Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B4BE92AEB90711ED8CC2D9A4F1222468.roa
File:                     B4BE92AEB90711ED8CC2D9A4F1222468.roa (raw, json)
Hash identifier:          JOPBR+tvvjRemnu4y66+pd4vjEJr1OisV+nPw742BIY=
Subject key identifier:   CC:B6:82:67:8F:46:C9:B9:13:11:D0:C0:AA:7A:CB:8C:24:89:4F:7A
Certificate issuer:       /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial:       13
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access:    rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B4BE92AEB90711ED8CC2D9A4F1222468.roa
Signing time:             Thu 02 Mar 2023 14:37:07 +0000
ROA not before:           Thu 02 Mar 2023 14:37:03 +0000
ROA not after:            Fri 01 Mar 2030 14:37:03 +0000
asID:                     33763
IP address blocks:        160.242.32.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
                          rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19 (0x13)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
        Validity
            Not Before: Mar  2 14:37:03 2023 GMT
            Not After : Mar  1 14:37:03 2030 GMT
        Subject: CN=6400b493-36c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:c0:4b:04:29:e4:80:e6:42:40:c9:fe:50:87:
                    57:6d:fd:7f:13:aa:fa:53:a6:fc:2a:73:e4:b7:8c:
                    8a:5c:94:46:05:e7:95:71:52:a8:3e:ea:71:2e:62:
                    36:b5:fc:69:39:94:12:33:9d:30:67:cd:44:8d:e9:
                    93:42:33:c2:84:72:60:29:64:f5:94:b2:e8:4c:ab:
                    4d:cb:75:65:02:96:13:5d:57:58:b2:ac:71:86:b0:
                    14:a3:64:85:c3:fd:04:6d:df:aa:7f:47:d2:49:8c:
                    cf:7d:19:33:ae:11:e7:ae:9a:16:24:9d:2a:c5:e1:
                    84:49:56:8a:b0:e6:8d:1d:86:2b:9f:d4:64:7e:09:
                    cd:9b:3b:de:90:0f:49:bd:bd:c5:2e:79:b9:72:f2:
                    02:e6:75:04:3d:d3:d7:56:a0:3c:aa:d0:87:d5:ba:
                    28:5f:50:94:4c:ea:01:7e:af:2e:d8:f3:21:e4:c1:
                    e8:6f:f3:40:8d:a9:4b:f5:78:f0:e8:b3:be:27:d5:
                    18:cc:61:32:fc:98:91:12:39:77:57:2c:e0:ac:19:
                    0f:e4:d4:7c:0c:52:74:f0:5b:bf:90:59:a6:b5:a1:
                    cd:3e:f6:5d:3e:58:b4:05:c6:6d:c5:fa:be:f9:35:
                    9e:c8:04:7a:a4:fa:8f:f0:d7:a1:b3:69:1e:ca:33:
                    c8:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:B6:82:67:8F:46:C9:B9:13:11:D0:C0:AA:7A:CB:8C:24:89:4F:7A
            X509v3 Authority Key Identifier:
                keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B4BE92AEB90711ED8CC2D9A4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.242.32.0/21

    Signature Algorithm: sha256WithRSAEncryption
         26:9f:ac:65:f2:f7:95:16:80:1a:69:54:68:48:c8:f3:c7:7b:
         3b:c4:d5:f0:cb:1d:d5:c2:cf:ed:15:7a:d4:57:29:e7:66:49:
         fa:2e:85:60:61:b4:5a:13:1f:d4:05:63:2c:9c:80:df:b0:56:
         ba:ec:00:02:5d:8e:ab:48:d3:c1:00:2f:d1:57:f9:ce:13:61:
         47:a9:66:6d:66:ba:2b:47:67:cd:73:d1:f4:c5:d7:24:77:6b:
         c1:4c:3d:57:18:16:37:d5:c5:3e:86:68:c9:ac:74:2b:f6:27:
         8f:25:d7:9a:42:85:4f:ab:07:f4:c3:0e:1d:77:81:5b:4e:c5:
         4f:bd:d8:9f:78:c9:4f:a8:8f:f1:c9:38:cb:c7:aa:6b:59:5a:
         00:36:aa:db:cd:d8:e6:ba:a4:4d:f7:ef:27:d3:3f:9d:9c:20:
         8f:2b:2a:50:7a:0d:dc:aa:fd:58:7a:16:c5:a7:1c:08:66:ab:
         91:0a:bf:47:02:40:5e:ee:04:f5:82:fa:f1:da:12:5d:83:98:
         26:ab:8d:94:a2:6a:f8:40:69:81:49:e4:be:37:a2:d2:c0:68:
         96:f2:4a:5c:32:07:f1:26:b5:70:c8:c4:f6:00:7a:41:4f:ca:
         72:6b:ac:2d:b2:3c:76:c7:cf:28:60:65:6d:5a:62:2f:26:e0:
         8d:a1:9b:89
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBEzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0MzcwM1oXDTMwMDMwMTE0MzcwM1owGDEWMBQG
A1UEAwwNNjQwMGI0OTMtMzZjNTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANzASwQp5IDmQkDJ/lCHV239fxOq+lOm/Cpz5LeMilyURgXnlXFSqD7qcS5i
NrX8aTmUEjOdMGfNRI3pk0IzwoRyYClk9ZSy6EyrTct1ZQKWE11XWLKscYawFKNk
hcP9BG3fqn9H0kmMz30ZM64R566aFiSdKsXhhElWirDmjR2GK5/UZH4JzZs73pAP
Sb29xS55uXLyAuZ1BD3T11agPKrQh9W6KF9QlEzqAX6vLtjzIeTB6G/zQI2pS/V4
8OizvifVGMxhMvyYkRI5d1cs4KwZD+TUfAxSdPBbv5BZprWhzT72XT5YtAXGbcX6
vvk1nsgEeqT6j/DXobNpHsozyOcCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTMtoJn
j0bJuRMR0MCqesuMJIlPejAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvQjRCRTkyQUVCOTA3MTFFRDhDQzJEOUE0RjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA6DyIDANBgkqhkiG9w0BAQsFAAOC
AQEAJp+sZfL3lRaAGmlUaEjI88d7O8TV8Msd1cLP7RV61Fcp52ZJ+i6FYGG0WhMf
1AVjLJyA37BWuuwAAl2Oq0jTwQAv0Vf5zhNhR6lmbWa6K0dnzXPR9MXXJHdrwUw9
VxgWN9XFPoZoyax0K/YnjyXXmkKFT6sH9MMOHXeBW07FT73Yn3jJT6iP8ck4y8eq
a1laADaq283Y5rqkTffvJ9M/nZwgjysqUHoN3Kr9WHoWxaccCGarkQq/RwJAXu4E
9YL68doSXYOYJquNlKJq+EBpgUnkvjei0sBolvJKXDIH8Sa1cMjE9gB6QU/Kcmus
LbI8dsfPKGBlbVpiLybgjaGbiQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:47 2024 by rpki-client on console-ams.rpki-client.org