Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/C950F2E2D6D011EEB8E22A95775412E6.roa
File:                     C950F2E2D6D011EEB8E22A95775412E6.roa (raw, json)
Hash identifier:          DsFWFuYEHn/SPniNCK3MVdTIVtEKig/y5CPK0e9gNtw=
Subject key identifier:   F9:89:27:42:2E:5A:DA:08:FF:A2:D4:F6:05:97:83:DC:24:0B:9B:A6
Certificate issuer:       /CN=F367B216AR/serialNumber=6C602A26FB2C46670722DFC73F72FC4B6A73EBC4
Certificate serial:       04C1
Authority key identifier: 6C:60:2A:26:FB:2C:46:67:07:22:DF:C7:3F:72:FC:4B:6A:73:EB:C4
Authority info access:    rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/C950F2E2D6D011EEB8E22A95775412E6.roa
Signing time:             Thu 29 Feb 2024 07:04:31 +0000
ROA not before:           Thu 29 Feb 2024 07:04:27 +0000
ROA not after:            Tue 28 Feb 2034 07:04:27 +0000
asID:                     20011
IP address blocks:        168.210.26.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.mft
                          rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:21:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1217 (0x4c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AR/serialNumber=6C602A26FB2C46670722DFC73F72FC4B6A73EBC4
        Validity
            Not Before: Feb 29 07:04:27 2024 GMT
            Not After : Feb 28 07:04:27 2034 GMT
        Subject: CN=65e02c7f-f66c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:6e:70:ba:1b:61:2d:51:03:cc:81:36:b9:18:
                    88:1d:49:1f:87:1a:73:91:2e:85:6b:e7:64:8f:b8:
                    8c:4a:02:64:91:99:da:4f:d1:9e:4d:bf:89:23:66:
                    e5:10:ac:12:62:b9:28:15:16:ac:97:2b:a8:27:51:
                    9a:c5:e1:06:dc:8b:de:07:fa:1e:ad:47:8e:fd:71:
                    7c:ef:f8:7e:09:44:27:28:f1:95:f3:27:19:0a:b9:
                    83:09:fc:a6:60:50:cb:8f:ba:0e:d1:b1:d5:3f:51:
                    3e:55:d3:75:a6:b3:e6:0d:2b:98:93:43:f3:65:f6:
                    cc:38:04:0f:0a:ab:68:a5:54:41:02:e1:59:78:19:
                    19:bf:ba:df:12:ea:e7:fd:df:99:70:94:33:54:f2:
                    06:4e:af:bd:18:14:7d:9a:8d:1d:d5:82:b2:22:c3:
                    01:a8:ba:62:a5:a2:fb:65:09:6d:16:f6:0b:20:ce:
                    f8:6d:8b:fc:cf:5a:8e:d9:df:05:8b:39:16:74:3c:
                    50:ed:ef:66:8b:ac:12:dd:6f:f6:25:34:af:07:0a:
                    90:55:cb:a6:f9:6a:48:bd:b6:67:11:7b:3f:78:ed:
                    c8:99:d1:d7:54:44:11:eb:36:81:3c:01:e6:04:6e:
                    a6:b9:28:da:bd:ae:71:53:c2:f4:34:dd:c5:81:ab:
                    96:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:89:27:42:2E:5A:DA:08:FF:A2:D4:F6:05:97:83:DC:24:0B:9B:A6
            X509v3 Authority Key Identifier:
