Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36A6DD7/C78ADCDCB39111E9A09E150DF8AEA228/D7409E00E27711ED8A33AE0F306D8C1D.roa
File:                     D7409E00E27711ED8A33AE0F306D8C1D.roa (raw, json)
Hash identifier:          IA+2mHaUCWtDdjUh4+MPawV1LPtL1a1CrRucRvT62Jc=
Subject key identifier:   17:F5:BB:6F:FD:41:1E:4A:0F:65:2D:68:38:FC:0D:EB:76:5C:B1:0B
Certificate issuer:       /CN=F36A6DD7AR/serialNumber=0A876CA1413541E767B504B33F3349F4283152B2
Certificate serial:       0575
Authority key identifier: 0A:87:6C:A1:41:35:41:E7:67:B5:04:B3:3F:33:49:F4:28:31:52:B2
Authority info access:    rsync://rpki.afrinic.net/repository/arin/CodsoUE1QedntQSzPzNJ9CgxUrI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36A6DD7/C78ADCDCB39111E9A09E150DF8AEA228/D7409E00E27711ED8A33AE0F306D8C1D.roa
Signing time:             Mon 24 Apr 2023 08:13:06 +0000
ROA not before:           Mon 24 Apr 2023 08:13:02 +0000
ROA not after:            Mon 18 Apr 2033 08:13:02 +0000
asID:                     327767
IP address blocks:        165.16.206.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36A6DD7/C78ADCDCB39111E9A09E150DF8AEA228/CodsoUE1QedntQSzPzNJ9CgxUrI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36A6DD7/C78ADCDCB39111E9A09E150DF8AEA228/CodsoUE1QedntQSzPzNJ9CgxUrI.mft
                          rsync://rpki.afrinic.net/repository/arin/CodsoUE1QedntQSzPzNJ9CgxUrI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1397 (0x575)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36A6DD7AR/serialNumber=0A876CA1413541E767B504B33F3349F4283152B2
        Validity
            Not Before: Apr 24 08:13:02 2023 GMT
            Not After : Apr 18 08:13:02 2033 GMT
        Subject: CN=64463a12-a559
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:68:ec:3c:83:b0:1b:4e:8c:0c:5e:09:9c:bd:
                    c4:bc:ca:88:a3:ed:a4:69:0a:aa:9f:8b:69:77:b5:
                    de:7d:9b:47:a4:b6:df:df:fc:56:36:1d:09:7d:27:
                    2b:13:ae:de:f7:8c:6a:9f:e5:84:5d:a6:cb:7c:de:
                    21:37:bb:4f:f2:32:96:df:aa:87:8f:be:98:76:bb:
                    a3:80:af:f2:c5:ab:72:14:b4:11:97:60:9c:43:33:
                    98:f9:63:a6:91:45:6c:2a:f0:ec:6b:89:ed:ff:b5:
                    5b:5c:a6:d3:37:e3:c4:44:0a:41:64:9b:39:2c:c3:
                    4f:5b:15:5f:0e:d6:26:38:54:83:5e:0c:4d:45:24:
                    74:77:20:d8:95:89:09:0a:fb:09:a7:e7:0b:89:9d:
                    44:68:50:c9:7e:98:dc:98:c7:f3:35:55:cd:fa:c9:
                    0b:a3:94:a1:8a:15:70:55:e7:14:98:c8:61:8b:df:
                    fc:00:8d:72:27:79:41:19:75:63:f5:cc:09:3a:55:
                    21:86:77:ea:30:e3:94:e0:72:62:15:f1:f9:c0:46:
                    9a:a6:ad:24:42:64:f4:05:0e:34:c2:6f:cc:ff:8f:
                    a9:19:73:59:d6:23:cc:76:0a:87:89:da:7f:7f:38:
                    21:08:20:ae:61:d8:f8:f5:65:af:5e:8f:63:de:2a:
                    25:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:F5:BB:6F:FD:41:1E:4A:0F:65:2D:68:38:FC:0D:EB:76:5C:B1:0B
            X509v3 Authority Key Identifier:
                keyid:0A:87:6C:A1:41:35:41:E7:67:B5:04:B3:3F:33:49:F4:28:31:52:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36A6DD7/C78ADCDCB39111E9A09E150DF8AEA228/CodsoUE1QedntQSzPzNJ9CgxUrI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/CodsoUE1QedntQSzPzNJ9CgxUrI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36A6DD7/C78ADCDCB39111E9A09E150DF8AEA228/D7409E00E27711ED8A33AE0F306D8C1D.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.16.206.0/23

    Signature Algorithm: sha256WithRSAEncryption
         0b:36:a9:33:90:a7:50:78:35:7b:86:be:d8:4e:89:54:c9:d3:
         25:c6:30:8e:40:0b:62:e9:37:12:2c:b3:b9:1e:6e:15:df:4c:
         26:09:e3:6f:ed:8a:76:6e:4f:ea:36:9a:c1:c8:9d:5a:d4:73:
         c9:85:08:1b:ac:17:2a:82:12:e0:c4:f8:bd:c0:13:ab:65:82:
         82:f6:41:5b:8c:0f:12:09:82:b1:98:6f:c6:f0:1d:3a:67:7d:
         93:19:ae:1c:b9:aa:2d:cb:60:f4:6a:8f:f1:6c:2d:a3:46:ce:
         f4:01:db:2c:bb:20:b6:9c:ba:da:37:11:40:9b:82:3a:32:59:
         5c:06:a8:2c:9a:0d:9b:3c:ac:e8:4c:fc:b8:59:d6:63:58:e8:
         03:ae:ff:5b:d8:f4:56:5c:2b:8a:96:21:87:a3:a0:35:28:e1:
         c7:04:74:44:c6:74:16:f6:2e:2e:1e:9d:9e:e2:83:8c:50:3e:
         55:b0:9a:1f:29:45:8c:83:52:81:fb:a9:a6:45:7f:c5:bb:0e:
         94:cf:16:90:03:5d:3f:af:7b:be:80:dd:65:a1:9f:70:12:52:
         41:a3:f4:94:9b:fb:a3:17:c3:46:d0:6f:9f:7e:1d:8b:b4:d8:
         8d:eb:fd:1b:00:a1:2c:f3:f4:bb:21:6e:54:8b:ec:07:63:02:
         51:67:56:b9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBXUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QTZERDdBUjExMC8GA1UEBRMoMEE4NzZDQTE0MTM1NDFFNzY3QjUwNEIzM0YzMzQ5
RjQyODMxNTJCMjAeFw0yMzA0MjQwODEzMDJaFw0zMzA0MTgwODEzMDJaMBgxFjAU
BgNVBAMMDTY0NDYzYTEyLWE1NTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDTaOw8g7AbTowMXgmcvcS8yoij7aRpCqqfi2l3td59m0ektt/f/FY2HQl9
JysTrt73jGqf5YRdpst83iE3u0/yMpbfqoePvph2u6OAr/LFq3IUtBGXYJxDM5j5
Y6aRRWwq8Oxrie3/tVtcptM348RECkFkmzksw09bFV8O1iY4VINeDE1FJHR3INiV
iQkK+wmn5wuJnURoUMl+mNyYx/M1Vc36yQujlKGKFXBV5xSYyGGL3/wAjXIneUEZ
dWP1zAk6VSGGd+ow45TgcmIV8fnARpqmrSRCZPQFDjTCb8z/j6kZc1nWI8x2CoeJ
2n9/OCEIIK5h2Pj1Za9ej2PeKiVlAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUF/W7
b/1BHkoPZS1oOPwN63ZcsQswHwYDVR0jBBgwFoAUCodsoUE1QedntQSzPzNJ9Cgx
UrIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkE2REQ3L0M3OEFEQ0RDQjM5MTExRTlBMDlFMTUwREY4QUVBMjI4L0NvZHNv
VUUxUWVkbnRRU3pQek5KOUNneFVySS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0NvZHNvVUUxUWVkbnRRU3pQek5KOUNneFVySS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkE2REQ3L0M3OEFEQ0RDQjM5MTExRTlBMDlFMTUwREY4QUVB
MjI4L0Q3NDA5RTAwRTI3NzExRUQ4QTMzQUUwRjMwNkQ4QzFELnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAGlEM4wDQYJKoZIhvcNAQELBQAD
ggEBAAs2qTOQp1B4NXuGvthOiVTJ0yXGMI5AC2LpNxIss7kebhXfTCYJ42/tinZu
T+o2msHInVrUc8mFCBusFyqCEuDE+L3AE6tlgoL2QVuMDxIJgrGYb8bwHTpnfZMZ
rhy5qi3LYPRqj/FsLaNGzvQB2yy7ILacuto3EUCbgjoyWVwGqCyaDZs8rOhM/LhZ
1mNY6AOu/1vY9FZcK4qWIYejoDUo4ccEdETGdBb2Li4enZ7ig4xQPlWwmh8pRYyD
UoH7qaZFf8W7DpTPFpADXT+ve76A3WWhn3ASUkGj9JSb+6MXw0bQb59+HYu02I3r
/RsAoSzz9LshblSL7AdjAlFnVrk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:19 2024 by rpki-client on console-ams.rpki-client.org