Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B99DB078B90911EDBDC7B3AAF1222468.roa
File:                     B99DB078B90911EDBDC7B3AAF1222468.roa (raw, json)
Hash identifier:          H/tRMckT8rHTn7SdTgbzu/5+nMj3GvGhZ276hkZG2jg=
Subject key identifier:   F1:CF:0F:82:5E:09:12:75:9C:58:FA:F1:D2:50:96:31:9C:3E:1F:F0
Certificate issuer:       /CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
Certificate serial:       21
Authority key identifier: D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18
Authority info access:    rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B99DB078B90911EDBDC7B3AAF1222468.roa
Signing time:             Thu 02 Mar 2023 14:51:34 +0000
ROA not before:           Thu 02 Mar 2023 14:51:30 +0000
ROA not after:            Mon 02 Mar 2026 14:51:30 +0000
asID:                     33763
IP address blocks:        160.242.104.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.mft
                          rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33 (0x21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36886B3AR/serialNumber=D9C0B233ACB063543574D3F5F327BEB8B2B99118
        Validity
            Not Before: Mar  2 14:51:30 2023 GMT
            Not After : Mar  2 14:51:30 2026 GMT
        Subject: CN=6400b7f6-b210
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:00:41:22:fe:54:c6:7b:1c:da:0c:fa:17:75:
                    c6:27:eb:e5:c6:d5:03:91:ba:a1:38:87:7c:1b:7d:
                    cf:c6:02:11:af:74:75:37:b0:e9:b5:63:fd:5e:bb:
                    05:f2:cf:cc:f4:4f:e8:3a:16:8f:5d:d6:df:8c:a6:
                    dd:25:fb:c9:72:43:0f:e1:d9:de:09:94:5f:d4:4d:
                    4a:94:e6:85:da:32:ef:7f:fa:59:8c:4d:d2:e1:54:
                    c7:63:b9:2c:5b:4f:b7:98:41:8b:fc:b1:da:eb:b5:
                    35:bc:a3:72:82:96:11:f0:ab:27:88:4a:4f:49:69:
                    67:55:6e:74:3b:58:ce:c9:f9:b7:3d:b0:de:91:43:
                    78:15:06:91:c2:4c:6b:69:34:0d:07:64:f6:23:3f:
                    4d:b1:7c:a2:d0:be:b4:81:2e:1b:fb:87:a8:91:e1:
                    c5:01:88:c9:a4:2d:2d:21:30:8f:8c:d2:b0:02:4d:
                    cb:03:3e:b6:14:e7:f5:b6:d2:4f:12:0c:b3:12:6b:
                    71:f6:87:bc:30:79:80:b9:2e:b1:15:d7:b9:7b:d2:
                    11:63:0a:fd:e5:1d:d4:e3:bf:cc:70:27:f9:c0:ee:
                    62:b7:1a:3d:20:9c:a8:05:e6:0f:d5:0a:c6:50:69:
                    69:5f:31:b8:a3:0b:0d:a0:3f:cd:ba:bd:e4:e3:c9:
                    de:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:CF:0F:82:5E:09:12:75:9C:58:FA:F1:D2:50:96:31:9C:3E:1F:F0
            X509v3 Authority Key Identifier:
                keyid:D9:C0:B2:33:AC:B0:63:54:35:74:D3:F5:F3:27:BE:B8:B2:B9:91:18