                keyid:6C:60:2A:26:FB:2C:46:67:07:22:DF:C7:3F:72:FC:4B:6A:73:EB:C4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/bGAqJvssRmcHIt_HP3L8S2pz68Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/bGAqJvssRmcHIt_HP3L8S2pz68Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/51AB2D5E87D511EB93B75247F8AEA228/C950F2E2D6D011EEB8E22A95775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.210.26.0/23

    Signature Algorithm: sha256WithRSAEncryption
         03:8b:91:bf:74:78:89:d2:be:7b:e9:ed:f1:85:4b:c0:2e:8e:
         bf:6c:0d:8f:70:b7:fb:7a:e0:80:86:e6:3c:99:8e:25:6f:b3:
         13:35:78:a5:40:9d:2a:42:71:9f:d7:36:6e:69:53:93:dd:bc:
         cf:f7:3a:dd:6a:1c:ab:3c:e9:91:d6:eb:71:e7:c2:fe:66:a0:
         7e:75:5d:1e:07:e5:aa:b0:9f:3d:ec:6b:e3:2d:29:15:34:55:
         a2:e5:71:1c:cd:77:c1:4f:fe:c1:ad:8a:01:f0:8f:3c:a2:44:
         96:54:0a:88:d9:a0:8f:89:a0:a4:cf:a5:ea:a7:af:c9:14:73:
         4f:d5:24:fa:21:f5:28:be:43:3e:ed:18:d4:f3:3a:bd:8e:19:
         89:75:9a:a8:e2:ed:91:b1:31:22:4e:fe:33:68:27:37:cc:e9:
         b8:e2:60:37:20:fe:63:c3:07:e7:1d:87:f5:c3:a8:18:44:bd:
         94:04:0c:6e:75:91:2f:15:44:c1:67:e0:52:f8:72:93:6d:6f:
         67:6d:1e:e5:53:06:67:f8:d4:aa:f2:19:92:54:53:7d:fb:7a:
         d9:fe:01:32:58:92:af:6e:2c:4f:c4:12:f0:af:fb:48:49:d9:
         10:2a:69:b2:05:c1:3a:01:16:bd:b3:07:db:ce:0b:b8:b1:68:
         10:90:eb:41
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBMEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
N0IyMTZBUjExMC8GA1UEBRMoNkM2MDJBMjZGQjJDNDY2NzA3MjJERkM3M0Y3MkZD
NEI2QTczRUJDNDAeFw0yNDAyMjkwNzA0MjdaFw0zNDAyMjgwNzA0MjdaMBgxFjAU
BgNVBAMTDTY1ZTAyYzdmLWY2NmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDYbnC6G2EtUQPMgTa5GIgdSR+HGnORLoVr52SPuIxKAmSRmdpP0Z5Nv4kj
ZuUQrBJiuSgVFqyXK6gnUZrF4Qbci94H+h6tR479cXzv+H4JRCco8ZXzJxkKuYMJ
/KZgUMuPug7RsdU/UT5V03Wms+YNK5iTQ/Nl9sw4BA8Kq2ilVEEC4Vl4GRm/ut8S
6uf935lwlDNU8gZOr70YFH2ajR3VgrIiwwGoumKlovtlCW0W9gsgzvhti/zPWo7Z
3wWLORZ0PFDt72aLrBLdb/YlNK8HCpBVy6b5aki9tmcRez947ciZ0ddURBHrNoE8
AeYEbqa5KNq9rnFTwvQ03cWBq5ZzAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU+Ykn
Qi5a2gj/otT2BZeD3CQLm6YwHwYDVR0jBBgwFoAUbGAqJvssRmcHIt/HP3L8S2pz
68QwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzUxQUIyRDVFODdENTExRUI5M0I3NTI0N0Y4QUVBMjI4L2JHQXFK
dnNzUm1jSEl0X0hQM0w4UzJwejY4US5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2JHQXFKdnNzUm1jSEl0X0hQM0w4UzJwejY4US5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjdCMjE2LzUxQUIyRDVFODdENTExRUI5M0I3NTI0N0Y4QUVB
MjI4L0M5NTBGMkUyRDZEMDExRUVCOEUyMkE5NTc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGo0howDQYJKoZIhvcNAQELBQAD
ggEBAAOLkb90eInSvnvp7fGFS8Aujr9sDY9wt/t64ICG5jyZjiVvsxM1eKVAnSpC
cZ/XNm5pU5PdvM/3Ot1qHKs86ZHW63Hnwv5moH51XR4H5aqwnz3sa+MtKRU0VaLl
cRzNd8FP/sGtigHwjzyiRJZUCojZoI+JoKTPpeqnr8kUc0/VJPoh9Si+Qz7tGNTz
Or2OGYl1mqji7ZGxMSJO/jNoJzfM6bjiYDcg/mPDB+cdh/XDqBhEvZQEDG51kS8V
RMFn4FL4cpNtb2dtHuVTBmf41KryGZJUU337etn+ATJYkq9uLE/EEvCv+0hJ2RAq
abIFwToBFr2zB9vOC7ixaBCQ60E=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:58:29 2024 by rpki-client on console-fra.rpki-client.org