Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/CA22557A6CC311EEADC6BA794AD9E6FC.roa
File:                     CA22557A6CC311EEADC6BA794AD9E6FC.roa (raw, json)
Hash identifier:          oggy/nm73zs7H5jaTFugBIIpgLOqgVoTTLdGZpNH8nI=
Subject key identifier:   1B:E5:88:92:1D:8C:0E:AE:A3:F2:B9:F4:C9:FD:32:BA:BC:40:B2:DF
Certificate issuer:       /CN=F365F086AR/serialNumber=5AB4A9FE5832F6C24C042A371267F660C2955765
Certificate serial:       04
Authority key identifier: 5A:B4:A9:FE:58:32:F6:C2:4C:04:2A:37:12:67:F6:60:C2:95:57:65
Authority info access:    rsync://rpki.afrinic.net/repository/arin/WrSp_lgy9sJMBCo3Emf2YMKVV2U.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/CA22557A6CC311EEADC6BA794AD9E6FC.roa
Signing time:             Tue 17 Oct 2023 08:04:26 +0000
ROA not before:           Tue 17 Oct 2023 08:04:23 +0000
ROA not after:            Tue 17 Oct 2028 08:04:23 +0000
asID:                     37678
IP address blocks:        129.205.244.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/WrSp_lgy9sJMBCo3Emf2YMKVV2U.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/WrSp_lgy9sJMBCo3Emf2YMKVV2U.mft
                          rsync://rpki.afrinic.net/repository/arin/WrSp_lgy9sJMBCo3Emf2YMKVV2U.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:16:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365F086AR/serialNumber=5AB4A9FE5832F6C24C042A371267F660C2955765
        Validity
            Not Before: Oct 17 08:04:23 2023 GMT
            Not After : Oct 17 08:04:23 2028 GMT
        Subject: CN=652e400a-de34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:1b:b8:fc:7c:75:55:d0:30:f2:e4:d8:90:da:
                    94:56:76:a9:35:40:b9:39:ee:cb:43:64:36:aa:32:
                    68:3e:af:be:bf:80:d5:81:fd:c0:2d:5c:d9:c4:04:
                    4b:25:d6:42:d9:07:d5:5d:26:20:ee:78:f1:63:57:
                    47:2a:29:86:ba:bf:1b:b7:a4:93:39:18:f5:fb:f9:
                    38:90:db:5c:f1:94:e8:39:28:a4:a7:a9:55:9e:d1:
                    4a:e0:8a:b4:75:9f:d0:4a:de:b8:3a:d2:9a:17:28:
                    af:0e:74:0b:41:54:64:40:9b:94:ef:1a:82:0a:cf:
                    01:3d:ad:19:98:d4:86:65:2c:30:1e:74:45:61:75:
                    33:9e:85:fa:af:19:be:6e:1f:32:e2:23:46:7c:f4:
                    b7:24:75:36:19:04:dd:ff:89:8c:c0:ae:0e:fe:90:
                    dc:89:d8:8c:5c:ee:88:07:11:40:ec:d7:73:7d:80:
                    fb:cf:2d:56:6b:4b:ef:54:71:d2:a3:69:1f:d0:10:
                    7c:1f:b2:6c:6f:48:a7:37:da:cb:ac:96:70:15:1c:
                    19:02:7a:ad:f3:83:8c:c8:44:de:b0:18:50:a6:ff:
                    73:ba:2a:56:28:98:fe:11:1c:81:8b:3c:20:7c:38:
                    6b:b3:85:94:59:3f:59:a0:61:83:9b:d3:f9:5c:2c:
                    e5:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:E5:88:92:1D:8C:0E:AE:A3:F2:B9:F4:C9:FD:32:BA:BC:40:B2:DF
            X509v3 Authority Key Identifier:
                keyid:5A:B4:A9:FE:58:32:F6:C2:4C:04:2A:37:12:67:F6:60:C2:95:57:65

