Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/944DBD1EA2C311EEB3A18C20D25BE465.roa
File:                     944DBD1EA2C311EEB3A18C20D25BE465.roa (raw, json)
Hash identifier:          6QvKdXmqf65oFzCfXWhUYpTSzVJLUn8rxSw9/+Yf6Qc=
Subject key identifier:   91:1E:9E:26:C8:7E:C6:64:95:CE:81:CC:0B:12:15:83:F4:E2:73:C3
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       58D0
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/944DBD1EA2C311EEB3A18C20D25BE465.roa
Signing time:             Mon 25 Dec 2023 01:18:58 +0000
ROA not before:           Mon 25 Dec 2023 01:18:55 +0000
ROA not after:            Tue 07 Jan 2025 01:18:55 +0000
asID:                     262167
IP address blocks:        45.194.31.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22736 (0x58d0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Dec 25 01:18:55 2023 GMT
            Not After : Jan  7 01:18:55 2025 GMT
        Subject: CN=6588d882-33d9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:b3:62:19:dd:55:0e:f5:99:4a:d9:d3:91:c4:
                    d8:9e:c9:d0:d0:da:3f:3b:bc:db:ec:85:42:22:bf:
                    ca:f1:56:8f:20:ae:9a:4b:e5:16:af:40:62:21:93:
                    d1:b7:b7:53:28:89:71:a7:d8:54:20:a1:48:91:e0:
                    1b:30:0a:4e:b7:32:7a:6b:7c:58:1d:95:55:16:07:
                    9f:15:a7:f7:62:88:f6:f1:1b:64:67:74:12:45:3b:
                    a2:5b:e7:e5:90:ea:13:6c:f6:47:80:44:14:7d:7d:
                    cb:ca:4b:3d:52:2c:f2:31:fa:fc:fc:3d:dc:72:4b:
                    73:41:86:b3:25:23:09:3e:8f:cf:35:a2:b5:c6:3d:
                    ac:e4:f1:23:ce:d4:8a:0d:5a:71:1b:1a:f3:e3:d7:
                    6d:38:f2:2e:ed:f8:05:d8:30:8c:0c:d5:5b:1a:ad:
                    5f:9d:9e:7c:35:e1:88:94:04:14:95:9d:7c:17:a2:
                    1f:15:a1:a1:1d:42:8b:71:00:d4:23:3a:36:88:85:
                    c4:51:21:f4:40:b4:4a:3d:b4:f0:08:31:2f:0f:e7:
                    60:41:ff:c7:8b:a5:6d:fa:1a:98:0b:d6:55:da:8d:
                    a3:9c:2a:2d:c1:f7:f5:ba:12:81:ba:2b:39:4d:7a:
                    cc:28:49:37:20:bd:a6:c3:15:92:f7:9b:a5:65:a6:
                    2a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:1E:9E:26:C8:7E:C6:64:95:CE:81:CC:0B:12:15:83:F4:E2:73:C3
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/944DBD1EA2C311EEB3A18C20D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.194.31.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1d:6d:a8:e2:76:43:ac:8a:1b:e3:09:46:6c:1d:ae:b8:12:6f:
         8e:ec:71:3d:3c:68:2c:2d:ba:5e:ba:cc:e7:67:af:2b:96:01:
         ef:c4:44:9e:65:4b:b9:f4:36:f9:13:64:27:e8:d2:56:4a:66:
         16:75:33:48:ea:52:d7:55:60:ce:9e:2c:4e:5f:9b:bf:1c:e3:
         6b:92:e3:d2:bd:36:d8:49:ec:99:7b:f8:70:9c:1a:52:81:97:
         03:71:e2:bc:61:d7:40:c0:cc:e5:66:65:a4:8b:51:9f:42:37:
         da:d2:ce:53:fb:82:20:2a:a9:fd:72:56:9f:d2:51:57:cf:b9:
         83:95:bd:14:d4:b4:a2:7a:bf:f1:49:44:a0:65:6a:bb:8c:88:
         74:b0:f8:a1:17:89:f0:ea:81:84:c0:5a:12:a8:e9:9d:1f:04:
         3f:c5:45:20:37:5d:50:23:38:7c:b3:9e:76:6b:fc:0a:f4:56:
         e3:27:39:33:86:c2:00:d2:bb:e6:ff:b7:9b:d9:07:49:12:6d:
         29:56:93:8e:da:a8:7e:50:ab:96:be:c3:dc:d8:ea:31:07:a9:
         42:75:70:ae:94:5a:48:c7:71:ce:6c:c6:d4:0a:57:2e:20:7b:
         82:d5:ea:3a:47:a1:83:a8:d0:98:ad:df:58:79:45:47:25:b7:
         78:4c:00:6c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICWNAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzEyMjUwMTE4NTVaFw0yNTAxMDcwMTE4NTVaMBgxFjAU
BgNVBAMTDTY1ODhkODgyLTMzZDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDLs2IZ3VUO9ZlK2dORxNieydDQ2j87vNvshUIiv8rxVo8grppL5RavQGIh
k9G3t1MoiXGn2FQgoUiR4BswCk63MnprfFgdlVUWB58Vp/diiPbxG2RndBJFO6Jb
5+WQ6hNs9keARBR9fcvKSz1SLPIx+vz8PdxyS3NBhrMlIwk+j881orXGPazk8SPO
1IoNWnEbGvPj12048i7t+AXYMIwM1VsarV+dnnw14YiUBBSVnXwXoh8VoaEdQotx
ANQjOjaIhcRRIfRAtEo9tPAIMS8P52BB/8eLpW36GpgL1lXajaOcKi3B9/W6EoG6
KzlNeswoSTcgvabDFZL3m6VlpippAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUkR6e
Jsh+xmSVzoHMCxIVg/Tic8MwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4Lzk0NERCRDFFQTJDMzExRUVCM0ExOEMyMEQyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtwh8wDQYJKoZIhvcNAQELBQAD
ggEBAB1tqOJ2Q6yKG+MJRmwdrrgSb47scT08aCwtul66zOdnryuWAe/ERJ5lS7n0
NvkTZCfo0lZKZhZ1M0jqUtdVYM6eLE5fm78c42uS49K9NthJ7Jl7+HCcGlKBlwNx
4rxh10DAzOVmZaSLUZ9CN9rSzlP7giAqqf1yVp/SUVfPuYOVvRTUtKJ6v/FJRKBl
aruMiHSw+KEXifDqgYTAWhKo6Z0fBD/FRSA3XVAjOHyznnZr/Ar0VuMnOTOGwgDS
u+b/t5vZB0kSbSlWk47aqH5Qq5a+w9zY6jEHqUJ1cK6UWkjHcc5sxtQKVy4ge4LV
6jpHoYOo0Jit31h5RUclt3hMAGw=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:41 2024 by rpki-client on console-ams.rpki-client.org