Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366AE59/CF5E36C2F57511EEA00BCD4F775412E6/D55071E2F57711EE9C79B75F775412E6.roa
File:                     D55071E2F57711EE9C79B75F775412E6.roa (raw, json)
Hash identifier:          JwIZwppDkh7nSLuQ5FmIaDKSeTXhtwFxqvQi4jhkWJQ=
Subject key identifier:   4C:1D:70:6B:B6:10:AB:0F:A5:05:7E:7C:E5:45:09:10:1D:F3:7D:ED
Certificate issuer:       /CN=F366AE59AR/serialNumber=7E2B686E6ABAA82D13A6EE9F4BE7E69A6B8DFF79
Certificate serial:       03
Authority key identifier: 7E:2B:68:6E:6A:BA:A8:2D:13:A6:EE:9F:4B:E7:E6:9A:6B:8D:FF:79
Authority info access:    rsync://rpki.afrinic.net/repository/arin/fitobmq6qC0Tpu6fS-fmmmuN_3k.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366AE59/CF5E36C2F57511EEA00BCD4F775412E6/D55071E2F57711EE9C79B75F775412E6.roa
Signing time:             Mon 08 Apr 2024 07:15:52 +0000
ROA not before:           Mon 08 Apr 2024 07:15:49 +0000
ROA not after:            Fri 31 Dec 2027 07:15:49 +0000
asID:                     328605
IP address blocks:        192.145.180.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366AE59/CF5E36C2F57511EEA00BCD4F775412E6/fitobmq6qC0Tpu6fS-fmmmuN_3k.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366AE59/CF5E36C2F57511EEA00BCD4F775412E6/fitobmq6qC0Tpu6fS-fmmmuN_3k.mft
                          rsync://rpki.afrinic.net/repository/arin/fitobmq6qC0Tpu6fS-fmmmuN_3k.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:16:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366AE59AR/serialNumber=7E2B686E6ABAA82D13A6EE9F4BE7E69A6B8DFF79
        Validity
            Not Before: Apr  8 07:15:49 2024 GMT
            Not After : Dec 31 07:15:49 2027 GMT
        Subject: CN=661399a8-c635
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:fe:09:c6:a0:53:1d:e1:98:5b:7b:32:7e:9d:
                    dc:ed:17:cb:2e:90:b9:9f:64:94:80:24:a3:94:0a:
                    6c:9b:82:80:9d:18:31:16:79:25:60:f5:54:a8:20:
                    59:e7:98:43:58:e5:20:7b:13:76:d3:a9:3c:f0:94:
                    35:de:cf:b8:3f:fd:df:1d:5a:0b:4a:51:d8:8e:2f:
                    2e:dc:df:bc:a4:24:0c:81:e5:22:df:45:e5:0e:9f:
                    3c:18:6a:74:25:86:55:74:ff:69:92:3d:37:d1:b4:
                    0d:2e:0d:8e:ee:76:45:de:c0:03:75:a3:c3:e8:ca:
                    af:9f:4e:f0:f7:46:22:d7:09:84:64:15:db:13:a2:
                    a4:f6:d9:bd:0a:c6:01:75:6a:47:f7:dd:0e:8a:bb:
                    5a:2e:67:2a:ea:2c:f3:b4:bc:ab:f3:75:15:35:4c:
                    30:1e:73:93:1c:2c:cb:03:ff:17:be:0b:43:ed:6b:
                    d1:84:6a:81:dd:71:2d:95:cd:a0:4e:7c:7b:10:96:
                    e4:29:86:57:e5:61:a2:90:bc:8d:4f:cf:ef:d5:cf:
                    c5:33:dc:fe:c4:56:10:56:25:41:d4:29:03:3b:1b:
                    71:70:9a:6d:c0:6a:1d:e3:fb:01:0f:a5:69:b9:27:
                    b5:bd:53:31:fc:10:74:01:94:a7:2e:89:b8:65:93:
                    9d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:1D:70:6B:B6:10:AB:0F:A5:05:7E:7C:E5:45:09:10:1D:F3:7D:ED
            X509v3 Authority Key Identifier:
