Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3146BE5418CB11EFB6A4FEF8007001B1.roa
File:                     3146BE5418CB11EFB6A4FEF8007001B1.roa (raw, json)
Hash identifier:          faeF1u15ouF/nyeh5ISDGnMMX/BXvRVkW5JL+ie8KKY=
Subject key identifier:   1A:94:B0:B7:34:E4:66:66:C6:93:A7:7C:8B:5E:8C:87:B9:4D:29:D4
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8B4B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3146BE5418CB11EFB6A4FEF8007001B1.roa
Signing time:             Thu 23 May 2024 06:10:46 +0000
ROA not before:           Thu 23 May 2024 06:10:42 +0000
ROA not after:            Mon 26 May 2025 06:10:42 +0000
asID:                     212552
IP address blocks:        45.195.250.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35659 (0x8b4b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: May 23 06:10:42 2024 GMT
            Not After : May 26 06:10:42 2025 GMT
        Subject: CN=664edde5-95c5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:b1:cf:8e:cf:0d:cc:ba:30:c8:16:13:cc:30:
                    7a:31:a0:ec:05:d2:e5:86:8c:57:e3:d6:f1:0d:13:
                    63:9e:29:bf:92:24:5f:a9:87:c9:c1:76:f6:fc:08:
                    e9:54:db:95:d2:63:91:fc:56:0b:f1:a9:43:20:22:
                    2c:ec:e5:4c:9d:94:99:73:44:5e:f5:b0:68:e0:c1:
                    25:34:59:2c:cb:d5:7d:f7:da:20:f6:37:22:c8:6e:
                    98:4b:3b:55:6a:90:9d:e3:e4:77:c7:ab:a5:96:47:
                    44:2f:d6:f5:b9:55:a2:c1:2d:00:d6:33:64:be:9d:
                    ec:c3:5b:62:ae:db:96:46:4d:cd:52:0b:25:29:fe:
                    a1:97:0d:92:9d:6a:8e:32:6d:7a:e2:ed:a1:18:f3:
                    b4:9f:ba:d7:6c:5d:a0:ed:c1:2c:58:df:a3:20:81:
                    e8:cf:5f:4f:b2:39:36:16:dc:9f:29:78:4e:e3:ff:
                    b2:90:75:af:62:42:ff:31:a4:6a:6c:57:5c:57:e2:
                    19:a1:09:36:cb:63:2d:e5:2f:e6:9b:47:0e:c3:d7:
                    5c:6d:c0:24:e6:71:14:ab:fe:9d:1e:ba:c3:cd:16:
                    9f:31:64:2f:df:75:45:55:91:22:89:32:69:df:c6:
                    01:06:d2:03:a4:08:e2:e6:75:39:62:27:37:2f:bf:
                    a1:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:94:B0:B7:34:E4:66:66:C6:93:A7:7C:8B:5E:8C:87:B9:4D:29:D4
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/3146BE5418CB11EFB6A4FEF8007001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.195.250.0/24

    Signature Algorithm: sha256WithRSAEncryption
         60:d5:8c:65:05:b6:15:c7:b1:99:7f:80:23:ec:76:d0:21:26:
         e8:54:ea:57:67:9e:a5:a7:07:9d:a4:7d:7b:7d:0b:2a:72:af:
         32:f5:84:12:cd:cb:91:06:71:62:9f:ee:bc:5a:07:c3:b9:c8:
         26:d2:bd:8b:b2:3d:10:2b:d6:46:23:0b:7d:bd:85:41:1c:38:
         17:6c:ce:ea:16:e9:07:7f:64:83:8f:05:f4:7d:09:6c:a7:3b:
         a5:4a:20:40:86:be:01:11:a1:98:97:d6:04:53:de:8d:b6:28:
         ee:a4:65:f6:e9:cb:93:d3:a1:51:6e:ee:cf:9e:ed:2a:5e:18:
         e7:41:96:71:02:64:0c:df:90:c5:3c:bf:da:70:be:f9:9b:f2:
         fc:eb:69:2b:a5:90:bc:1d:aa:06:02:bc:43:29:2f:17:54:fd:
         1d:17:85:37:2f:cb:87:44:80:5b:92:96:9a:0b:4f:28:75:53:
         1d:43:70:3f:9e:6b:f0:4b:ff:4c:7a:b1:63:c5:9b:c2:bb:59:
         a8:2c:05:f9:3e:de:24:2e:78:71:9b:03:0f:52:1e:f7:99:6a:
         46:b5:51:b4:8a:49:c7:fa:8c:d4:94:04:c7:bd:d3:21:eb:56:
         4d:53:3a:7f:5a:aa:6e:3e:18:c1:a6:cc:47:47:b1:91:ff:c3:
         8f:ea:0f:7f
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAItLMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTIzMDYxMDQyWhcNMjUwNTI2MDYxMDQyWjAYMRYw
FAYDVQQDEw02NjRlZGRlNS05NWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAurHPjs8NzLowyBYTzDB6MaDsBdLlhoxX49bxDRNjnim/kiRfqYfJwXb2
/AjpVNuV0mOR/FYL8alDICIs7OVMnZSZc0Re9bBo4MElNFksy9V999og9jciyG6Y
SztVapCd4+R3x6ullkdEL9b1uVWiwS0A1jNkvp3sw1tirtuWRk3NUgslKf6hlw2S
nWqOMm164u2hGPO0n7rXbF2g7cEsWN+jIIHoz19Psjk2FtyfKXhO4/+ykHWvYkL/
MaRqbFdcV+IZoQk2y2Mt5S/mm0cOw9dcbcAk5nEUq/6dHrrDzRafMWQv33VFVZEi
iTJp38YBBtIDpAji5nU5Yic3L7+hGQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFBqU
sLc05GZmxpOnfItejIe5TSnUMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8zMTQ2QkU1NDE4Q0IxMUVGQjZBNEZFRjgwMDcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcP6MA0GCSqGSIb3DQEBCwUA
A4IBAQBg1YxlBbYVx7GZf4Aj7HbQISboVOpXZ56lpwedpH17fQsqcq8y9YQSzcuR
BnFin+68WgfDucgm0r2Lsj0QK9ZGIwt9vYVBHDgXbM7qFukHf2SDjwX0fQlspzul
SiBAhr4BEaGYl9YEU96NtijupGX26cuT06FRbu7Pnu0qXhjnQZZxAmQM35DFPL/a
cL75m/L862krpZC8HaoGArxDKS8XVP0dF4U3L8uHRIBbkpaaC08odVMdQ3A/nmvw
S/9MerFjxZvCu1moLAX5Pt4kLnhxmwMPUh73mWpGtVG0iknH+ozUlATHvdMh61ZN
Uzp/WqpuPhjBpsxHR7GR/8OP6g9/
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:23 2024 by rpki-client on console-fra.rpki-client.org