Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E7FF992929911EE9144DC5AD25BE465.roa
File:                     1E7FF992929911EE9144DC5AD25BE465.roa (raw, json)
Hash identifier:          v9dxxoz7BD2oAqbZ5sMPb8wfbs6ChLmT7pXh0F86wYw=
Subject key identifier:   54:87:5F:50:6B:3A:8A:63:2F:FA:DD:D3:B4:F9:26:87:E8:6D:32:BB
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       4EDD
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E7FF992929911EE9144DC5AD25BE465.roa
Signing time:             Mon 04 Dec 2023 11:34:44 +0000
ROA not before:           Mon 04 Dec 2023 11:34:40 +0000
ROA not after:            Sat 07 Dec 2024 11:34:40 +0000
asID:                     46071
IP address blocks:        156.227.4.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20189 (0x4edd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Dec  4 11:34:40 2023 GMT
            Not After : Dec  7 11:34:40 2024 GMT
        Subject: CN=656db953-55d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:7b:62:40:0e:84:5d:88:9e:f4:83:6e:b7:6e:
                    af:2d:00:4d:32:16:25:3e:c4:7c:2a:09:03:21:b0:
                    79:6d:3c:08:ed:88:a1:9a:09:cd:87:ec:a4:aa:53:
                    7b:03:3a:f2:f0:5f:2f:54:0a:d4:ea:a5:b9:b3:81:
                    07:b5:b2:81:ca:3d:ff:d0:a0:d0:f0:89:d8:18:2b:
                    50:52:f0:d7:8b:06:60:c3:75:ee:95:75:96:56:54:
                    56:4d:49:f9:08:3a:a1:fd:c7:8a:55:44:59:90:9d:
                    ea:7c:45:91:45:df:01:b4:b3:b7:04:9d:94:8e:ce:
                    a5:79:a4:d5:81:a4:1a:80:eb:7e:8f:03:48:c8:56:
                    49:3c:64:ca:ab:76:f1:14:4c:07:6e:67:a5:02:47:
                    7b:29:43:43:a0:3d:0d:a9:0c:69:c3:62:8b:83:ef:
                    84:e6:d0:bb:9a:98:9c:b8:2e:16:10:27:bd:86:31:
                    2c:ed:be:d0:d8:e1:d2:ef:87:57:1b:46:95:1b:65:
                    80:54:d2:99:fe:98:fc:95:dd:74:8a:c7:90:c9:55:
                    6a:eb:42:7e:3a:f0:27:9f:a3:a2:a3:aa:38:68:fb:
                    33:f4:1f:6f:b5:7d:eb:9c:8b:e9:21:db:6c:4a:84:
                    37:65:08:f3:cf:a0:7f:52:77:85:bf:f4:f3:bf:51:
                    98:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:87:5F:50:6B:3A:8A:63:2F:FA:DD:D3:B4:F9:26:87:E8:6D:32:BB
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/1E7FF992929911EE9144DC5AD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.227.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:eb:8c:13:b5:d1:c2:6d:ba:ae:21:6b:95:8d:db:9a:f5:6e:
         a2:ae:3d:d1:85:5c:54:b5:e8:06:66:dc:9d:40:5f:48:f5:45:
         e2:fc:ac:6b:e8:07:10:4d:20:aa:ca:36:75:94:0c:7b:9c:30:
         da:a0:7c:52:48:12:0b:c7:8b:e3:2e:a4:83:02:9e:0c:a4:2e:
         4c:89:d3:5d:dd:b4:45:49:85:60:b4:1d:36:85:fd:4c:ba:02:
         44:0e:86:60:f3:d2:36:5e:48:86:4d:6b:80:5f:32:e3:bd:2c:
         25:71:ab:ac:06:ae:48:78:a8:f8:ec:a8:d7:53:94:e8:f9:ee:
         f6:7c:e4:46:e5:ae:14:5c:89:9b:7b:a6:29:44:94:23:22:ed:
         70:57:57:40:95:9f:7d:0b:14:81:5e:0e:68:70:95:38:c9:cf:
         ce:20:44:1f:53:3c:c6:c5:96:95:22:88:aa:8e:0b:85:c7:aa:
         d9:40:a1:80:e9:16:13:76:56:7a:10:f2:98:b8:70:2a:4e:7f:
         d4:c0:04:33:86:b8:dd:f3:d4:87:ba:5a:1b:8f:50:43:5e:d5:
         53:dc:96:dd:1b:ec:02:fb:35:61:0c:52:95:80:67:1b:41:13:
         65:3c:53:13:46:a3:c6:7d:d1:c8:3b:15:36:91:55:86:4f:57:
         92:46:56:58
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICTt0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzEyMDQxMTM0NDBaFw0yNDEyMDcxMTM0NDBaMBgxFjAU
BgNVBAMTDTY1NmRiOTUzLTU1ZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9e2JADoRdiJ70g263bq8tAE0yFiU+xHwqCQMhsHltPAjtiKGaCc2H7KSq
U3sDOvLwXy9UCtTqpbmzgQe1soHKPf/QoNDwidgYK1BS8NeLBmDDde6VdZZWVFZN
SfkIOqH9x4pVRFmQnep8RZFF3wG0s7cEnZSOzqV5pNWBpBqA636PA0jIVkk8ZMqr
dvEUTAduZ6UCR3spQ0OgPQ2pDGnDYouD74Tm0LuamJy4LhYQJ72GMSztvtDY4dLv
h1cbRpUbZYBU0pn+mPyV3XSKx5DJVWrrQn468Cefo6Kjqjho+zP0H2+1feuci+kh
22xKhDdlCPPPoH9Sd4W/9PO/UZgdAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUVIdf
UGs6imMv+t3TtPkmh+htMrswHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzFFN0ZGOTkyOTI5OTExRUU5MTQ0REM1QUQyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc4wQwDQYJKoZIhvcNAQELBQAD
ggEBACjrjBO10cJtuq4ha5WN25r1bqKuPdGFXFS16AZm3J1AX0j1ReL8rGvoBxBN
IKrKNnWUDHucMNqgfFJIEgvHi+MupIMCngykLkyJ013dtEVJhWC0HTaF/Uy6AkQO
hmDz0jZeSIZNa4BfMuO9LCVxq6wGrkh4qPjsqNdTlOj57vZ85EblrhRciZt7pilE
lCMi7XBXV0CVn30LFIFeDmhwlTjJz84gRB9TPMbFlpUiiKqOC4XHqtlAoYDpFhN2
VnoQ8pi4cCpOf9TABDOGuN3z1Ie6WhuPUENe1VPclt0b7AL7NWEMUpWAZxtBE2U8
UxNGo8Z90cg7FTaRVYZPV5JGVlg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:22 2024 by rpki-client on console-ams.rpki-client.org