Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367F26D/5003E4B270B911E9996C873FF8AEA228/D66F68B6980311EE9168D932D25BE465.roa
File:                     D66F68B6980311EE9168D932D25BE465.roa (raw, json)
Hash identifier:          oISB0YQL4awbu4ZosYoh8kMLuvtNkYkAqQMZhlVzWTw=
Subject key identifier:   CD:DD:B4:C0:B8:47:F1:69:B6:6C:3D:A5:63:4D:61:33:72:63:74:08
Certificate issuer:       /CN=F367F26DAR/serialNumber=153DC0115120E240A04AAB9AE04FAD647926B124
Certificate serial:       06C3
Authority key identifier: 15:3D:C0:11:51:20:E2:40:A0:4A:AB:9A:E0:4F:AD:64:79:26:B1:24
Authority info access:    rsync://rpki.afrinic.net/repository/arin/FT3AEVEg4kCgSqua4E-tZHkmsSQ.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367F26D/5003E4B270B911E9996C873FF8AEA228/D66F68B6980311EE9168D932D25BE465.roa
Signing time:             Mon 11 Dec 2023 09:01:15 +0000
ROA not before:           Tue 12 Dec 2023 09:01:04 +0000
ROA not after:            Fri 01 Dec 2028 09:01:04 +0000
asID:                     328366
IP address blocks:        160.226.144.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367F26D/5003E4B270B911E9996C873FF8AEA228/FT3AEVEg4kCgSqua4E-tZHkmsSQ.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367F26D/5003E4B270B911E9996C873FF8AEA228/FT3AEVEg4kCgSqua4E-tZHkmsSQ.mft
                          rsync://rpki.afrinic.net/repository/arin/FT3AEVEg4kCgSqua4E-tZHkmsSQ.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1731 (0x6c3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367F26DAR/serialNumber=153DC0115120E240A04AAB9AE04FAD647926B124
        Validity
            Not Before: Dec 12 09:01:04 2023 GMT
            Not After : Dec  1 09:01:04 2028 GMT
        Subject: CN=6576cfda-ad6f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:c8:fd:71:56:75:65:12:bc:df:18:20:b1:fa:
                    c9:fc:65:a7:dc:e3:57:91:cf:c3:11:8b:27:62:07:
                    51:09:cb:88:7a:bc:cb:97:e9:a0:74:83:c4:f8:09:
                    e3:7c:ee:11:cb:e6:74:8c:41:7a:3c:9b:e1:e5:22:
                    66:29:2a:e7:b9:50:70:3e:56:1d:fa:12:13:40:43:
                    f0:3e:08:83:aa:2a:77:33:02:f0:8e:a7:6e:8d:72:
                    20:52:2e:fa:71:c6:60:c0:14:a3:4a:ef:0a:ef:43:
                    57:df:7e:c9:d6:68:de:f4:86:ad:7a:3d:80:33:38:
                    4c:96:21:a3:76:27:17:5f:44:81:6c:dd:3f:2a:3c:
                    06:6d:6d:aa:d8:16:2a:e8:36:02:bc:f3:95:b2:02:
                    ec:3a:1d:8c:8a:63:2a:7d:26:8d:81:5a:7d:c0:9c:
                    52:f3:54:8a:08:07:bb:aa:d7:cd:4a:ff:53:30:9f:
                    85:f9:ac:9e:df:2e:a1:00:c7:5c:e2:75:d9:8f:98:
                    d2:95:f1:e1:ca:1b:95:71:10:71:5d:18:3e:f0:98:
                    f6:94:68:36:50:34:c1:24:2e:8e:98:05:a0:94:3e:
                    ac:52:58:dc:fa:b5:32:94:31:2b:18:26:ec:1a:22:
                    ab:98:7c:36:93:4a:ef:df:6c:c0:7f:76:08:01:a4:
                    ad:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:DD:B4:C0:B8:47:F1:69:B6:6C:3D:A5:63:4D:61:33:72:63:74:08
            X509v3 Authority Key Identifier:
                keyid:15:3D:C0:11:51:20:E2:40:A0:4A:AB:9A:E0:4F:AD:64:79:26:B1:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367F26D/5003E4B270B911E9996C873FF8AEA228/FT3AEVEg4kCgSqua4E-tZHkmsSQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/FT3AEVEg4kCgSqua4E-tZHkmsSQ.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367F26D/5003E4B270B911E9996C873FF8AEA228/D66F68B6980311EE9168D932D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.226.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         82:8e:94:15:6a:66:77:f1:de:1b:e5:43:41:88:3a:ba:e6:e4:
         66:57:a2:69:2b:35:9a:02:b0:3c:7d:a4:71:e3:0a:f5:ce:8c:
         e9:77:3d:ac:03:a5:43:e2:38:b0:3a:1f:d6:31:c6:fb:4d:cb:
         3b:ef:56:a9:3f:0f:ae:ed:6c:ce:6d:98:8e:a4:96:59:00:cc:
         4f:bf:51:60:47:9d:8c:13:55:9f:ff:42:de:af:33:1b:07:6c:
         e2:31:24:ee:8c:f9:30:c7:e2:41:11:2e:d0:a4:d3:75:ea:74:
         88:62:6a:52:6a:c0:da:95:b2:3e:f6:f2:c2:2c:d7:3f:a8:3d:
         b2:6f:1d:be:16:94:bf:a7:a4:17:66:7b:8a:86:2b:0d:87:63:
         80:d4:50:e9:98:24:1f:9c:52:50:31:b8:df:a9:87:4f:63:30:
         0d:98:97:6b:90:51:3a:2d:67:11:ae:a0:de:08:b0:33:d2:a5:
         af:7b:d3:66:32:a9:95:0a:0f:71:dd:4a:3f:02:50:7f:df:8d:
         d7:24:85:0d:36:18:0f:69:e4:70:c0:55:20:2b:2b:35:9f:5d:
         f2:4e:b8:ae:d4:59:14:3a:77:ea:6d:95:28:3b:bc:55:cb:92:
         c2:ea:34:91:ee:1e:da:21:11:7a:a6:90:86:a0:79:10:9c:a2:
         d5:91:2e:c9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBsMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0YyNkRBUjExMC8GA1UEBRMoMTUzREMwMTE1MTIwRTI0MEEwNEFBQjlBRTA0RkFE
NjQ3OTI2QjEyNDAeFw0yMzEyMTIwOTAxMDRaFw0yODEyMDEwOTAxMDRaMBgxFjAU
BgNVBAMTDTY1NzZjZmRhLWFkNmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIyP1xVnVlErzfGCCx+sn8Zafc41eRz8MRiydiB1EJy4h6vMuX6aB0g8T4
CeN87hHL5nSMQXo8m+HlImYpKue5UHA+Vh36EhNAQ/A+CIOqKnczAvCOp26NciBS
LvpxxmDAFKNK7wrvQ1fffsnWaN70hq16PYAzOEyWIaN2JxdfRIFs3T8qPAZtbarY
FiroNgK885WyAuw6HYyKYyp9Jo2BWn3AnFLzVIoIB7uq181K/1Mwn4X5rJ7fLqEA
x1ziddmPmNKV8eHKG5VxEHFdGD7wmPaUaDZQNMEkLo6YBaCUPqxSWNz6tTKUMSsY
JuwaIquYfDaTSu/fbMB/dggBpK3vAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUzd20
wLhH8Wm2bD2lY01hM3JjdAgwHwYDVR0jBBgwFoAUFT3AEVEg4kCgSqua4E+tZHkm
sSQwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdGMjZELzUwMDNFNEIyNzBCOTExRTk5OTZDODczRkY4QUVBMjI4L0ZUM0FF
VkVnNGtDZ1NxdWE0RS10WkhrbXNTUS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0ZUM0FFVkVnNGtDZ1NxdWE0RS10WkhrbXNTUS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjdGMjZELzUwMDNFNEIyNzBCOTExRTk5OTZDODczRkY4QUVB
MjI4L0Q2NkY2OEI2OTgwMzExRUU5MTY4RDkzMkQyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBASg4pAwDQYJKoZIhvcNAQELBQAD
ggEBAIKOlBVqZnfx3hvlQ0GIOrrm5GZXomkrNZoCsDx9pHHjCvXOjOl3PawDpUPi
OLA6H9YxxvtNyzvvVqk/D67tbM5tmI6kllkAzE+/UWBHnYwTVZ//Qt6vMxsHbOIx
JO6M+TDH4kERLtCk03XqdIhialJqwNqVsj728sIs1z+oPbJvHb4WlL+npBdme4qG
Kw2HY4DUUOmYJB+cUlAxuN+ph09jMA2Yl2uQUTotZxGuoN4IsDPSpa9702YyqZUK
D3HdSj8CUH/fjdckhQ02GA9p5HDAVSArKzWfXfJOuK7UWRQ6d+ptlSg7vFXLksLq
NJHuHtohEXqmkIageRCcotWRLsk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org