
1gzilh2r1kWalhXIVcBSpHfgLXECAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQMpixP
hNuXobhNfWxucbhTaU0agjAfBgNVHSMEGDAWgBToooXnqRGcwTDKKfc1edsGgk+D
tTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTgwQjAvMEFDMTk5QTQ0MUNFMTFFRUJDQTkxRDExNEFEOUU2RkMvNktLRjU2
a1JuTUV3eWluM05YbmJCb0pQZzdVLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
NktLRjU2a1JuTUV3eWluM05YbmJCb0pQZzdVLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NTgwQjAvMEFDMTk5QTQ0MUNFMTFFRUJDQTkxRDExNEFEOUU2
RkMvNjAyNTFFMTA0MUNGMTFFRTk3QkEyMjE1NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqnv+DANBgkqhkiG9w0BAQsFAAOC
AQEAEc8e8Mve/av/PbJ8xfnUEEVIxUnUjg8KEi1ZuTpy8Vepwrq822fdYWIr5bOj
yZmDjJlWgjLXAs/gg1Oq6dn6nnNl8H6ukGo8vxQecr8o6MlaHPxm6dIeKuX8E878
+0sRVELMVfxq/qhDU+ZE7gDg2ZJPeXvDZnTrmnLULhQofadnuGKEQBQbvM8mAbYS
aqRYvDEzQY7H0f/xsj/tZAcUpE0SCb094hxJ2adXm3xvfJ9lSWtGSRl9IMWY+45j
qF42+e+AVrKFzR2+SaWNUJEhe+vjWw2LZ+ofHaafV5/rxfk0Xeay7aHva3bdM7DE
ytOB0NVCik8V8oIAtOzicPdTmg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 04:53:38 2024 by rpki-client on console-ams.rpki-client.org