Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36722D4/229903BA6BC011EF8E0EC970762E951A/F67461F871D211EFA77D6C9D762E951A.roa
File:                     F67461F871D211EFA77D6C9D762E951A.roa (raw, json)
Hash identifier:          hFqt+iY0NXqJMEPrUi4FTpDYq4F0QoFd2j0M+mcF8u0=
Subject key identifier:   B9:30:B8:86:35:E4:12:DC:E3:38:A2:6D:3C:55:4B:47:D9:F7:16:7B
Certificate issuer:       /CN=F36722D4AR/serialNumber=78D1CD779C799FA64D6E90FAFC7B86E81BC2FC1A
Certificate serial:       0C
Authority key identifier: 78:D1:CD:77:9C:79:9F:A6:4D:6E:90:FA:FC:7B:86:E8:1B:C2:FC:1A
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eNHNd5x5n6ZNbpD6_HuG6BvC_Bo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36722D4/229903BA6BC011EF8E0EC970762E951A/F67461F871D211EFA77D6C9D762E951A.roa
Signing time:             Fri 13 Sep 2024 13:20:36 +0000
ROA not before:           Fri 13 Sep 2024 13:20:33 +0000
ROA not after:            Tue 16 Sep 2025 13:20:33 +0000
asID:                     328157
IP address blocks:        160.19.196.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36722D4/229903BA6BC011EF8E0EC970762E951A/eNHNd5x5n6ZNbpD6_HuG6BvC_Bo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36722D4/229903BA6BC011EF8E0EC970762E951A/eNHNd5x5n6ZNbpD6_HuG6BvC_Bo.mft
                          rsync://rpki.afrinic.net/repository/arin/eNHNd5x5n6ZNbpD6_HuG6BvC_Bo.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 26 Oct 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36722D4AR/serialNumber=78D1CD779C799FA64D6E90FAFC7B86E81BC2FC1A
        Validity
            Not Before: Sep 13 13:20:33 2024 GMT
            Not After : Sep 16 13:20:33 2025 GMT
        Subject: CN=66e43c24-c875
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:dc:df:fa:bd:10:1e:13:38:46:4e:10:0f:7d:
                    96:9a:ae:6b:3d:d0:06:ce:34:f3:9a:21:93:58:c3:
                    c7:13:39:93:7d:c9:cf:c9:fb:e0:17:f2:1b:6b:8a:
                    a0:e7:36:9c:27:d7:26:88:d0:f6:09:72:d8:09:83:
                    f2:06:68:60:13:ff:67:b6:14:26:be:16:9b:77:26:
                    fa:98:a5:f9:31:48:fc:3f:8d:c2:da:6d:1f:17:e6:
                    1e:ad:60:a0:a9:6d:b8:81:d0:2d:80:f9:c0:9d:7b:
                    ed:32:f5:44:ee:95:59:77:ea:45:2b:8a:6c:af:59:
                    05:13:b2:06:cb:19:b2:36:59:0f:f6:3a:f9:f9:f5:
                    16:95:67:36:73:99:5c:73:52:76:d5:41:a9:5b:f5:
                    d9:fa:55:91:e8:f0:64:b9:c1:0f:97:84:02:ea:90:
                    71:e1:79:67:11:27:21:c7:4f:fe:0c:9b:2a:f3:d4:
                    bb:80:48:96:e8:a1:75:9b:45:ae:3d:6e:c2:86:aa:
                    c7:11:01:bb:4f:17:26:5e:bf:28:72:30:51:17:a8:
                    bc:51:21:fb:86:59:f1:7c:36:e5:0c:87:f3:ea:ba:
                    4f:53:14:e9:94:16:ba:ea:6a:ec:2c:7c:27:2a:fb:
                    c8:7f:66:c3:ee:c6:5d:02:57:f2:cb:d7:a7:75:2a:
                    12:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:30:B8:86:35:E4:12:DC:E3:38:A2:6D:3C:55:4B:47:D9:F7:16:7B
            X509v3 Authority Key Identifier:
