Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D0550240DC911EFA5BB623F017001B1.roa
File:                     7D0550240DC911EFA5BB623F017001B1.roa (raw, json)
Hash identifier:          9s2MO63czvpZ6kGelMgXEBOYmeVdKJtKCsUyyOLwaS8=
Subject key identifier:   A0:B9:CD:D9:72:F4:A1:28:76:35:F4:90:55:75:89:08:78:C0:73:AB
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       88F3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D0550240DC911EFA5BB623F017001B1.roa
Signing time:             Thu 09 May 2024 06:00:51 +0000
ROA not before:           Thu 09 May 2024 06:00:47 +0000
ROA not after:            Tue 13 May 2025 06:00:47 +0000
asID:                     55720
IP address blocks:        45.204.18.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35059 (0x88f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: May  9 06:00:47 2024 GMT
            Not After : May 13 06:00:47 2025 GMT
        Subject: CN=663c6693-cca3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:1e:32:c5:ae:40:73:56:73:de:31:e4:9a:8b:
                    05:69:9f:39:b5:18:f2:aa:2f:52:37:ea:c7:4c:4a:
                    3f:df:ca:82:c2:8d:ca:22:b2:4b:f6:8a:9a:6c:19:
                    17:7f:14:d7:fb:7d:f1:2d:50:d7:16:0d:1a:4b:e5:
                    d7:4d:9b:81:d4:aa:6c:45:b4:a6:58:25:38:2a:d0:
                    4a:ae:e2:47:2c:a6:66:ed:d3:9e:44:ca:44:d8:ac:
                    7a:fb:bf:77:8e:4c:74:cb:76:60:d6:02:f9:1e:f2:
                    ed:0d:80:bc:3c:22:c7:3b:fc:84:14:1d:02:c1:e6:
                    ec:ef:f8:11:b9:f8:60:a8:c2:14:fc:d3:85:e1:99:
                    1d:f5:b5:da:11:95:7c:9a:2d:7d:96:60:e1:36:0b:
                    88:a9:4d:fb:6e:61:56:c3:8f:84:02:1a:a5:86:c7:
                    15:a7:9b:f8:1b:03:f0:5d:b4:83:8b:f3:47:ff:a7:
                    b5:52:ed:79:66:9e:57:aa:de:1e:f8:e5:26:bd:bf:
                    cd:6a:f3:52:44:4d:80:99:a1:17:a0:6c:62:d2:2a:
                    d3:d6:1f:b7:66:23:d7:ae:17:dc:78:6a:02:37:fb:
                    7d:1f:e0:ea:1d:f0:96:b6:b0:f3:72:2f:33:86:33:
                    95:1d:d3:01:c3:61:41:b5:f5:33:a3:cf:53:ca:44:
                    ee:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:B9:CD:D9:72:F4:A1:28:76:35:F4:90:55:75:89:08:78:C0:73:AB
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7D0550240DC911EFA5BB623F017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.204.18.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:fa:32:0f:d3:b0:75:4c:ad:2c:88:90:33:9a:3e:14:c7:c2:
         eb:d1:05:c6:62:e4:91:75:ec:e2:01:c3:cb:9d:70:ab:36:ed:
         06:c8:c1:a4:17:2f:eb:2e:64:69:a2:32:e9:1b:87:2d:8b:00:
         e3:0f:ea:fd:b1:05:7c:a6:2a:d4:bb:b1:10:7c:b0:70:e4:a4:
         2f:3b:90:05:a8:fd:98:67:a7:6f:89:e3:33:c3:9e:5c:1e:7a:
         e4:66:84:08:90:cd:34:d0:5e:e3:65:9f:d6:55:c5:4c:94:fc:
         e4:2f:1a:d6:1c:55:22:0d:07:28:6c:d7:f6:5e:de:d1:cb:9b:
         e3:36:a8:81:f7:e2:58:e8:44:4f:98:1e:77:ba:47:03:f7:f5:
         05:16:ca:e3:03:49:86:49:93:19:08:f3:d8:05:6c:0e:0e:0d:
         b7:7f:79:2c:04:5c:df:a6:cd:82:0b:d3:c8:c1:ee:f1:11:d7:
         f4:ad:fa:5b:da:a0:70:4c:b9:cd:20:ab:1c:a9:00:f8:64:41:
         f6:0b:5a:49:8b:8a:64:34:a1:e5:2b:f9:de:dd:1f:a5:38:79:
         48:86:78:31:bd:fe:66:7c:ae:85:6e:1a:6f:80:b0:12:34:1b:
         24:81:d2:89:cc:16:f3:94:31:5c:13:e0:d7:80:09:ca:21:9e:
         3a:a6:44:41
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIjzMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTA5MDYwMDQ3WhcNMjUwNTEzMDYwMDQ3WjAYMRYw
FAYDVQQDEw02NjNjNjY5My1jY2EzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1R4yxa5Ac1Zz3jHkmosFaZ85tRjyqi9SN+rHTEo/38qCwo3KIrJL9oqa
bBkXfxTX+33xLVDXFg0aS+XXTZuB1KpsRbSmWCU4KtBKruJHLKZm7dOeRMpE2Kx6
+793jkx0y3Zg1gL5HvLtDYC8PCLHO/yEFB0Cwebs7/gRufhgqMIU/NOF4Zkd9bXa
EZV8mi19lmDhNguIqU37bmFWw4+EAhqlhscVp5v4GwPwXbSDi/NH/6e1Uu15Zp5X
qt4e+OUmvb/NavNSRE2AmaEXoGxi0irT1h+3ZiPXrhfceGoCN/t9H+DqHfCWtrDz
ci8zhjOVHdMBw2FBtfUzo89TykTujQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKC5
zdly9KEodjX0kFV1iQh4wHOrMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RDA1NTAyNDBEQzkxMUVGQTVCQjYyM0YwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcwSMA0GCSqGSIb3DQEBCwUA
A4IBAQCL+jIP07B1TK0siJAzmj4Ux8Lr0QXGYuSRdeziAcPLnXCrNu0GyMGkFy/r
LmRpojLpG4ctiwDjD+r9sQV8pirUu7EQfLBw5KQvO5AFqP2YZ6dvieMzw55cHnrk
ZoQIkM000F7jZZ/WVcVMlPzkLxrWHFUiDQcobNf2Xt7Ry5vjNqiB9+JY6ERPmB53
ukcD9/UFFsrjA0mGSZMZCPPYBWwODg23f3ksBFzfps2CC9PIwe7xEdf0rfpb2qBw
TLnNIKscqQD4ZEH2C1pJi4pkNKHlK/ne3R+lOHlIhngxvf5mfK6FbhpvgLASNBsk
gdKJzBbzlDFcE+DXgAnKIZ46pkRB
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:36 2024 by rpki-client on console-fra.rpki-client.org