Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/B2E668B03A8811EDA7F8BDBDF1222468.roa
File:                     B2E668B03A8811EDA7F8BDBDF1222468.roa (raw, json)
Hash identifier:          3dwIxZOL3dGfJfWJu2sM5DT5+UoYl3m691Pcgb/sHUs=
Subject key identifier:   29:19:DA:E1:71:25:1B:59:3B:0C:4E:9D:CB:91:24:A6:EE:FA:B3:71
Certificate issuer:       /CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
Certificate serial:       0585
Authority key identifier: 7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87
Authority info access:    rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/B2E668B03A8811EDA7F8BDBDF1222468.roa
Signing time:             Thu 22 Sep 2022 15:10:31 +0000
ROA not before:           Thu 22 Sep 2022 15:10:26 +0000
ROA not after:            Wed 08 Sep 2032 15:10:26 +0000
asID:                     212238
IP address blocks:        192.142.16.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.mft
                          rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:16:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1413 (0x585)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3669D6BAR/serialNumber=7CA3542AF087A87BACAB1F866EE5FF5B156FA787
        Validity
            Not Before: Sep 22 15:10:26 2022 GMT
            Not After : Sep  8 15:10:26 2032 GMT
        Subject: CN=632c7ae7-70ee
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:93:84:e3:aa:d6:7c:03:db:3f:90:79:7a:2e:
                    c1:4b:e7:ba:10:a9:5b:93:a4:04:31:e5:b5:98:60:
                    b0:b0:8b:69:43:91:99:f0:49:5f:e4:74:d7:da:de:
                    3a:07:91:60:94:26:17:80:6a:58:e0:a0:8e:b5:0b:
                    13:20:4d:d4:68:c7:94:69:28:55:f4:91:12:d4:97:
                    80:67:aa:50:92:e4:7f:a3:46:51:32:c5:c6:4f:f9:
                    cb:34:e0:00:1b:eb:7d:bf:f2:0a:ae:55:6a:df:a4:
                    36:a8:09:e6:87:82:74:cc:73:b2:39:b7:1e:b0:30:
                    09:fe:05:3e:48:e5:e2:09:f7:d3:4b:53:a4:6b:e2:
                    51:de:c4:86:1d:da:be:59:11:6e:4b:a5:4c:ea:18:
                    b2:1c:95:9f:3e:0e:9c:56:48:4b:14:cd:b1:bb:b3:
                    84:be:09:a1:02:86:4e:95:60:22:a8:19:81:c0:e2:
                    d1:53:8c:e0:2e:c8:c8:a1:74:73:ec:0e:f0:54:df:
                    60:71:26:ba:04:78:b6:67:62:40:52:14:7f:a1:84:
                    8c:42:cf:23:5e:ed:1f:48:6e:68:6c:88:3f:f9:d7:
                    95:8f:21:cf:f7:f2:8c:d5:dc:02:48:1d:34:42:8a:
                    93:30:ae:04:73:e9:87:94:71:60:74:74:41:5d:45:
                    31:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:19:DA:E1:71:25:1B:59:3B:0C:4E:9D:CB:91:24:A6:EE:FA:B3:71
            X509v3 Authority Key Identifier:
