Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7EA643C022EB11EF8A1D0C457DDC24C2.roa
File:                     7EA643C022EB11EF8A1D0C457DDC24C2.roa (raw, json)
Hash identifier:          Rk+Qq3VW7fyUav04v/Qht8v24OfR2ryoJLouBpxn0cQ=
Subject key identifier:   AB:D0:57:BF:8C:20:6C:12:C7:2A:4F:81:B4:41:BE:5B:21:AD:00:CE
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8F1B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7EA643C022EB11EF8A1D0C457DDC24C2.roa
Signing time:             Wed 05 Jun 2024 03:27:11 +0000
ROA not before:           Wed 05 Jun 2024 03:27:08 +0000
ROA not after:            Sat 24 May 2025 03:27:08 +0000
asID:                     139226
IP address blocks:        45.201.141.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 36635 (0x8f1b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jun  5 03:27:08 2024 GMT
            Not After : May 24 03:27:08 2025 GMT
        Subject: CN=665fdb0f-ae47
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:4f:57:de:81:d4:7c:ca:18:f6:cf:4f:92:22:
                    c6:2a:2e:2d:e3:1d:f4:4a:28:88:9c:dc:da:14:bc:
                    09:b4:d4:d8:ad:56:5a:99:b9:f7:58:ed:48:e4:9a:
                    ba:b6:af:f7:00:d2:6d:68:8a:d1:ac:fb:2b:a1:e1:
                    0b:16:b6:93:68:57:fc:a2:87:a0:cb:2f:22:8f:77:
                    4b:47:c2:4e:be:e5:8c:69:4a:50:93:bd:96:c2:99:
                    27:86:0a:31:cc:fd:47:27:6a:c2:c2:16:88:72:76:
                    51:6c:06:e4:ba:6e:ca:63:4f:ef:dc:18:5c:b2:89:
                    e5:4f:f4:c0:d3:0c:4d:b2:e4:af:dd:e6:a1:15:ff:
                    3c:11:94:0f:09:93:52:38:16:29:5e:f2:c9:77:41:
                    81:82:be:f9:90:91:7a:19:54:07:bb:52:9c:42:dc:
                    ce:38:5c:fa:3a:a8:4c:da:0c:0d:72:9d:5f:d7:6f:
                    da:83:1a:75:08:f4:eb:d3:73:c4:a0:9f:45:7a:59:
                    95:c6:30:54:dd:e7:19:b3:3b:3b:45:68:85:15:ec:
                    4c:bc:6b:b3:c2:97:c0:a0:fb:64:5f:0f:71:75:b6:
                    52:a0:02:ed:ef:eb:ad:76:cb:8d:b8:80:c4:f8:ab:
                    55:c0:bb:bb:52:e2:e3:53:6e:d5:56:18:b6:17:bb:
                    33:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:D0:57:BF:8C:20:6C:12:C7:2A:4F:81:B4:41:BE:5B:21:AD:00:CE
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7EA643C022EB11EF8A1D0C457DDC24C2.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.201.141.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7d:29:28:28:8e:23:bd:88:b6:05:0b:6e:a4:da:01:f8:36:b2:
         e1:73:37:c4:ca:9f:58:8b:ee:75:e9:9f:89:71:da:23:56:39:
         f8:9b:ba:64:c0:d6:c8:c5:0c:36:3b:cc:de:1a:9d:d5:44:d7:
         34:42:10:0a:70:e8:4f:ae:c7:76:16:cf:2a:3a:ab:00:6f:86:
         bb:b8:25:17:8f:a6:ab:78:d5:cd:fd:b0:cf:f9:a6:ad:1d:ef:
         71:70:55:3f:b8:72:01:15:b9:7a:b4:e2:00:3a:5a:1b:5d:ef:
         33:8a:bf:76:25:cd:d2:15:1c:29:6e:ef:b5:cd:82:b6:15:7e:
         a6:cf:6a:1a:39:c0:40:9e:40:d2:bf:0d:cc:ed:37:8c:d8:dc:
         bd:e1:26:d2:b0:6b:1e:a5:ca:13:6e:f1:27:5e:b2:e2:41:55:
         01:63:fc:f8:2c:be:f6:1f:48:98:d4:b1:aa:55:a3:3e:ee:02:
         2c:49:8e:d2:af:f9:68:c3:f0:ac:c1:79:07:29:5f:7c:c3:2f:
         55:df:b0:41:5a:05:09:45:00:3c:f9:c4:99:b9:ff:0e:62:d3:
         db:50:a4:ba:cc:9a:15:1d:86:2e:ed:3a:2d:b9:bb:70:7d:81:
         8d:52:6a:b8:98:a4:27:01:6f:1d:d9:54:eb:ee:d5:39:87:63:
         be:4c:e0:08
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAI8bMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjA1MDMyNzA4WhcNMjUwNTI0MDMyNzA4WjAYMRYw
FAYDVQQDEw02NjVmZGIwZi1hZTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAwU9X3oHUfMoY9s9PkiLGKi4t4x30SiiInNzaFLwJtNTYrVZambn3WO1I
5Jq6tq/3ANJtaIrRrPsroeELFraTaFf8ooegyy8ij3dLR8JOvuWMaUpQk72Wwpkn
hgoxzP1HJ2rCwhaIcnZRbAbkum7KY0/v3BhcsonlT/TA0wxNsuSv3eahFf88EZQP
CZNSOBYpXvLJd0GBgr75kJF6GVQHu1KcQtzOOFz6OqhM2gwNcp1f12/agxp1CPTr
03PEoJ9FelmVxjBU3ecZszs7RWiFFexMvGuzwpfAoPtkXw9xdbZSoALt7+utdsuN
uIDE+KtVwLu7UuLjU27VVhi2F7szqQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKvQ
V7+MIGwSxypPgbRBvlshrQDOMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83RUE2NDNDMDIyRUIxMUVGOEExRDBDNDU3RERDMjRDMi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALcmNMA0GCSqGSIb3DQEBCwUA
A4IBAQB9KSgojiO9iLYFC26k2gH4NrLhczfEyp9Yi+516Z+JcdojVjn4m7pkwNbI
xQw2O8zeGp3VRNc0QhAKcOhPrsd2Fs8qOqsAb4a7uCUXj6areNXN/bDP+aatHe9x
cFU/uHIBFbl6tOIAOlobXe8zir92Jc3SFRwpbu+1zYK2FX6mz2oaOcBAnkDSvw3M
7TeM2Ny94SbSsGsepcoTbvEnXrLiQVUBY/z4LL72H0iY1LGqVaM+7gIsSY7Sr/lo
w/CswXkHKV98wy9V37BBWgUJRQA8+cSZuf8OYtPbUKS6zJoVHYYu7TotubtwfYGN
Umq4mKQnAW8d2VTr7tU5h2O+TOAI
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:38 2024 by rpki-client on console-ams.rpki-client.org