Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB7A2A36141511EFAD45CB1C017001B1.roa
File:                     FB7A2A36141511EFAD45CB1C017001B1.roa (raw, json)
Hash identifier:          uqXPtKy+3S2SI3mWtx66N0N4JeTdxDlwVZPPi/q3BwI=
Subject key identifier:   7E:C6:70:F1:1C:4D:9E:A4:78:D3:B1:FE:B5:A8:19:1D:5F:8C:73:0F
Certificate issuer:       /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial:       8A95
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access:    rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB7A2A36141511EFAD45CB1C017001B1.roa
Signing time:             Fri 17 May 2024 06:23:32 +0000
ROA not before:           Fri 17 May 2024 06:23:27 +0000
ROA not after:            Mon 12 May 2025 06:23:27 +0000
asID:                     41095
IP address blocks:        156.253.184.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
                          rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:21:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 35477 (0x8a95)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
        Validity
            Not Before: May 17 06:23:27 2024 GMT
            Not After : May 12 06:23:27 2025 GMT
        Subject: CN=6646f7e4-e20f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:b9:38:4d:18:a9:9f:21:0d:e2:b8:2a:3a:0f:
                    d3:83:f1:78:ba:f7:c8:10:6b:7f:e7:a7:bd:27:1e:
                    4e:33:b6:c2:16:ce:84:f8:50:a3:cb:18:6e:36:9f:
                    31:40:15:15:09:9e:70:af:ee:a8:b5:ef:73:40:6d:
                    0d:54:8b:57:16:44:08:2e:f3:23:8b:8b:43:9b:71:
                    52:b9:d9:d0:78:a1:0c:49:e2:59:0f:0b:4c:1d:a4:
                    af:96:71:76:00:77:b7:45:6b:55:2c:3f:5c:48:1b:
                    1f:64:1f:51:45:ee:8f:bf:44:df:88:79:0d:95:b0:
                    fd:40:87:80:30:f7:59:5c:75:40:25:c1:6c:9c:9d:
                    ef:5a:1d:6a:e8:e5:b5:3e:2d:b3:5e:8e:c9:b0:f4:
                    ec:97:9c:1b:b2:af:24:9e:d9:71:39:b7:06:a3:9d:
                    81:19:04:df:f3:59:3d:b9:e3:8f:ac:04:f1:86:8a:
                    36:de:90:fc:08:da:a6:06:1f:0d:ef:e6:1b:7a:86:
                    f3:b1:f2:18:cc:0c:8c:da:a7:88:68:bc:bd:90:fd:
                    e5:9f:ec:53:2d:ee:85:ac:ba:1e:3d:8a:e4:19:0d:
                    65:93:30:dc:0c:a5:7e:19:0a:b5:e4:cd:23:70:ba:
                    8f:4c:11:ea:82:9f:dd:19:59:06:c7:3b:b1:fd:e6:
                    d3:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:C6:70:F1:1C:4D:9E:A4:78:D3:B1:FE:B5:A8:19:1D:5F:8C:73:0F
            X509v3 Authority Key Identifier:
                keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/FB7A2A36141511EFAD45CB1C017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.253.184.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:9a:4b:c5:40:9a:a7:29:45:99:e9:17:17:7f:a6:35:f4:b9:
         02:32:d5:f8:12:2d:c5:6f:ad:08:b8:8f:4d:73:f5:94:f2:3e:
         c9:d8:53:ff:af:0d:79:56:2f:4b:80:69:07:d1:7a:00:82:72:
         7d:61:d1:7b:46:5d:20:53:a5:d6:81:0f:ac:60:b5:82:14:11:
         71:af:2f:3e:bf:80:40:85:26:40:9b:7c:81:1e:da:74:1f:1b:
         79:5a:59:80:fc:52:83:3e:9c:fd:82:2a:21:30:7c:6c:31:1a:
         7f:21:f2:b1:2e:44:21:dd:c4:70:6e:11:1e:47:56:04:04:42:
         2d:ad:f2:4f:2c:bb:f1:89:fb:69:5b:af:11:e8:f2:4c:50:74:
         57:d6:47:13:16:c1:c0:28:07:c5:85:d4:00:92:69:ff:08:84:
         14:20:83:ed:5d:39:d0:64:ed:7e:04:fe:2b:c5:9e:3e:14:64:
         e3:de:9a:97:c9:2d:bc:ec:fc:9e:f5:68:b1:cd:64:f2:ec:14:
         69:11:be:ce:50:c3:45:dc:9a:25:d0:e9:0d:bd:c0:cb:dc:d4:
         25:64:46:b2:c8:62:63:9f:7e:49:26:0b:ee:65:33:cc:15:af:
         70:1d:92:12:78:33:c0:8e:c1:69:75:6f:e1:4e:70:67:5a:6a:
         6b:f3:35:d9
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAIqVMA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjQwNTE3MDYyMzI3WhcNMjUwNTEyMDYyMzI3WjAYMRYw
FAYDVQQDEw02NjQ2ZjdlNC1lMjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEA1rk4TRipnyEN4rgqOg/Tg/F4uvfIEGt/56e9Jx5OM7bCFs6E+FCjyxhu
Np8xQBUVCZ5wr+6ote9zQG0NVItXFkQILvMji4tDm3FSudnQeKEMSeJZDwtMHaSv
lnF2AHe3RWtVLD9cSBsfZB9RRe6Pv0TfiHkNlbD9QIeAMPdZXHVAJcFsnJ3vWh1q
6OW1Pi2zXo7JsPTsl5wbsq8kntlxObcGo52BGQTf81k9ueOPrATxhoo23pD8CNqm
Bh8N7+YbeobzsfIYzAyM2qeIaLy9kP3ln+xTLe6FrLoePYrkGQ1lkzDcDKV+GQq1
5M0jcLqPTBHqgp/dGVkGxzux/ebTVwIDAQABo4ICojCCAp4wHQYDVR0OBBYEFH7G
cPEcTZ6keNOx/rWoGR1fjHMPMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC9GQjdBMkEzNjE0MTUxMUVGQUQ0NUNCMUMwMTcwMDFCMS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBnP24MA0GCSqGSIb3DQEBCwUA
A4IBAQAgmkvFQJqnKUWZ6RcXf6Y19LkCMtX4Ei3Fb60IuI9Nc/WU8j7J2FP/rw15
Vi9LgGkH0XoAgnJ9YdF7Rl0gU6XWgQ+sYLWCFBFxry8+v4BAhSZAm3yBHtp0Hxt5
WlmA/FKDPpz9giohMHxsMRp/IfKxLkQh3cRwbhEeR1YEBEItrfJPLLvxiftpW68R
6PJMUHRX1kcTFsHAKAfFhdQAkmn/CIQUIIPtXTnQZO1+BP4rxZ4+FGTj3pqXyS28
7Pye9WixzWTy7BRpEb7OUMNF3Jol0OkNvcDL3NQlZEayyGJjn35JJgvuZTPMFa9w
HZISeDPAjsFpdW/hTnBnWmpr8zXZ
-----END CERTIFICATE-----
Generated at Thu Nov 21 11:10:58 2024 by rpki-client on console-ams.rpki-client.org