Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/480FF262D6D211EEA412CF97775412E6.roa
File:                     480FF262D6D211EEA412CF97775412E6.roa (raw, json)
Hash identifier:          SReaLb0pInnaleH0F6Ur69MwCZCFHDNNWKBSRKXCOHM=
Subject key identifier:   15:37:39:0E:C8:C6:28:BF:A1:D1:ED:E3:83:E7:57:18:50:C1:3E:6D
Certificate issuer:       /CN=F367B216AR/serialNumber=6C602A26FB2C46670722DFC73F72FC4B6A73EBC4
Certificate serial:       04DA
Authority key identifier: 6C:60:2A:26:FB:2C:46:67:07:22:DF:C7:3F:72:FC:4B:6A:73:EB:C4
Authority info access:    rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/480FF262D6D211EEA412CF97775412E6.roa
Signing time:             Thu 29 Feb 2024 07:15:14 +0000
ROA not before:           Thu 29 Feb 2024 07:15:09 +0000
ROA not after:            Tue 28 Feb 2034 07:15:09 +0000
asID:                     20011
IP address blocks:        168.210.96.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.mft
                          rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:21:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1242 (0x4da)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AR/serialNumber=6C602A26FB2C46670722DFC73F72FC4B6A73EBC4
        Validity
            Not Before: Feb 29 07:15:09 2024 GMT
            Not After : Feb 28 07:15:09 2034 GMT
        Subject: CN=65e02f01-fb84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:59:b6:ca:4c:74:2e:ee:db:b8:7e:9e:7a:37:
                    d2:a9:59:89:d1:4c:31:0b:28:fa:27:b7:be:fd:e0:
                    5b:1a:bb:06:7b:23:04:0a:2c:67:d8:3b:82:fa:ab:
                    7d:db:a0:5b:92:c2:58:4e:aa:e2:26:76:77:e4:f8:
                    df:67:f0:74:61:03:74:85:63:bb:03:eb:b7:7e:95:
                    70:e0:67:67:50:b0:3b:d3:42:20:1d:38:75:bc:83:
                    be:5e:83:06:1e:0f:e4:41:10:f6:24:1a:b6:a6:7b:
                    d2:75:15:6c:2d:36:6b:0f:46:b8:6e:43:56:00:e2:
                    40:d7:9c:d6:be:c7:8c:7d:6c:51:77:be:a7:c3:bd:
                    46:cc:43:ca:88:e4:c8:8f:4f:95:6f:b5:c9:9d:49:
                    1d:56:5d:ae:dd:30:08:3d:ed:06:ed:e4:dc:b2:11:
                    26:21:50:3d:19:ab:65:50:f2:5d:d1:f9:8e:80:6e:
                    6f:9b:39:a9:30:d8:a3:57:a0:c3:9c:24:0d:5e:08:
                    d2:8b:3c:40:19:d7:34:61:d8:1d:3e:54:c3:8a:4e:
                    2d:8a:ac:54:24:c9:17:ef:57:0b:45:a1:91:71:b8:
                    7d:09:95:9c:37:9f:a5:d3:ed:ca:ca:7c:86:8d:25:
                    46:0c:db:19:76:5a:cd:f0:83:e7:0a:2c:1d:40:46:
                    cf:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:37:39:0E:C8:C6:28:BF:A1:D1:ED:E3:83:E7:57:18:50:C1:3E:6D
            X509v3 Authority Key Identifier:
