Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17D2D9561D0F11EFBE91F5E67CDC24C2.roa
File:                     17D2D9561D0F11EFBE91F5E67CDC24C2.roa (raw, json)
Hash identifier:          Jj0yjecLD93ES/qU7r1ajV8/txzVOkstAicCs0UJxiY=
Subject key identifier:   A3:1B:39:03:A3:E3:71:A6:AB:6F:C0:04:09:9F:45:60:24:05:8F:02
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8C9C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17D2D9561D0F11EFBE91F5E67CDC24C2.roa
Signing time:             Tue 28 May 2024 16:26:53 +0000
ROA not before:           Tue 28 May 2024 16:26:50 +0000
ROA not after:            Sun 29 Dec 2024 16:26:50 +0000
asID:                     138415
IP address blocks:        156.234.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35996 (0x8c9c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: May 28 16:26:50 2024 GMT
            Not After : Dec 29 16:26:50 2024 GMT
        Subject: CN=665605cd-880d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:41:ea:71:b7:9e:6f:93:b9:ba:b0:cf:92:8e:
                    58:54:db:f5:c7:16:95:56:8e:25:9c:cf:e3:ed:1e:
                    c7:b7:52:1b:37:b8:e5:0a:64:a0:6c:6f:57:4f:95:
                    f9:3d:60:40:ae:f8:b3:9a:62:a2:6e:a6:df:d8:18:
                    42:01:c1:19:67:fd:2b:3f:db:f6:af:55:fe:19:5e:
                    18:40:d0:58:61:6c:88:a3:2e:80:4d:56:aa:33:13:
                    67:88:ff:a6:97:32:76:43:40:5c:03:d2:50:4b:40:
                    0f:e5:50:00:b0:c0:1f:b5:cb:49:bf:7d:36:96:9d:
                    8d:77:68:63:cc:d4:18:ea:10:00:35:c4:06:b7:58:
                    bd:af:e5:9b:25:c1:6e:4c:31:49:ab:2b:64:3c:b3:
                    2f:ae:f0:5a:a9:bd:e5:b6:f0:08:67:46:9c:8a:f3:
                    9d:c8:50:3e:dd:70:4a:e5:ad:96:09:7d:1f:9d:5e:
                    ae:b3:8f:b5:d7:b1:77:9f:e3:94:2b:d1:b2:c3:c0:
                    e6:93:25:9a:21:bd:68:d4:c6:e3:7b:a5:c4:79:c8:
                    74:02:c6:64:d6:f5:8c:12:e7:8b:1b:8e:d5:45:c4:
                    6b:c9:59:e7:e6:ed:07:5d:65:eb:80:60:bd:7d:b4:
                    4d:96:b8:af:ce:80:ed:8b:8f:81:c5:04:11:12:42:
                    17:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:1B:39:03:A3:E3:71:A6:AB:6F:C0:04:09:9F:45:60:24:05:8F:02
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/17D2D9561D0F11EFBE91F5E67CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.234.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         60:ff:7c:92:67:22:a5:02:8d:cc:76:cc:66:2d:aa:1d:03:c7:
         d1:76:0c:f3:15:20:bd:0d:08:ef:bd:96:c0:a1:d2:67:3d:09:
         dc:ad:be:3b:b2:4f:b2:8b:e6:2f:6d:68:0a:f2:de:4b:7e:04:
         e9:c9:a1:c5:0a:cb:38:91:7b:1b:7d:b2:58:16:cd:97:82:ec:
         19:41:72:a3:bf:1c:53:a9:c8:2f:ac:72:e5:74:7b:32:8c:ad:
         8d:64:5d:b3:16:74:52:e2:70:a0:82:19:be:97:42:b4:fb:50:
         19:ba:fc:a3:5b:fc:6c:76:e9:8d:0f:71:f9:2a:44:8c:07:b9:
         63:95:47:bd:68:93:d7:f3:f2:02:a4:74:9e:13:da:27:2c:1c:
         e8:a9:30:64:96:16:d7:e5:11:7d:2c:e9:43:56:0c:49:a5:4e:
         13:b5:63:bb:0b:5b:f9:c6:f9:5f:39:86:ce:c8:df:09:37:2f:
         e3:86:48:88:1c:fc:06:a2:7d:cd:42:2d:bf:7e:50:c1:a4:18:
         db:51:ef:1a:fd:6b:9d:6c:4f:7e:a9:4f:fb:38:57:58:98:2b:
         d4:0a:4c:57:af:74:e0:75:40:21:5c:2e:7e:2c:26:9d:a3:db:
         86:9e:3b:bd:f0:0f:72:a1:5f:45:69:09:79:e7:7f:24:99:2f:
         cb:2e:9e:a2
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAIycMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTI4MTYyNjUwWhcNMjQxMjI5MTYyNjUwWjAYMRYw
FAYDVQQDEw02NjU2MDVjZC04ODBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAqkHqcbeeb5O5urDPko5YVNv1xxaVVo4lnM/j7R7Ht1IbN7jlCmSgbG9X
T5X5PWBArvizmmKibqbf2BhCAcEZZ/0rP9v2r1X+GV4YQNBYYWyIoy6ATVaqMxNn
iP+mlzJ2Q0BcA9JQS0AP5VAAsMAftctJv302lp2Nd2hjzNQY6hAANcQGt1i9r+Wb
JcFuTDFJqytkPLMvrvBaqb3ltvAIZ0acivOdyFA+3XBK5a2WCX0fnV6us4+117F3
n+OUK9Gyw8DmkyWaIb1o1Mbje6XEech0AsZk1vWMEueLG47VRcRryVnn5u0HXWXr
gGC9fbRNlrivzoDti4+BxQQREkIXVQIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFKMb
OQOj43Gmq2/ABAmfRWAkBY8CMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8xN0QyRDk1NjFEMEYxMUVGQkU5MUY1RTY3Q0RDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAnOowDQYJKoZIhvcNAQELBQAD
ggEBAGD/fJJnIqUCjcx2zGYtqh0Dx9F2DPMVIL0NCO+9lsCh0mc9CdytvjuyT7KL
5i9taAry3kt+BOnJocUKyziRext9slgWzZeC7BlBcqO/HFOpyC+scuV0ezKMrY1k
XbMWdFLicKCCGb6XQrT7UBm6/KNb/Gx26Y0PcfkqRIwHuWOVR71ok9fz8gKkdJ4T
2icsHOipMGSWFtflEX0s6UNWDEmlThO1Y7sLW/nG+V85hs7I3wk3L+OGSIgc/Aai
fc1CLb9+UMGkGNtR7xr9a51sT36pT/s4V1iYK9QKTFevdOB1QCFcLn4sJp2j24ae
O73wD3KhX0VpCXnnfySZL8sunqI=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:19 2024 by rpki-client on console-fra.rpki-client.org