Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D0AADFE29EF11EFB42499EE7CDC24C2.roa
File:                     0D0AADFE29EF11EFB42499EE7CDC24C2.roa (raw, json)
Hash identifier:          Jrx/b0LeJjaiU6DAVoBYXdv/2ySLL9ER0tbhxdKYZ80=
Subject key identifier:   30:55:A3:82:B2:9E:9D:0F:F6:6F:01:E6:4B:BE:A2:DC:EF:28:75:0E
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       91A9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D0AADFE29EF11EFB42499EE7CDC24C2.roa
Signing time:             Fri 14 Jun 2024 01:40:16 +0000
ROA not before:           Fri 14 Jun 2024 01:40:13 +0000
ROA not after:            Tue 16 Jun 2026 01:40:13 +0000
asID:                     27947
IP address blocks:        45.199.178.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37289 (0x91a9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jun 14 01:40:13 2024 GMT
            Not After : Jun 16 01:40:13 2026 GMT
        Subject: CN=666b9f80-c5c1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b1:43:89:33:c9:a5:2a:62:5f:a2:ea:b5:1c:
                    df:13:58:31:a6:b2:58:af:b3:1b:7e:0d:82:a5:f1:
                    b3:35:c1:df:c0:08:78:a4:11:8e:df:c5:18:b3:cd:
                    20:8b:06:0d:98:b9:7e:54:c6:50:f1:f6:b8:6f:3e:
                    8d:00:45:28:24:45:f1:69:ec:30:ed:b1:e7:c9:ce:
                    84:50:fd:d5:cf:87:2e:3b:c7:1c:89:ce:3d:ca:6b:
                    be:05:c1:3e:07:c5:af:d2:d8:3a:9e:56:78:35:b7:
                    38:19:0e:c0:b5:56:eb:3e:44:4a:15:e4:23:12:88:
                    49:1f:e5:b9:b7:7a:f5:86:4b:3f:95:09:51:00:11:
                    40:31:4b:fc:59:e8:10:36:cb:bd:af:64:d6:a0:a4:
                    a9:43:c2:07:b5:81:92:91:79:ad:7d:51:28:10:63:
                    b1:78:3a:48:a7:60:05:83:74:93:a8:b9:59:50:06:
                    47:f9:7b:8d:ed:a0:d0:15:bd:04:3f:4c:56:de:85:
                    8e:65:79:4a:b0:70:8f:bf:57:12:e9:a8:b7:a6:2e:
                    4a:2f:ff:1e:3d:c3:d6:12:7f:2c:f1:2e:83:51:4e:
                    3b:2c:75:69:0f:09:d6:f6:2c:e5:45:cc:eb:a3:5f:
                    a8:68:df:80:88:e5:99:75:f8:6f:cb:21:e8:be:06:
                    3c:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                30:55:A3:82:B2:9E:9D:0F:F6:6F:01:E6:4B:BE:A2:DC:EF:28:75:0E
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0D0AADFE29EF11EFB42499EE7CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.199.178.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:65:83:9d:b1:7c:79:9b:25:2d:c8:cd:b8:16:c0:37:9a:53:
         75:78:af:2e:6e:87:07:ca:e8:7c:3b:3b:38:6f:92:4f:eb:92:
         a7:5e:3f:a9:e0:c2:22:2c:11:37:b6:6f:78:3f:32:cf:73:4b:
         17:65:0c:19:47:73:05:10:f4:c1:b3:d9:c2:d5:f8:36:1d:c2:
         3d:17:a7:6c:78:ae:e3:51:04:6c:59:fa:36:81:91:56:de:4e:
         64:b1:f2:e2:d8:91:66:5f:fd:0d:9e:2f:33:a7:aa:77:9a:c8:
         46:75:1d:2b:23:51:b1:9b:94:3f:b5:09:ea:5c:44:42:bb:4b:
         99:6e:b0:58:1a:85:38:31:91:40:d6:00:c1:58:d9:e8:b6:4c:
         cf:8e:8b:45:21:08:c8:bf:80:4c:8f:95:61:99:d5:75:f0:84:
         37:89:58:2e:ba:73:33:20:fc:70:e3:e0:e3:5f:6e:aa:72:f9:
         77:dc:63:49:ca:b0:75:8b:b3:e4:73:db:6f:5c:63:9f:5e:94:
         1f:c1:92:a0:e3:e4:c5:da:3a:a8:31:e8:fc:39:b4:37:a8:03:
         45:0b:d3:07:65:58:50:a8:8d:30:99:4d:9f:96:7a:2d:43:b0:
         48:ab:fe:56:ce:18:00:1a:04:c4:53:c3:b1:40:61:f8:6d:6b:
         9a:ad:5b:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJGpMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjE0MDE0MDEzWhcNMjYwNjE2MDE0MDEzWjAYMRYw
FAYDVQQDEw02NjZiOWY4MC1jNWMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwrFDiTPJpSpiX6LqtRzfE1gxprJYr7Mbfg2CpfGzNcHfwAh4pBGO38UY
s80giwYNmLl+VMZQ8fa4bz6NAEUoJEXxaeww7bHnyc6EUP3Vz4cuO8ccic49ymu+
BcE+B8Wv0tg6nlZ4Nbc4GQ7AtVbrPkRKFeQjEohJH+W5t3r1hks/lQlRABFAMUv8
WegQNsu9r2TWoKSpQ8IHtYGSkXmtfVEoEGOxeDpIp2AFg3STqLlZUAZH+XuN7aDQ
Fb0EP0xW3oWOZXlKsHCPv1cS6ai3pi5KL/8ePcPWEn8s8S6DUU47LHVpDwnW9izl
Rczro1+oaN+AiOWZdfhvyyHovgY8AwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFDBV
o4Kynp0P9m8B5ku+otzvKHUOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRDBBQURGRTI5RUYxMUVGQjQyNDk5RUU3Q0RDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALceyMA0GCSqGSIb3DQEBCwUA
A4IBAQA3ZYOdsXx5myUtyM24FsA3mlN1eK8ubocHyuh8Ozs4b5JP65KnXj+p4MIi
LBE3tm94PzLPc0sXZQwZR3MFEPTBs9nC1fg2HcI9F6dseK7jUQRsWfo2gZFW3k5k
sfLi2JFmX/0Nni8zp6p3mshGdR0rI1Gxm5Q/tQnqXERCu0uZbrBYGoU4MZFA1gDB
WNnotkzPjotFIQjIv4BMj5VhmdV18IQ3iVguunMzIPxw4+DjX26qcvl33GNJyrB1
i7Pkc9tvXGOfXpQfwZKg4+TF2jqoMej8ObQ3qANFC9MHZVhQqI0wmU2flnotQ7BI
q/5WzhgAGgTEU8OxQGH4bWuarVvE
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:19 2024 by rpki-client on console-ams.rpki-client.org