Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6FEE2D9E27E011EFA003E8F37CDC24C2.roa
File:                     6FEE2D9E27E011EFA003E8F37CDC24C2.roa (raw, json)
Hash identifier:          JhVNDDT9nbCkct1Xx5d0XIznPedHUEeLrrtzcx1nhdo=
Subject key identifier:   E6:5B:B3:3F:90:AD:6E:A8:E1:0A:35:58:D5:47:1E:30:8A:B9:72:10
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       90B2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6FEE2D9E27E011EFA003E8F37CDC24C2.roa
Signing time:             Tue 11 Jun 2024 10:50:38 +0000
ROA not before:           Tue 11 Jun 2024 10:50:34 +0000
ROA not after:            Mon 12 May 2025 10:50:34 +0000
asID:                     140951
IP address blocks:        156.227.144.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37042 (0x90b2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jun 11 10:50:34 2024 GMT
            Not After : May 12 10:50:34 2025 GMT
        Subject: CN=66682bfd-18bb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:09:60:21:91:c2:56:b2:f8:9c:5b:64:cb:20:
                    50:0a:66:73:e9:de:84:12:7c:c3:eb:41:d4:03:0c:
                    a0:da:eb:31:0e:e5:ae:c8:d9:d0:4b:5b:73:6f:f5:
                    6f:b3:39:12:3c:1b:de:53:f3:c1:9f:cc:53:7c:9d:
                    29:a9:fd:eb:8f:99:4f:73:9c:75:df:77:2c:83:d8:
                    88:50:2d:84:1f:2f:1d:27:1f:95:99:b1:4f:74:c6:
                    17:ee:0b:03:92:04:ed:91:01:66:e7:9c:6e:d4:e8:
                    1c:03:fd:b0:27:c7:7a:a7:b1:af:4e:fe:df:0a:21:
                    dc:32:43:33:fe:32:ff:bb:56:52:18:30:ae:37:b3:
                    cc:c5:06:6e:1a:de:59:41:57:22:00:5e:9c:26:2a:
                    44:e3:6a:16:bf:b0:51:0f:0c:19:99:f1:09:17:17:
                    32:cd:39:1c:63:e3:e8:8f:04:a7:3c:11:1e:fc:ea:
                    46:32:1c:35:71:7d:b1:15:15:bc:6f:c9:4e:15:ac:
                    ad:69:a3:83:2d:a6:6c:83:59:a3:12:b4:98:64:18:
                    d9:10:bf:67:af:ad:98:a1:f2:4d:b3:77:db:95:fd:
                    0d:c7:f2:31:f4:4a:d5:2b:4a:9c:cc:a5:6e:cd:79:
                    e9:90:81:1a:24:46:39:b0:38:04:9f:90:aa:21:93:
                    f2:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:5B:B3:3F:90:AD:6E:A8:E1:0A:35:58:D5:47:1E:30:8A:B9:72:10
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/6FEE2D9E27E011EFA003E8F37CDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.227.144.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:d1:95:65:22:1c:9c:15:72:f3:f5:e5:9c:90:cc:e0:22:51:
         cf:89:fd:13:08:dc:3b:46:a4:66:f9:a4:08:d0:ac:7d:b8:89:
         51:f4:74:70:d0:72:56:7f:fc:96:e7:f9:16:02:93:b5:e4:2d:
         9f:49:45:7c:bc:a0:b6:81:bb:85:9e:73:c7:93:8c:87:a5:2b:
         fe:e5:66:42:9f:7c:1e:2d:a6:40:20:50:bc:f9:84:5b:37:79:
         ea:6a:2f:67:be:89:80:07:82:9a:14:aa:5b:2e:bb:81:75:b4:
         2d:71:e7:2e:5a:56:20:4a:29:4f:0a:f8:49:65:32:9a:a8:f7:
         b6:8a:2d:5c:3a:c3:ea:43:04:9c:ee:72:a7:b6:ea:b5:a8:23:
         d0:d3:eb:b7:eb:45:c6:d0:83:fb:6f:0f:05:57:2f:7b:89:3f:
         34:f8:9b:12:a5:47:06:d6:a8:c7:67:e9:08:3b:cf:f4:ed:ed:
         bd:06:98:ca:74:be:d2:a8:f0:88:98:db:de:13:d6:64:6a:bf:
         b3:54:d4:ff:6b:87:0c:9b:92:32:dd:73:36:7b:47:6f:98:b2:
         1e:fb:c8:45:b3:ca:5b:81:16:7e:a0:21:d1:77:43:16:92:b9:
         65:ec:af:1a:d3:08:c7:35:90:0b:0e:0e:77:14:01:43:4b:59:
         ae:92:3f:6b
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAJCyMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjExMTA1MDM0WhcNMjUwNTEyMTA1MDM0WjAYMRYw
FAYDVQQDEw02NjY4MmJmZC0xOGJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA0glgIZHCVrL4nFtkyyBQCmZz6d6EEnzD60HUAwyg2usxDuWuyNnQS1tz
b/VvszkSPBveU/PBn8xTfJ0pqf3rj5lPc5x133csg9iIUC2EHy8dJx+VmbFPdMYX
7gsDkgTtkQFm55xu1OgcA/2wJ8d6p7GvTv7fCiHcMkMz/jL/u1ZSGDCuN7PMxQZu
Gt5ZQVciAF6cJipE42oWv7BRDwwZmfEJFxcyzTkcY+PojwSnPBEe/OpGMhw1cX2x
FRW8b8lOFaytaaODLaZsg1mjErSYZBjZEL9nr62YofJNs3fblf0Nx/Ix9ErVK0qc
zKVuzXnpkIEaJEY5sDgEn5CqIZPyFwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFOZb
sz+QrW6o4Qo1WNVHHjCKuXIQMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC82RkVFMkQ5RTI3RTAxMUVGQTAwM0U4RjM3Q0RDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOOQMA0GCSqGSIb3DQEBCwUA
A4IBAQCf0ZVlIhycFXLz9eWckMzgIlHPif0TCNw7RqRm+aQI0Kx9uIlR9HRw0HJW
f/yW5/kWApO15C2fSUV8vKC2gbuFnnPHk4yHpSv+5WZCn3weLaZAIFC8+YRbN3nq
ai9nvomAB4KaFKpbLruBdbQtcecuWlYgSilPCvhJZTKaqPe2ii1cOsPqQwSc7nKn
tuq1qCPQ0+u360XG0IP7bw8FVy97iT80+JsSpUcG1qjHZ+kIO8/07e29BpjKdL7S
qPCImNveE9Zkar+zVNT/a4cMm5Iy3XM2e0dvmLIe+8hFs8pbgRZ+oCHRd0MWkrll
7K8a0wjHNZALDg53FAFDS1mukj9r
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:35 2024 by rpki-client on console-ams.rpki-client.org