Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/90E5F4502D1D11EE949E97264AD9E6FC.roa
File:                     90E5F4502D1D11EE949E97264AD9E6FC.roa (raw, json)
Hash identifier:          pHqneXa4IZYRBkV2LkEfEsoqnkx5ET7hVU56ueozTAo=
Subject key identifier:   4B:ED:B8:66:EE:ED:3F:AF:87:E3:2A:51:EE:0C:66:A5:1B:8F:E9:85
Certificate issuer:       /CN=F367B216AR/serialNumber=6C602A26FB2C46670722DFC73F72FC4B6A73EBC4
Certificate serial:       03D1
Authority key identifier: 6C:60:2A:26:FB:2C:46:67:07:22:DF:C7:3F:72:FC:4B:6A:73:EB:C4
Authority info access:    rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/90E5F4502D1D11EE949E97264AD9E6FC.roa
Signing time:             Fri 28 Jul 2023 08:05:50 +0000
ROA not before:           Fri 28 Jul 2023 08:05:46 +0000
ROA not after:            Sun 31 Jul 2033 08:05:46 +0000
asID:                     20011
IP address blocks:        168.210.8.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.mft
                          rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:21:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 977 (0x3d1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AR/serialNumber=6C602A26FB2C46670722DFC73F72FC4B6A73EBC4
        Validity
            Not Before: Jul 28 08:05:46 2023 GMT
            Not After : Jul 31 08:05:46 2033 GMT
        Subject: CN=64c376de-8a23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:75:3a:1f:9b:cb:42:4f:99:ec:0b:85:b0:ea:
                    20:bb:b5:9d:30:fb:16:89:8c:ed:c8:9e:8c:99:94:
                    d8:8b:7a:bf:83:8e:45:f3:93:d8:d2:07:6b:88:92:
                    4d:e4:25:2e:ff:f1:26:38:6d:85:e4:da:44:08:94:
                    7b:a8:e0:25:51:05:43:25:14:80:51:88:c8:cd:bb:
                    5f:ed:c5:82:48:57:99:2b:b1:89:b5:1f:7c:84:12:
                    f0:11:77:c4:a2:c2:92:e7:f7:96:60:3b:9e:ed:c5:
                    89:46:52:46:f8:4f:0f:26:68:d1:a2:89:3a:76:e9:
                    49:44:68:c1:ad:39:1b:88:93:59:bd:c4:27:00:3f:
                    bd:0f:9e:73:e5:fa:55:6a:96:f4:09:46:c6:53:bf:
                    63:0d:3c:9a:cd:74:c3:a4:a4:3b:57:16:e5:03:95:
                    e5:eb:36:e6:09:d7:d4:6e:bf:91:14:a1:42:4e:7c:
                    3f:0e:3a:5d:71:22:55:8b:fe:9b:2e:29:3d:2b:51:
                    35:af:62:70:38:63:f9:db:29:ab:ee:96:bb:24:6f:
                    af:3b:e4:2c:8e:a5:65:97:cc:b3:a9:bd:f6:ac:50:
                    93:a8:ab:4c:cc:70:4f:43:3f:44:91:fe:fc:ad:ab:
                    a0:0e:f3:42:ad:36:4e:76:8b:3d:fa:9c:4d:6b:c0:
                    09:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:ED:B8:66:EE:ED:3F:AF:87:E3:2A:51:EE:0C:66:A5:1B:8F:E9:85
            X509v3 Authority Key Identifier:
