Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60EE3846A2C211EEB950681DD25BE465.roa
File:                     60EE3846A2C211EEB950681DD25BE465.roa (raw, json)
Hash identifier:          tp5LZOomGTTYzpTpbAQ0HgW6JJNRH3zCeZCFjbTq3jk=
Subject key identifier:   B6:53:C3:AD:C2:F7:26:4A:3A:FC:1F:F7:1D:F0:3C:1D:B7:E9:41:79
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       58C4
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60EE3846A2C211EEB950681DD25BE465.roa
Signing time:             Mon 25 Dec 2023 01:10:23 +0000
ROA not before:           Mon 25 Dec 2023 01:10:20 +0000
ROA not after:            Fri 03 Jan 2025 01:10:20 +0000
asID:                     139057
IP address blocks:        156.246.20.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22724 (0x58c4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Dec 25 01:10:20 2023 GMT
            Not After : Jan  3 01:10:20 2025 GMT
        Subject: CN=6588d67f-5b80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:23:1e:0e:dd:e7:90:d0:e2:cf:74:b1:9b:9a:
                    3a:c3:af:8c:a0:88:ec:3c:fd:1f:b0:2d:cc:83:26:
                    6e:13:f1:62:0e:8c:17:d6:7d:d3:9d:7e:74:2e:80:
                    98:76:38:01:0f:58:62:bc:64:cd:cc:cf:2f:5d:71:
                    27:f0:37:d1:0f:5f:0e:ac:92:ca:99:93:4f:13:c3:
                    84:79:c1:ba:37:23:f1:b0:4f:2d:a8:cd:8d:29:26:
                    8b:35:a6:08:b9:8f:5f:5c:0d:17:1c:5b:e3:fc:b0:
                    0f:f6:0b:27:3f:87:23:16:a5:00:5a:1d:d5:c8:37:
                    79:ab:96:9a:bc:57:23:ca:f0:d4:93:92:65:43:8e:
                    ae:8c:25:6b:1c:ec:2d:35:8b:e1:be:e6:e8:9e:4d:
                    6d:f8:9e:a8:e3:28:5c:ae:87:1a:ae:9e:8e:89:cb:
                    cd:e9:64:b7:e4:8d:13:79:20:b5:50:16:51:22:9f:
                    14:38:49:e9:f6:15:63:3d:29:37:93:cf:9d:1c:c8:
                    fb:33:bb:91:50:67:97:40:ce:67:1f:58:69:23:86:
                    29:40:b1:8d:fd:4e:16:d8:4f:76:1b:ac:d3:1a:12:
                    cf:1d:30:1e:a9:15:9a:e5:43:0a:4e:76:72:42:6b:
                    07:2d:36:fb:df:be:90:06:ce:7f:76:77:a2:d4:72:
                    d4:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:53:C3:AD:C2:F7:26:4A:3A:FC:1F:F7:1D:F0:3C:1D:B7:E9:41:79
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/60EE3846A2C211EEB950681DD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.246.20.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:f7:5b:8f:49:97:79:0b:0d:6e:a3:2e:18:17:bb:a8:12:d8:
         8c:b6:07:f6:bb:6e:f8:d4:ae:db:9c:a1:72:3c:90:f7:2e:6a:
         9d:d0:d2:f7:e5:61:f1:79:da:90:6b:c4:03:7f:7f:7f:7a:76:
         5b:35:03:df:47:8e:a7:c6:bb:ef:a7:48:76:fc:d9:41:b3:60:
         ff:2e:00:88:a6:fc:52:5b:0c:1b:46:73:cf:d2:50:88:c5:f6:
         59:07:e4:f0:4b:bc:93:d1:c8:cf:8a:f7:03:52:63:33:96:ba:
         d9:39:ed:d6:be:cb:4c:df:07:ad:0a:5b:c9:24:90:43:15:af:
         42:17:f4:77:d9:bc:49:3e:56:6d:d4:d0:9d:37:64:38:70:d1:
         23:11:da:21:e0:aa:cf:ec:ac:70:0c:c3:49:92:64:95:f6:2e:
         bc:da:58:43:5f:91:18:62:3b:06:5e:e3:10:de:37:05:f7:e4:
         3a:7f:e2:56:c4:78:7e:04:4c:4d:fa:2e:5c:76:77:dc:d0:02:
         4d:1e:18:4b:bd:0e:4a:99:ca:81:be:ad:f5:63:b2:3c:87:8c:
         9a:14:d2:8a:a9:b6:9f:16:68:6e:0b:b3:e0:1d:9c:4b:b3:09:
         a6:54:53:e6:9c:ea:76:a3:3c:e4:9a:52:64:09:e7:5d:76:0a:
         66:83:1d:a3
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICWMQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzEyMjUwMTEwMjBaFw0yNTAxMDMwMTEwMjBaMBgxFjAU
BgNVBAMTDTY1ODhkNjdmLTViODAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCnIx4O3eeQ0OLPdLGbmjrDr4ygiOw8/R+wLcyDJm4T8WIOjBfWfdOdfnQu
gJh2OAEPWGK8ZM3Mzy9dcSfwN9EPXw6sksqZk08Tw4R5wbo3I/GwTy2ozY0pJos1
pgi5j19cDRccW+P8sA/2Cyc/hyMWpQBaHdXIN3mrlpq8VyPK8NSTkmVDjq6MJWsc
7C01i+G+5uieTW34nqjjKFyuhxquno6Jy83pZLfkjRN5ILVQFlEinxQ4Sen2FWM9
KTeTz50cyPszu5FQZ5dAzmcfWGkjhilAsY39ThbYT3YbrNMaEs8dMB6pFZrlQwpO
dnJCawctNvvfvpAGzn92d6LUctTzAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUtlPD
rcL3Jko6/B/3HfA8HbfpQXkwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4LzYwRUUzODQ2QTJDMjExRUVCOTUwNjgxREQyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc9hQwDQYJKoZIhvcNAQELBQAD
ggEBABD3W49Jl3kLDW6jLhgXu6gS2Iy2B/a7bvjUrtucoXI8kPcuap3Q0vflYfF5
2pBrxAN/f396dls1A99HjqfGu++nSHb82UGzYP8uAIim/FJbDBtGc8/SUIjF9lkH
5PBLvJPRyM+K9wNSYzOWutk57da+y0zfB60KW8kkkEMVr0IX9HfZvEk+Vm3U0J03
ZDhw0SMR2iHgqs/srHAMw0mSZJX2LrzaWENfkRhiOwZe4xDeNwX35Dp/4lbEeH4E
TE36Llx2d9zQAk0eGEu9DkqZyoG+rfVjsjyHjJoU0oqptp8WaG4Ls+AdnEuzCaZU
U+ac6najPOSaUmQJ5112CmaDHaM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:32 2024 by rpki-client on console-ams.rpki-client.org