Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/AC4E8162494411EC8CA9436BD8A014CE.roa
File:                     AC4E8162494411EC8CA9436BD8A014CE.roa (raw, json)
Hash identifier:          b3n4slgOS/MlasvqZ+C1CqSsBm6+jMSAotZwP76nH4w=
Subject key identifier:   2F:28:5B:62:EC:E5:FD:F9:A5:C7:7C:68:24:9C:CD:8D:16:B1:5A:96
Certificate issuer:       /CN=F366DC11AR/serialNumber=7F9EF436B31E592089063C1E6C437CD2C3FEA04B
Certificate serial:       0236
Authority key identifier: 7F:9E:F4:36:B3:1E:59:20:89:06:3C:1E:6C:43:7C:D2:C3:FE:A0:4B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/f570NrMeWSCJBjwebEN80sP-oEs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/AC4E8162494411EC8CA9436BD8A014CE.roa
Signing time:             Fri 19 Nov 2021 14:26:24 +0000
ROA not before:           Fri 19 Nov 2021 14:26:19 +0000
ROA not after:            Wed 31 Dec 2031 14:26:19 +0000
asID:                     328638
IP address blocks:        160.226.160.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/f570NrMeWSCJBjwebEN80sP-oEs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/f570NrMeWSCJBjwebEN80sP-oEs.mft
                          rsync://rpki.afrinic.net/repository/arin/f570NrMeWSCJBjwebEN80sP-oEs.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:16:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 566 (0x236)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366DC11AR/serialNumber=7F9EF436B31E592089063C1E6C437CD2C3FEA04B
        Validity
            Not Before: Nov 19 14:26:19 2021 GMT
            Not After : Dec 31 14:26:19 2031 GMT
        Subject: CN=6197b410-cfe7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:d4:cb:9b:e3:f4:ad:b0:59:c5:92:d4:15:35:
                    13:99:bb:94:d2:77:4d:aa:15:6e:9a:a0:8d:b4:5c:
                    fa:46:3e:f3:d1:aa:84:67:96:1b:ae:5a:35:b4:22:
                    e0:f0:13:41:83:cb:d1:67:ea:07:ed:3c:11:8e:ba:
                    82:90:2c:49:46:76:39:74:77:fd:b8:21:d2:9c:30:
                    ef:42:cc:2c:9c:99:de:2f:0b:0a:ec:ab:f5:e7:85:
                    59:15:db:e1:95:d1:84:d2:18:02:71:22:82:9d:e7:
                    ec:f4:c8:ca:f9:27:c9:fd:37:ef:e5:c5:eb:34:74:
                    fe:24:06:94:92:b7:e2:03:84:ed:06:15:18:cf:f0:
                    a5:d0:9e:b7:03:1f:dc:1f:ce:41:74:d9:9e:9d:f1:
                    71:03:a4:99:fe:6b:44:1f:e3:04:3b:f6:a4:d2:b0:
                    2b:ac:1d:93:a3:fe:4b:11:fc:79:30:49:bf:82:cd:
                    25:e7:b8:03:57:bc:ab:a4:64:0d:d4:89:7f:10:d8:
                    d5:09:ce:f6:6e:46:77:2e:e3:3e:ac:b3:56:8e:5e:
                    1e:43:c8:cb:e6:65:4b:a8:99:f4:2e:22:89:a5:3f:
                    1b:26:77:4d:95:c0:ad:56:dd:b1:c5:53:60:96:ca:
                    30:d4:cb:0c:43:18:6a:71:20:1d:62:12:1f:a4:e0:
                    f3:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:28:5B:62:EC:E5:FD:F9:A5:C7:7C:68:24:9C:CD:8D:16:B1:5A:96
            X509v3 Authority Key Identifier:
                keyid:7F:9E:F4:36:B3:1E:59:20:89:06:3C:1E:6C:43:7C:D2:C3:FE:A0:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/f570NrMeWSCJBjwebEN80sP-oEs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/f570NrMeWSCJBjwebEN80sP-oEs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366DC11/995946BC967811EA8799955AF8AEA228/AC4E8162494411EC8CA9436BD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.226.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         96:fb:ee:7f:8d:b2:8d:d4:89:1b:9d:ef:4c:64:a1:b0:f7:c2:
         95:6b:93:d9:06:d3:e6:e7:29:2f:7b:74:21:0a:66:a3:a1:89:
         1c:76:33:58:27:23:cf:4c:b8:43:6d:9d:bd:06:4f:17:41:8d:
         29:18:f9:ec:45:bf:81:38:cf:73:e8:b4:d0:55:41:5c:de:2e:
         6e:f1:b3:6b:57:89:66:59:01:b2:0a:e9:54:da:d0:73:6a:ac:
         b7:65:22:aa:e0:f5:80:df:d9:6c:27:4c:dc:59:f6:58:df:f7:
         38:f1:f5:5a:dd:f1:bf:c1:d0:cb:ea:4e:5e:14:03:ea:48:42:
         fc:ba:94:0a:e8:02:7c:b9:94:60:9e:de:a0:ca:5f:2d:bb:32:
         19:8e:d1:ea:dd:1d:32:e2:2e:35:e4:94:0b:e6:cd:8d:67:5c:
         fe:26:e1:61:56:43:77:02:a6:36:3c:f5:12:60:04:d9:e6:b4:
         3a:1b:d6:42:68:6b:c8:f6:1a:a1:28:97:02:43:1b:35:2e:45:
         6f:b2:33:b9:42:b4:e2:4d:0c:f8:77:28:b0:74:4e:59:a9:34:
         9b:90:87:ad:32:b0:68:30:66:ec:c0:7e:fb:3d:6e:87:f1:a6:
         bd:f4:f6:36:75:20:40:c6:86:d6:d2:18:8a:7c:8d:68:78:ed:
         c0:78:f2:c7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAjYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NkRDMTFBUjExMC8GA1UEBRMoN0Y5RUY0MzZCMzFFNTkyMDg5MDYzQzFFNkM0MzdD
RDJDM0ZFQTA0QjAeFw0yMTExMTkxNDI2MTlaFw0zMTEyMzExNDI2MTlaMBgxFjAU
BgNVBAMMDTYxOTdiNDEwLWNmZTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDk1Mub4/StsFnFktQVNROZu5TSd02qFW6aoI20XPpGPvPRqoRnlhuuWjW0
IuDwE0GDy9Fn6gftPBGOuoKQLElGdjl0d/24IdKcMO9CzCycmd4vCwrsq/XnhVkV
2+GV0YTSGAJxIoKd5+z0yMr5J8n9N+/lxes0dP4kBpSSt+IDhO0GFRjP8KXQnrcD
H9wfzkF02Z6d8XEDpJn+a0Qf4wQ79qTSsCusHZOj/ksR/HkwSb+CzSXnuANXvKuk
ZA3UiX8Q2NUJzvZuRncu4z6ss1aOXh5DyMvmZUuomfQuIomlPxsmd02VwK1W3bHF
U2CWyjDUywxDGGpxIB1iEh+k4POfAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQULyhb
Yuzl/fmlx3xoJJzNjRaxWpYwHwYDVR0jBBgwFoAUf570NrMeWSCJBjwebEN80sP+
oEswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjZEQzExLzk5NTk0NkJDOTY3ODExRUE4Nzk5OTU1QUY4QUVBMjI4L2Y1NzBO
ck1lV1NDSkJqd2ViRU44MHNQLW9Fcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2Y1NzBOck1lV1NDSkJqd2ViRU44MHNQLW9Fcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjZEQzExLzk5NTk0NkJDOTY3ODExRUE4Nzk5OTU1QUY4QUVB
MjI4L0FDNEU4MTYyNDk0NDExRUM4Q0E5NDM2QkQ4QTAxNENFLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASg4qAwDQYJKoZIhvcNAQELBQAD
ggEBAJb77n+Nso3UiRud70xkobD3wpVrk9kG0+bnKS97dCEKZqOhiRx2M1gnI89M
uENtnb0GTxdBjSkY+exFv4E4z3PotNBVQVzeLm7xs2tXiWZZAbIK6VTa0HNqrLdl
Iqrg9YDf2WwnTNxZ9ljf9zjx9Vrd8b/B0MvqTl4UA+pIQvy6lAroAny5lGCe3qDK
Xy27MhmO0erdHTLiLjXklAvmzY1nXP4m4WFWQ3cCpjY89RJgBNnmtDob1kJoa8j2
GqEolwJDGzUuRW+yM7lCtOJNDPh3KLB0TlmpNJuQh60ysGgwZuzAfvs9bofxpr30
9jZ1IEDGhtbSGIp8jWh47cB48sc=
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:38:52 2024 by rpki-client on console-fra.rpki-client.org