Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F752958141611EFAC6F781E017001B1.roa
File:                     7F752958141611EFAC6F781E017001B1.roa (raw, json)
Hash identifier:          VJQ7jcCPpp+IDderXY57omWwTWenOvNOujCAGUtGKsQ=
Subject key identifier:   68:95:72:3D:E4:4F:0F:CB:66:93:73:AE:3C:89:6D:B9:3D:D9:01:F5
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8A9D
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F752958141611EFAC6F781E017001B1.roa
Signing time:             Fri 17 May 2024 06:27:13 +0000
ROA not before:           Fri 17 May 2024 06:27:10 +0000
ROA not after:            Mon 12 May 2025 06:27:10 +0000
asID:                     41095
IP address blocks:        156.227.244.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35485 (0x8a9d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: May 17 06:27:10 2024 GMT
            Not After : May 12 06:27:10 2025 GMT
        Subject: CN=6646f8c1-3429
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:18:8f:1a:c5:80:08:7b:9a:6c:ab:82:ac:aa:
                    5a:4e:7e:b0:68:5e:b3:bb:ac:c5:6d:79:fc:24:5c:
                    b8:16:c5:d3:9e:25:4d:3f:fe:99:9f:a5:c7:be:3d:
                    c4:4a:cc:0b:36:7a:3e:a1:03:8b:e2:82:f3:74:c3:
                    76:fb:e5:4e:6b:db:8f:e5:41:48:c6:45:91:2f:cf:
                    90:63:b7:9f:96:2a:02:37:6c:54:80:ea:1d:c9:f2:
                    81:ff:89:23:bb:e7:7a:fb:70:bf:9e:be:88:0f:f6:
                    4e:f2:bf:34:49:78:a0:87:d2:33:76:9e:f7:06:f6:
                    de:24:78:ed:bc:fb:9a:80:ff:e9:2c:f9:be:1b:d0:
                    8e:79:aa:82:a3:66:03:4c:d3:15:90:21:11:f4:2a:
                    07:c5:7b:60:80:d3:40:d7:d4:cf:81:c3:89:63:3a:
                    40:ca:6b:0d:80:35:68:19:e7:94:53:06:58:0c:63:
                    4b:cf:9b:66:a4:41:4c:f5:72:01:e9:b4:09:d5:bc:
                    17:9a:d3:c4:3e:53:b9:df:14:74:2c:29:66:21:ab:
                    df:5f:03:b5:0d:64:8d:77:c6:69:64:41:08:26:95:
                    cb:98:60:04:ab:5c:c8:9c:63:de:1c:20:cc:c4:f9:
                    26:15:27:23:77:86:22:83:c4:4e:23:51:20:8f:f4:
                    58:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:95:72:3D:E4:4F:0F:CB:66:93:73:AE:3C:89:6D:B9:3D:D9:01:F5
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/7F752958141611EFAC6F781E017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.227.244.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0f:35:a4:e8:90:f7:e0:7a:42:bb:9c:ef:72:d8:40:1c:b8:0f:
         60:9c:99:df:8f:9f:7c:5b:5b:02:88:d6:00:44:ea:9a:3d:f5:
         6e:93:4c:2d:b0:b5:77:cf:bb:3e:fa:f8:96:05:0b:33:54:83:
         3b:f2:f4:c0:eb:b9:6c:16:e8:18:e7:9c:f1:63:b9:1e:fd:c1:
         c0:b0:eb:3b:5c:66:c6:04:0d:a0:4d:64:d1:5b:ee:1d:ab:44:
         11:bb:fb:43:b5:4d:8e:49:21:70:34:55:74:5f:ec:16:c8:18:
         fb:6e:ca:1b:af:48:cf:4f:2f:c0:4b:e6:c5:ff:f8:5a:eb:80:
         6d:59:de:bd:d8:bb:50:25:6c:7b:00:70:df:bf:0f:69:ea:d9:
         23:5b:cb:b3:e1:58:7d:26:95:b9:9a:04:5f:11:04:85:e3:8d:
         45:dd:5c:58:8f:61:7e:c9:08:65:70:2f:b9:64:48:3b:86:76:
         97:3b:2c:94:f0:a1:98:ba:a6:b0:af:67:c1:cf:d8:88:06:9c:
         76:2d:f4:ff:d2:27:bf:90:53:49:f3:51:0a:27:7e:53:50:df:
         51:3e:fc:5c:b8:1c:b3:93:71:46:5e:3a:96:1f:d3:9d:2d:5b:
         86:80:47:ca:d0:4e:e3:e1:e9:22:9b:60:58:c4:cb:66:d7:1d:
         fa:3f:8f:37
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIqdMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTE3MDYyNzEwWhcNMjUwNTEyMDYyNzEwWjAYMRYw
FAYDVQQDEw02NjQ2ZjhjMS0zNDI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA8RiPGsWACHuabKuCrKpaTn6waF6zu6zFbXn8JFy4FsXTniVNP/6Zn6XH
vj3ESswLNno+oQOL4oLzdMN2++VOa9uP5UFIxkWRL8+QY7eflioCN2xUgOodyfKB
/4kju+d6+3C/nr6ID/ZO8r80SXigh9Izdp73BvbeJHjtvPuagP/pLPm+G9COeaqC
o2YDTNMVkCER9CoHxXtggNNA19TPgcOJYzpAymsNgDVoGeeUUwZYDGNLz5tmpEFM
9XIB6bQJ1bwXmtPEPlO53xR0LClmIavfXwO1DWSNd8ZpZEEIJpXLmGAEq1zInGPe
HCDMxPkmFScjd4Yig8ROI1Egj/RY1QIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGiV
cj3kTw/LZpNzrjyJbbk92QH1MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC83Rjc1Mjk1ODE0MTYxMUVGQUM2Rjc4MUUwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnOP0MA0GCSqGSIb3DQEBCwUA
A4IBAQAPNaTokPfgekK7nO9y2EAcuA9gnJnfj598W1sCiNYAROqaPfVuk0wtsLV3
z7s++viWBQszVIM78vTA67lsFugY55zxY7ke/cHAsOs7XGbGBA2gTWTRW+4dq0QR
u/tDtU2OSSFwNFV0X+wWyBj7bsobr0jPTy/AS+bF//ha64BtWd692LtQJWx7AHDf
vw9p6tkjW8uz4Vh9JpW5mgRfEQSF441F3VxYj2F+yQhlcC+5ZEg7hnaXOyyU8KGY
uqawr2fBz9iIBpx2LfT/0ie/kFNJ81EKJ35TUN9RPvxcuByzk3FGXjqWH9OdLVuG
gEfK0E7j4ekim2BYxMtm1x36P483
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:38 2024 by rpki-client on console-ams.rpki-client.org