Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7810A374D26511EE81CC9FBF775412E6.roa
File:                     7810A374D26511EE81CC9FBF775412E6.roa (raw, json)
Hash identifier:          zmMlTayALfHxUfviUT7MPrv4oc6TRRzxn38qHgDwIt4=
Subject key identifier:   FE:5A:D0:91:5A:6F:12:C3:2F:E1:F3:6A:42:62:1C:49:E1:61:D1:E3
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       7510
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7810A374D26511EE81CC9FBF775412E6.roa
Signing time:             Fri 23 Feb 2024 16:06:14 +0000
ROA not before:           Fri 23 Feb 2024 16:06:11 +0000
ROA not after:            Wed 26 Feb 2025 16:06:11 +0000
asID:                     139056
IP address blocks:        45.195.71.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29968 (0x7510)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Feb 23 16:06:11 2024 GMT
            Not After : Feb 26 16:06:11 2025 GMT
        Subject: CN=65d8c276-ea3d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:52:57:3c:7a:38:0d:a1:b3:2a:c1:48:01:ba:
                    53:76:bf:78:44:a2:72:42:af:8d:a4:0d:82:55:9e:
                    a6:fb:95:6d:71:01:a6:de:87:44:42:e1:c5:f0:bd:
                    e4:8e:b1:36:52:75:9a:0c:23:17:c0:64:ec:46:5b:
                    df:a1:0f:f1:25:a3:3c:1e:f2:a2:b2:c7:8e:2e:41:
                    37:f6:ff:03:dd:8e:ef:5c:d2:f1:ba:6d:10:2b:2f:
                    43:c7:98:21:1e:0d:0c:15:89:25:e8:80:86:3f:cc:
                    d3:b3:30:8d:55:25:49:17:9c:5c:1a:a0:33:97:ea:
                    7b:87:6f:5d:55:bf:0a:92:0a:c7:c0:ef:ea:9b:6d:
                    c2:5c:7b:ed:02:f8:00:81:3c:90:84:e0:a6:30:46:
                    15:8c:31:01:49:2c:54:07:27:24:b6:61:df:61:4f:
                    0b:1b:14:0c:d3:23:8a:65:36:a1:92:0b:91:1f:d5:
                    b7:35:aa:25:3f:fe:7b:84:81:bd:41:fa:b1:6f:9a:
                    50:e6:bf:cd:df:87:e1:31:30:ad:a1:b6:44:80:48:
                    7d:96:03:a8:23:d9:73:4f:1f:3c:db:cf:59:9c:05:
                    70:2f:bc:c8:49:70:99:6e:8b:4e:08:8d:66:5a:2d:
                    49:3d:24:96:7a:53:2f:b2:6b:71:d2:51:53:af:fc:
                    7e:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:5A:D0:91:5A:6F:12:C3:2F:E1:F3:6A:42:62:1C:49:E1:61:D1:E3
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7810A374D26511EE81CC9FBF775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.195.71.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a9:05:7a:e0:9b:e1:8b:d3:02:99:a0:37:e9:1f:e2:22:33:d4:
         0c:52:c0:bd:89:02:82:0f:79:d7:51:75:79:77:a0:e8:20:b6:
         9b:2c:3d:95:a6:5f:a0:54:1a:8f:ca:9c:35:ad:47:d8:1e:f8:
         29:5f:f7:ae:3d:ac:68:43:69:86:2f:76:89:82:e6:97:36:a8:
         de:97:fb:a6:8d:99:87:93:46:6e:1e:db:8c:68:ae:7f:33:60:
         56:ca:a2:d6:88:b8:f8:09:18:69:8c:34:17:92:90:54:5a:12:
         97:c2:29:0d:0c:e8:81:52:29:63:a4:6b:fd:72:57:22:ec:6d:
         af:68:2a:66:d8:e8:46:4c:83:35:4c:6a:12:ad:8f:df:71:1e:
         5d:6f:4d:32:94:35:9c:e1:63:ee:ab:5f:3c:39:cd:d8:cf:11:
         cc:09:3b:47:3b:ab:71:6b:14:39:6f:8e:e4:1b:bf:76:36:14:
         46:fc:a3:e3:0d:85:b6:ed:40:0b:73:9e:75:4f:ba:d0:3f:2a:
         3c:95:d3:6e:c4:89:5c:d1:03:9f:2e:cc:48:d2:4b:71:9e:53:
         30:38:30:73:af:d9:90:7f:56:f4:06:a9:ef:31:05:0a:79:01:
         a5:21:c4:22:b0:7a:a2:13:e6:8b:53:d4:d6:93:bf:c2:94:49:
         c0:98:5b:2a
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICdRAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yNDAyMjMxNjA2MTFaFw0yNTAyMjYxNjA2MTFaMBgxFjAU
BgNVBAMTDTY1ZDhjMjc2LWVhM2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/Ulc8ejgNobMqwUgBulN2v3hEonJCr42kDYJVnqb7lW1xAabeh0RC4cXw
veSOsTZSdZoMIxfAZOxGW9+hD/Elozwe8qKyx44uQTf2/wPdju9c0vG6bRArL0PH
mCEeDQwViSXogIY/zNOzMI1VJUkXnFwaoDOX6nuHb11VvwqSCsfA7+qbbcJce+0C
+ACBPJCE4KYwRhWMMQFJLFQHJyS2Yd9hTwsbFAzTI4plNqGSC5Ef1bc1qiU//nuE
gb1B+rFvmlDmv83fh+ExMK2htkSASH2WA6gj2XNPHzzbz1mcBXAvvMhJcJlui04I
jWZaLUk9JJZ6Uy+ya3HSUVOv/H6BAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU/lrQ
kVpvEsMv4fNqQmIcSeFh0eMwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4Lzc4MTBBMzc0RDI2NTExRUU4MUNDOUZCRjc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtw0cwDQYJKoZIhvcNAQELBQAD
ggEBAKkFeuCb4YvTApmgN+kf4iIz1AxSwL2JAoIPeddRdXl3oOggtpssPZWmX6BU
Go/KnDWtR9ge+Clf9649rGhDaYYvdomC5pc2qN6X+6aNmYeTRm4e24xorn8zYFbK
otaIuPgJGGmMNBeSkFRaEpfCKQ0M6IFSKWOka/1yVyLsba9oKmbY6EZMgzVMahKt
j99xHl1vTTKUNZzhY+6rXzw5zdjPEcwJO0c7q3FrFDlvjuQbv3Y2FEb8o+MNhbbt
QAtznnVPutA/KjyV027EiVzRA58uzEjSS3GeUzA4MHOv2ZB/VvQGqe8xBQp5AaUh
xCKweqIT5otT1NaTv8KUScCYWyo=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:36 2024 by rpki-client on console-ams.rpki-client.org