Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5FBA5BF07EBC11EE83AF94654AD9E6FC.roa
File:                     5FBA5BF07EBC11EE83AF94654AD9E6FC.roa (raw, json)
Hash identifier:          pmx1FhTrSqSsYLTHqprmk1xpEU6q/T9CiyBv6brpj9U=
Subject key identifier:   1F:C2:2D:C3:EA:DB:9B:32:D0:94:5F:31:BE:85:C8:A1:64:81:F6:0A
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       44E9
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5FBA5BF07EBC11EE83AF94654AD9E6FC.roa
Signing time:             Thu 09 Nov 2023 04:56:42 +0000
ROA not before:           Thu 09 Nov 2023 04:56:39 +0000
ROA not after:            Wed 06 Nov 2024 04:56:39 +0000
asID:                     139057
IP address blocks:        156.238.135.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 05 Mar 2024 00:16:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17641 (0x44e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Nov  9 04:56:39 2023 GMT
            Not After : Nov  6 04:56:39 2024 GMT
        Subject: CN=654c668a-6989
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:43:7b:42:41:b4:99:a6:58:a2:2d:03:84:97:
                    f8:6d:4d:73:61:0d:fe:25:0f:d7:63:e7:d6:d0:f3:
                    33:61:76:52:b4:f6:f9:62:a9:dc:78:06:ae:25:b2:
                    3d:91:eb:e2:26:25:49:18:29:46:55:72:16:c5:f7:
                    86:11:df:76:e0:17:30:55:31:69:16:c8:12:9b:39:
                    36:b7:24:96:54:db:99:82:d8:77:9f:c5:3e:e4:eb:
                    45:83:61:d5:f4:91:83:45:cf:a6:03:6f:10:6a:b5:
                    c5:fa:89:30:ca:ba:a3:90:dc:a4:33:fd:08:c4:e9:
                    b5:aa:00:5d:e3:c5:47:12:66:49:b1:9d:78:56:29:
                    24:e0:0a:2a:e7:e5:c0:b2:11:f0:e2:cc:49:82:40:
                    13:ef:d0:6e:35:95:1a:0b:6a:25:fe:74:bb:3c:e6:
                    5f:ce:af:67:a5:3f:ef:c0:85:d5:f9:88:69:1b:0f:
                    59:e2:89:7c:dc:15:ad:c6:da:aa:5e:75:ca:a1:93:
                    ce:a2:f4:7d:2f:df:60:a3:99:f2:1e:38:40:b8:40:
                    f4:b0:e8:d2:9e:59:cb:c0:08:0d:3d:4f:5f:a9:94:
                    a1:11:9e:9a:ea:34:8e:84:3b:a3:25:e8:65:6c:20:
                    39:84:84:da:d4:36:cf:71:55:10:73:66:82:71:27:
                    2e:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:C2:2D:C3:EA:DB:9B:32:D0:94:5F:31:BE:85:C8:A1:64:81:F6:0A
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/5FBA5BF07EBC11EE83AF94654AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.238.135.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4f:1a:e8:e7:84:5b:7b:41:fe:92:6b:6d:0a:66:ab:bf:e4:64:
         7b:a1:2e:f9:28:21:a8:2f:75:2a:33:97:cd:74:39:eb:65:26:
         ce:01:e3:aa:f3:ea:11:4e:4c:c9:c4:f2:d0:ac:f9:61:37:3e:
         69:cb:2a:11:9c:b5:82:77:4b:04:b4:e2:ce:59:92:9f:0f:b8:
         a3:54:74:02:27:ae:3a:ae:11:98:c2:25:c0:e6:37:76:bd:6c:
         d7:9d:1e:be:c7:74:8e:16:b6:8d:9f:44:ea:0d:cc:9b:51:cf:
         d2:55:f1:09:e7:8a:fa:05:a1:30:c6:8b:1a:b2:4a:9c:5a:2c:
         c7:bf:b9:41:91:02:0e:66:43:9e:7c:78:2d:9b:aa:6c:28:c7:
         68:56:61:10:b7:8b:2e:dc:b7:fe:0f:5c:1e:da:76:55:ea:e8:
         5d:4f:79:12:bb:55:fa:b6:47:bc:cc:0d:a9:1d:4d:80:cc:05:
         76:9c:65:47:5f:0d:b7:cb:ac:cb:fd:45:bb:c9:ba:cc:7d:a0:
         c0:ec:66:15:5b:cd:2c:47:fc:0c:ae:6c:56:70:bd:9c:16:b8:
         a6:39:ea:f0:97:96:99:4a:77:3c:e5:35:f8:d4:19:62:7e:e5:
         a6:0e:d2:8f:a3:cd:17:e9:7b:88:07:31:ab:c2:17:45:5c:a1:
         f2:06:f7:dd
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICROkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzExMDkwNDU2MzlaFw0yNDExMDYwNDU2MzlaMBgxFjAU
BgNVBAMTDTY1NGM2NjhhLTY5ODkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDmQ3tCQbSZpliiLQOEl/htTXNhDf4lD9dj59bQ8zNhdlK09vliqdx4Bq4l
sj2R6+ImJUkYKUZVchbF94YR33bgFzBVMWkWyBKbOTa3JJZU25mC2HefxT7k60WD
YdX0kYNFz6YDbxBqtcX6iTDKuqOQ3KQz/QjE6bWqAF3jxUcSZkmxnXhWKSTgCirn
5cCyEfDizEmCQBPv0G41lRoLaiX+dLs85l/Or2elP+/AhdX5iGkbD1niiXzcFa3G
2qpedcqhk86i9H0v32CjmfIeOEC4QPSw6NKeWcvACA09T1+plKERnprqNI6EO6Ml
6GVsIDmEhNrUNs9xVRBzZoJxJy7dAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUH8It
w+rbmzLQlF8xvoXIoWSB9gowHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzVGQkE1QkYwN0VCQzExRUU4M0FGOTQ2NTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc7ocwDQYJKoZIhvcNAQELBQAD
ggEBAE8a6OeEW3tB/pJrbQpmq7/kZHuhLvkoIagvdSozl810OetlJs4B46rz6hFO
TMnE8tCs+WE3PmnLKhGctYJ3SwS04s5Zkp8PuKNUdAInrjquEZjCJcDmN3a9bNed
Hr7HdI4Wto2fROoNzJtRz9JV8QnnivoFoTDGixqySpxaLMe/uUGRAg5mQ558eC2b
qmwox2hWYRC3iy7ct/4PXB7adlXq6F1PeRK7Vfq2R7zMDakdTYDMBXacZUdfDbfL
rMv9RbvJusx9oMDsZhVbzSxH/AyubFZwvZwWuKY56vCXlplKdzzlNfjUGWJ+5aYO
0o+jzRfpe4gHMavCF0VcofIG990=
-----END CERTIFICATE-----
Generated at Sun Mar 3 01:28:58 2024 by rpki-client on console-ams.rpki-client.org