Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2B8C6F2AE1A11EE8D4AD799775412E6.roa
File:                     F2B8C6F2AE1A11EE8D4AD799775412E6.roa (raw, json)
Hash identifier:          aASwcAy2GbzDHHnjmU5EvLirEtF2M+yz+kY4LIrLmpA=
Subject key identifier:   65:42:88:D1:31:9C:02:D7:80:DD:7D:2A:49:FF:9F:10:B5:7E:4E:00
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       5EB2
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2B8C6F2AE1A11EE8D4AD799775412E6.roa
Signing time:             Mon 08 Jan 2024 11:42:06 +0000
ROA not before:           Mon 08 Jan 2024 11:42:03 +0000
ROA not after:            Tue 14 Jan 2025 11:42:03 +0000
asID:                     138965
IP address blocks:        156.236.90.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 24242 (0x5eb2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: Jan  8 11:42:03 2024 GMT
            Not After : Jan 14 11:42:03 2025 GMT
        Subject: CN=659bdf8e-56d1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:06:b8:14:13:d0:b8:43:6f:c7:8c:e3:bb:d5:
                    39:0b:ee:f6:dd:f0:e2:05:4b:0f:42:4a:09:9c:09:
                    ae:db:8d:1e:ba:95:3a:e7:db:61:93:36:23:ba:16:
                    c1:32:f5:25:d2:9f:77:9e:6b:03:20:ff:a8:5b:4c:
                    c8:b5:f6:32:57:e5:88:a1:c6:57:7e:a2:3d:c4:59:
                    51:da:37:47:a4:28:07:eb:8b:93:14:49:f7:51:9c:
                    db:d5:9f:21:a6:d8:bc:da:02:fe:6d:63:d6:00:82:
                    e8:58:34:d3:89:46:06:a5:82:cd:20:b5:52:4f:6d:
                    2b:66:f0:e9:d3:d8:fc:0a:39:18:34:09:1d:9e:fe:
                    f5:a1:51:83:cb:9d:d0:20:99:05:e1:56:fa:a5:9d:
                    43:7f:8f:da:f3:f0:15:92:30:58:db:c7:a3:e1:0f:
                    e0:da:cc:2c:9b:cc:04:2f:a0:70:a0:75:c0:20:a2:
                    71:19:7d:85:0e:d2:b3:8c:7f:92:c7:2d:a6:b2:1d:
                    08:7b:b3:1a:0a:e7:be:d1:9f:50:43:e3:66:4b:f9:
                    7d:b4:a9:d3:7f:f4:1f:04:87:42:2f:1e:77:8e:19:
                    07:f3:d1:88:2b:3f:d3:ab:93:a6:e9:00:db:03:eb:
                    10:98:58:e8:b5:d3:00:22:79:7b:95:e9:ad:c6:3c:
                    24:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:42:88:D1:31:9C:02:D7:80:DD:7D:2A:49:FF:9F:10:B5:7E:4E:00
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/F2B8C6F2AE1A11EE8D4AD799775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.236.90.0/24

    Signature Algorithm: sha256WithRSAEncryption
         ab:04:ed:c4:db:f0:02:46:21:e8:82:e8:06:ee:c5:a8:5d:96:
         1b:8a:57:66:c0:2b:9c:0c:55:72:22:e5:b2:c1:99:2e:25:45:
         a7:1d:45:0c:cb:84:da:41:f7:3c:58:a6:27:35:3c:bc:86:da:
         7d:4e:d9:2b:2a:d7:ab:e3:43:05:20:b1:2d:a4:dd:65:8a:96:
         4b:86:c5:92:fc:22:f5:8e:6c:c0:5e:a2:3f:46:c7:bd:27:a9:
         87:88:22:6d:0a:66:6d:a5:ab:3d:1b:8d:8a:ea:d0:40:52:7d:
         27:25:cc:86:ce:6b:48:2d:69:4a:6f:b6:2f:54:f9:f8:bf:65:
         f8:6d:a8:4a:ee:a2:ef:eb:09:53:1b:a4:bb:a0:9b:69:f4:2c:
         d0:ee:fa:01:30:3e:4c:00:79:32:43:a3:51:c6:25:9f:ee:8a:
         13:21:0e:f9:aa:73:1e:7a:8b:e0:5d:e4:58:d5:31:ea:4b:81:
         b4:bb:20:c0:fd:62:d6:ee:dd:3d:85:e4:38:bf:33:28:e4:aa:
         f7:c0:81:f3:be:d8:1e:67:58:46:f2:45:a4:1c:b3:c3:37:3f:
         96:27:17:78:27:54:07:b0:af:b3:82:5c:46:fa:e0:6f:a0:1e:
         52:e7:67:68:cb:83:9e:55:e3:3c:8c:a3:4d:ae:f6:71:80:57:
         8e:e1:6a:13
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICXrIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OEYyRDBBUjExMC8GA1UEBRMoNzk3RDg4RDgxM0UyMEZGRjk4MkNDNzQxOUU5NjlC
QUVBNkJGRDY5QjAeFw0yNDAxMDgxMTQyMDNaFw0yNTAxMTQxMTQyMDNaMBgxFjAU
BgNVBAMTDTY1OWJkZjhlLTU2ZDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDBrgUE9C4Q2/HjOO71TkL7vbd8OIFSw9CSgmcCa7bjR66lTrn22GTNiO6
FsEy9SXSn3eeawMg/6hbTMi19jJX5Yihxld+oj3EWVHaN0ekKAfri5MUSfdRnNvV
nyGm2LzaAv5tY9YAguhYNNOJRgalgs0gtVJPbStm8OnT2PwKORg0CR2e/vWhUYPL
ndAgmQXhVvqlnUN/j9rz8BWSMFjbx6PhD+DazCybzAQvoHCgdcAgonEZfYUO0rOM
f5LHLaayHQh7sxoK577Rn1BD42ZL+X20qdN/9B8Eh0IvHneOGQfz0YgrP9Ork6bp
ANsD6xCYWOi10wAieXuV6a3GPCSHAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUZUKI
0TGcAteA3X0qSf+fELV+TgAwHwYDVR0jBBgwFoAUeX2I2BPiD/+YLMdBnpabrqa/
1pswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVBMjI4L2VYMkky
QlBpRF8tWUxNZEJucGFicnFhXzFwcy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2VYMkkyQlBpRF8tWUxNZEJucGFicnFhXzFwcy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjhGMkQwLzkyRjg2RTFDNkUwNTExRThBMUI1ODU0QkY4QUVB
MjI4L0YyQjhDNkYyQUUxQTExRUU4RDRBRDc5OTc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACc7FowDQYJKoZIhvcNAQELBQAD
ggEBAKsE7cTb8AJGIeiC6AbuxahdlhuKV2bAK5wMVXIi5bLBmS4lRacdRQzLhNpB
9zxYpic1PLyG2n1O2Ssq16vjQwUgsS2k3WWKlkuGxZL8IvWObMBeoj9Gx70nqYeI
Im0KZm2lqz0bjYrq0EBSfSclzIbOa0gtaUpvti9U+fi/ZfhtqEruou/rCVMbpLug
m2n0LNDu+gEwPkwAeTJDo1HGJZ/uihMhDvmqcx56i+Bd5FjVMepLgbS7IMD9Ytbu
3T2F5Di/MyjkqvfAgfO+2B5nWEbyRaQcs8M3P5YnF3gnVAewr7OCXEb64G+gHlLn
Z2jLg55V4zyMo02u9nGAV47hahM=
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:05:54 2024 by rpki-client on console-fra.rpki-client.org