Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663CEE/2E98855883BE11EA9D53D930F8AEA228/AAA76CD07CA911EEB799D4404AD9E6FC.roa
File:                     AAA76CD07CA911EEB799D4404AD9E6FC.roa (raw, json)
Hash identifier:          uV386kUWUstOnfYOK6lNmaUSe+2BZ9bed5NiwS5IKfM=
Subject key identifier:   51:AD:27:AF:95:81:D9:F7:E6:49:CE:FF:22:DC:F3:4A:DC:6F:B7:07
Certificate issuer:       /CN=F3663CEEAR/serialNumber=E7AE8FC09CF807DED3463DDB4200151BA50A559F
Certificate serial:       052F
Authority key identifier: E7:AE:8F:C0:9C:F8:07:DE:D3:46:3D:DB:42:00:15:1B:A5:0A:55:9F
Authority info access:    rsync://rpki.afrinic.net/repository/arin/566PwJz4B97TRj3bQgAVG6UKVZ8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/2E98855883BE11EA9D53D930F8AEA228/AAA76CD07CA911EEB799D4404AD9E6FC.roa
Signing time:             Mon 06 Nov 2023 13:37:45 +0000
ROA not before:           Mon 06 Nov 2023 13:37:41 +0000
ROA not after:            Sun 06 Nov 2033 13:37:41 +0000
asID:                     327693
IP address blocks:        160.119.136.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/2E98855883BE11EA9D53D930F8AEA228/566PwJz4B97TRj3bQgAVG6UKVZ8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/2E98855883BE11EA9D53D930F8AEA228/566PwJz4B97TRj3bQgAVG6UKVZ8.mft
                          rsync://rpki.afrinic.net/repository/arin/566PwJz4B97TRj3bQgAVG6UKVZ8.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1327 (0x52f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3663CEEAR/serialNumber=E7AE8FC09CF807DED3463DDB4200151BA50A559F
        Validity
            Not Before: Nov  6 13:37:41 2023 GMT
            Not After : Nov  6 13:37:41 2033 GMT
        Subject: CN=6548ec29-8b51
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:22:d8:d2:04:84:13:35:7c:d4:16:e9:00:7b:
                    7f:00:d4:41:55:80:b3:43:e2:38:f1:b0:9b:dc:11:
                    df:54:f2:ab:6b:c8:50:47:74:64:20:29:3d:e7:ce:
                    64:3a:bd:bf:87:c4:9d:45:75:c8:65:2b:e2:a9:ff:
                    78:cf:93:9b:46:69:8f:b6:c1:c6:05:2d:fe:54:d5:
                    0a:b7:41:84:6b:1a:20:08:3d:8f:11:41:33:5f:d8:
                    34:2e:0a:0f:2a:30:6a:b5:f1:5d:62:5e:0d:68:3a:
                    56:de:dc:16:a7:8d:9b:9d:e7:d0:1f:09:91:1a:af:
                    a9:2b:2b:49:e3:b4:4b:45:d9:3a:45:fa:79:aa:8e:
                    4f:5a:5c:7f:da:03:7c:5b:a2:63:22:84:96:1c:f1:
                    de:f9:a1:a5:ec:ea:54:0b:6b:ec:db:f4:dc:47:c7:
                    26:1f:ff:5b:2e:7a:e9:8b:f4:54:7e:d3:42:45:0e:
                    f9:d1:4c:78:25:13:fa:b0:4a:7d:e9:9f:0e:d7:4b:
                    0f:97:49:78:93:7b:7a:8a:64:18:51:99:95:60:66:
                    43:09:cb:d0:90:4c:94:cc:21:83:4f:ad:1a:3f:bf:
                    97:fa:91:28:b6:0d:fe:36:bd:2c:59:ef:a0:69:9a:
                    f2:11:08:bc:28:16:07:5c:f8:ca:61:6e:f1:c6:0c:
                    c8:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:AD:27:AF:95:81:D9:F7:E6:49:CE:FF:22:DC:F3:4A:DC:6F:B7:07
            X509v3 Authority Key Identifier:
                keyid:E7:AE:8F:C0:9C:F8:07:DE:D3:46:3D:DB:42:00:15:1B:A5:0A:55:9F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/2E98855883BE11EA9D53D930F8AEA228/566PwJz4B97TRj3bQgAVG6UKVZ8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/566PwJz4B97TRj3bQgAVG6UKVZ8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/2E98855883BE11EA9D53D930F8AEA228/AAA76CD07CA911EEB799D4404AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.119.136.0/21

    Signature Algorithm: sha256WithRSAEncryption
         52:0a:4d:01:28:df:ff:e6:60:e3:d9:d8:88:06:20:70:12:0b:
         a1:0b:36:a6:49:64:93:6b:d1:45:e2:f2:28:01:4f:51:b1:12:
         8d:86:ff:aa:5e:79:c1:f5:a4:d0:53:60:77:e4:06:91:9c:d9:
         85:fb:3e:4f:72:b7:a9:42:f4:df:3a:9d:3a:ba:ef:86:e9:bb:
         1e:cc:02:01:11:e0:64:aa:c9:4b:07:99:06:14:9e:66:0d:38:
         ce:35:fc:ea:e8:9a:ff:28:06:f3:a9:bc:eb:56:5d:52:4c:0f:
         83:ec:d6:96:77:b6:ae:01:85:56:74:3d:df:dc:df:31:9f:66:
         de:cc:51:5f:1c:e9:80:61:d3:10:3d:b9:94:4d:b2:b1:79:f0:
         89:c2:58:f9:bb:c6:3a:b5:4e:c8:49:34:06:8c:d0:fb:f9:95:
         df:f4:1a:42:62:75:82:17:c5:b5:4a:37:40:ec:cf:9f:e1:ad:
         28:04:7c:91:3d:03:8d:a0:db:78:02:84:da:5e:bc:37:9b:39:
         0b:60:f5:58:14:e8:da:d6:36:21:47:be:53:00:1f:7b:42:23:
         fc:a6:6b:83:fb:ff:0e:c1:d9:8d:f7:e7:d8:15:bc:1f:03:e7:
         d8:60:f8:ac:43:0d:a2:50:a6:38:63:23:00:0c:17:dd:a7:5d:
         3b:08:b3:54
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBS8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjNDRUVBUjExMC8GA1UEBRMoRTdBRThGQzA5Q0Y4MDdERUQzNDYzRERCNDIwMDE1
MUJBNTBBNTU5RjAeFw0yMzExMDYxMzM3NDFaFw0zMzExMDYxMzM3NDFaMBgxFjAU
BgNVBAMTDTY1NDhlYzI5LThiNTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4ItjSBIQTNXzUFukAe38A1EFVgLND4jjxsJvcEd9U8qtryFBHdGQgKT3n
zmQ6vb+HxJ1FdchlK+Kp/3jPk5tGaY+2wcYFLf5U1Qq3QYRrGiAIPY8RQTNf2DQu
Cg8qMGq18V1iXg1oOlbe3BanjZud59AfCZEar6krK0njtEtF2TpF+nmqjk9aXH/a
A3xbomMihJYc8d75oaXs6lQLa+zb9NxHxyYf/1sueumL9FR+00JFDvnRTHglE/qw
Sn3pnw7XSw+XSXiTe3qKZBhRmZVgZkMJy9CQTJTMIYNPrRo/v5f6kSi2Df42vSxZ
76BpmvIRCLwoFgdc+MphbvHGDMgLAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUUa0n
r5WB2ffmSc7/ItzzStxvtwcwHwYDVR0jBBgwFoAU566PwJz4B97TRj3bQgAVG6UK
VZ8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYzQ0VFLzJFOTg4NTU4ODNCRTExRUE5RDUzRDkzMEY4QUVBMjI4LzU2NlB3
Sno0Qjk3VFJqM2JRZ0FWRzZVS1ZaOC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
LzU2NlB3Sno0Qjk3VFJqM2JRZ0FWRzZVS1ZaOC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjYzQ0VFLzJFOTg4NTU4ODNCRTExRUE5RDUzRDkzMEY4QUVB
MjI4L0FBQTc2Q0QwN0NBOTExRUVCNzk5RDQ0MDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOgd4gwDQYJKoZIhvcNAQELBQAD
ggEBAFIKTQEo3//mYOPZ2IgGIHASC6ELNqZJZJNr0UXi8igBT1GxEo2G/6peecH1
pNBTYHfkBpGc2YX7Pk9yt6lC9N86nTq674bpux7MAgER4GSqyUsHmQYUnmYNOM41
/Oromv8oBvOpvOtWXVJMD4Ps1pZ3tq4BhVZ0Pd/c3zGfZt7MUV8c6YBh0xA9uZRN
srF58InCWPm7xjq1TshJNAaM0Pv5ld/0GkJidYIXxbVKN0Dsz5/hrSgEfJE9A42g
23gChNpevDebOQtg9VgU6NrWNiFHvlMAH3tCI/yma4P7/w7B2Y3359gVvB8D59hg
+KxDDaJQpjhjIwAMF92nXTsIs1Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org