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/WrSp_lgy9sJMBCo3Emf2YMKVV2U.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/WrSp_lgy9sJMBCo3Emf2YMKVV2U.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F086/F2116F0A6CBC11EEBCEE3C644AD9E6FC/CA22557A6CC311EEADC6BA794AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  129.205.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:28:62:c3:45:19:f4:8a:ff:0b:af:3c:18:00:fc:ca:33:4d:
         95:32:ed:c1:b8:7e:33:56:31:cf:3e:7e:8e:db:e7:2c:26:81:
         22:b3:2c:3c:b7:bc:88:9d:71:98:41:25:c7:51:8d:06:c8:42:
         88:6a:a5:79:fc:8b:80:bd:86:fb:97:d6:a8:55:3c:e1:1b:40:
         0f:3c:27:f2:7f:c5:55:c6:bb:81:94:f7:d3:d1:43:78:27:65:
         88:38:f8:3b:b9:1b:65:0f:64:21:66:53:d4:14:e2:32:c0:9f:
         02:c6:4e:59:c5:f7:81:e3:b3:3f:96:a2:f4:94:b6:19:8d:14:
         52:97:68:c0:68:76:34:a8:97:32:86:38:14:01:b7:77:86:76:
         0e:dd:6d:59:67:46:82:7e:7d:50:a9:8d:22:fb:69:ca:50:3a:
         36:72:94:c2:32:d7:8b:38:92:03:eb:bc:ae:9a:03:66:73:9c:
         20:ae:11:a1:f2:53:20:52:ed:c3:ad:bf:e8:b4:e8:8a:1f:5c:
         94:80:c4:4a:71:dd:e2:6c:32:9d:ff:10:8b:4c:c3:a4:1d:7e:
         21:79:60:a3:79:6c:4a:ec:a0:68:2a:77:38:48:44:d6:7a:4a:
         cd:f1:57:b0:fb:a8:b6:d5:61:d1:56:8d:ce:0c:bd:79:51:87:
         a0:91:db:53
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RjA4NkFSMTEwLwYDVQQFEyg1QUI0QTlGRTU4MzJGNkMyNEMwNDJBMzcxMjY3RjY2
MEMyOTU1NzY1MB4XDTIzMTAxNzA4MDQyM1oXDTI4MTAxNzA4MDQyM1owGDEWMBQG
A1UEAxMNNjUyZTQwMGEtZGUzNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMsbuPx8dVXQMPLk2JDalFZ2qTVAuTnuy0NkNqoyaD6vvr+A1YH9wC1c2cQE
SyXWQtkH1V0mIO548WNXRyophrq/G7ekkzkY9fv5OJDbXPGU6DkopKepVZ7RSuCK
tHWf0EreuDrSmhcorw50C0FUZECblO8aggrPAT2tGZjUhmUsMB50RWF1M56F+q8Z
vm4fMuIjRnz0tyR1NhkE3f+JjMCuDv6Q3InYjFzuiAcRQOzXc32A+88tVmtL71Rx
0qNpH9AQfB+ybG9Ipzfay6yWcBUcGQJ6rfODjMhE3rAYUKb/c7oqViiY/hEcgYs8
IHw4a7OFlFk/WaBhg5vT+Vws5W0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBQb5YiS
HYwOrqPyufTJ/TK6vECy3zAfBgNVHSMEGDAWgBRatKn+WDL2wkwEKjcSZ/ZgwpVX
ZTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUYwODYvRjIxMTZGMEE2Q0JDMTFFRUJDRUUzQzY0NEFEOUU2RkMvV3JTcF9s
Z3k5c0pNQkNvM0VtZjJZTUtWVjJVLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
V3JTcF9sZ3k5c0pNQkNvM0VtZjJZTUtWVjJVLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NUYwODYvRjIxMTZGMEE2Q0JDMTFFRUJDRUUzQzY0NEFEOUU2
RkMvQ0EyMjU1N0E2Q0MzMTFFRUFEQzZCQTc5NEFEOUU2RkMucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAIHN9DANBgkqhkiG9w0BAQsFAAOC
AQEAYChiw0UZ9Ir/C688GAD8yjNNlTLtwbh+M1Yxzz5+jtvnLCaBIrMsPLe8iJ1x
mEElx1GNBshCiGqlefyLgL2G+5fWqFU84RtADzwn8n/FVca7gZT309FDeCdliDj4
O7kbZQ9kIWZT1BTiMsCfAsZOWcX3geOzP5ai9JS2GY0UUpdowGh2NKiXMoY4FAG3
d4Z2Dt1tWWdGgn59UKmNIvtpylA6NnKUwjLXiziSA+u8rpoDZnOcIK4RofJTIFLt
w62/6LToih9clIDESnHd4mwynf8Qi0zDpB1+IXlgo3lsSuygaCp3OEhE1npKzfFX
sPuottVh0VaNzgy9eVGHoJHbUw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 03:05:52 2024 by rpki-client on console-fra.rpki-client.org