Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365F7E8/B87BC27696CA11EEBFD5AC73D25BE465/79AD612A96CB11EE98861375D25BE465.roa
File:                     79AD612A96CB11EE98861375D25BE465.roa (raw, json)
Hash identifier:          pJJwWWZ3eGmNADavfEjqIboJzELGSXs7htQ7g1gn4ko=
Subject key identifier:   FA:6E:33:96:1C:BD:98:52:23:C1:5B:D1:5B:24:45:EB:73:16:60:C9
Certificate issuer:       /CN=F365F7E8AR/serialNumber=92288280E3D882DEC415F5881C015C87659D684A
Certificate serial:       03
Authority key identifier: 92:28:82:80:E3:D8:82:DE:C4:15:F5:88:1C:01:5C:87:65:9D:68:4A
Authority info access:    rsync://rpki.afrinic.net/repository/arin/kiiCgOPYgt7EFfWIHAFch2WdaEo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365F7E8/B87BC27696CA11EEBFD5AC73D25BE465/79AD612A96CB11EE98861375D25BE465.roa
Signing time:             Sat 09 Dec 2023 19:45:16 +0000
ROA not before:           Sat 09 Dec 2023 19:45:12 +0000
ROA not after:            Mon 09 Dec 2024 19:45:12 +0000
asID:                     328176
IP address blocks:        160.19.36.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365F7E8/B87BC27696CA11EEBFD5AC73D25BE465/kiiCgOPYgt7EFfWIHAFch2WdaEo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365F7E8/B87BC27696CA11EEBFD5AC73D25BE465/kiiCgOPYgt7EFfWIHAFch2WdaEo.mft
                          rsync://rpki.afrinic.net/repository/arin/kiiCgOPYgt7EFfWIHAFch2WdaEo.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:16:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365F7E8AR/serialNumber=92288280E3D882DEC415F5881C015C87659D684A
        Validity
            Not Before: Dec  9 19:45:12 2023 GMT
            Not After : Dec  9 19:45:12 2024 GMT
        Subject: CN=6574c3cc-8cc8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:cb:a0:8a:ca:74:96:d4:38:10:ef:2e:4e:fc:
                    24:24:7e:c2:ff:31:92:77:d1:fc:84:10:80:2d:ef:
                    cc:e3:93:96:14:ba:d5:11:d5:13:b8:40:11:5d:21:
                    3b:e3:25:f8:6a:91:64:f3:20:8c:8c:c7:49:b4:3a:
                    ee:d7:43:69:96:68:5e:58:7f:c3:d8:91:ed:b7:cc:
                    eb:38:b2:95:69:d8:c6:7c:60:6f:c5:51:3f:2f:7e:
                    03:9b:d2:d2:ed:3a:c6:80:cd:c7:c9:b3:4d:7d:9a:
                    7e:67:57:31:22:25:c1:4f:7a:28:a7:75:00:4e:2b:
                    ef:cb:9d:5e:2a:c4:21:24:5c:86:72:c3:2a:35:5b:
                    eb:4d:58:b7:a7:a4:6c:f0:99:f2:ab:b7:a4:67:f7:
                    f3:d8:b1:93:e8:7f:80:71:01:55:47:a2:94:fb:36:
                    3b:fc:2b:03:29:06:a0:3b:f4:47:a7:c6:b6:de:72:
                    01:64:be:a1:fa:e3:0f:e0:ba:c7:d9:fa:aa:8f:6f:
                    17:4e:eb:57:c7:13:48:55:8f:f3:0f:75:b1:05:2f:
                    53:c1:5d:11:27:b3:68:bf:0c:f1:a9:19:4a:e9:ef:
                    44:d5:d4:5a:51:1f:c4:64:72:57:c9:6f:e3:e6:a6:
                    d4:4f:74:ce:56:ac:32:67:c3:4a:99:3d:f6:dc:98:
                    1b:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:6E:33:96:1C:BD:98:52:23:C1:5B:D1:5B:24:45:EB:73:16:60:C9
            X509v3 Authority Key Identifier:
