Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5213AAC901D11EE82EA2157D25BE465.roa
File:                     A5213AAC901D11EE82EA2157D25BE465.roa (raw, json)
Hash identifier:          UhxCkY4B4Zd/foLFdgpZ3yQe4/uTd9PjfXbmeUGFx5I=
Subject key identifier:   E0:1F:5A:8F:28:26:D6:1E:E6:CA:15:05:02:BF:96:34:99:90:C8:E4
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       4C80
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5213AAC901D11EE82EA2157D25BE465.roa
Signing time:             Fri 01 Dec 2023 07:45:49 +0000
ROA not before:           Fri 01 Dec 2023 07:45:46 +0000
ROA not after:            Sat 30 Nov 2024 07:45:46 +0000
asID:                     149641
IP address blocks:        45.200.12.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 19584 (0x4c80)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Dec  1 07:45:46 2023 GMT
            Not After : Nov 30 07:45:46 2024 GMT
        Subject: CN=65698f2d-921c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:3e:1a:0e:75:91:6e:3b:a0:e7:0f:f4:23:da:
                    14:b0:90:f4:7a:cd:54:4c:18:99:c1:d7:24:ef:de:
                    27:39:f6:c1:fa:11:a2:6f:27:25:21:a7:80:87:d1:
                    b1:0c:9e:88:b0:3a:78:ea:05:d6:e2:b6:05:7d:cd:
                    1a:54:1f:ee:19:92:67:25:87:db:77:a2:f0:a6:40:
                    3e:1d:6a:53:40:e3:16:fd:b8:ad:1b:42:f6:0a:90:
                    cf:a9:a5:c1:df:98:e2:7e:3a:9c:2d:99:71:cd:85:
                    5d:0c:70:e6:73:0a:8a:b7:f3:9f:9e:2b:11:08:8e:
                    db:d4:c8:51:67:2a:09:e1:5c:3b:72:e6:f3:bb:9f:
                    fc:7c:a7:f7:2d:d6:90:5c:d2:84:92:19:99:26:36:
                    5c:1d:37:cc:26:62:a0:4e:6c:e6:b6:57:e7:db:c7:
                    42:ae:2a:53:87:12:95:3c:5f:cd:6e:36:dc:67:ff:
                    e8:1b:83:29:c6:71:b1:70:69:85:3d:00:9c:00:d2:
                    1c:52:be:97:d6:c1:2b:63:af:e6:5d:5b:a0:f1:f1:
                    18:66:00:ff:04:d6:b4:49:87:cb:5a:69:fd:d7:12:
                    8d:e2:8f:0f:aa:86:db:6b:b3:34:60:08:6e:a9:0a:
                    a3:d6:5c:90:04:79:9e:01:af:01:4e:78:58:70:18:
                    9b:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:1F:5A:8F:28:26:D6:1E:E6:CA:15:05:02:BF:96:34:99:90:C8:E4
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/A5213AAC901D11EE82EA2157D25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.200.12.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b2:eb:cd:94:cf:d3:ed:5d:be:23:ad:e1:dc:81:f4:97:b1:59:
         96:3e:18:36:b9:40:64:d5:e1:10:0c:71:e7:a6:0e:ce:7f:0a:
         32:68:8d:c2:e6:2b:a3:cb:03:16:c7:07:91:5e:3f:68:dd:be:
         83:be:27:4d:2a:71:97:26:37:50:ec:e0:ff:15:41:0d:85:82:
         07:e8:3e:db:de:ad:4d:a9:d9:86:95:43:5b:d8:00:28:0e:a7:
         1e:e8:15:02:d3:d9:c9:2c:4c:73:d1:00:9d:64:f7:42:36:41:
         d5:99:1e:6d:e8:0a:b9:10:0e:85:34:7d:bc:53:c6:f6:97:5b:
         98:86:72:aa:cd:70:c8:64:f6:3a:76:e7:1a:3c:2b:38:3e:ac:
         cd:88:6b:ab:f1:17:7b:5b:50:66:62:91:7d:8b:fa:13:d7:ef:
         bf:64:12:57:54:42:21:8b:a8:fd:b2:08:5e:61:ad:22:35:d0:
         10:8a:14:36:08:46:54:9b:52:63:6b:fc:ed:9f:c4:7f:47:42:
         0f:c2:41:92:2d:5a:86:1d:ed:18:20:89:21:b3:0c:fe:c8:02:
         0d:d4:69:27:d4:f2:2b:a4:f8:ff:2c:03:1c:a5:34:03:4a:62:
         8e:62:50:c6:f3:72:66:1c:e4:77:15:e7:27:a6:39:a7:3b:d3:
         1b:2a:cc:7b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICTIAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzEyMDEwNzQ1NDZaFw0yNDExMzAwNzQ1NDZaMBgxFjAU
BgNVBAMTDTY1Njk4ZjJkLTkyMWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUPhoOdZFuO6DnD/Qj2hSwkPR6zVRMGJnB1yTv3ic59sH6EaJvJyUhp4CH
0bEMnoiwOnjqBdbitgV9zRpUH+4Zkmclh9t3ovCmQD4dalNA4xb9uK0bQvYKkM+p
pcHfmOJ+OpwtmXHNhV0McOZzCoq385+eKxEIjtvUyFFnKgnhXDty5vO7n/x8p/ct
1pBc0oSSGZkmNlwdN8wmYqBObOa2V+fbx0KuKlOHEpU8X81uNtxn/+gbgynGcbFw
aYU9AJwA0hxSvpfWwStjr+ZdW6Dx8RhmAP8E1rRJh8taaf3XEo3ijw+qhttrszRg
CG6pCqPWXJAEeZ4BrwFOeFhwGJvtAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU4B9a
jygm1h7myhUFAr+WNJmQyOQwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0E1MjEzQUFDOTAxRDExRUU4MkVBMjE1N0QyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtyAwwDQYJKoZIhvcNAQELBQAD
ggEBALLrzZTP0+1dviOt4dyB9JexWZY+GDa5QGTV4RAMceemDs5/CjJojcLmK6PL
AxbHB5FeP2jdvoO+J00qcZcmN1Ds4P8VQQ2FggfoPtverU2p2YaVQ1vYACgOpx7o
FQLT2cksTHPRAJ1k90I2QdWZHm3oCrkQDoU0fbxTxvaXW5iGcqrNcMhk9jp25xo8
Kzg+rM2Ia6vxF3tbUGZikX2L+hPX779kEldUQiGLqP2yCF5hrSI10BCKFDYIRlSb
UmNr/O2fxH9HQg/CQZItWoYd7RggiSGzDP7IAg3UaSfU8iuk+P8sAxylNANKYo5i
UMbzcmYc5HcV5yemOac70xsqzHs=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:42 2024 by rpki-client on console-fra.rpki-client.org