                keyid:7C:A3:54:2A:F0:87:A8:7B:AC:AB:1F:86:6E:E5:FF:5B:15:6F:A7:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/fKNUKvCHqHusqx-GbuX_WxVvp4c.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fKNUKvCHqHusqx-GbuX_WxVvp4c.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/D24A27B8879A11E983704B51F8AEA228/B2E668B03A8811EDA7F8BDBDF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.142.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         26:72:eb:b4:8a:68:fa:9c:dc:92:25:17:6d:6a:92:6c:f2:c6:
         95:16:9d:da:05:80:7c:7d:80:93:91:2d:9d:0e:8b:58:fd:fa:
         ee:9f:2d:20:8f:ba:c8:88:84:fc:5e:18:c2:f1:55:68:e3:93:
         8c:bb:9c:16:fa:2a:d5:4e:64:95:3d:0f:d6:80:f1:be:f1:d9:
         ee:9e:88:81:94:d1:e1:ce:cb:f8:6f:8b:33:b9:e0:f1:7f:b8:
         b3:54:6b:a7:6c:ae:ff:ed:75:f6:6f:90:e3:bf:29:f0:a1:d0:
         cd:7f:4c:16:0b:65:04:87:e5:e1:21:cb:3b:2f:45:46:f0:04:
         76:e7:2e:07:1e:4e:31:db:5e:17:c3:79:3f:a4:77:48:68:5c:
         3e:0d:57:3f:59:7c:6d:d9:1d:c5:76:80:d1:a9:ac:e7:b8:3f:
         a1:8f:67:77:fb:08:a1:32:ba:5c:f4:84:41:cd:52:31:97:a9:
         f6:a5:bf:bc:2c:ff:b7:4d:a4:50:06:64:71:99:5c:1d:d9:47:
         20:23:10:89:c0:c3:08:b4:a0:f6:f3:f3:cb:4b:dd:63:0e:60:
         15:aa:57:11:c9:75:f0:b0:4d:f0:ec:c1:f3:87:0c:82:cc:3e:
         2e:ec:4d:72:c5:c2:1d:8c:ef:b2:23:03:fa:8f:0b:44:ed:ae:
         1d:28:72:3b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBYUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjlENkJBUjExMC8GA1UEBRMoN0NBMzU0MkFGMDg3QTg3QkFDQUIxRjg2NkVFNUZG
NUIxNTZGQTc4NzAeFw0yMjA5MjIxNTEwMjZaFw0zMjA5MDgxNTEwMjZaMBgxFjAU
BgNVBAMMDTYzMmM3YWU3LTcwZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCek4TjqtZ8A9s/kHl6LsFL57oQqVuTpAQx5bWYYLCwi2lDkZnwSV/kdNfa
3joHkWCUJheAaljgoI61CxMgTdRox5RpKFX0kRLUl4BnqlCS5H+jRlEyxcZP+cs0
4AAb632/8gquVWrfpDaoCeaHgnTMc7I5tx6wMAn+BT5I5eIJ99NLU6Rr4lHexIYd
2r5ZEW5LpUzqGLIclZ8+DpxWSEsUzbG7s4S+CaEChk6VYCKoGYHA4tFTjOAuyMih
dHPsDvBU32BxJroEeLZnYkBSFH+hhIxCzyNe7R9IbmhsiD/515WPIc/38ozV3AJI
HTRCipMwrgRz6YeUcWB0dEFdRTGnAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUKRna
4XElG1k7DE6dy5Ekpu76s3EwHwYDVR0jBBgwFoAUfKNUKvCHqHusqx+GbuX/WxVv
p4cwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVBMjI4L2ZLTlVL
dkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2ZLTlVLdkNIcUh1c3F4LUdidVhfV3hWdnA0Yy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjY5RDZCL0QyNEEyN0I4ODc5QTExRTk4MzcwNEI1MUY4QUVB
MjI4L0IyRTY2OEIwM0E4ODExRURBN0Y4QkRCREYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAHAjhAwDQYJKoZIhvcNAQELBQAD
ggEBACZy67SKaPqc3JIlF21qkmzyxpUWndoFgHx9gJORLZ0Oi1j9+u6fLSCPusiI
hPxeGMLxVWjjk4y7nBb6KtVOZJU9D9aA8b7x2e6eiIGU0eHOy/hvizO54PF/uLNU
a6dsrv/tdfZvkOO/KfCh0M1/TBYLZQSH5eEhyzsvRUbwBHbnLgceTjHbXhfDeT+k
d0hoXD4NVz9ZfG3ZHcV2gNGprOe4P6GPZ3f7CKEyulz0hEHNUjGXqfalv7ws/7dN
pFAGZHGZXB3ZRyAjEInAwwi0oPbz88tL3WMOYBWqVxHJdfCwTfDswfOHDILMPi7s
TXLFwh2M77IjA/qPC0Ttrh0ocjs=
-----END CERTIFICATE-----
Generated at Thu Mar 28 08:15:46 2024 by rpki-client on console-ams.rpki-client.org