Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4A76798344A11EFA6CF6B7E762E951A.roa
File:                     D4A76798344A11EFA6CF6B7E762E951A.roa (raw, json)
Hash identifier:          FjPsKCUXHWGMo3IO98sp6JfX9NU7x/GNatTiCx6goTs=
Subject key identifier:   F9:EB:B6:B2:75:72:4C:EB:22:E2:38:15:30:49:FF:8C:69:39:46:BA
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       959A
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4A76798344A11EFA6CF6B7E762E951A.roa
Signing time:             Thu 27 Jun 2024 06:02:27 +0000
ROA not before:           Thu 27 Jun 2024 06:02:24 +0000
ROA not after:            Mon 30 Dec 2024 06:02:24 +0000
asID:                     984
IP address blocks:        45.206.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 38298 (0x959a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jun 27 06:02:24 2024 GMT
            Not After : Dec 30 06:02:24 2024 GMT
        Subject: CN=667d0073-9452
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ca:73:5a:9d:00:38:aa:3a:fe:dc:b9:d4:e0:
                    68:1f:ac:f9:c3:51:65:9b:e2:6b:c5:51:d9:7f:ae:
                    9f:03:6b:b4:d1:30:e3:20:e3:a7:5b:37:55:62:76:
                    5e:f7:c4:94:be:3e:f4:45:b5:2b:da:6c:9a:3f:21:
                    0d:cd:f9:1f:e3:1a:37:40:3c:9e:96:55:40:c0:b8:
                    94:08:6b:8a:87:41:b4:41:8e:8d:8a:6c:31:1c:68:
                    d4:24:45:3c:85:78:3b:e2:22:06:64:3b:60:32:93:
                    ed:74:08:86:9d:b7:4c:4d:aa:de:42:1b:34:12:b3:
                    97:e4:95:12:92:e0:cc:ae:09:c6:53:29:49:47:c8:
                    8b:38:4f:ae:61:3c:d4:95:a6:99:d8:46:93:f0:eb:
                    82:8a:ac:7b:3d:a7:cf:23:13:2d:1a:af:ec:c8:6d:
                    b3:7a:54:10:d5:eb:7a:6c:b9:19:a4:d9:4b:b4:67:
                    f3:e4:e4:71:12:51:10:ae:23:a2:3e:f7:8d:55:ab:
                    54:c4:af:57:f6:9e:b0:46:cd:46:c4:d5:72:27:fb:
                    29:98:47:8e:b4:47:4a:fa:29:18:ae:ee:d3:1c:a1:
                    fc:f8:df:a2:e2:28:4e:ef:cc:e3:41:8c:82:81:89:
                    72:3e:9b:5f:29:d1:8e:f1:f8:6f:a3:d9:9d:dd:31:
                    0c:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:EB:B6:B2:75:72:4C:EB:22:E2:38:15:30:49:FF:8C:69:39:46:BA
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D4A76798344A11EFA6CF6B7E762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.206.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         1d:fa:05:55:53:f9:11:f3:89:6c:f8:18:e9:8c:0b:23:3f:13:
         c0:58:c2:8b:20:0c:95:70:67:bb:9b:b8:94:1c:ca:51:ad:1f:
         9b:5a:2f:f8:dc:99:77:57:19:61:05:72:ca:69:0e:5b:07:6c:
         09:ab:a4:1f:a0:90:98:2a:f6:28:3a:e3:71:95:cd:45:25:95:
         a9:7e:83:6c:33:0d:d3:a6:fb:b9:76:db:6c:a4:bc:08:a5:9d:
         bc:05:40:f0:33:2c:fc:b2:2f:a7:3b:c5:75:b7:69:b7:23:4b:
         7a:31:6b:a8:b4:70:09:7c:99:89:f3:3e:08:b5:e7:8b:81:58:
         1e:75:4b:62:3f:9a:24:20:60:a5:32:a9:f1:c1:f0:bc:c7:02:
         0a:0b:b3:72:b1:29:59:f1:44:90:2a:2c:fe:d4:e4:ea:18:e7:
         e3:28:8e:21:8a:ae:d0:31:fe:eb:fd:42:ec:8d:78:fe:7a:4a:
         a4:10:a9:a7:66:b7:51:58:6e:0d:74:1b:f2:7f:7a:db:09:23:
         9c:1b:c5:2a:e0:74:e6:0f:5a:99:fe:ab:6c:c0:4b:5b:a8:1c:
         4a:29:b6:16:c7:bc:43:fe:c0:6b:d8:52:c6:55:79:1d:d2:1a:
         5c:78:cb:95:b5:b4:65:fe:87:91:01:41:d2:e5:62:49:63:84:
         4e:57:4a:ed
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgIDAJWaMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNjI3MDYwMjI0WhcNMjQxMjMwMDYwMjI0WjAYMRYw
FAYDVQQDEw02NjdkMDA3My05NDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAt8pzWp0AOKo6/ty51OBoH6z5w1Flm+JrxVHZf66fA2u00TDjIOOnWzdV
YnZe98SUvj70RbUr2myaPyENzfkf4xo3QDyellVAwLiUCGuKh0G0QY6NimwxHGjU
JEU8hXg74iIGZDtgMpPtdAiGnbdMTareQhs0ErOX5JUSkuDMrgnGUylJR8iLOE+u
YTzUlaaZ2EaT8OuCiqx7PafPIxMtGq/syG2zelQQ1et6bLkZpNlLtGfz5ORxElEQ
riOiPveNVatUxK9X9p6wRs1GxNVyJ/spmEeOtEdK+ikYru7THKH8+N+i4ihO78zj
QYyCgYlyPptfKdGO8fhvo9md3TEMwwIDAQABo4ICoTCCAp0wHQYDVR0OBBYEFPnr
trJ1ckzrIuI4FTBJ/4xpOUa6MB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9ENEE3Njc5ODM0NEExMUVGQTZDRjZCN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMALc4wDQYJKoZIhvcNAQELBQAD
ggEBAB36BVVT+RHziWz4GOmMCyM/E8BYwosgDJVwZ7ubuJQcylGtH5taL/jcmXdX
GWEFcsppDlsHbAmrpB+gkJgq9ig643GVzUUllal+g2wzDdOm+7l222ykvAilnbwF
QPAzLPyyL6c7xXW3abcjS3oxa6i0cAl8mYnzPgi154uBWB51S2I/miQgYKUyqfHB
8LzHAgoLs3KxKVnxRJAqLP7U5OoY5+MojiGKrtAx/uv9QuyNeP56SqQQqadmt1FY
bg10G/J/etsJI5wbxSrgdOYPWpn+q2zAS1uoHEopthbHvEP+wGvYUsZVeR3SGlx4
y5W1tGX+h5EBQdLlYkljhE5XSu0=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:49 2024 by rpki-client on console-fra.rpki-client.org