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/2cCyM6ywY1Q1dNP18ye-uLK5kRg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/2cCyM6ywY1Q1dNP18ye-uLK5kRg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36886B3/5A411F9EB8EF11EDA5B09DDAF1222468/B99DB078B90911EDBDC7B3AAF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.242.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         78:0b:89:be:4c:e9:37:eb:11:bd:7c:fc:27:0d:1d:5b:1d:e1:
         f8:cb:f6:aa:be:84:f1:e7:99:4c:a4:52:00:4a:f0:37:eb:f6:
         9a:fe:b2:23:72:62:d5:12:1d:48:dd:94:52:65:01:13:17:3f:
         77:ed:72:47:10:2f:f4:4f:08:bf:4f:17:92:87:40:17:aa:bc:
         ce:55:c3:3a:6c:e0:d4:37:af:77:81:e6:70:cd:47:fc:2d:a2:
         91:b4:2f:5e:99:8f:ba:b6:13:89:a5:05:7f:8b:34:48:8e:6e:
         f1:ce:ec:a3:43:49:fb:42:8a:35:a2:1d:3c:ff:af:cc:c4:8e:
         ef:90:fe:aa:a2:bf:9a:9c:33:95:1c:87:e4:f2:f9:cf:84:0b:
         20:65:76:b2:b9:d9:3d:c3:d9:e0:44:4b:41:53:e3:63:d4:b7:
         1e:86:aa:e4:44:96:e5:0a:6a:4b:1a:10:fb:33:d1:51:14:bf:
         7c:70:5b:62:a8:7a:67:5c:03:74:a2:41:1b:cc:bf:13:e5:b0:
         b0:ca:a6:6a:72:17:c0:7b:0e:4a:5c:75:da:88:f0:02:cb:c7:
         22:db:90:63:49:32:5b:6f:72:d4:be:c2:fd:8a:a7:6b:0a:32:
         ac:35:3e:b0:66:27:95:54:d2:a3:e1:c3:42:4c:e3:22:d7:cf:
         7a:25:f4:5f
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBITANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY4
ODZCM0FSMTEwLwYDVQQFEyhEOUMwQjIzM0FDQjA2MzU0MzU3NEQzRjVGMzI3QkVC
OEIyQjk5MTE4MB4XDTIzMDMwMjE0NTEzMFoXDTI2MDMwMjE0NTEzMFowGDEWMBQG
A1UEAwwNNjQwMGI3ZjYtYjIxMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0AQSL+VMZ7HNoM+hd1xifr5cbVA5G6oTiHfBt9z8YCEa90dTew6bVj/V67
BfLPzPRP6DoWj13W34ym3SX7yXJDD+HZ3gmUX9RNSpTmhdoy73/6WYxN0uFUx2O5
LFtPt5hBi/yx2uu1NbyjcoKWEfCrJ4hKT0lpZ1VudDtYzsn5tz2w3pFDeBUGkcJM
a2k0DQdk9iM/TbF8otC+tIEuG/uHqJHhxQGIyaQtLSEwj4zSsAJNywM+thTn9bbS
TxIMsxJrcfaHvDB5gLkusRXXuXvSEWMK/eUd1OO/zHAn+cDuYrcaPSCcqAXmD9UK
xlBpaV8xuKMLDaA/zbq95OPJ3n8CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTxzw+C
XgkSdZxY+vHSUJYxnD4f8DAfBgNVHSMEGDAWgBTZwLIzrLBjVDV00/XzJ764srmR
GDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0NjgvMmNDeU02
eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
MmNDeU02eXdZMVExZE5QMTh5ZS11TEs1a1JnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2ODg2QjMvNUE0MTFGOUVCOEVGMTFFREE1QjA5RERBRjEyMjI0
NjgvQjk5REIwNzhCOTA5MTFFREJEQzdCM0FBRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAaDyaDANBgkqhkiG9w0BAQsFAAOC
AQEAeAuJvkzpN+sRvXz8Jw0dWx3h+Mv2qr6E8eeZTKRSAErwN+v2mv6yI3Ji1RId
SN2UUmUBExc/d+1yRxAv9E8Iv08XkodAF6q8zlXDOmzg1Devd4HmcM1H/C2ikbQv
XpmPurYTiaUFf4s0SI5u8c7so0NJ+0KKNaIdPP+vzMSO75D+qqK/mpwzlRyH5PL5
z4QLIGV2srnZPcPZ4ERLQVPjY9S3Hoaq5ESW5QpqSxoQ+zPRURS/fHBbYqh6Z1wD
dKJBG8y/E+WwsMqmanIXwHsOSlx12ojwAsvHItuQY0kyW29y1L7C/YqnawoyrDU+
sGYnlVTSo+HDQkzjItfPeiX0Xw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org