                keyid:78:D1:CD:77:9C:79:9F:A6:4D:6E:90:FA:FC:7B:86:E8:1B:C2:FC:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36722D4/229903BA6BC011EF8E0EC970762E951A/eNHNd5x5n6ZNbpD6_HuG6BvC_Bo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eNHNd5x5n6ZNbpD6_HuG6BvC_Bo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36722D4/229903BA6BC011EF8E0EC970762E951A/F67461F871D211EFA77D6C9D762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.19.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0f:a7:34:5a:fe:5d:92:2d:05:24:3c:f9:3d:c9:f3:cb:53:93:
         e7:4a:d2:7b:eb:2c:0b:7b:87:56:5b:9f:0c:43:7b:c7:b3:f2:
         c6:9a:bd:da:73:9c:0c:7e:61:f3:4e:59:35:c1:19:03:c7:bd:
         fe:d0:7d:25:2a:47:1c:44:e4:7b:13:c7:4c:6e:13:79:66:74:
         e0:e9:6b:4a:4c:56:77:4d:30:05:a5:64:a9:78:81:fe:eb:34:
         01:c2:9c:4f:b3:8b:2d:ed:14:5f:18:44:6b:8b:57:3e:84:1a:
         16:0f:78:20:04:01:55:61:46:18:12:7a:82:d9:d7:bc:78:4f:
         3e:31:76:24:67:42:24:d5:1a:dc:2c:0b:60:e6:96:67:b6:86:
         f5:3b:48:32:5b:8b:03:d7:2d:4d:f7:1b:a9:85:aa:54:1d:c1:
         11:6a:7d:4f:bb:7b:12:0c:b4:e3:f2:30:a0:79:11:79:56:90:
         78:d9:83:b2:46:f1:45:e9:39:fe:51:2e:95:81:c0:01:5b:fc:
         e9:bf:53:39:b8:a1:ed:08:89:7f:a9:de:cf:cc:83:6e:94:59:
         37:4b:65:44:1b:52:3b:4c:ee:9a:c9:44:34:a1:a7:a7:0d:64:
         fb:0b:82:0a:d7:57:d6:71:24:ea:a1:d1:3e:4c:75:33:fe:bf:
         c1:52:60:38
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
MjJENEFSMTEwLwYDVQQFEyg3OEQxQ0Q3NzlDNzk5RkE2NEQ2RTkwRkFGQzdCODZF
ODFCQzJGQzFBMB4XDTI0MDkxMzEzMjAzM1oXDTI1MDkxNjEzMjAzM1owGDEWMBQG
A1UEAxMNNjZlNDNjMjQtYzg3NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOvc3/q9EB4TOEZOEA99lpquaz3QBs4085ohk1jDxxM5k33Jz8n74BfyG2uK
oOc2nCfXJojQ9gly2AmD8gZoYBP/Z7YUJr4Wm3cm+pil+TFI/D+NwtptHxfmHq1g
oKltuIHQLYD5wJ177TL1RO6VWXfqRSuKbK9ZBROyBssZsjZZD/Y6+fn1FpVnNnOZ
XHNSdtVBqVv12fpVkejwZLnBD5eEAuqQceF5ZxEnIcdP/gybKvPUu4BIluihdZtF
rj1uwoaqxxEBu08XJl6/KHIwUReovFEh+4ZZ8Xw25QyH8+q6T1MU6ZQWuupq7Cx8
Jyr7yH9mw+7GXQJX8svXp3UqEsUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBS5MLiG
NeQS3OM4om08VUtH2fcWezAfBgNVHSMEGDAWgBR40c13nHmfpk1ukPr8e4boG8L8
GjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NzIyRDQvMjI5OTAzQkE2QkMwMTFFRjhFMEVDOTcwNzYyRTk1MUEvZU5ITmQ1
eDVuNlpOYnBENl9IdUc2QnZDX0JvLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
ZU5ITmQ1eDVuNlpOYnBENl9IdUc2QnZDX0JvLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2NzIyRDQvMjI5OTAzQkE2QkMwMTFFRjhFMEVDOTcwNzYyRTk1
MUEvRjY3NDYxRjg3MUQyMTFFRkE3N0Q2QzlENzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqATxDANBgkqhkiG9w0BAQsFAAOC
AQEAD6c0Wv5dki0FJDz5Pcnzy1OT50rSe+ssC3uHVlufDEN7x7Pyxpq92nOcDH5h
805ZNcEZA8e9/tB9JSpHHETkexPHTG4TeWZ04OlrSkxWd00wBaVkqXiB/us0AcKc
T7OLLe0UXxhEa4tXPoQaFg94IAQBVWFGGBJ6gtnXvHhPPjF2JGdCJNUa3CwLYOaW
Z7aG9TtIMluLA9ctTfcbqYWqVB3BEWp9T7t7Egy04/IwoHkReVaQeNmDskbxRek5
/lEulYHAAVv86b9TObih7QiJf6nez8yDbpRZN0tlRBtSO0zumslENKGnpw1k+wuC
CtdX1nEk6qHRPkx1M/6/wVJgOA==
-----END CERTIFICATE-----