                keyid:92:28:82:80:E3:D8:82:DE:C4:15:F5:88:1C:01:5C:87:65:9D:68:4A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365F7E8/B87BC27696CA11EEBFD5AC73D25BE465/kiiCgOPYgt7EFfWIHAFch2WdaEo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/kiiCgOPYgt7EFfWIHAFch2WdaEo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365F7E8/B87BC27696CA11EEBFD5AC73D25BE465/79AD612A96CB11EE98861375D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.19.36.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:ce:b2:3c:8a:91:0b:1b:ca:43:e7:ca:cd:a0:bb:2e:cf:f2:
         fd:50:46:4f:e8:1b:da:7f:f6:27:7b:05:44:1c:e4:b5:de:57:
         9d:51:c8:eb:ad:07:b5:74:76:ac:fc:c2:c5:1e:4d:50:8f:be:
         76:7f:e3:cb:2f:33:87:8b:db:40:6e:a1:60:01:93:5e:1a:c6:
         37:30:51:13:4d:42:5d:1e:18:46:60:9a:03:c3:45:64:e9:6c:
         e4:34:73:74:4e:52:25:db:b0:52:15:7e:a7:4f:1a:9c:7e:c8:
         16:92:00:29:c1:2d:ea:e6:c4:45:78:2e:69:67:c5:d1:13:78:
         c6:8a:f6:35:cc:92:23:59:e9:7b:5b:88:5e:c2:4a:a0:48:11:
         bc:dc:78:14:6d:be:f9:1b:b3:7a:a9:43:06:e4:24:d2:30:6a:
         0c:5c:2e:f1:7d:07:e8:8b:d6:1f:5a:02:db:b5:2b:82:16:c2:
         b9:ff:c2:52:f9:2a:2f:6c:a6:e1:04:21:89:bf:71:47:e2:d4:
         10:fe:b7:13:9c:c5:bf:45:04:5f:a9:cd:91:37:45:35:f7:9c:
         c8:69:a4:78:85:de:0a:6d:55:96:8c:db:44:41:3e:25:05:a3:
         6c:5a:63:bd:e3:aa:11:7f:a0:50:20:b7:54:ba:9a:90:6a:cd:
         ee:d4:65:5a
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
RjdFOEFSMTEwLwYDVQQFEyg5MjI4ODI4MEUzRDg4MkRFQzQxNUY1ODgxQzAxNUM4
NzY1OUQ2ODRBMB4XDTIzMTIwOTE5NDUxMloXDTI0MTIwOTE5NDUxMlowGDEWMBQG
A1UEAxMNNjU3NGMzY2MtOGNjODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMjLoIrKdJbUOBDvLk78JCR+wv8xknfR/IQQgC3vzOOTlhS61RHVE7hAEV0h
O+Ml+GqRZPMgjIzHSbQ67tdDaZZoXlh/w9iR7bfM6ziylWnYxnxgb8VRPy9+A5vS
0u06xoDNx8mzTX2afmdXMSIlwU96KKd1AE4r78udXirEISRchnLDKjVb601Yt6ek
bPCZ8qu3pGf389ixk+h/gHEBVUeilPs2O/wrAykGoDv0R6fGtt5yAWS+ofrjD+C6
x9n6qo9vF07rV8cTSFWP8w91sQUvU8FdESezaL8M8akZSunvRNXUWlEfxGRyV8lv
4+am1E90zlasMmfDSpk99tyYG6MCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBT6bjOW
HL2YUiPBW9FbJEXrcxZgyTAfBgNVHSMEGDAWgBSSKIKA49iC3sQV9YgcAVyHZZ1o
SjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUY3RTgvQjg3QkMyNzY5NkNBMTFFRUJGRDVBQzczRDI1QkU0NjUva2lpQ2dP
UFlndDdFRmZXSUhBRmNoMldkYUVvLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
a2lpQ2dPUFlndDdFRmZXSUhBRmNoMldkYUVvLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NUY3RTgvQjg3QkMyNzY5NkNBMTFFRUJGRDVBQzczRDI1QkU0
NjUvNzlBRDYxMkE5NkNCMTFFRTk4ODYxMzc1RDI1QkU0NjUucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqATJDANBgkqhkiG9w0BAQsFAAOC
AQEACs6yPIqRCxvKQ+fKzaC7Ls/y/VBGT+gb2n/2J3sFRBzktd5XnVHI660HtXR2
rPzCxR5NUI++dn/jyy8zh4vbQG6hYAGTXhrGNzBRE01CXR4YRmCaA8NFZOls5DRz
dE5SJduwUhV+p08anH7IFpIAKcEt6ubERXguaWfF0RN4xor2NcySI1npe1uIXsJK
oEgRvNx4FG2++RuzeqlDBuQk0jBqDFwu8X0H6IvWH1oC27UrghbCuf/CUvkqL2ym
4QQhib9xR+LUEP63E5zFv0UEX6nNkTdFNfecyGmkeIXeCm1VlozbREE+JQWjbFpj
veOqEX+gUCC3VLqakGrN7tRlWg==
-----END CERTIFICATE-----
Generated at Sat Jun 15 04:18:03 2024 by rpki-client on console-ams.rpki-client.org