Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/144529E408FF11EEB91E92434AD9E6FC.roa
File:                     144529E408FF11EEB91E92434AD9E6FC.roa (raw, json)
Hash identifier:          73fL4KjxpRu2uLPE4an9V2ORXvdcDNNWJ5wkXRf0Dl8=
Subject key identifier:   F3:8E:28:8E:50:EA:1D:CF:F3:7C:1A:46:8E:31:49:4F:13:B2:C1:D1
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       2B5D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/144529E408FF11EEB91E92434AD9E6FC.roa
Signing time:             Mon 12 Jun 2023 08:56:54 +0000
ROA not before:           Mon 12 Jun 2023 08:56:51 +0000
ROA not after:            Sun 30 Mar 2025 08:56:51 +0000
asID:                     132585
IP address blocks:        45.195.58.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11101 (0x2b5d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jun 12 08:56:51 2023 GMT
            Not After : Mar 30 08:56:51 2025 GMT
        Subject: CN=6486ddd6-73b5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:fa:f5:58:9c:3e:7a:b9:48:ec:ba:3b:e7:30:
                    d2:17:4b:69:55:f7:35:1d:a5:ce:39:86:58:d3:97:
                    56:84:52:69:09:79:2f:d6:1e:ee:3e:37:32:1c:a4:
                    ab:16:9a:70:a5:0f:60:ab:ca:15:76:8a:33:89:b8:
                    49:4e:87:c2:fc:20:cb:a7:5b:d2:38:40:4d:63:1f:
                    32:4a:fc:e8:48:c0:2b:86:ed:ad:2f:67:30:97:0e:
                    23:8f:44:2b:b8:18:2f:5d:19:fb:04:c7:ae:e3:af:
                    d4:90:c0:37:53:a8:bb:7f:a3:49:d6:cc:67:55:31:
                    20:91:aa:29:df:f3:22:38:c0:20:94:42:ba:34:ca:
                    5e:c7:05:a3:86:aa:ef:a0:28:0b:ad:72:2a:52:0c:
                    78:6c:38:25:06:9d:cb:06:89:98:43:2f:3d:da:cc:
                    e6:67:fe:e4:f0:98:41:c4:fa:d8:a7:d5:61:f6:8f:
                    23:33:20:2e:a4:c8:4c:fb:c7:ba:c4:cc:a9:b8:ed:
                    28:57:2c:52:00:fe:7f:af:14:31:e2:ca:bc:13:ee:
                    a7:8f:cd:56:9a:38:38:89:d2:26:d3:a1:9d:0a:20:
                    8c:d3:b9:09:1e:7a:97:7c:20:06:0b:8c:c4:46:97:
                    0c:88:f3:45:e7:c5:bc:f5:60:fc:05:8d:9e:43:30:
                    55:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F3:8E:28:8E:50:EA:1D:CF:F3:7C:1A:46:8E:31:49:4F:13:B2:C1:D1
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/144529E408FF11EEB91E92434AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.195.58.0/23

    Signature Algorithm: sha256WithRSAEncryption
         13:ca:29:95:ec:b6:0f:6d:38:21:8e:60:d0:ad:a8:3e:13:06:
         21:37:29:29:b1:ca:6a:c4:91:01:18:b2:c8:4a:ab:92:b8:e9:
         5a:0d:ae:cb:f4:80:24:5c:e4:4b:be:bc:ae:64:57:49:69:77:
         8a:36:80:24:65:9c:1a:62:79:79:c5:55:8a:88:8f:56:56:0a:
         0d:4f:75:3b:e0:e1:e5:e0:a2:46:ec:f4:ee:1f:27:d2:cd:6f:
         80:6a:2d:53:d0:8e:85:fb:bb:2c:c6:1d:6a:fe:67:8b:d0:d0:
         47:aa:d0:5c:37:b8:63:37:73:b1:74:88:12:9a:31:5c:21:35:
         4a:74:8d:b7:f9:94:bd:a0:24:a0:9f:60:d6:1d:7b:19:ee:73:
         3f:30:23:a1:40:f4:57:ca:be:61:6f:2b:51:20:a8:5c:21:be:
         b6:75:bf:38:23:d6:ba:05:85:7f:4f:ab:19:86:5f:fc:65:79:
         b7:97:37:67:fe:9e:55:76:14:7f:21:2e:7d:8f:bc:65:4a:29:
         64:7b:f1:43:f4:aa:b4:9b:fb:04:ca:27:46:46:b9:3f:95:e2:
         16:06:e2:18:53:51:5b:69:4f:b7:61:56:71:83:e9:35:d0:f4:
         bb:b8:76:ca:3a:d8:e7:5f:2b:de:86:95:1e:f5:db:e7:89:68:
         28:57:69:f4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICK10wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzA2MTIwODU2NTFaFw0yNTAzMzAwODU2NTFaMBgxFjAU
BgNVBAMTDTY0ODZkZGQ2LTczYjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3+vVYnD56uUjsujvnMNIXS2lV9zUdpc45hljTl1aEUmkJeS/WHu4+NzIc
pKsWmnClD2CryhV2ijOJuElOh8L8IMunW9I4QE1jHzJK/OhIwCuG7a0vZzCXDiOP
RCu4GC9dGfsEx67jr9SQwDdTqLt/o0nWzGdVMSCRqinf8yI4wCCUQro0yl7HBaOG
qu+gKAutcipSDHhsOCUGncsGiZhDLz3azOZn/uTwmEHE+tin1WH2jyMzIC6kyEz7
x7rEzKm47ShXLFIA/n+vFDHiyrwT7qePzVaaODiJ0ibToZ0KIIzTuQkeepd8IAYL
jMRGlwyI80Xnxbz1YPwFjZ5DMFXdAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU844o
jlDqHc/zfBpGjjFJTxOywdEwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzE0NDUyOUU0MDhGRjExRUVCOTFFOTI0MzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtwzowDQYJKoZIhvcNAQELBQAD
ggEBABPKKZXstg9tOCGOYNCtqD4TBiE3KSmxymrEkQEYsshKq5K46VoNrsv0gCRc
5Eu+vK5kV0lpd4o2gCRlnBpieXnFVYqIj1ZWCg1PdTvg4eXgokbs9O4fJ9LNb4Bq
LVPQjoX7uyzGHWr+Z4vQ0Eeq0Fw3uGM3c7F0iBKaMVwhNUp0jbf5lL2gJKCfYNYd
exnucz8wI6FA9FfKvmFvK1EgqFwhvrZ1vzgj1roFhX9PqxmGX/xlebeXN2f+nlV2
FH8hLn2PvGVKKWR78UP0qrSb+wTKJ0ZGuT+V4hYG4hhTUVtpT7dhVnGD6TXQ9Lu4
dso62OdfK96GlR712+eJaChXafQ=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org