                keyid:6C:60:2A:26:FB:2C:46:67:07:22:DF:C7:3F:72:FC:4B:6A:73:EB:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/90E5F4502D1D11EE949E97264AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.210.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         68:4a:58:d0:ef:9b:4a:e9:47:75:7c:be:0e:63:e9:b5:9d:c4:
         42:97:50:5c:70:00:e4:49:1f:2d:10:e1:a9:8e:b7:53:61:94:
         f9:92:d4:d9:0e:20:0b:65:82:f5:d1:48:29:f3:86:14:09:ae:
         00:9a:4f:83:c7:e1:c0:6a:b3:78:2a:1a:0e:cc:12:b0:fc:ec:
         70:b3:a8:52:d6:c3:88:5a:69:2b:23:53:9c:02:55:f4:3a:d4:
         5c:e9:63:83:24:11:2f:a7:6f:52:e4:43:b6:14:c7:6d:67:d7:
         11:a8:cd:24:d3:ff:d1:eb:aa:d7:40:c2:84:f5:2c:2d:d9:49:
         49:6e:18:6c:2b:cb:d5:a6:1a:95:d1:a3:1e:44:6a:c5:5b:0f:
         af:80:11:f3:7a:30:d3:84:35:0e:dc:bd:66:66:12:03:df:50:
         49:dd:bf:60:6f:ae:ba:da:e2:e6:8f:78:d6:9e:34:d3:0c:09:
         9b:1f:bf:83:89:3c:fc:af:48:0a:cb:21:ee:74:c0:47:fd:e6:
         98:3f:4c:1a:e2:c4:7c:d9:6b:13:91:46:1e:4a:e4:fc:2c:36:
         9a:c2:74:b0:2f:36:bd:80:fe:2b:ba:dc:b5:91:e2:32:64:32:
         82:ee:f1:d8:a1:f7:c5:9f:d1:48:57:a9:2f:9d:32:33:c5:98:
         6b:97:2a:06
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA9EwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0IyMTZBUjExMC8GA1UEBRMoNkM2MDJBMjZGQjJDNDY2NzA3MjJERkM3M0Y3MkZD
NEI2QTczRUJDNDAeFw0yMzA3MjgwODA1NDZaFw0zMzA3MzEwODA1NDZaMBgxFjAU
BgNVBAMTDTY0YzM3NmRlLThhMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvdTofm8tCT5nsC4Ww6iC7tZ0w+xaJjO3InoyZlNiLer+DjkXzk9jSB2uI
kk3kJS7/8SY4bYXk2kQIlHuo4CVRBUMlFIBRiMjNu1/txYJIV5krsYm1H3yEEvAR
d8SiwpLn95ZgO57txYlGUkb4Tw8maNGiiTp26UlEaMGtORuIk1m9xCcAP70PnnPl
+lVqlvQJRsZTv2MNPJrNdMOkpDtXFuUDleXrNuYJ19Ruv5EUoUJOfD8OOl1xIlWL
/psuKT0rUTWvYnA4Y/nbKavulrskb6875CyOpWWXzLOpvfasUJOoq0zMcE9DP0SR
/vytq6AO80KtNk52iz36nE1rwAlzAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUS+24
Zu7tP6+H4ypR7gxmpRuP6YUwHwYDVR0jBBgwFoAUbGAqJvssRmcHIt/HP3L8S2pz
68QwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzUxQUIyRDVFODdENTExRUI5M0I3NTI0N0Y4QUVBMjI4L2JHQXFK
dnNzUm1jSEl0X0hQM0w4UzJwejY4US5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2JHQXFKdnNzUm1jSEl0X0hQM0w4UzJwejY4US5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjdCMjE2LzUxQUIyRDVFODdENTExRUI5M0I3NTI0N0Y4QUVB
MjI4LzkwRTVGNDUwMkQxRDExRUU5NDlFOTcyNjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKo0ggwDQYJKoZIhvcNAQELBQAD
ggEBAGhKWNDvm0rpR3V8vg5j6bWdxEKXUFxwAORJHy0Q4amOt1NhlPmS1NkOIAtl
gvXRSCnzhhQJrgCaT4PH4cBqs3gqGg7MErD87HCzqFLWw4haaSsjU5wCVfQ61Fzp
Y4MkES+nb1LkQ7YUx21n1xGozSTT/9HrqtdAwoT1LC3ZSUluGGwry9WmGpXRox5E
asVbD6+AEfN6MNOENQ7cvWZmEgPfUEndv2Bvrrra4uaPeNaeNNMMCZsfv4OJPPyv
SArLIe50wEf95pg/TBrixHzZaxORRh5K5PwsNprCdLAvNr2A/iu63LWR4jJkMoLu
8dih98Wf0UhXqS+dMjPFmGuXKgY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:47:22 2024 by rpki-client on console-ams.rpki-client.org