Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/09340C7EA61511EEB5678227D25BE465.roa
File:                     09340C7EA61511EEB5678227D25BE465.roa (raw, json)
Hash identifier:          qBQv04aONjKQg1mN81NYi8BI2PtGNq3ZPqDhJWC6NGM=
Subject key identifier:   48:C8:B6:38:A1:83:38:A2:F0:26:29:76:25:10:70:0E:F2:A0:D9:37
Certificate issuer:       /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial:       01FF
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access:    rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/09340C7EA61511EEB5678227D25BE465.roa
Signing time:             Fri 29 Dec 2023 06:39:37 +0000
ROA not before:           Fri 29 Dec 2023 06:39:34 +0000
ROA not after:            Sat 28 Dec 2024 06:39:34 +0000
asID:                     53356
IP address blocks:        66.251.153.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.mft
                          rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 511 (0x1ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
        Validity
            Not Before: Dec 29 06:39:34 2023 GMT
            Not After : Dec 28 06:39:34 2024 GMT
        Subject: CN=658e69a9-3885
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:dc:92:7b:cd:e8:2b:24:9d:c6:b2:01:11:56:
                    9d:04:37:e0:74:a7:63:d7:9f:65:e3:3d:e7:75:1f:
                    4b:a9:ad:d1:ee:77:0c:bd:7f:c7:a2:a8:51:e9:1b:
                    1f:02:44:15:3e:7e:8c:8f:4c:64:cf:62:79:99:17:
                    0b:a4:3e:79:58:7d:f0:0b:42:a7:f5:d9:3e:e1:49:
                    08:84:a3:9f:08:33:26:b5:0a:8b:1e:c7:d5:a3:d0:
                    80:55:b5:d5:e1:63:e8:c3:e5:8a:1f:b5:b3:51:0c:
                    c1:5e:f3:1a:57:1c:61:31:d5:ef:45:ce:59:26:0c:
                    ac:24:3f:c8:c1:e5:c5:71:7d:f2:d6:bc:c3:e9:9b:
                    74:52:db:35:78:79:49:59:6e:36:bb:67:59:89:5c:
                    85:ed:6f:6c:18:43:7e:8d:47:28:9d:56:ff:52:c8:
                    65:36:c1:69:9d:d8:71:a8:ec:ca:b3:88:b8:d6:31:
                    6a:46:b0:87:99:d8:e5:e0:86:6d:7f:c4:8f:4a:18:
                    21:c9:91:e5:d8:08:4e:57:7b:bd:59:fd:c3:91:c8:
                    21:8f:83:02:62:95:50:a0:6c:2e:45:b3:bc:1d:c1:
                    c0:53:cd:26:54:1c:15:d6:1d:75:89:07:87:e9:a5:
                    89:2d:e2:94:a1:f3:55:a9:f1:c6:e3:ab:f7:83:b1:
                    a1:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:C8:B6:38:A1:83:38:A2:F0:26:29:76:25:10:70:0E:F2:A0:D9:37
            X509v3 Authority Key Identifier:
                keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/09340C7EA61511EEB5678227D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.251.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0b:19:d0:e4:98:6c:41:6a:d4:c4:17:2b:9c:26:7c:8f:53:d4:
         2a:ab:10:84:ec:12:17:77:ad:39:a7:fd:e4:32:61:7e:e4:5f:
         a5:5c:fe:ff:23:22:47:16:5a:67:16:60:23:a7:f3:75:a6:e0:
         eb:e8:79:bf:a5:15:58:11:f3:04:e1:8a:d7:93:b1:f4:37:5f:
         14:90:71:5a:82:d8:8c:e8:8f:bd:0b:f4:65:60:39:0f:56:2d:
         2c:85:05:0d:52:9a:0f:8e:5d:2f:3d:05:86:a1:f7:68:01:e6:
         04:9c:82:ea:08:07:f3:4d:02:c5:18:21:b3:87:f7:75:a8:15:
         55:24:3b:e5:08:7a:ed:f4:d0:1b:c5:7b:c9:52:be:05:ea:07:
         c1:34:1e:fd:e0:04:74:0c:43:39:d9:a6:ff:af:23:8e:03:f3:
         cb:82:5b:35:0d:34:5d:6c:bf:87:fa:dd:2c:8b:db:6c:23:9f:
         a6:11:5a:2e:11:85:79:74:85:1e:5b:d8:86:08:a2:33:46:83:
         bd:c9:8e:bf:83:d3:9d:cb:c8:5b:55:e5:b2:4d:6a:d2:5b:98:
         ba:b6:6c:85:6e:02:8a:e0:2c:35:3c:05:93:db:d2:78:91:8e:
         34:9d:88:b5:62:6e:2b:d3:5b:cc:6b:0b:e0:f0:4d:0e:9a:db:
         5c:ed:fe:cc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAf8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yMzEyMjkwNjM5MzRaFw0yNDEyMjgwNjM5MzRaMBgxFjAU
BgNVBAMTDTY1OGU2OWE5LTM4ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDB3JJ7zegrJJ3GsgERVp0EN+B0p2PXn2XjPed1H0uprdHudwy9f8eiqFHp
Gx8CRBU+foyPTGTPYnmZFwukPnlYffALQqf12T7hSQiEo58IMya1Cosex9Wj0IBV
tdXhY+jD5YoftbNRDMFe8xpXHGEx1e9FzlkmDKwkP8jB5cVxffLWvMPpm3RS2zV4
eUlZbja7Z1mJXIXtb2wYQ36NRyidVv9SyGU2wWmd2HGo7MqziLjWMWpGsIeZ2OXg
hm1/xI9KGCHJkeXYCE5Xe71Z/cORyCGPgwJilVCgbC5Fs7wdwcBTzSZUHBXWHXWJ
B4fppYkt4pSh81Wp8cbjq/eDsaHZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUSMi2
OKGDOKLwJil2JRBwDvKg2TcwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4LzA5MzQwQzdFQTYxNTExRUVCNTY3ODIyN0QyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+5kwDQYJKoZIhvcNAQELBQAD
ggEBAAsZ0OSYbEFq1MQXK5wmfI9T1CqrEITsEhd3rTmn/eQyYX7kX6Vc/v8jIkcW
WmcWYCOn83Wm4Ovoeb+lFVgR8wThiteTsfQ3XxSQcVqC2Izoj70L9GVgOQ9WLSyF
BQ1Smg+OXS89BYah92gB5gScguoIB/NNAsUYIbOH93WoFVUkO+UIeu300BvFe8lS
vgXqB8E0Hv3gBHQMQznZpv+vI44D88uCWzUNNF1sv4f63SyL22wjn6YRWi4RhXl0
hR5b2IYIojNGg73Jjr+D053LyFtV5bJNatJbmLq2bIVuAorgLDU8BZPb0niRjjSd
iLVibivTW8xrC+DwTQ6a21zt/sw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:35 2024 by rpki-client on console-ams.rpki-client.org