Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB0615E2E9A711EE9669FC6B775412E6.roa
File:                     CB0615E2E9A711EE9669FC6B775412E6.roa (raw, json)
Hash identifier:          00stDl5jK6ylzlC+x3lHYQRvkCtZiyHhI6NY4RkDjuY=
Subject key identifier:   A0:CB:25:FB:A0:15:68:A9:5C:93:C4:08:01:0B:58:A7:E5:53:BE:1C
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       802B
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB0615E2E9A711EE9669FC6B775412E6.roa
Signing time:             Sun 24 Mar 2024 06:28:57 +0000
ROA not before:           Sun 24 Mar 2024 06:28:54 +0000
ROA not after:            Thu 27 Mar 2025 06:28:54 +0000
asID:                     137263
IP address blocks:        45.195.16.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32811 (0x802b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Mar 24 06:28:54 2024 GMT
            Not After : Mar 27 06:28:54 2025 GMT
        Subject: CN=65ffc829-5c27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:49:04:57:70:03:6a:ee:57:bd:f3:19:9f:aa:
                    d4:cf:fc:73:58:8a:94:07:b0:56:99:a7:85:63:a7:
                    81:97:f5:67:f7:31:88:d5:7f:76:d5:4a:2b:93:11:
                    47:b2:5a:fc:23:78:1d:68:2f:fd:8d:3f:f4:62:a6:
                    c0:79:ae:43:6b:b0:1e:59:ef:a3:86:c2:9b:e2:f4:
                    6b:04:69:60:be:63:e6:96:6e:81:25:e9:22:a8:a4:
                    a9:39:9b:be:dc:be:fc:42:28:50:24:7b:dc:bf:c8:
                    95:ba:c5:4c:91:a3:da:25:19:5a:67:49:9b:3b:ff:
                    33:4c:2e:f8:36:36:d8:cc:f0:af:75:82:0a:8a:05:
                    8d:27:a5:26:2d:ad:86:c9:0e:bd:2d:65:f9:56:44:
                    39:3f:87:64:5f:90:43:3a:2f:27:6e:ba:d7:66:13:
                    87:30:db:66:a1:b2:00:95:93:20:54:85:53:98:0c:
                    40:58:0a:ee:4e:a0:7d:2a:a4:d8:df:05:68:09:8a:
                    1a:90:57:ea:bc:c8:73:ec:5a:0e:8b:b2:77:1f:54:
                    6e:ae:30:9a:2c:66:68:b9:6b:1c:f2:1e:f9:6f:68:
                    e0:b7:06:b3:b2:af:b0:2e:e2:ae:af:de:34:dd:7a:
                    42:ee:d4:ec:20:14:10:b1:fe:0d:aa:13:ac:0d:e7:
                    71:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:CB:25:FB:A0:15:68:A9:5C:93:C4:08:01:0B:58:A7:E5:53:BE:1C
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/CB0615E2E9A711EE9669FC6B775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.195.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         58:ef:a9:7f:11:f9:e7:3f:f8:9d:2f:1d:dc:cf:3c:e3:f4:9f:
         1e:36:63:3c:2e:2a:9f:dd:8f:47:d8:23:fe:f1:82:0c:1a:c4:
         f2:e4:be:54:c6:d9:b9:60:49:27:7e:0e:be:30:72:9a:af:95:
         43:75:b6:69:fa:08:6d:6d:e5:c0:27:53:7b:d4:95:37:5b:a8:
         2f:44:1e:1e:8a:7a:49:7c:14:69:ff:30:34:6e:13:61:40:45:
         6f:f4:c6:df:3f:7d:1a:f9:45:f4:8a:c3:9f:d2:35:92:1d:6b:
         82:33:3c:69:60:81:ad:ac:0e:5a:9f:c9:45:a6:bd:88:50:b2:
         77:25:96:0f:60:07:c3:2e:d1:b8:9e:98:e0:0d:34:0b:ea:9e:
         08:0f:45:de:a9:52:08:0f:d6:f1:82:c1:6e:69:d7:99:a8:7a:
         ce:2f:1d:b2:3b:10:ac:59:42:6e:fa:54:17:7d:47:7c:80:d5:
         f4:f8:e1:47:9b:e1:63:d3:5d:0f:15:9e:d6:d1:d5:3e:da:9a:
         d4:fb:e2:56:f5:48:6a:43:c0:24:68:06:cd:c3:14:99:e6:16:
         11:2e:12:0e:09:ab:a0:80:a7:af:e0:22:76:70:31:73:0d:41:
         30:7e:4c:32:0c:46:0d:cd:59:5b:02:60:cf:3c:f9:f2:26:00:
         e5:4f:2f:c4
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIArMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwMzI0MDYyODU0WhcNMjUwMzI3MDYyODU0WjAYMRYw
FAYDVQQDEw02NWZmYzgyOS01YzI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAq0kEV3ADau5XvfMZn6rUz/xzWIqUB7BWmaeFY6eBl/Vn9zGI1X921Uor
kxFHslr8I3gdaC/9jT/0YqbAea5Da7AeWe+jhsKb4vRrBGlgvmPmlm6BJekiqKSp
OZu+3L78QihQJHvcv8iVusVMkaPaJRlaZ0mbO/8zTC74NjbYzPCvdYIKigWNJ6Um
La2GyQ69LWX5VkQ5P4dkX5BDOi8nbrrXZhOHMNtmobIAlZMgVIVTmAxAWAruTqB9
KqTY3wVoCYoakFfqvMhz7FoOi7J3H1RurjCaLGZouWsc8h75b2jgtwazsq+wLuKu
r9403XpC7tTsIBQQsf4NqhOsDedxfwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFKDL
JfugFWipXJPECAELWKflU74cMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9DQjA2MTVFMkU5QTcxMUVFOTY2OUZDNkI3NzU0MTJFNi5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDLcMQMA0GCSqGSIb3DQEBCwUA
A4IBAQBY76l/EfnnP/idLx3czzzj9J8eNmM8Liqf3Y9H2CP+8YIMGsTy5L5Uxtm5
YEknfg6+MHKar5VDdbZp+ghtbeXAJ1N71JU3W6gvRB4einpJfBRp/zA0bhNhQEVv
9MbfP30a+UX0isOf0jWSHWuCMzxpYIGtrA5an8lFpr2IULJ3JZYPYAfDLtG4npjg
DTQL6p4ID0XeqVIID9bxgsFuadeZqHrOLx2yOxCsWUJu+lQXfUd8gNX0+OFHm+Fj
010PFZ7W0dU+2prU++JW9UhqQ8AkaAbNwxSZ5hYRLhIOCauggKev4CJ2cDFzDUEw
fkwyDEYNzVlbAmDPPPnyJgDlTy/E
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:50 2024 by rpki-client on console-ams.rpki-client.org