Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36AAA81/AC4909664F2311EFBC1B5FB6762E951A/9332D32C4F2711EFB507C957762E951A.roa
File:                     9332D32C4F2711EFB507C957762E951A.roa (raw, json)
Hash identifier:          2ybztHVH455mMLt1mvHJT39Eb3nDdxIvYP8W5gACmhE=
Subject key identifier:   A2:81:C8:3F:A8:10:47:3A:8C:5E:33:08:64:5F:01:BF:8D:4A:95:7A
Certificate issuer:       /CN=F36AAA81AR/serialNumber=56E67764617586CEA1DFC6BB4275B716E70FADBA
Certificate serial:       02
Authority key identifier: 56:E6:77:64:61:75:86:CE:A1:DF:C6:BB:42:75:B7:16:E7:0F:AD:BA
Authority info access:    rsync://rpki.afrinic.net/repository/arin/VuZ3ZGF1hs6h38a7QnW3FucPrbo.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36AAA81/AC4909664F2311EFBC1B5FB6762E951A/9332D32C4F2711EFB507C957762E951A.roa
Signing time:             Wed 31 Jul 2024 10:28:06 +0000
ROA not before:           Thu 01 Aug 2024 10:28:03 +0000
ROA not after:            Tue 30 Jul 2030 10:28:03 +0000
asID:                     14988
IP address blocks:        168.167.0.0/16 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36AAA81/AC4909664F2311EFBC1B5FB6762E951A/VuZ3ZGF1hs6h38a7QnW3FucPrbo.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36AAA81/AC4909664F2311EFBC1B5FB6762E951A/VuZ3ZGF1hs6h38a7QnW3FucPrbo.mft
                          rsync://rpki.afrinic.net/repository/arin/VuZ3ZGF1hs6h38a7QnW3FucPrbo.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36AAA81AR/serialNumber=56E67764617586CEA1DFC6BB4275B716E70FADBA
        Validity
            Not Before: Aug  1 10:28:03 2024 GMT
            Not After : Jul 30 10:28:03 2030 GMT
        Subject: CN=66aa11b6-ee13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:00:b0:b1:d6:d7:53:fb:40:32:e1:92:d9:22:
                    f9:04:6d:cc:40:f2:7d:1c:c2:00:dd:a4:87:ed:14:
                    f4:77:5c:bf:78:a3:36:b0:e4:79:46:72:ee:b7:f4:
                    aa:e9:2d:bd:9b:b4:21:ac:d2:86:ef:2f:49:7b:4d:
                    6a:be:50:bd:52:7c:f0:90:c2:97:91:87:97:e3:3f:
                    5c:60:e6:9f:26:f3:13:2b:30:59:b4:bc:23:c9:45:
                    1f:45:62:2d:fc:77:21:98:b6:67:05:78:f7:63:5e:
                    13:10:65:ed:05:c4:b8:b2:a8:bb:11:7c:4f:39:ac:
                    bf:ba:d7:a6:22:c4:43:bf:9c:29:d9:b1:b7:2a:4a:
                    a8:e1:41:84:02:3d:e5:49:ff:13:10:38:53:7b:71:
                    6a:2b:5d:9e:d1:7a:7e:0c:e1:ca:60:43:0c:58:bb:
                    ee:75:0e:44:84:46:48:1d:e4:15:04:58:6f:2f:7d:
                    57:a1:74:58:b3:79:9d:28:56:63:77:a3:b3:6a:9c:
                    10:ff:6f:55:e6:8e:d8:93:51:3b:5b:2c:18:cc:43:
                    33:82:9b:00:4b:c6:4b:53:15:94:20:d2:60:fa:b2:
                    98:7c:98:0e:1c:07:41:23:a9:e9:e1:0b:33:7c:a7:
                    ce:56:82:95:f0:22:2f:e8:c9:0e:3d:b2:da:40:ec:
                    96:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:81:C8:3F:A8:10:47:3A:8C:5E:33:08:64:5F:01:BF:8D:4A:95:7A
            X509v3 Authority Key Identifier:
                keyid:56:E6:77:64:61:75:86:CE:A1:DF:C6:BB:42:75:B7:16:E7:0F:AD:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36AAA81/AC4909664F2311EFBC1B5FB6762E951A/VuZ3ZGF1hs6h38a7QnW3FucPrbo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/VuZ3ZGF1hs6h38a7QnW3FucPrbo.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36AAA81/AC4909664F2311EFBC1B5FB6762E951A/9332D32C4F2711EFB507C957762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.167.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         05:42:97:a3:37:dc:2e:73:7f:33:66:d9:7c:8b:09:2e:88:f0:
         87:fd:42:be:e3:c4:3c:13:bf:2c:59:70:da:c2:54:cd:89:1e:
         a4:7a:b2:c5:3f:32:45:39:b8:92:9a:b3:23:88:c2:40:32:94:
         7a:db:ec:b3:70:39:fd:fa:95:be:14:8c:b7:d4:97:ee:52:a1:
         fe:3e:35:f2:37:6e:90:c6:d7:16:78:e7:ce:84:24:7e:59:0e:
         c2:69:ae:58:d0:e1:df:61:a9:a0:9c:1d:e3:d8:5b:ce:a3:8e:
         82:53:de:6f:93:7f:e1:48:83:0a:b0:87:41:9e:36:fe:d2:83:
         3b:70:57:6a:6d:03:02:b7:b3:f3:1c:1d:b7:75:21:36:33:49:
         60:bf:5d:ec:70:4e:fb:d9:05:7a:24:dd:a2:33:9a:60:4f:ae:
         3d:e5:9a:ef:7b:0a:d5:d4:d3:92:19:26:de:74:e0:60:80:86:
         92:70:41:35:fc:6b:5b:62:43:f1:6e:ff:d8:60:15:16:95:c9:
         95:64:e0:48:51:ae:54:2b:67:42:11:1a:03:87:90:6e:2c:2f:
         82:6d:93:2c:27:1e:ef:94:c6:77:c5:c1:66:10:d8:5a:97:e7:
         8d:d6:4a:4f:df:d4:22:70:be:1f:b2:c8:01:55:ed:3a:b8:50:
         48:40:6f:da
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzZB
QUE4MUFSMTEwLwYDVQQFEyg1NkU2Nzc2NDYxNzU4NkNFQTFERkM2QkI0Mjc1Qjcx
NkU3MEZBREJBMB4XDTI0MDgwMTEwMjgwM1oXDTMwMDczMDEwMjgwM1owGDEWMBQG
A1UEAxMNNjZhYTExYjYtZWUxMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwAsLHW11P7QDLhktki+QRtzEDyfRzCAN2kh+0U9Hdcv3ijNrDkeUZy7rf0
quktvZu0IazShu8vSXtNar5QvVJ88JDCl5GHl+M/XGDmnybzEyswWbS8I8lFH0Vi
Lfx3IZi2ZwV492NeExBl7QXEuLKouxF8Tzmsv7rXpiLEQ7+cKdmxtypKqOFBhAI9
5Un/ExA4U3txaitdntF6fgzhymBDDFi77nUORIRGSB3kFQRYby99V6F0WLN5nShW
Y3ejs2qcEP9vVeaO2JNRO1ssGMxDM4KbAEvGS1MVlCDSYPqymHyYDhwHQSOp6eEL
M3ynzlaClfAiL+jJDj2y2kDslnECAwEAAaOCAqEwggKdMB0GA1UdDgQWBBSigcg/
qBBHOoxeMwhkXwG/jUqVejAfBgNVHSMEGDAWgBRW5ndkYXWGzqHfxrtCdbcW5w+t
ujAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QUFBODEvQUM0OTA5NjY0RjIzMTFFRkJDMUI1RkI2NzYyRTk1MUEvVnVaM1pH
RjFoczZoMzhhN1FuVzNGdWNQcmJvLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
VnVaM1pHRjFoczZoMzhhN1FuVzNGdWNQcmJvLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QUFBODEvQUM0OTA5NjY0RjIzMTFFRkJDMUI1RkI2NzYyRTk1
MUEvOTMzMkQzMkM0RjI3MTFFRkI1MDdDOTU3NzYyRTk1MUEucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAKinMA0GCSqGSIb3DQEBCwUAA4IB
AQAFQpejN9wuc38zZtl8iwkuiPCH/UK+48Q8E78sWXDawlTNiR6kerLFPzJFObiS
mrMjiMJAMpR62+yzcDn9+pW+FIy31JfuUqH+PjXyN26QxtcWeOfOhCR+WQ7Caa5Y
0OHfYamgnB3j2FvOo46CU95vk3/hSIMKsIdBnjb+0oM7cFdqbQMCt7PzHB23dSE2
M0lgv13scE772QV6JN2iM5pgT6495ZrvewrV1NOSGSbedOBggIaScEE1/GtbYkPx
bv/YYBUWlcmVZOBIUa5UK2dCERoDh5BuLC+CbZMsJx7vlMZ3xcFmENhal+eN1kpP
39QicL4fssgBVe06uFBIQG/a
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:20 2024 by rpki-client on console-ams.rpki-client.org