Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3670369/565052907E7811EC9FAD14CB5A40D577/675DA8B27E8211ECAB19A1E75A40D577.roa
File:                     675DA8B27E8211ECAB19A1E75A40D577.roa (raw, json)
Hash identifier:          TlKHAqm5F0asDSkR7ApdBCSJn77368RAQ3PQ3KzHit4=
Subject key identifier:   B9:2D:86:D2:09:C5:F7:09:D3:23:14:4B:93:47:F7:EE:41:85:DC:05
Certificate issuer:       /CN=F3670369AR/serialNumber=29591C65533EFD08972F4A975BEC41C65B445EE0
Certificate serial:       03
Authority key identifier: 29:59:1C:65:53:3E:FD:08:97:2F:4A:97:5B:EC:41:C6:5B:44:5E:E0
Authority info access:    rsync://rpki.afrinic.net/repository/arin/KVkcZVM-_QiXL0qXW-xBxltEXuA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3670369/565052907E7811EC9FAD14CB5A40D577/675DA8B27E8211ECAB19A1E75A40D577.roa
Signing time:             Wed 26 Jan 2022 08:31:49 +0000
ROA not before:           Wed 26 Jan 2022 08:31:45 +0000
ROA not after:            Tue 26 Jan 2049 08:31:45 +0000
asID:                     327979
IP address blocks:        156.155.252.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3670369/565052907E7811EC9FAD14CB5A40D577/KVkcZVM-_QiXL0qXW-xBxltEXuA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3670369/565052907E7811EC9FAD14CB5A40D577/KVkcZVM-_QiXL0qXW-xBxltEXuA.mft
                          rsync://rpki.afrinic.net/repository/arin/KVkcZVM-_QiXL0qXW-xBxltEXuA.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3670369AR/serialNumber=29591C65533EFD08972F4A975BEC41C65B445EE0
        Validity
            Not Before: Jan 26 08:31:45 2022 GMT
            Not After : Jan 26 08:31:45 2049 GMT
        Subject: CN=61f106f5-1224
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:0f:3d:03:7a:bc:3d:5b:ed:b1:bc:a0:20:06:
                    56:7c:99:87:f4:00:2a:4f:83:3a:11:39:8d:68:68:
                    4e:0b:7d:22:7a:e0:c3:e2:82:00:89:fe:10:a9:0f:
                    d4:f8:ff:34:5e:4b:d8:80:2a:be:57:63:b5:bf:cb:
                    8e:28:ce:cd:d9:5a:ed:56:c0:d9:83:12:74:92:3b:
                    f3:7f:1c:04:c7:6a:a7:12:7b:4a:0c:0b:35:46:a4:
                    e8:6a:69:14:c8:e6:aa:e7:9a:b6:bd:83:fa:59:fe:
                    49:61:28:db:c2:b5:be:ea:51:12:cb:db:6f:3c:08:
                    81:a8:97:90:e9:81:cc:90:a2:95:9d:be:43:47:1d:
                    47:ad:8b:6b:3c:5e:5a:9f:d6:16:3e:1e:2a:84:c1:
                    76:d1:69:30:76:0c:fb:79:99:0d:98:31:3f:a7:c3:
                    9e:9f:f5:13:43:52:b6:53:45:3c:06:65:85:0b:e8:
                    4e:70:ad:a2:c8:b6:71:f7:ae:1a:86:94:7f:be:d4:
                    50:e6:98:34:e0:e4:64:c9:e4:35:6a:6c:74:fe:82:
                    41:ae:ff:8f:af:a4:cf:b6:95:2f:3f:ac:f8:b6:d0:
                    26:a4:2c:14:b6:96:5e:14:f3:42:0d:e1:b1:94:37:
                    24:10:fa:f9:41:ad:d1:45:84:30:08:47:bb:bd:6d:
                    0d:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:2D:86:D2:09:C5:F7:09:D3:23:14:4B:93:47:F7:EE:41:85:DC:05
            X509v3 Authority Key Identifier:
                keyid:29:59:1C:65:53:3E:FD:08:97:2F:4A:97:5B:EC:41:C6:5B:44:5E:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3670369/565052907E7811EC9FAD14CB5A40D577/KVkcZVM-_QiXL0qXW-xBxltEXuA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/KVkcZVM-_QiXL0qXW-xBxltEXuA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3670369/565052907E7811EC9FAD14CB5A40D577/675DA8B27E8211ECAB19A1E75A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.155.252.0/23

    Signature Algorithm: sha256WithRSAEncryption
         af:41:b4:a5:b7:d9:ee:ad:f6:7e:d6:c3:c0:6c:31:5d:9f:a1:
         96:92:e5:80:f8:3e:b2:6a:83:be:70:1b:6b:99:1c:78:72:ec:
         73:37:8f:91:91:90:34:86:ec:04:8c:f1:ad:4f:ac:9d:0e:3d:
         17:32:7c:86:dc:ba:8f:c6:01:15:7f:c9:aa:7a:3f:61:c6:8a:
         00:50:61:19:ea:cc:e9:d9:f3:48:39:dc:21:83:2a:63:6f:6b:
         cb:e6:7a:26:d9:ca:37:35:d4:c3:85:6b:4c:09:c5:fe:2b:17:
         18:c5:3f:ee:91:34:19:ac:28:a7:df:cb:7a:23:7a:70:4b:a5:
         93:28:1c:a8:7d:f5:a8:38:e3:c4:6f:38:ba:bc:b0:4f:d0:b9:
         4d:11:c9:eb:d3:7d:6d:61:24:2e:74:00:4d:33:af:1d:c9:e4:
         c7:a3:4e:f9:6b:83:32:fe:d3:73:6b:3d:e7:b3:dc:c8:47:74:
         c7:a8:3c:f6:89:c5:4e:52:49:dc:77:0d:07:a0:c3:c9:d5:58:
         a2:2b:54:45:14:58:c3:f5:48:cd:fa:b1:78:31:e1:02:05:de:
         53:1a:67:d5:12:81:b9:b5:7f:a4:02:c1:e4:80:11:23:10:11:
         fe:cd:7c:58:51:56:e7:f1:18:d7:96:26:16:02:fd:31:50:6e:
         5f:ee:db:5e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY3
MDM2OUFSMTEwLwYDVQQFEygyOTU5MUM2NTUzM0VGRDA4OTcyRjRBOTc1QkVDNDFD
NjVCNDQ1RUUwMB4XDTIyMDEyNjA4MzE0NVoXDTQ5MDEyNjA4MzE0NVowGDEWMBQG
A1UEAwwNNjFmMTA2ZjUtMTIyNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALkPPQN6vD1b7bG8oCAGVnyZh/QAKk+DOhE5jWhoTgt9Inrgw+KCAIn+EKkP
1Pj/NF5L2IAqvldjtb/LjijOzdla7VbA2YMSdJI7838cBMdqpxJ7SgwLNUak6Gpp
FMjmqueatr2D+ln+SWEo28K1vupREsvbbzwIgaiXkOmBzJCilZ2+Q0cdR62Lazxe
Wp/WFj4eKoTBdtFpMHYM+3mZDZgxP6fDnp/1E0NStlNFPAZlhQvoTnCtosi2cfeu
GoaUf77UUOaYNODkZMnkNWpsdP6CQa7/j6+kz7aVLz+s+LbQJqQsFLaWXhTzQg3h
sZQ3JBD6+UGt0UWEMAhHu71tDZkCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBS5LYbS
CcX3CdMjFEuTR/fuQYXcBTAfBgNVHSMEGDAWgBQpWRxlUz79CJcvSpdb7EHGW0Re
4DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzAzNjkvNTY1MDUyOTA3RTc4MTFFQzlGQUQxNENCNUE0MEQ1NzcvS1ZrY1pW
TS1fUWlYTDBxWFcteEJ4bHRFWHVBLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
S1ZrY1pWTS1fUWlYTDBxWFcteEJ4bHRFWHVBLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NzAzNjkvNTY1MDUyOTA3RTc4MTFFQzlGQUQxNENCNUE0MEQ1
NzcvNjc1REE4QjI3RTgyMTFFQ0FCMTlBMUU3NUE0MEQ1Nzcucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAZyb/DANBgkqhkiG9w0BAQsFAAOC
AQEAr0G0pbfZ7q32ftbDwGwxXZ+hlpLlgPg+smqDvnAba5kceHLsczePkZGQNIbs
BIzxrU+snQ49FzJ8hty6j8YBFX/Jqno/YcaKAFBhGerM6dnzSDncIYMqY29ry+Z6
JtnKNzXUw4VrTAnF/isXGMU/7pE0Gawop9/LeiN6cEulkygcqH31qDjjxG84uryw
T9C5TRHJ69N9bWEkLnQATTOvHcnkx6NO+WuDMv7Tc2s957PcyEd0x6g89onFTlJJ
3HcNB6DDydVYoitURRRYw/VIzfqxeDHhAgXeUxpn1RKBubV/pALB5IARIxAR/s18
WFFW5/EY15YmFgL9MVBuX+7bXg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org