Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/5791505AB9F411EE8FBC11A2775412E6.roa
File:                     5791505AB9F411EE8FBC11A2775412E6.roa (raw, json)
Hash identifier:          RiZfKVNujOibBdQJCQV5nfFgYiMDCDPQssXL4CJo5FM=
Subject key identifier:   BF:57:A1:26:DD:03:67:A9:6D:6A:86:B1:F5:10:16:BF:F4:1A:5D:69
Certificate issuer:       /CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
Certificate serial:       0253
Authority key identifier: 09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01
Authority info access:    rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/5791505AB9F411EE8FBC11A2775412E6.roa
Signing time:             Tue 23 Jan 2024 13:35:59 +0000
ROA not before:           Tue 23 Jan 2024 13:35:55 +0000
ROA not after:            Wed 22 Jan 2025 13:35:55 +0000
asID:                     174
IP address blocks:        66.251.184.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.mft
                          rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 26 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 595 (0x253)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3659F9CAR/serialNumber=09FB3136ECD5E3D7CF00B32C121F12E8AFD0A601
        Validity
            Not Before: Jan 23 13:35:55 2024 GMT
            Not After : Jan 22 13:35:55 2025 GMT
        Subject: CN=65afc0bf-d33e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:a6:f3:e8:2f:4e:b9:d5:3d:25:1f:fb:cb:25:
                    90:de:0f:a3:be:ea:07:2f:87:c1:d0:ad:29:cb:ea:
                    4d:1c:7d:df:d3:e3:5d:3d:38:c0:de:64:dc:ca:2c:
                    80:35:be:90:ce:79:83:f3:ee:cb:cd:ea:e9:a4:5f:
                    85:9a:86:86:5d:d3:a0:fd:d0:4c:f8:c7:a7:ac:05:
                    a8:1f:4c:7c:45:fc:d2:1f:ac:dd:42:9f:35:bf:5d:
                    f9:38:ba:a5:73:61:46:7e:c3:ac:09:40:e3:53:32:
                    02:83:f5:d7:c8:c7:db:79:f5:d5:08:4f:26:41:74:
                    b3:8a:07:8a:b2:23:49:64:6d:6b:ad:1b:01:98:2b:
                    11:2f:8c:98:6e:17:7e:3d:a2:24:97:f1:0b:35:48:
                    46:8e:7b:24:66:ad:27:03:39:6f:8e:de:52:08:03:
                    25:7f:8d:38:a0:f4:3c:a9:b2:e9:ed:a7:a5:aa:0b:
                    14:54:d6:79:f0:c5:cc:e7:ee:81:46:a1:30:78:41:
                    c0:3e:98:4e:37:bd:05:d3:96:cc:56:51:04:ba:63:
                    fe:68:5f:00:cb:e6:9e:93:90:27:45:ae:85:1a:3c:
                    74:08:2c:3d:3e:b2:bd:be:ad:b3:a5:c0:af:94:8f:
                    b5:d3:86:b6:e9:de:66:1d:df:71:ae:d2:72:f1:c5:
                    7a:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:57:A1:26:DD:03:67:A9:6D:6A:86:B1:F5:10:16:BF:F4:1A:5D:69
            X509v3 Authority Key Identifier:
