Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A2F84/935BF350EEAF11EB91CC6D2AD8A014CE/5F04C4C62D9B11ECA647564FD8A014CE.roa
File:                     5F04C4C62D9B11ECA647564FD8A014CE.roa (raw, json)
Hash identifier:          zW0DV4hdw90fXmQHrES0qIG730a3Er4NWHsJMqXehd8=
Subject key identifier:   C8:89:79:9D:F5:D4:D8:16:15:CF:C6:A2:59:2F:90:3A:88:26:EE:11
Certificate issuer:       /CN=F36A2F84AR/serialNumber=DCC3D6736DEF8E69B176C2E3808EA8406A5EB4A1
Certificate serial:       59
Authority key identifier: DC:C3:D6:73:6D:EF:8E:69:B1:76:C2:E3:80:8E:A8:40:6A:5E:B4:A1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/3MPWc23vjmmxdsLjgI6oQGpetKE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A2F84/935BF350EEAF11EB91CC6D2AD8A014CE/5F04C4C62D9B11ECA647564FD8A014CE.roa
Signing time:             Fri 15 Oct 2021 09:36:28 +0000
ROA not before:           Fri 15 Oct 2021 09:36:24 +0000
ROA not after:            Sun 15 Oct 2028 09:36:24 +0000
asID:                     198949
IP address blocks:        156.0.80.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A2F84/935BF350EEAF11EB91CC6D2AD8A014CE/3MPWc23vjmmxdsLjgI6oQGpetKE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A2F84/935BF350EEAF11EB91CC6D2AD8A014CE/3MPWc23vjmmxdsLjgI6oQGpetKE.mft
                          rsync://rpki.afrinic.net/repository/arin/3MPWc23vjmmxdsLjgI6oQGpetKE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 31 Mar 2024 00:16:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 89 (0x59)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A2F84AR/serialNumber=DCC3D6736DEF8E69B176C2E3808EA8406A5EB4A1
        Validity
            Not Before: Oct 15 09:36:24 2021 GMT
            Not After : Oct 15 09:36:24 2028 GMT
        Subject: CN=61694b9c-9fda
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:f3:6c:27:88:70:b4:97:df:b8:ef:82:a6:a1:
                    ac:ed:ac:11:28:5b:4b:f6:5d:d4:77:13:24:5c:2b:
                    41:36:06:43:fc:c7:fa:d6:0f:75:80:00:7e:34:91:
                    98:b6:47:83:39:1d:8b:b8:74:cd:cb:eb:b8:24:82:
                    93:0a:a5:74:59:8a:77:d8:14:2b:a4:64:28:56:d4:
                    09:ee:25:bc:8f:f0:eb:c8:5d:47:51:9d:3f:f4:8e:
                    b9:4d:20:82:34:29:15:90:5b:ad:77:1d:f2:48:85:
                    cb:4b:3d:7f:dc:2f:bc:3a:a0:fd:96:c8:1e:33:16:
                    fa:68:8d:7c:36:66:57:86:44:ae:3b:84:f2:af:9c:
                    41:5e:48:8c:1e:12:7e:9b:1c:91:a3:05:4c:4b:e6:
                    4d:82:6b:74:d6:b1:ad:9b:02:7f:c8:6b:cf:17:45:
                    03:e7:37:4b:5b:8d:09:c2:fa:d9:b9:2b:1c:41:8d:
                    98:d5:04:a8:72:7f:a3:40:a9:a7:ba:9e:8d:d2:a3:
                    d4:aa:ad:40:31:7e:f5:bc:5a:d5:d4:a4:be:0e:1f:
                    36:9c:84:ef:53:4d:e0:45:ea:88:72:e9:71:d7:c6:
                    b2:aa:f1:56:93:68:ac:00:60:9f:f3:22:e8:e2:ca:
                    57:a4:da:86:45:36:a0:e5:0a:95:86:d1:86:79:65:
                    1e:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C8:89:79:9D:F5:D4:D8:16:15:CF:C6:A2:59:2F:90:3A:88:26:EE:11
            X509v3 Authority Key Identifier:
                keyid:DC:C3:D6:73:6D:EF:8E:69:B1:76:C2:E3:80:8E:A8:40:6A:5E:B4:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2F84/935BF350EEAF11EB91CC6D2AD8A014CE/3MPWc23vjmmxdsLjgI6oQGpetKE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/3MPWc23vjmmxdsLjgI6oQGpetKE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A2F84/935BF350EEAF11EB91CC6D2AD8A014CE/5F04C4C62D9B11ECA647564FD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  156.0.80.0/22

    Signature Algorithm: sha256WithRSAEncryption
         24:39:3e:95:63:6a:58:19:a4:30:a5:2d:15:f9:76:3b:c4:3a:
         c0:8b:5c:fe:b9:70:1d:fc:f3:4f:7c:4d:bc:f2:cd:44:b2:3d:
         95:78:e7:c6:bd:7c:b4:d3:72:32:60:df:c7:0c:49:fc:fc:c9:
         2a:8b:36:5f:ff:2c:07:b7:01:b9:04:a0:21:6e:ef:63:d3:13:
         9a:71:56:9e:4f:12:f0:71:cd:7a:c6:56:6a:13:f6:a5:7c:14:
         9c:08:48:3b:69:b8:41:13:95:98:d9:30:14:9a:b2:b5:bc:fc:
         e1:2f:f8:88:96:d0:15:a1:e2:0f:42:6a:ee:e2:a9:65:fe:19:
         b1:20:54:ea:0a:49:ba:41:4d:d4:e3:23:e5:cf:da:a3:4f:6e:
         41:94:49:1a:a8:4b:65:11:6a:62:2f:b1:99:40:a0:14:47:3a:
         f1:5a:82:0d:f7:f3:74:e1:14:c1:1e:a6:91:72:4e:6c:c2:27:
         85:2d:50:36:25:72:2d:df:63:7a:67:26:97:19:c6:dc:ae:bc:
         a1:1a:26:1f:5b:ac:68:19:ed:8a:b7:39:8d:50:a3:68:36:bc:
         50:cb:f9:45:03:de:f0:1c:eb:23:d9:b1:70:8a:ab:8b:4b:c3:
         ed:6c:50:80:f6:67:66:2b:7d:48:a1:99:c5:03:c2:b4:09:da:
         77:34:fb:a9
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBWTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZB
MkY4NEFSMTEwLwYDVQQFEyhEQ0MzRDY3MzZERUY4RTY5QjE3NkMyRTM4MDhFQTg0
MDZBNUVCNEExMB4XDTIxMTAxNTA5MzYyNFoXDTI4MTAxNTA5MzYyNFowGDEWMBQG
A1UEAwwNNjE2OTRiOWMtOWZkYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjzbCeIcLSX37jvgqahrO2sEShbS/Zd1HcTJFwrQTYGQ/zH+tYPdYAAfjSR
mLZHgzkdi7h0zcvruCSCkwqldFmKd9gUK6RkKFbUCe4lvI/w68hdR1GdP/SOuU0g
gjQpFZBbrXcd8kiFy0s9f9wvvDqg/ZbIHjMW+miNfDZmV4ZErjuE8q+cQV5IjB4S
fpsckaMFTEvmTYJrdNaxrZsCf8hrzxdFA+c3S1uNCcL62bkrHEGNmNUEqHJ/o0Cp
p7qejdKj1KqtQDF+9bxa1dSkvg4fNpyE71NN4EXqiHLpcdfGsqrxVpNorABgn/Mi
6OLKV6TahkU2oOUKlYbRhnllHn0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTIiXmd
9dTYFhXPxqJZL5A6iCbuETAfBgNVHSMEGDAWgBTcw9Zzbe+OabF2wuOAjqhAal60
oTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QTJGODQvOTM1QkYzNTBFRUFGMTFFQjkxQ0M2RDJBRDhBMDE0Q0UvM01QV2My
M3ZqbW14ZHNMamdJNm9RR3BldEtFLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
M01QV2MyM3ZqbW14ZHNMamdJNm9RR3BldEtFLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QTJGODQvOTM1QkYzNTBFRUFGMTFFQjkxQ0M2RDJBRDhBMDE0
Q0UvNUYwNEM0QzYyRDlCMTFFQ0E2NDc1NjRGRDhBMDE0Q0Uucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApwAUDANBgkqhkiG9w0BAQsFAAOC
AQEAJDk+lWNqWBmkMKUtFfl2O8Q6wItc/rlwHfzzT3xNvPLNRLI9lXjnxr18tNNy
MmDfxwxJ/PzJKos2X/8sB7cBuQSgIW7vY9MTmnFWnk8S8HHNesZWahP2pXwUnAhI
O2m4QROVmNkwFJqytbz84S/4iJbQFaHiD0Jq7uKpZf4ZsSBU6gpJukFN1OMj5c/a
o09uQZRJGqhLZRFqYi+xmUCgFEc68VqCDffzdOEUwR6mkXJObMInhS1QNiVyLd9j
emcmlxnG3K68oRomH1usaBntirc5jVCjaDa8UMv5RQPe8BzrI9mxcIqri0vD7WxQ
gPZnZit9SKGZxQPCtAnadzT7qQ==
-----END CERTIFICATE-----
Generated at Fri Mar 29 02:39:19 2024 by rpki-client on console-fra.rpki-client.org