Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6366CAA7EBD11EEB9F0506A4AD9E6FC.roa
File:                     D6366CAA7EBD11EEB9F0506A4AD9E6FC.roa (raw, json)
Hash identifier:          8KWs09azo8IBvwC40mudAll+Px1rIx+XAKkX6+WKPUM=
Subject key identifier:   F5:91:A6:5D:B7:04:02:84:C5:09:D6:A5:A6:DA:18:19:58:B0:89:33
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       44F3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6366CAA7EBD11EEB9F0506A4AD9E6FC.roa
Signing time:             Thu 09 Nov 2023 05:07:11 +0000
ROA not before:           Thu 09 Nov 2023 05:07:07 +0000
ROA not after:            Wed 06 Nov 2024 05:07:07 +0000
asID:                     139057
IP address blocks:        156.238.132.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 05 Mar 2024 00:16:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 17651 (0x44f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Nov  9 05:07:07 2023 GMT
            Not After : Nov  6 05:07:07 2024 GMT
        Subject: CN=654c68fe-16e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:f2:e8:fa:da:79:44:35:70:dd:42:4c:d0:51:
                    c0:4a:ac:fd:31:80:42:f0:18:7d:52:57:0d:81:8e:
                    95:1b:ec:e5:4e:67:ec:5e:c4:c8:cf:9f:24:0e:15:
                    26:8f:79:75:95:c7:1a:ca:6a:17:ea:52:d0:e7:32:
                    58:ae:f2:d0:6d:67:36:cf:8c:21:08:f7:70:73:0d:
                    7e:b7:f0:0d:12:58:b9:90:4f:fb:ac:db:85:99:9d:
                    2c:8a:8e:5a:49:8b:81:f1:e4:30:df:d6:77:ca:82:
                    59:e9:a9:c5:9c:cd:ba:9c:b3:17:85:84:8c:11:10:
                    9e:15:e9:7d:3b:e6:5d:a6:b0:cd:22:42:df:b4:54:
                    d2:34:c0:70:0d:4b:2d:f1:92:0a:ca:e9:d4:8c:16:
                    3d:de:3d:5a:67:b6:3b:a6:b6:95:e0:e9:b2:bf:f5:
                    53:42:43:b5:08:f5:f1:8a:54:9a:84:1f:04:92:06:
                    65:8b:4a:b6:5e:07:9d:8a:7f:05:26:b1:dd:49:82:
                    e4:9f:78:7c:e0:24:6e:89:95:3f:2b:3c:c5:7e:be:
                    3a:f2:cb:8a:83:78:b7:91:83:35:d3:7c:09:a5:4e:
                    08:f2:d4:89:e3:75:d9:cc:72:94:0e:b1:09:2a:55:
                    de:2b:56:f1:a2:77:8e:cc:e3:b7:4c:35:66:3c:74:
                    2d:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:91:A6:5D:B7:04:02:84:C5:09:D6:A5:A6:DA:18:19:58:B0:89:33
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/D6366CAA7EBD11EEB9F0506A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.238.132.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:a4:01:5f:4d:b2:76:2a:90:13:3d:76:d2:1a:d3:ba:08:f6:
         a9:13:d3:8b:f3:02:95:b9:9d:c7:52:03:22:32:8b:7a:f9:18:
         e8:9a:e8:ff:1d:3c:c6:b8:d5:d2:1d:c0:c2:e9:dd:97:cb:43:
         b1:57:8d:3b:ee:31:d6:bb:07:75:33:85:59:75:51:f8:0e:99:
         fb:3e:3c:3b:02:77:b4:34:02:79:bc:97:e9:ad:90:f9:26:4b:
         a3:e2:37:79:7c:d6:f1:43:72:4a:c2:74:c0:a1:c6:ad:4d:71:
         70:e1:b1:9f:63:b0:c4:73:f3:72:de:3f:78:d9:0a:15:cb:2d:
         ec:fc:ee:ba:43:c7:8f:06:cb:29:7c:07:a2:01:df:70:74:b6:
         18:27:31:a8:85:14:de:5d:c3:ec:63:c6:8f:2e:fc:7e:cc:b8:
         38:80:b1:6e:8a:57:c8:cc:1d:b6:01:c6:b9:e3:1b:c1:76:e5:
         14:a8:5d:c1:2a:82:cb:c9:71:77:db:ee:a0:19:d2:7c:b7:d5:
         f9:1e:80:31:74:42:84:9f:c6:6b:1d:4e:62:31:4d:c0:52:3e:
         fc:b5:89:e9:6b:01:5a:d3:13:9b:ca:20:b4:bc:52:41:f7:93:
         51:f5:08:2b:32:b5:f6:ed:30:97:81:e2:b6:b2:25:95:3f:74:
         34:cc:34:c7
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICRPMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yMzExMDkwNTA3MDdaFw0yNDExMDYwNTA3MDdaMBgxFjAU
BgNVBAMTDTY1NGM2OGZlLTE2ZTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDX8uj62nlENXDdQkzQUcBKrP0xgELwGH1SVw2BjpUb7OVOZ+xexMjPnyQO
FSaPeXWVxxrKahfqUtDnMliu8tBtZzbPjCEI93BzDX638A0SWLmQT/us24WZnSyK
jlpJi4Hx5DDf1nfKglnpqcWczbqcsxeFhIwREJ4V6X075l2msM0iQt+0VNI0wHAN
Sy3xkgrK6dSMFj3ePVpntjumtpXg6bK/9VNCQ7UI9fGKVJqEHwSSBmWLSrZeB52K
fwUmsd1JguSfeHzgJG6JlT8rPMV+vjryy4qDeLeRgzXTfAmlTgjy1InjddnMcpQO
sQkqVd4rVvGid47M47dMNWY8dC2/AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU9ZGm
XbcEAoTFCdalptoYGViwiTMwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0Q2MzY2Q0FBN0VCRDExRUVCOUYwNTA2QTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc7oQwDQYJKoZIhvcNAQELBQAD
ggEBAFykAV9NsnYqkBM9dtIa07oI9qkT04vzApW5ncdSAyIyi3r5GOia6P8dPMa4
1dIdwMLp3ZfLQ7FXjTvuMda7B3UzhVl1UfgOmfs+PDsCd7Q0Anm8l+mtkPkmS6Pi
N3l81vFDckrCdMChxq1NcXDhsZ9jsMRz83LeP3jZChXLLez87rpDx48Gyyl8B6IB
33B0thgnMaiFFN5dw+xjxo8u/H7MuDiAsW6KV8jMHbYBxrnjG8F25RSoXcEqgsvJ
cXfb7qAZ0ny31fkegDF0QoSfxmsdTmIxTcBSPvy1ielrAVrTE5vKILS8UkH3k1H1
CCsytfbtMJeB4rayJZU/dDTMNMc=
-----END CERTIFICATE-----
Generated at Sun Mar 3 01:29:03 2024 by rpki-client on console-ams.rpki-client.org