Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15A39BDAFE1911EEA126BC62017001B1.roa
File:                     15A39BDAFE1911EEA126BC62017001B1.roa (raw, json)
Hash identifier:          /sKgoqhnq/yJvF8QH2J8H0eZulvAP1YoBbwlfcntdf4=
Subject key identifier:   4E:52:BC:25:57:55:B2:1A:02:AD:1C:33:C1:54:09:EE:83:03:BF:F5
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       836E
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15A39BDAFE1911EEA126BC62017001B1.roa
Signing time:             Fri 19 Apr 2024 06:50:19 +0000
ROA not before:           Fri 19 Apr 2024 06:50:15 +0000
ROA not after:            Wed 16 Apr 2025 06:50:15 +0000
asID:                     28419
IP address blocks:        156.233.28.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33646 (0x836e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Apr 19 06:50:15 2024 GMT
            Not After : Apr 16 06:50:15 2025 GMT
        Subject: CN=6622142a-adca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:fa:6c:13:63:6b:38:c5:d4:35:87:04:8a:67:
                    32:aa:30:7a:0a:44:b8:60:d8:62:b0:2e:67:b0:fa:
                    d8:42:91:76:a1:71:8a:47:5d:8f:8e:8f:21:c8:c6:
                    b5:0a:28:30:fb:cb:46:b4:4d:a3:a3:88:45:46:6b:
                    19:40:b4:d7:51:87:53:28:9d:b2:ca:c7:ce:7b:07:
                    8e:23:b1:37:fa:43:c2:df:e8:9d:50:02:0d:11:6f:
                    00:25:cb:ec:3e:97:0f:bf:1b:1f:6a:08:62:e8:d4:
                    a9:66:d1:6f:bd:70:58:09:18:f7:2b:6b:41:90:2a:
                    02:69:fc:66:8e:7f:37:ea:53:6d:e3:d1:b1:10:49:
                    0f:7a:77:2e:13:6c:ff:27:6e:a3:3b:52:16:33:72:
                    50:ea:ad:ef:69:3d:ad:25:6c:4a:34:93:56:46:00:
                    08:eb:82:37:66:a1:90:f1:3d:94:b4:a7:89:4f:2b:
                    8a:34:07:be:55:b3:99:09:4b:b5:3e:76:4b:2a:60:
                    9b:62:be:c3:97:f4:b1:f3:b8:b8:cb:62:03:a6:5e:
                    db:9b:9e:8d:cc:e4:6e:ad:f4:aa:64:32:7d:e2:d3:
                    21:30:93:2c:f8:cc:37:02:e6:ef:53:f4:6c:43:98:
                    f6:b4:fa:45:40:d5:b0:18:35:4a:3b:8c:6b:fe:c1:
                    b0:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:52:BC:25:57:55:B2:1A:02:AD:1C:33:C1:54:09:EE:83:03:BF:F5
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/15A39BDAFE1911EEA126BC62017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.233.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:45:db:90:82:c0:9f:12:33:69:06:ca:88:4e:88:fd:21:0c:
         79:ee:17:de:9e:eb:7c:a3:e4:11:bd:dc:80:11:4c:e8:f9:04:
         3e:71:06:e6:18:e1:f5:3a:d8:6a:06:45:fb:48:1c:f4:6c:6f:
         ab:c3:ed:0e:9a:f0:a5:e0:fb:77:5f:f7:23:a5:78:25:16:48:
         01:f4:51:c4:57:42:db:cc:cd:9d:a9:a0:0c:d2:72:42:80:1c:
         c4:4a:4e:dd:85:d5:83:d2:08:2b:c1:32:51:87:bf:a2:11:36:
         45:bd:b6:8d:e9:8e:9e:3b:af:4f:cd:1f:4b:4e:b4:aa:dc:ff:
         de:fe:4b:63:ff:a2:1b:27:07:da:aa:17:97:28:8c:db:25:b1:
         2e:b2:1b:18:d3:d3:a6:45:d3:3d:2b:59:26:05:cf:97:28:16:
         a4:ab:97:a2:90:d5:97:e7:2b:c6:ba:03:ac:d8:eb:49:76:6c:
         b6:a6:80:36:f6:05:86:59:dc:d3:d2:8a:c4:ac:96:69:24:86:
         cb:29:4f:bf:f4:0f:ef:91:63:6d:b9:f3:05:a6:34:fe:a9:4a:
         2c:d0:59:29:00:5c:aa:cc:b7:03:c5:a2:c8:6a:74:2e:68:bc:
         c3:85:14:b7:5f:c4:d9:84:82:f9:09:2a:58:e5:74:66:1c:c1:
         64:a6:06:e7
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAINuMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNDE5MDY1MDE1WhcNMjUwNDE2MDY1MDE1WjAYMRYw
FAYDVQQDEw02NjIyMTQyYS1hZGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA3fpsE2NrOMXUNYcEimcyqjB6CkS4YNhisC5nsPrYQpF2oXGKR12Pjo8h
yMa1Cigw+8tGtE2jo4hFRmsZQLTXUYdTKJ2yysfOeweOI7E3+kPC3+idUAINEW8A
JcvsPpcPvxsfaghi6NSpZtFvvXBYCRj3K2tBkCoCafxmjn836lNt49GxEEkPencu
E2z/J26jO1IWM3JQ6q3vaT2tJWxKNJNWRgAI64I3ZqGQ8T2UtKeJTyuKNAe+VbOZ
CUu1PnZLKmCbYr7Dl/Sx87i4y2IDpl7bm56NzORurfSqZDJ94tMhMJMs+Mw3Aubv
U/RsQ5j2tPpFQNWwGDVKO4xr/sGw0QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFE5S
vCVXVbIaAq0cM8FUCe6DA7/1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xNUEzOUJEQUZFMTkxMUVFQTEyNkJDNjIwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCnOkcMA0GCSqGSIb3DQEBCwUA
A4IBAQATRduQgsCfEjNpBsqIToj9IQx57hfenut8o+QRvdyAEUzo+QQ+cQbmGOH1
OthqBkX7SBz0bG+rw+0OmvCl4Pt3X/cjpXglFkgB9FHEV0LbzM2dqaAM0nJCgBzE
Sk7dhdWD0ggrwTJRh7+iETZFvbaN6Y6eO69PzR9LTrSq3P/e/ktj/6IbJwfaqheX
KIzbJbEushsY09OmRdM9K1kmBc+XKBakq5eikNWX5yvGugOs2OtJdmy2poA29gWG
WdzT0orErJZpJIbLKU+/9A/vkWNtufMFpjT+qUos0FkpAFyqzLcDxaLIanQuaLzD
hRS3X8TZhIL5CSpY5XRmHMFkpgbn
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:20 2024 by rpki-client on console-ams.rpki-client.org