                keyid:09:FB:31:36:EC:D5:E3:D7:CF:00:B3:2C:12:1F:12:E8:AF:D0:A6:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/CfsxNuzV49fPALMsEh8S6K_QpgE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CfsxNuzV49fPALMsEh8S6K_QpgE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3659F9C/1D22996E7A0911EDBD422185F1222468/5791505AB9F411EE8FBC11A2775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  66.251.184.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ba:34:f5:10:86:f2:ef:97:af:39:da:7d:55:8f:ce:44:7d:8a:
         7d:29:39:d9:d7:43:8d:12:6d:35:e7:1a:5f:e1:bd:d5:5f:68:
         c1:43:18:03:73:28:29:e1:ee:46:c5:51:b9:50:07:55:8e:28:
         bc:68:9c:5c:1f:f0:12:76:e1:22:ef:1f:c2:98:33:be:6a:56:
         e4:6b:70:2c:f5:56:4e:2d:82:6c:91:37:00:c4:99:80:f7:20:
         0e:bb:16:fa:0e:90:b5:05:ab:f5:01:70:19:56:77:67:70:bc:
         6b:fc:9c:d7:e9:22:31:85:23:cf:61:90:90:8f:1d:d2:dc:11:
         8b:fc:d2:6c:4d:da:93:07:3e:67:f4:79:73:c9:46:57:93:f5:
         6e:3c:8d:93:b9:2a:29:e5:cb:4a:4d:ab:bc:86:9c:bf:86:ac:
         00:cc:33:eb:c2:7a:f5:97:57:18:42:0e:b5:de:db:ed:e0:a5:
         6b:a5:e0:3a:6c:40:e1:ea:bb:68:a5:78:d9:af:3a:40:40:f3:
         11:1c:06:47:03:cd:eb:f6:ee:cf:15:63:6a:1d:4e:04:3e:b5:
         4d:75:75:6f:b2:f0:2b:88:29:7e:03:e4:b4:f9:ba:4b:da:39:
         2e:c2:eb:ed:54:00:76:55:82:f5:cd:77:05:0e:88:10:fb:91:
         9a:dd:e1:88
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAlMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NTlGOUNBUjExMC8GA1UEBRMoMDlGQjMxMzZFQ0Q1RTNEN0NGMDBCMzJDMTIxRjEy
RThBRkQwQTYwMTAeFw0yNDAxMjMxMzM1NTVaFw0yNTAxMjIxMzM1NTVaMBgxFjAU
BgNVBAMTDTY1YWZjMGJmLWQzM2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCqpvPoL0651T0lH/vLJZDeD6O+6gcvh8HQrSnL6k0cfd/T4109OMDeZNzK
LIA1vpDOeYPz7svN6umkX4WahoZd06D90Ez4x6esBagfTHxF/NIfrN1CnzW/Xfk4
uqVzYUZ+w6wJQONTMgKD9dfIx9t59dUITyZBdLOKB4qyI0lkbWutGwGYKxEvjJhu
F349oiSX8Qs1SEaOeyRmrScDOW+O3lIIAyV/jTig9Dypsuntp6WqCxRU1nnwxczn
7oFGoTB4QcA+mE43vQXTlsxWUQS6Y/5oXwDL5p6TkCdFroUaPHQILD0+sr2+rbOl
wK+Uj7XThrbp3mYd33Gu0nLxxXrTAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUv1eh
Jt0DZ6ltaoax9RAWv/QaXWkwHwYDVR0jBBgwFoAUCfsxNuzV49fPALMsEh8S6K/Q
pgEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIyNDY4L0Nmc3hO
dXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0Nmc3hOdXpWNDlmUEFMTXNFaDhTNktfUXBnRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjU5RjlDLzFEMjI5OTZFN0EwOTExRURCRDQyMjE4NUYxMjIy
NDY4LzU3OTE1MDVBQjlGNDExRUU4RkJDMTFBMjc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABC+7gwDQYJKoZIhvcNAQELBQAD
ggEBALo09RCG8u+XrznafVWPzkR9in0pOdnXQ40SbTXnGl/hvdVfaMFDGANzKCnh
7kbFUblQB1WOKLxonFwf8BJ24SLvH8KYM75qVuRrcCz1Vk4tgmyRNwDEmYD3IA67
FvoOkLUFq/UBcBlWd2dwvGv8nNfpIjGFI89hkJCPHdLcEYv80mxN2pMHPmf0eXPJ
RleT9W48jZO5Kinly0pNq7yGnL+GrADMM+vCevWXVxhCDrXe2+3gpWul4DpsQOHq
u2ileNmvOkBA8xEcBkcDzev27s8VY2odTgQ+tU11dW+y8CuIKX4D5LT5ukvaOS7C
6+1UAHZVgvXNdwUOiBD7kZrd4Yg=
-----END CERTIFICATE-----
Generated at Sun Nov 24 03:17:55 2024 by rpki-client on console-ams.rpki-client.org