Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/106D8FAEB90A11ED92569AABF1222468.roa
File:                     106D8FAEB90A11ED92569AABF1222468.roa (raw, json)
Hash identifier:          qK+8unBWnLw2np+P2NhG+s7+ILZtJurSMer/MKTF4BU=
Subject key identifier:   BD:5D:60:F2:4D:62:6C:0D:F3:2F:C4:A1:60:1A:21:53:41:F1:65:0A
Certificate issuer:       /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial:       25
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access:    rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/106D8FAEB90A11ED92569AABF1222468.roa
Signing time:             Thu 02 Mar 2023 14:54:00 +0000
ROA not before:           Thu 02 Mar 2023 14:53:56 +0000
ROA not after:            Mon 02 Mar 2026 14:53:56 +0000
asID:                     33763
IP address blocks:        160.242.112.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
                          rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37 (0x25)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
        Validity
            Not Before: Mar  2 14:53:56 2023 GMT
            Not After : Mar  2 14:53:56 2026 GMT
        Subject: CN=6400b887-9c09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:16:b7:e7:0d:71:e4:53:be:d3:fa:ec:8a:ad:
                    f6:c5:65:58:e8:90:51:50:fb:f6:a0:f2:1a:fe:12:
                    e6:4e:5d:9e:33:a2:a2:4d:90:99:63:40:e0:f3:03:
                    24:7c:4e:62:9c:b0:80:d5:b6:14:b1:84:d0:02:0d:
                    aa:7b:f1:ce:47:76:fb:b1:92:21:cf:bf:b8:d5:c6:
                    17:93:4e:01:5e:92:a0:cc:4c:e3:15:b2:4b:cf:72:
                    11:56:34:bc:dd:24:d1:36:93:0b:70:75:3e:66:4c:
                    03:c8:18:ab:06:20:22:1c:7c:46:2a:ed:48:59:ce:
                    15:4f:a8:a7:cc:0e:6c:62:8f:c1:c1:29:ce:61:ab:
                    b2:8c:4b:d5:17:78:93:11:ce:06:43:20:11:cc:23:
                    31:54:74:7c:41:80:7c:b8:3a:27:8a:6e:52:73:33:
                    04:09:1b:f6:67:10:a4:4f:81:82:1e:7f:e1:8b:ea:
                    a8:b4:46:30:4b:c3:c5:30:bb:6d:6d:f5:43:23:3c:
                    3a:fc:91:d8:73:c6:25:b7:c1:c0:66:df:d6:c4:ef:
                    58:93:b7:01:56:cc:e2:11:02:58:19:53:aa:b5:1a:
                    1b:08:b3:bd:20:60:84:e1:2b:94:5f:44:c3:cd:d3:
                    45:55:cd:76:3e:3f:71:d8:6a:ba:ad:1f:5d:06:62:
                    c4:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:5D:60:F2:4D:62:6C:0D:F3:2F:C4:A1:60:1A:21:53:41:F1:65:0A
            X509v3 Authority Key Identifier:
                keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/106D8FAEB90A11ED92569AABF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.242.112.0/24

    Signature Algorithm: sha256WithRSAEncryption
         00:24:8a:fc:93:fe:c9:1c:e9:9d:a3:06:41:49:8f:4a:ed:51:
         07:08:f4:d3:6e:34:d9:93:f8:2a:8d:09:0b:f6:fc:3a:09:2f:
         75:8c:df:28:54:ce:32:57:8d:f3:0a:6e:b1:80:c7:c7:1d:a0:
         a5:b9:e6:0a:e6:19:6f:0c:c9:a3:4a:d6:09:5f:54:2e:e4:b5:
         d5:c0:b9:a9:a4:68:94:90:eb:ab:3f:92:e2:15:50:20:4b:7e:
         05:e7:e4:fa:a5:dd:67:f3:5d:21:4f:c0:e7:1c:59:8d:89:36:
         80:75:df:89:d4:23:b7:6f:66:a0:a1:b6:cf:73:e9:4e:e8:7d:
         a6:f2:b8:61:bd:6c:ef:96:aa:af:22:b4:1e:fb:c6:9a:41:92:
         95:14:f5:b0:b3:7f:34:f5:e4:07:dd:12:76:70:66:df:8b:36:
         8b:8f:9d:e0:c1:2f:75:80:d6:c4:f1:20:74:9c:d0:db:b5:fe:
         50:f6:d7:ae:58:c9:5f:24:47:b5:5d:a1:73:c8:9d:86:65:e1:
         53:50:3e:76:99:66:8d:cb:d6:35:9f:15:32:6e:75:fe:f5:89:
         b6:d8:bc:e3:06:9d:66:c9:a7:06:2c:0e:0f:36:c8:d5:8d:79:
         60:a0:9d:d2:4b:13:0b:3c:3c:62:b5:f8:43:bb:5f:77:94:9b:
         58:f0:af:7b
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBJTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0NTM1NloXDTI2MDMwMjE0NTM1NlowGDEWMBQG
A1UEAwwNNjQwMGI4ODctOWMwOTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEWt+cNceRTvtP67Iqt9sVlWOiQUVD79qDyGv4S5k5dnjOiok2QmWNA4PMD
JHxOYpywgNW2FLGE0AINqnvxzkd2+7GSIc+/uNXGF5NOAV6SoMxM4xWyS89yEVY0
vN0k0TaTC3B1PmZMA8gYqwYgIhx8RirtSFnOFU+op8wObGKPwcEpzmGrsoxL1Rd4
kxHOBkMgEcwjMVR0fEGAfLg6J4puUnMzBAkb9mcQpE+Bgh5/4YvqqLRGMEvDxTC7
bW31QyM8OvyR2HPGJbfBwGbf1sTvWJO3AVbM4hECWBlTqrUaGwizvSBghOErlF9E
w83TRVXNdj4/cdhquq0fXQZixJcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBS9XWDy
TWJsDfMvxKFgGiFTQfFlCjAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvMTA2RDhGQUVCOTBBMTFFRDkyNTY5QUFCRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKDycDANBgkqhkiG9w0BAQsFAAOC
AQEAACSK/JP+yRzpnaMGQUmPSu1RBwj002402ZP4Ko0JC/b8OgkvdYzfKFTOMleN
8wpusYDHxx2gpbnmCuYZbwzJo0rWCV9ULuS11cC5qaRolJDrqz+S4hVQIEt+Befk
+qXdZ/NdIU/A5xxZjYk2gHXfidQjt29moKG2z3PpTuh9pvK4Yb1s75aqryK0HvvG
mkGSlRT1sLN/NPXkB90SdnBm34s2i4+d4MEvdYDWxPEgdJzQ27X+UPbXrljJXyRH
tV2hc8idhmXhU1A+dplmjcvWNZ8VMm51/vWJtti84wadZsmnBiwODzbI1Y15YKCd
0ksTCzw8YrX4Q7tfd5SbWPCvew==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org