                keyid:7E:2B:68:6E:6A:BA:A8:2D:13:A6:EE:9F:4B:E7:E6:9A:6B:8D:FF:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366AE59/CF5E36C2F57511EEA00BCD4F775412E6/fitobmq6qC0Tpu6fS-fmmmuN_3k.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/fitobmq6qC0Tpu6fS-fmmmuN_3k.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366AE59/CF5E36C2F57511EEA00BCD4F775412E6/D55071E2F57711EE9C79B75F775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.145.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         47:31:ac:81:77:55:97:0b:3f:c6:5a:3b:d6:b4:f0:eb:31:4d:
         d8:11:3d:c7:62:17:f7:96:fe:9c:4b:1c:9b:59:ad:13:ad:e7:
         dc:34:e4:3e:a9:1a:f5:e6:6e:12:98:5c:61:b8:8b:39:b8:f7:
         a8:63:fd:d3:87:c5:30:c8:01:df:0f:51:c8:69:3f:36:eb:e9:
         ed:92:a2:52:94:6c:16:02:9f:84:46:df:d8:5e:e1:3a:d8:2b:
         96:02:37:1f:1d:d5:60:63:67:43:42:42:db:a0:7c:3a:cf:be:
         9d:6b:2e:94:3b:8a:a4:cd:c6:3f:73:c9:d5:54:84:5e:f4:25:
         68:96:ec:a3:90:e7:17:2e:10:ab:8e:8c:e8:c6:9c:14:79:05:
         97:74:6c:1e:4d:0f:8f:8b:a8:c3:80:21:d3:62:90:1b:11:8f:
         94:9f:61:91:ff:fd:89:d0:3b:7d:9f:2d:62:ed:1e:5e:7b:76:
         81:1c:e4:12:01:09:cd:a0:75:d7:0f:0e:be:75:f0:4e:b0:fe:
         39:3e:ca:1a:b1:11:b5:99:2a:b3:f2:0c:03:58:ad:e6:52:9f:
         e2:f7:94:60:d2:4d:ef:4f:3f:fa:0f:34:74:68:e1:22:46:37:
         d1:94:5b:88:8c:ba:b5:95:f5:2c:4f:cb:8d:8f:b0:35:c7:58:
         bd:ec:89:1e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
QUU1OUFSMTEwLwYDVQQFEyg3RTJCNjg2RTZBQkFBODJEMTNBNkVFOUY0QkU3RTY5
QTZCOERGRjc5MB4XDTI0MDQwODA3MTU0OVoXDTI3MTIzMTA3MTU0OVowGDEWMBQG
A1UEAxMNNjYxMzk5YTgtYzYzNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPT+CcagUx3hmFt7Mn6d3O0Xyy6QuZ9klIAko5QKbJuCgJ0YMRZ5JWD1VKgg
WeeYQ1jlIHsTdtOpPPCUNd7PuD/93x1aC0pR2I4vLtzfvKQkDIHlIt9F5Q6fPBhq
dCWGVXT/aZI9N9G0DS4Nju52Rd7AA3Wjw+jKr59O8PdGItcJhGQV2xOipPbZvQrG
AXVqR/fdDoq7Wi5nKuos87S8q/N1FTVMMB5zkxwsywP/F74LQ+1r0YRqgd1xLZXN
oE58exCW5CmGV+VhopC8jU/P79XPxTPc/sRWEFYlQdQpAzsbcXCabcBqHeP7AQ+l
abkntb1TMfwQdAGUpy6JuGWTnYkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBRMHXBr
thCrD6UFfnzlRQkQHfN97TAfBgNVHSMEGDAWgBR+K2huarqoLROm7p9L5+aaa43/
eTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkFFNTkvQ0Y1RTM2QzJGNTc1MTFFRUEwMEJDRDRGNzc1NDEyRTYvZml0b2Jt
cTZxQzBUcHU2ZlMtZm1tbXVOXzNrLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
Zml0b2JtcTZxQzBUcHU2ZlMtZm1tbXVOXzNrLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NkFFNTkvQ0Y1RTM2QzJGNTc1MTFFRUEwMEJDRDRGNzc1NDEy
RTYvRDU1MDcxRTJGNTc3MTFFRTlDNzlCNzVGNzc1NDEyRTYucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsCRtDANBgkqhkiG9w0BAQsFAAOC
AQEARzGsgXdVlws/xlo71rTw6zFN2BE9x2IX95b+nEscm1mtE63n3DTkPqka9eZu
EphcYbiLObj3qGP904fFMMgB3w9RyGk/Nuvp7ZKiUpRsFgKfhEbf2F7hOtgrlgI3
Hx3VYGNnQ0JC26B8Os++nWsulDuKpM3GP3PJ1VSEXvQlaJbso5DnFy4Qq46M6Mac
FHkFl3RsHk0Pj4uow4Ah02KQGxGPlJ9hkf/9idA7fZ8tYu0eXnt2gRzkEgEJzaB1
1w8OvnXwTrD+OT7KGrERtZkqs/IMA1it5lKf4veUYNJN708/+g80dGjhIkY30ZRb
iIy6tZX1LE/LjY+wNcdYveyJHg==
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:47:40 2024 by rpki-client on console-ams.rpki-client.org