                keyid:6C:60:2A:26:FB:2C:46:67:07:22:DF:C7:3F:72:FC:4B:6A:73:EB:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/480FF262D6D211EEA412CF97775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.210.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:99:92:3f:41:5b:cf:40:7e:d1:0c:72:26:84:6a:89:6e:c6:
         11:5c:59:09:de:33:9e:49:56:26:5f:ca:22:94:8d:e1:19:65:
         e4:10:42:6a:85:8f:94:93:4e:2f:f1:30:2a:e9:2e:a9:b3:cd:
         92:39:a8:1d:aa:eb:ef:9b:43:3d:d3:7b:58:fa:54:ee:3b:32:
         f9:a0:53:30:11:1c:be:4c:6d:35:c1:f5:a3:79:59:26:5a:17:
         7f:9e:b8:ec:c6:b7:29:c4:3f:78:f0:15:db:4d:72:34:63:7f:
         73:a9:2e:74:2b:76:57:45:9d:c3:47:94:72:6a:d4:b3:38:79:
         9f:8c:09:02:70:e2:1c:c5:11:57:c2:b5:9e:ff:ac:73:f8:89:
         4d:95:27:1e:57:eb:40:8e:e4:a2:bf:4c:06:59:b9:63:18:f2:
         ed:a0:15:75:a6:a9:d2:68:24:b7:cf:95:ba:00:c1:4e:a7:41:
         53:54:6b:8f:f1:4f:02:7c:0c:fe:aa:14:3b:9c:ea:38:dc:86:
         80:13:cd:de:90:98:58:7a:af:72:38:1a:2e:f5:1e:5c:9d:45:
         95:17:85:e8:f3:2f:ac:eb:54:40:41:76:25:b9:6f:90:e3:7a:
         4f:e4:95:ea:24:c4:9e:c7:9e:bc:63:25:7b:10:7f:40:6f:4c:
         aa:02:91:80
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBNowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBUjExMC8GA1UEBRMoNkM2MDJBMjZGQjJDNDY2NzA3MjJERkM3M0Y3MkZD
NEI2QTczRUJDNDAeFw0yNDAyMjkwNzE1MDlaFw0zNDAyMjgwNzE1MDlaMBgxFjAU
BgNVBAMTDTY1ZTAyZjAxLWZiODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCUWbbKTHQu7tu4fp56N9KpWYnRTDELKPont7794FsauwZ7IwQKLGfYO4L6
q33boFuSwlhOquImdnfk+N9n8HRhA3SFY7sD67d+lXDgZ2dQsDvTQiAdOHW8g75e
gwYeD+RBEPYkGrame9J1FWwtNmsPRrhuQ1YA4kDXnNa+x4x9bFF3vqfDvUbMQ8qI
5MiPT5VvtcmdSR1WXa7dMAg97Qbt5NyyESYhUD0Zq2VQ8l3R+Y6Abm+bOakw2KNX
oMOcJA1eCNKLPEAZ1zRh2B0+VMOKTi2KrFQkyRfvVwtFoZFxuH0JlZw3n6XT7crK
fIaNJUYM2xl2Ws3wg+cKLB1ARs/NAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUFTc5
DsjGKL+h0e3jg+dXGFDBPm0wHwYDVR0jBBgwFoAUbGAqJvssRmcHIt/HP3L8S2pz
68QwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzUxQUIyRDVFODdENTExRUI5M0I3NTI0N0Y4QUVBMjI4L2JHQXFK
dnNzUm1jSEl0X0hQM0w4UzJwejY4US5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2JHQXFKdnNzUm1jSEl0X0hQM0w4UzJwejY4US5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjdCMjE2LzUxQUIyRDVFODdENTExRUI5M0I3NTI0N0Y4QUVB
MjI4LzQ4MEZGMjYyRDZEMjExRUVBNDEyQ0Y5Nzc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo0mAwDQYJKoZIhvcNAQELBQAD
ggEBAFiZkj9BW89AftEMciaEaoluxhFcWQneM55JViZfyiKUjeEZZeQQQmqFj5ST
Ti/xMCrpLqmzzZI5qB2q6++bQz3Te1j6VO47MvmgUzARHL5MbTXB9aN5WSZaF3+e
uOzGtynEP3jwFdtNcjRjf3OpLnQrdldFncNHlHJq1LM4eZ+MCQJw4hzFEVfCtZ7/
rHP4iU2VJx5X60CO5KK/TAZZuWMY8u2gFXWmqdJoJLfPlboAwU6nQVNUa4/xTwJ8
DP6qFDuc6jjchoATzd6QmFh6r3I4Gi71HlydRZUXhejzL6zrVEBBdiW5b5Djek/k
leokxJ7HnrxjJXsQf0BvTKoCkYA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:22 2024 by rpki-client on console-ams.rpki-client.org