Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F5B568AA19A11EF8B432AB6762E951A.roa
File:                     0F5B568AA19A11EF8B432AB6762E951A.roa (raw, json)
Hash identifier:          kA+5+GpIPgrHmMB5M46kPIxNR2Wbd4K8WxSW4+4GK2A=
Subject key identifier:   6A:7D:53:B3:FE:E5:BB:BA:E7:62:9B:FC:48:F7:95:03:E3:74:59:97
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       D24E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F5B568AA19A11EF8B432AB6762E951A.roa
Signing time:             Wed 13 Nov 2024 08:34:13 +0000
ROA not before:           Wed 13 Nov 2024 08:34:09 +0000
ROA not after:            Sat 23 Nov 2024 08:34:09 +0000
asID:                     136950
IP address blocks:        45.204.84.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 53838 (0xd24e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Nov 13 08:34:09 2024 GMT
            Not After : Nov 23 08:34:09 2024 GMT
        Subject: CN=67346485-28b3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:c7:29:d2:59:9d:1a:35:4d:3e:76:f6:15:17:
                    24:7c:3a:b3:18:79:c7:77:73:a8:69:5f:0f:a2:b2:
                    6c:04:10:9c:ab:e5:c4:7a:7d:e6:b3:f8:94:78:f7:
                    0a:b7:12:b8:31:2b:4b:fc:87:35:f7:99:20:35:29:
                    26:06:9c:2d:89:cf:f2:2f:57:5a:c5:ae:63:94:17:
                    06:b2:df:4a:40:f9:52:47:a5:86:66:00:cf:9a:c2:
                    65:45:e9:92:a1:5d:9f:57:9c:0f:44:b9:9b:6c:ae:
                    7d:52:4b:31:e1:9f:e6:fb:31:28:ec:b0:6f:33:08:
                    b7:a0:2d:13:9e:5b:22:bc:1e:e3:96:35:af:ed:77:
                    62:c8:c0:39:b4:24:69:fc:83:63:50:8e:38:81:49:
                    55:24:cc:69:fb:a0:56:fd:1c:c0:7d:b7:87:35:82:
                    ac:1d:62:40:90:b6:92:6b:e0:0f:a8:8e:0b:65:7a:
                    c5:a2:2f:8f:43:82:db:5b:8a:df:9f:24:96:ec:8b:
                    76:0a:a1:9b:b6:67:af:58:14:55:85:45:ff:1f:ca:
                    ee:c1:37:0f:c1:75:2c:a6:f2:40:4b:ac:1e:e9:21:
                    db:c2:74:12:41:62:41:29:7d:c6:ad:9a:9d:27:54:
                    19:df:b1:8e:6c:b0:59:59:97:ff:63:77:eb:9a:1f:
                    fc:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:7D:53:B3:FE:E5:BB:BA:E7:62:9B:FC:48:F7:95:03:E3:74:59:97
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F5B568AA19A11EF8B432AB6762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.204.84.0/23

    Signature Algorithm: sha256WithRSAEncryption
         59:d7:e3:40:dd:17:dc:ef:7b:ca:90:9c:24:bd:a2:7b:bc:5d:
         c7:1e:eb:90:6c:f0:eb:00:a2:57:ce:95:49:e4:13:d0:50:d2:
         a8:58:a4:92:63:48:25:03:aa:a4:60:84:77:04:c0:70:96:e5:
         d0:6b:10:44:bf:1a:dc:24:5f:ca:2c:d8:b8:e7:99:5f:7c:6f:
         73:3a:4a:55:38:ce:0c:49:d0:1e:d2:66:c0:f0:d4:9a:92:2f:
         76:eb:d8:0b:ae:82:27:cb:bb:c5:d8:9b:97:88:6a:28:75:92:
         db:0b:f1:d0:ad:39:16:91:16:c6:cb:d8:1d:dd:a6:e8:a7:88:
         69:aa:8b:1f:5c:4c:25:98:9c:bd:f4:f9:20:e8:56:17:ed:07:
         14:f7:95:1b:80:29:b9:4b:89:b3:3e:eb:6f:36:9a:08:dd:36:
         8c:23:94:1e:b8:a4:d8:01:9e:0e:71:19:7a:49:44:8d:95:15:
         4d:d8:cc:50:f5:4c:4b:ce:8a:a5:7a:f6:71:be:20:9b:dc:90:
         01:07:72:d0:c1:86:35:81:1d:d0:22:aa:1e:0d:9b:04:23:0e:
         b6:53:1d:32:7f:4e:08:9b:17:a2:ab:ab:88:ac:a5:8d:aa:a9:
         dc:dd:5c:98:f5:3e:2f:8b:17:5c:91:47:5c:50:33:ab:be:75:
         28:a4:79:b0
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDANJOMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQxMTEzMDgzNDA5WhcNMjQxMTIzMDgzNDA5WjAYMRYw
FAYDVQQDEw02NzM0NjQ4NS0yOGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAx8cp0lmdGjVNPnb2FRckfDqzGHnHd3OoaV8PorJsBBCcq+XEen3ms/iU
ePcKtxK4MStL/Ic195kgNSkmBpwtic/yL1daxa5jlBcGst9KQPlSR6WGZgDPmsJl
RemSoV2fV5wPRLmbbK59Uksx4Z/m+zEo7LBvMwi3oC0TnlsivB7jljWv7XdiyMA5
tCRp/INjUI44gUlVJMxp+6BW/RzAfbeHNYKsHWJAkLaSa+APqI4LZXrFoi+PQ4Lb
W4rfnySW7It2CqGbtmevWBRVhUX/H8ruwTcPwXUspvJAS6we6SHbwnQSQWJBKX3G
rZqdJ1QZ37GObLBZWZf/Y3frmh/8xwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGp9
U7P+5bu652Kb/Ej3lQPjdFmXMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjVCNTY4QUExOUExMUVGOEI0MzJBQjY3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLcxUMA0GCSqGSIb3DQEBCwUA
A4IBAQBZ1+NA3Rfc73vKkJwkvaJ7vF3HHuuQbPDrAKJXzpVJ5BPQUNKoWKSSY0gl
A6qkYIR3BMBwluXQaxBEvxrcJF/KLNi455lffG9zOkpVOM4MSdAe0mbA8NSaki92
69gLroIny7vF2JuXiGoodZLbC/HQrTkWkRbGy9gd3abop4hpqosfXEwlmJy99Pkg
6FYX7QcU95UbgCm5S4mzPutvNpoI3TaMI5QeuKTYAZ4OcRl6SUSNlRVN2MxQ9UxL
zoqlevZxviCb3JABB3LQwYY1gR3QIqoeDZsEIw62Ux0yf04Imxeiq6uIrKWNqqnc
3VyY9T4vixdckUdcUDOrvnUopHmw
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org