Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F8974DE22EC11EF905CF7457DDC24C2.roa
File:                     0F8974DE22EC11EF905CF7457DDC24C2.roa (raw, json)
Hash identifier:          YtWWJjT1gJx4P4wmizc7tUSuCNTG8PSez62UeXhL8nI=
Subject key identifier:   94:A2:BD:7A:F3:21:E5:E8:0F:73:61:80:F4:F4:5C:F1:5C:3F:A3:D9
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8F23
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F8974DE22EC11EF905CF7457DDC24C2.roa
Signing time:             Wed 05 Jun 2024 03:31:14 +0000
ROA not before:           Wed 05 Jun 2024 03:31:11 +0000
ROA not after:            Sat 24 May 2025 03:31:11 +0000
asID:                     38901
IP address blocks:        45.201.150.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36643 (0x8f23)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jun  5 03:31:11 2024 GMT
            Not After : May 24 03:31:11 2025 GMT
        Subject: CN=665fdc02-e6d2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:96:86:e0:35:32:06:2a:c4:f5:6c:bc:c4:aa:
                    9e:32:56:f0:cb:fa:db:f5:a2:e3:a4:84:72:4c:c5:
                    68:6d:5c:70:1f:f3:6f:9c:e1:45:d2:22:47:ae:ad:
                    01:df:d2:06:c0:dc:1d:97:fe:73:bb:10:51:7b:bc:
                    f8:96:ba:de:9d:28:21:96:d7:e0:80:20:3a:1a:f1:
                    3d:a8:ce:21:c5:ab:46:77:93:48:60:a0:9c:4f:e3:
                    79:ca:52:9a:8e:28:29:07:bb:37:f6:0b:7e:ff:fd:
                    6c:7b:69:35:13:b8:b2:4e:35:bb:1f:b9:70:84:3c:
                    13:2a:14:0c:ef:4c:1f:b9:9b:44:33:06:99:b1:c5:
                    e9:f9:f8:28:b6:17:cd:c6:6b:79:a1:d6:2e:63:3d:
                    1c:36:47:03:b0:ba:b0:47:ac:b8:e3:08:8d:25:e2:
                    1f:e2:21:d5:0f:b1:e2:49:e5:b9:07:ad:aa:f5:92:
                    ba:8f:6f:26:52:68:b2:fd:f8:96:6f:4f:6f:1b:cc:
                    28:c1:69:da:8e:0b:64:65:08:29:fb:8d:80:5d:c9:
                    a1:cf:04:2e:83:62:40:81:fa:2a:53:b3:c8:2f:b6:
                    ba:9a:94:04:c5:3e:f8:8a:34:28:6e:9e:fb:5a:ce:
                    e4:de:d8:db:3a:36:f0:bd:35:4d:78:c8:eb:b0:31:
                    e3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:A2:BD:7A:F3:21:E5:E8:0F:73:61:80:F4:F4:5C:F1:5C:3F:A3:D9
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/0F8974DE22EC11EF905CF7457DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.201.150.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:e8:8f:34:da:80:28:a5:af:94:c1:fc:96:5f:8a:ab:fa:84:
         79:e9:df:0e:95:ad:bb:42:a8:56:ae:88:dc:03:39:a4:79:4f:
         5f:37:96:63:1c:3a:08:e1:88:10:1b:ec:db:6e:9e:a4:76:7c:
         83:45:15:1f:78:6e:6c:23:50:7a:99:67:0d:41:b9:5f:2f:d0:
         7b:9f:13:51:18:16:37:8b:a6:25:5e:3c:f6:60:fe:0b:96:da:
         ad:80:b6:16:51:ce:e9:ae:73:2b:77:3f:b9:d9:9b:85:ab:d3:
         2f:2b:a9:d7:de:33:db:87:7f:44:81:af:8d:d3:ae:6a:0e:71:
         6c:0e:f2:99:96:0e:a0:65:95:ba:53:1a:9e:c8:5c:31:7c:72:
         67:78:f0:08:8f:1b:d5:92:1d:44:ff:32:92:36:fd:c2:a3:fa:
         7f:37:8d:ea:ac:6b:7b:b6:50:e4:b5:c8:69:b8:7c:14:cc:9d:
         16:1f:cb:2d:7e:7f:ef:01:b4:90:70:70:10:8e:aa:41:74:35:
         9c:78:57:29:28:61:dc:53:34:79:e5:7c:6d:fb:83:05:ec:85:
         3f:d7:56:e6:ad:29:79:aa:95:cc:cd:85:36:9b:f8:15:73:d9:
         1a:4d:c3:c2:6a:a2:a5:a9:11:5c:2b:3c:57:f2:a5:9b:d5:27:
         2a:05:71:f5
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAI8jMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjA1MDMzMTExWhcNMjUwNTI0MDMzMTExWjAYMRYw
FAYDVQQDEw02NjVmZGMwMi1lNmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAxZaG4DUyBirE9Wy8xKqeMlbwy/rb9aLjpIRyTMVobVxwH/NvnOFF0iJH
rq0B39IGwNwdl/5zuxBRe7z4lrrenSghltfggCA6GvE9qM4hxatGd5NIYKCcT+N5
ylKajigpB7s39gt+//1se2k1E7iyTjW7H7lwhDwTKhQM70wfuZtEMwaZscXp+fgo
thfNxmt5odYuYz0cNkcDsLqwR6y44wiNJeIf4iHVD7HiSeW5B62q9ZK6j28mUmiy
/fiWb09vG8wowWnajgtkZQgp+42AXcmhzwQug2JAgfoqU7PIL7a6mpQExT74ijQo
bp77Ws7k3tjbOjbwvTVNeMjrsDHjBQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFJSi
vXrzIeXoD3NhgPT0XPFcP6PZMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8wRjg5NzRERTIyRUMxMUVGOTA1Q0Y3NDU3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcmWMA0GCSqGSIb3DQEBCwUA
A4IBAQCy6I802oAopa+UwfyWX4qr+oR56d8Ola27QqhWrojcAzmkeU9fN5ZjHDoI
4YgQG+zbbp6kdnyDRRUfeG5sI1B6mWcNQblfL9B7nxNRGBY3i6YlXjz2YP4Lltqt
gLYWUc7prnMrdz+52ZuFq9MvK6nX3jPbh39Ega+N065qDnFsDvKZlg6gZZW6Uxqe
yFwxfHJnePAIjxvVkh1E/zKSNv3Co/p/N43qrGt7tlDktchpuHwUzJ0WH8stfn/v
AbSQcHAQjqpBdDWceFcpKGHcUzR55Xxt+4MF7IU/11bmrSl5qpXMzYU2m/gVc9ka
TcPCaqKlqRFcKzxX8qWb1ScqBXH1
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org