Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/702D9C2ACF1811EE9C5CF75D775412E6.roa
File:                     702D9C2ACF1811EE9C5CF75D775412E6.roa (raw, json)
Hash identifier:          XzsRw0+IeQTUDS6cZPKkg2vl+y5JacnZmeCymlZ679E=
Subject key identifier:   46:84:43:2E:9C:A3:C1:9B:D0:D0:78:92:3E:F2:A4:12:6D:CA:D4:5D
Certificate issuer:       /CN=F369591CAR/serialNumber=0728C9B8455C65977FA30987DE4941DF018C651C
Certificate serial:       0171
Authority key identifier: 07:28:C9:B8:45:5C:65:97:7F:A3:09:87:DE:49:41:DF:01:8C:65:1C
Authority info access:    rsync://rpki.afrinic.net/repository/arin/ByjJuEVcZZd_owmH3klB3wGMZRw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/702D9C2ACF1811EE9C5CF75D775412E6.roa
Signing time:             Mon 19 Feb 2024 11:17:16 +0000
ROA not before:           Mon 19 Feb 2024 11:17:13 +0000
ROA not after:            Thu 19 Feb 2026 11:17:13 +0000
asID:                     15964
IP address blocks:        165.211.27.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/ByjJuEVcZZd_owmH3klB3wGMZRw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/ByjJuEVcZZd_owmH3klB3wGMZRw.mft
                          rsync://rpki.afrinic.net/repository/arin/ByjJuEVcZZd_owmH3klB3wGMZRw.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 369 (0x171)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F369591CAR/serialNumber=0728C9B8455C65977FA30987DE4941DF018C651C
        Validity
            Not Before: Feb 19 11:17:13 2024 GMT
            Not After : Feb 19 11:17:13 2026 GMT
        Subject: CN=65d338bc-7d5f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:e3:09:ab:44:c9:6f:e4:91:30:78:73:31:e8:
                    cb:53:31:88:d5:7f:a1:80:f7:62:d4:89:e6:db:2c:
                    b2:dc:50:b7:7d:f7:68:74:22:ad:7b:71:5d:77:da:
                    60:ff:bf:12:51:76:dd:13:81:c9:0c:da:b7:fe:ca:
                    cd:50:09:b9:54:70:76:d1:89:58:ca:3c:2b:56:38:
                    44:1e:99:27:35:9d:bb:df:e4:eb:d6:b2:70:24:5a:
                    14:32:0c:ee:bc:ff:ac:c4:e8:f8:d1:eb:76:f3:83:
                    80:3a:67:9c:58:76:ad:76:ae:73:ad:76:9d:de:74:
                    1e:4a:ec:d8:da:89:94:8a:05:c1:69:1e:20:1c:0e:
                    4c:84:1a:3b:9f:d6:89:b7:10:48:ac:89:48:2c:92:
                    1b:09:2a:92:d3:78:f1:7b:ba:56:20:99:1b:a6:cb:
                    f5:20:09:c6:81:a6:72:de:f4:f9:23:23:5e:f0:ee:
                    bd:e1:fb:c6:3c:d3:1d:e4:9c:45:e9:28:88:ea:ec:
                    ad:2a:cb:ff:34:6e:1e:1c:da:16:67:8a:0b:c4:0f:
                    84:bb:60:2f:c9:29:3a:35:a2:3e:64:c2:64:22:cb:
                    83:12:8c:e6:1e:ca:9a:79:62:f8:09:48:ce:c7:0f:
                    ac:ff:32:89:ed:23:b4:e8:3b:c1:fe:b0:6c:14:5c:
                    3f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:84:43:2E:9C:A3:C1:9B:D0:D0:78:92:3E:F2:A4:12:6D:CA:D4:5D
            X509v3 Authority Key Identifier:
                keyid:07:28:C9:B8:45:5C:65:97:7F:A3:09:87:DE:49:41:DF:01:8C:65:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/ByjJuEVcZZd_owmH3klB3wGMZRw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/ByjJuEVcZZd_owmH3klB3wGMZRw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F369591C/4D92EC26C24711EDBF9323A0F1222468/702D9C2ACF1811EE9C5CF75D775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.211.27.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:7d:71:2f:e2:49:5b:53:66:a0:05:8f:6a:ed:18:84:c8:91:
         22:3c:ad:3f:c0:b3:3d:c9:58:73:f4:72:63:0f:ca:f3:ce:98:
         e1:a0:2d:cc:24:51:6f:d5:40:09:28:a7:4e:e1:75:22:ab:67:
         2c:08:80:79:69:01:b0:46:99:97:6d:37:88:4a:02:90:57:4a:
         94:c7:26:e6:85:7a:98:c6:19:fc:83:4e:90:0a:f8:7d:fc:d5:
         1b:84:8a:89:99:37:cd:13:39:b7:4b:e3:9c:b6:e8:a0:b1:a6:
         a8:2c:f8:a3:f8:c4:35:ef:0f:79:a0:82:2a:26:9e:29:11:cc:
         b5:81:60:d4:b7:1f:13:d8:71:fd:e9:60:eb:32:d1:7c:67:7a:
         f9:3f:49:1e:46:9a:70:cf:8e:ef:c7:d5:08:a0:fa:ac:20:36:
         5c:d0:ec:06:fc:20:3a:67:5d:f7:04:af:14:c4:dc:9f:a1:9b:
         09:00:0f:5e:de:e9:f5:12:0b:1e:66:3a:89:b7:26:16:d3:9e:
         9b:6e:40:7e:d0:c5:d0:a7:e6:31:e2:f0:93:04:40:38:15:f4:
         60:76:d0:da:1f:6f:f2:e3:9a:cb:b7:46:71:c9:77:38:a9:73:
         42:83:5b:dd:ea:bf:18:8b:d4:92:dc:a1:13:59:67:a7:37:a6:
         4c:b6:0c:ec
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAXEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
OTU5MUNBUjExMC8GA1UEBRMoMDcyOEM5Qjg0NTVDNjU5NzdGQTMwOTg3REU0OTQx
REYwMThDNjUxQzAeFw0yNDAyMTkxMTE3MTNaFw0yNjAyMTkxMTE3MTNaMBgxFjAU
BgNVBAMTDTY1ZDMzOGJjLTdkNWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCc4wmrRMlv5JEweHMx6MtTMYjVf6GA92LUiebbLLLcULd992h0Iq17cV13
2mD/vxJRdt0TgckM2rf+ys1QCblUcHbRiVjKPCtWOEQemSc1nbvf5OvWsnAkWhQy
DO68/6zE6PjR63bzg4A6Z5xYdq12rnOtdp3edB5K7NjaiZSKBcFpHiAcDkyEGjuf
1om3EEisiUgskhsJKpLTePF7ulYgmRumy/UgCcaBpnLe9PkjI17w7r3h+8Y80x3k
nEXpKIjq7K0qy/80bh4c2hZnigvED4S7YC/JKTo1oj5kwmQiy4MSjOYeypp5YvgJ
SM7HD6z/MontI7ToO8H+sGwUXD/HAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQURoRD
LpyjwZvQ0HiSPvKkEm3K1F0wHwYDVR0jBBgwFoAUByjJuEVcZZd/owmH3klB3wGM
ZRwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjk1OTFDLzREOTJFQzI2QzI0NzExRURCRjkzMjNBMEYxMjIyNDY4L0J5akp1
RVZjWlpkX293bUgza2xCM3dHTVpSdy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0J5akp1RVZjWlpkX293bUgza2xCM3dHTVpSdy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjk1OTFDLzREOTJFQzI2QzI0NzExRURCRjkzMjNBMEYxMjIy
NDY4LzcwMkQ5QzJBQ0YxODExRUU5QzVDRjc1RDc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACl0xswDQYJKoZIhvcNAQELBQAD
ggEBADF9cS/iSVtTZqAFj2rtGITIkSI8rT/Asz3JWHP0cmMPyvPOmOGgLcwkUW/V
QAkop07hdSKrZywIgHlpAbBGmZdtN4hKApBXSpTHJuaFepjGGfyDTpAK+H381RuE
iomZN80TObdL45y26KCxpqgs+KP4xDXvD3mggiomnikRzLWBYNS3HxPYcf3pYOsy
0Xxnevk/SR5GmnDPju/H1Qig+qwgNlzQ7Ab8IDpnXfcErxTE3J+hmwkAD17e6fUS
Cx5mOom3JhbTnptuQH7QxdCn5jHi8JMEQDgV9GB20Nofb/Ljmsu3RnHJdzipc0KD
W93qvxiL1JLcoRNZZ6c3pky2DOw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:14 2024 by rpki-client on console-ams.rpki-client.org