Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC9F3A7AAEBC11EEAE5862C1775412E6.roa
File:                     DC9F3A7AAEBC11EEAE5862C1775412E6.roa (raw, json)
Hash identifier:          fjBmNNLzmfIYfjNNhZs/8t8A2uLhzhCXU9O/e+16H1E=
Subject key identifier:   6F:D1:48:92:A5:19:E3:17:AE:7B:EF:03:5E:55:9E:15:41:F4:02:55
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       5EC3
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC9F3A7AAEBC11EEAE5862C1775412E6.roa
Signing time:             Tue 09 Jan 2024 07:01:07 +0000
ROA not before:           Tue 09 Jan 2024 07:01:04 +0000
ROA not after:            Sat 11 Jan 2025 07:01:04 +0000
asID:                     138995
IP address blocks:        45.194.36.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24259 (0x5ec3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jan  9 07:01:04 2024 GMT
            Not After : Jan 11 07:01:04 2025 GMT
        Subject: CN=659cef33-ac82
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:a2:52:70:11:fc:bd:4f:07:4f:54:0d:87:e5:
                    27:a3:3f:c7:1a:cd:d7:e6:e6:48:9e:20:b9:9a:2b:
                    5e:c4:5b:78:88:7b:58:d7:1d:0f:ef:7a:11:0e:37:
                    38:9b:2d:77:2e:94:17:a7:f9:45:cd:b5:97:36:0c:
                    2c:0a:32:c7:8b:42:02:8b:0a:fd:1a:07:c5:e3:af:
                    47:11:07:92:f8:f4:5e:05:1e:19:3e:9a:7d:b4:2d:
                    7c:14:95:cc:d5:90:74:fd:9e:27:07:34:5b:da:7a:
                    e2:ff:b7:57:84:93:67:13:b8:9d:7e:ea:e3:63:ad:
                    83:d4:85:27:1b:46:8c:fb:d4:20:51:68:62:dd:a0:
                    f2:91:45:97:cf:a9:de:d5:e3:24:c1:6c:6a:a5:53:
                    d2:7f:07:d6:23:73:42:fc:be:e5:2e:9e:bd:ba:19:
                    ea:a3:2a:d6:34:ba:2e:c0:27:fb:38:9d:a9:96:ae:
                    dc:7c:12:3f:4d:11:81:40:58:90:49:62:85:c4:26:
                    e6:4f:dc:9b:a7:7e:93:2b:a6:02:b2:b8:8f:db:f1:
                    86:7b:8b:a5:78:0d:33:fe:72:b8:8f:33:07:6f:40:
                    58:30:bd:d0:f4:05:8f:58:29:01:9e:7e:0f:e7:39:
                    4a:04:09:a3:0a:9e:36:8d:1a:2c:6f:12:fa:e3:1e:
                    47:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:D1:48:92:A5:19:E3:17:AE:7B:EF:03:5E:55:9E:15:41:F4:02:55
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/DC9F3A7AAEBC11EEAE5862C1775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.194.36.0/24

    Signature Algorithm: sha256WithRSAEncryption
         21:7c:ac:5f:22:e7:96:55:25:df:a5:1a:fb:82:f6:77:3d:56:
         f7:54:86:6c:b2:30:2e:14:02:df:29:39:b1:f9:63:e2:38:28:
         26:fa:2c:ad:f7:c9:bc:7f:89:36:7b:01:0e:39:45:ef:50:53:
         83:e3:10:d2:30:49:99:cb:80:91:35:68:de:5d:1d:32:0f:f3:
         22:e2:51:6e:60:57:21:7b:a1:bc:71:72:26:5e:d2:76:17:c8:
         c3:3d:2c:6a:26:14:b1:88:a8:46:38:1f:cf:0e:fc:77:f6:5d:
         a0:b4:44:2b:ed:fa:2f:0b:1f:12:5a:ad:f5:dc:d9:da:c2:19:
         ea:a5:21:74:ae:58:da:3b:a0:35:41:18:0d:57:f6:c0:56:00:
         2d:a8:32:b5:e7:35:40:5f:b6:1d:08:6b:7b:58:ac:d0:12:c4:
         e2:92:9c:4f:2e:81:e9:3f:ec:15:cb:8b:da:d2:90:87:30:f1:
         9f:98:ed:ab:5f:79:69:a2:42:d1:5e:f3:3d:58:d8:f8:19:29:
         6c:cc:db:a0:11:c7:e4:f6:b3:4e:79:fc:59:91:8a:2e:e4:53:
         ce:1e:59:1e:c8:7c:c5:a6:b6:0e:61:e9:1f:e5:4b:b9:ab:e7:
         3b:0a:7a:be:1f:a0:60:f9:74:76:65:bb:01:37:fd:b6:13:3f:
         5c:85:82:69
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICXsMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yNDAxMDkwNzAxMDRaFw0yNTAxMTEwNzAxMDRaMBgxFjAU
BgNVBAMTDTY1OWNlZjMzLWFjODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC3olJwEfy9TwdPVA2H5SejP8cazdfm5kieILmaK17EW3iIe1jXHQ/vehEO
NzibLXculBen+UXNtZc2DCwKMseLQgKLCv0aB8Xjr0cRB5L49F4FHhk+mn20LXwU
lczVkHT9nicHNFvaeuL/t1eEk2cTuJ1+6uNjrYPUhScbRoz71CBRaGLdoPKRRZfP
qd7V4yTBbGqlU9J/B9Yjc0L8vuUunr26GeqjKtY0ui7AJ/s4namWrtx8Ej9NEYFA
WJBJYoXEJuZP3JunfpMrpgKyuI/b8YZ7i6V4DTP+criPMwdvQFgwvdD0BY9YKQGe
fg/nOUoECaMKnjaNGixvEvrjHkeFAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUb9FI
kqUZ4xeue+8DXlWeFUH0AlUwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0RDOUYzQTdBQUVCQzExRUVBRTU4NjJDMTc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtwiQwDQYJKoZIhvcNAQELBQAD
ggEBACF8rF8i55ZVJd+lGvuC9nc9VvdUhmyyMC4UAt8pObH5Y+I4KCb6LK33ybx/
iTZ7AQ45Re9QU4PjENIwSZnLgJE1aN5dHTIP8yLiUW5gVyF7obxxciZe0nYXyMM9
LGomFLGIqEY4H88O/Hf2XaC0RCvt+i8LHxJarfXc2drCGeqlIXSuWNo7oDVBGA1X
9sBWAC2oMrXnNUBfth0Ia3tYrNASxOKSnE8ugek/7BXLi9rSkIcw8Z+Y7atfeWmi
QtFe8z1Y2PgZKWzM26ARx+T2s055/FmRii7kU84eWR7IfMWmtg5h6R/lS7mr5zsK
er4foGD5dHZluwE3/bYTP1yFgmk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:50 2024 by rpki-client on console-fra.rpki-client.org