Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB4E15600E9B11EF9D164CF4007001B1.roa
File:                     AB4E15600E9B11EF9D164CF4007001B1.roa (raw, json)
Hash identifier:          kU2T/nc9ObaHhiwTgyZ8lk7kuuFb3J4r1Ueb41f4cpE=
Subject key identifier:   69:D2:E0:80:75:56:CE:5F:B6:BA:73:AE:D6:5E:41:9F:99:C7:B5:3B
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       897C
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB4E15600E9B11EF9D164CF4007001B1.roa
Signing time:             Fri 10 May 2024 07:05:23 +0000
ROA not before:           Fri 10 May 2024 07:05:20 +0000
ROA not after:            Fri 10 Jan 2025 07:05:20 +0000
asID:                     139057
IP address blocks:        156.225.111.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35196 (0x897c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: May 10 07:05:20 2024 GMT
            Not After : Jan 10 07:05:20 2025 GMT
        Subject: CN=663dc733-319c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:5e:1f:f5:ef:d6:94:b3:19:75:d6:50:21:9f:
                    9c:93:2b:e3:57:c3:29:47:76:67:90:c1:ef:b7:6c:
                    82:6e:cc:5c:35:f3:b3:f6:55:37:4b:38:c4:0a:42:
                    c2:fd:80:9f:e4:d1:9e:88:1b:88:83:6a:b7:37:2e:
                    e1:c9:69:83:ca:89:d6:36:6a:2a:f4:41:a7:17:f1:
                    2e:a9:b4:8b:52:99:c3:92:38:5b:c9:31:42:ee:d8:
                    cf:f2:bc:f0:a2:43:d6:55:fd:ed:de:c2:05:2e:66:
                    87:b9:09:3e:af:0f:fe:8b:7c:4d:66:20:40:46:7c:
                    d1:3f:b4:11:b8:d2:05:d5:66:f2:32:5e:0a:c7:55:
                    05:72:f2:9b:95:e1:a9:db:59:55:c1:be:97:78:fd:
                    91:6a:17:f0:cd:39:f5:11:e3:ad:f8:a3:9c:1a:2d:
                    50:10:dc:cb:d8:6f:bc:38:2f:1e:81:d9:6c:c1:54:
                    82:97:70:06:3c:f1:c3:00:e7:d7:09:a8:cf:24:a2:
                    1b:4e:72:09:86:fc:dd:5a:8b:66:2a:c1:cb:86:63:
                    af:ea:22:07:e1:77:82:b3:92:d7:53:76:29:91:fd:
                    7e:5d:54:41:de:e0:62:ea:78:f9:f0:19:cb:92:b4:
                    2b:8f:57:de:e8:67:1f:22:f4:e3:cd:87:a9:23:c1:
                    ee:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:D2:E0:80:75:56:CE:5F:B6:BA:73:AE:D6:5E:41:9F:99:C7:B5:3B
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/AB4E15600E9B11EF9D164CF4007001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.225.111.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:53:fa:2e:24:a3:f0:1a:aa:87:e4:07:a4:ed:59:31:3e:b8:
         ff:05:eb:cd:fb:38:ca:00:dd:f4:7c:3d:33:e0:40:0f:9b:b4:
         cb:d9:3d:89:39:63:cb:dc:c0:86:82:11:0f:f1:03:f7:31:f5:
         41:fa:7a:69:d5:78:ae:d5:6e:75:d8:8a:07:a6:43:01:61:c7:
         71:2d:d5:44:90:b8:82:3d:3a:cc:96:9e:2d:4e:84:2f:7f:ab:
         09:bc:eb:c0:c6:05:f1:2d:f4:dc:29:4d:e5:2a:4c:20:ea:24:
         9e:11:7e:64:5b:9e:bf:d8:b6:9f:85:66:9e:2b:d4:8e:ce:67:
         e4:12:c3:df:96:91:c7:5e:48:ef:e0:25:7e:4c:7f:f2:89:83:
         42:c6:b8:59:ca:be:6f:8b:36:31:c3:9a:a7:65:06:09:e5:c5:
         33:90:aa:4e:64:a8:80:20:a8:e1:00:33:04:03:d4:6b:6a:7c:
         c0:32:12:ed:ad:99:a0:4a:85:fd:3e:4b:87:d5:07:79:49:67:
         15:04:7e:63:16:fe:a9:ef:65:45:09:c7:5e:21:d1:37:09:5d:
         c7:9d:99:07:c1:37:42:6a:b4:e7:45:c0:01:1d:36:91:1e:3e:
         ff:50:a0:2c:42:38:12:db:69:e2:ab:8c:01:8a:c5:d8:21:f9:
         02:e4:75:dc
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIl8MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTEwMDcwNTIwWhcNMjUwMTEwMDcwNTIwWjAYMRYw
FAYDVQQDEw02NjNkYzczMy0zMTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAvF4f9e/WlLMZddZQIZ+ckyvjV8MpR3ZnkMHvt2yCbsxcNfOz9lU3SzjE
CkLC/YCf5NGeiBuIg2q3Ny7hyWmDyonWNmoq9EGnF/EuqbSLUpnDkjhbyTFC7tjP
8rzwokPWVf3t3sIFLmaHuQk+rw/+i3xNZiBARnzRP7QRuNIF1WbyMl4Kx1UFcvKb
leGp21lVwb6XeP2RahfwzTn1EeOt+KOcGi1QENzL2G+8OC8egdlswVSCl3AGPPHD
AOfXCajPJKIbTnIJhvzdWotmKsHLhmOv6iIH4XeCs5LXU3Ypkf1+XVRB3uBi6nj5
8BnLkrQrj1fe6GcfIvTjzYepI8Hu+wIDAQABo4ICojCCAp4wHQYDVR0OBBYEFGnS
4IB1Vs5ftrpzrtZeQZ+Zx7U7MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9BQjRFMTU2MDBFOUIxMUVGOUQxNjRDRjQwMDcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnOFvMA0GCSqGSIb3DQEBCwUA
A4IBAQAHU/ouJKPwGqqH5Aek7VkxPrj/BevN+zjKAN30fD0z4EAPm7TL2T2JOWPL
3MCGghEP8QP3MfVB+npp1Xiu1W512IoHpkMBYcdxLdVEkLiCPTrMlp4tToQvf6sJ
vOvAxgXxLfTcKU3lKkwg6iSeEX5kW56/2LafhWaeK9SOzmfkEsPflpHHXkjv4CV+
TH/yiYNCxrhZyr5vizYxw5qnZQYJ5cUzkKpOZKiAIKjhADMEA9RranzAMhLtrZmg
SoX9PkuH1Qd5SWcVBH5jFv6p72VFCcdeIdE3CV3HnZkHwTdCarTnRcABHTaRHj7/
UKAsQjgS22niq4wBisXYIfkC5HXc
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:43 2024 by rpki-client on console-fra.rpki-client.org