Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36B9F4B/742037808DE011E993171A33F8AEA228/347E4736EB1411EC95BC2BAFF1222468.roa
File:                     347E4736EB1411EC95BC2BAFF1222468.roa (raw, json)
Hash identifier:          0ehR536EEAbqEmS+jcsiRPXOHdaag/TsIVJywieuhA4=
Subject key identifier:   96:CF:68:25:6B:01:96:D7:A1:06:36:F6:43:5D:09:8D:96:17:14:79
Certificate issuer:       /CN=F36B9F4BAR/serialNumber=7B4E00490D40841240B3A676B6E328A6EFD0FDA2
Certificate serial:       0466
Authority key identifier: 7B:4E:00:49:0D:40:84:12:40:B3:A6:76:B6:E3:28:A6:EF:D0:FD:A2
Authority info access:    rsync://rpki.afrinic.net/repository/arin/e04ASQ1AhBJAs6Z2tuMopu_Q_aI.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/742037808DE011E993171A33F8AEA228/347E4736EB1411EC95BC2BAFF1222468.roa
Signing time:             Mon 13 Jun 2022 12:27:35 +0000
ROA not before:           Mon 13 Jun 2022 12:27:32 +0000
ROA not after:            Fri 11 Jun 2032 12:27:32 +0000
asID:                     2018
IP address blocks:        192.96.94.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/742037808DE011E993171A33F8AEA228/e04ASQ1AhBJAs6Z2tuMopu_Q_aI.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/742037808DE011E993171A33F8AEA228/e04ASQ1AhBJAs6Z2tuMopu_Q_aI.mft
                          rsync://rpki.afrinic.net/repository/arin/e04ASQ1AhBJAs6Z2tuMopu_Q_aI.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1126 (0x466)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36B9F4BAR/serialNumber=7B4E00490D40841240B3A676B6E328A6EFD0FDA2
        Validity
            Not Before: Jun 13 12:27:32 2022 GMT
            Not After : Jun 11 12:27:32 2032 GMT
        Subject: CN=62a72d37-f91b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:8e:19:ad:86:1c:f4:4b:41:42:f3:4b:84:b6:
                    61:53:a5:e1:dd:95:8f:f4:3f:1d:bb:ad:79:0d:f7:
                    ee:04:ab:f4:e4:02:90:b3:6e:17:8c:6e:25:e9:08:
                    75:ba:56:9a:6a:16:56:0f:11:ab:fb:88:15:ae:48:
                    4f:41:2f:bd:a2:70:4b:66:d9:ae:e5:a9:4e:67:32:
                    32:54:96:7c:15:d0:62:f7:c0:29:a5:74:41:85:dc:
                    61:13:b8:ee:bb:96:0c:09:a8:f9:e2:9b:04:05:35:
                    78:28:6d:6e:02:fa:2d:bf:3d:44:fd:0e:d5:3d:f9:
                    e8:73:58:90:bd:3f:5c:75:00:11:6c:aa:ab:5e:81:
                    00:13:b4:4a:18:76:31:e7:25:05:96:83:1b:45:f7:
                    ed:ac:32:b9:84:e3:7f:eb:ba:36:80:46:9b:fa:28:
                    11:c5:ab:14:f4:ef:8c:49:86:5a:43:ee:1d:4d:dc:
                    a0:9a:c9:5b:4d:80:c6:58:ab:13:18:28:41:db:86:
                    b1:59:90:0a:1f:2e:66:6f:3c:8e:7f:94:49:ea:8f:
                    14:79:ea:d9:4b:93:04:6a:e8:3d:3b:38:64:c0:7f:
                    db:75:8d:48:ac:34:10:12:03:20:72:d7:a8:2c:55:
                    5a:f2:3f:e9:44:19:0f:b1:51:8a:8d:2f:e1:72:87:
                    f0:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:CF:68:25:6B:01:96:D7:A1:06:36:F6:43:5D:09:8D:96:17:14:79
            X509v3 Authority Key Identifier:
                keyid:7B:4E:00:49:0D:40:84:12:40:B3:A6:76:B6:E3:28:A6:EF:D0:FD:A2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/742037808DE011E993171A33F8AEA228/e04ASQ1AhBJAs6Z2tuMopu_Q_aI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/e04ASQ1AhBJAs6Z2tuMopu_Q_aI.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36B9F4B/742037808DE011E993171A33F8AEA228/347E4736EB1411EC95BC2BAFF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.96.94.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:52:27:f4:49:32:26:0c:03:60:25:6d:22:a9:a2:d0:11:eb:
         cd:30:2a:c7:5b:3a:98:83:81:95:cc:09:21:37:7d:0e:d0:6f:
         ca:e1:18:e4:41:1e:d2:c4:ef:d3:5a:40:2d:d1:82:c5:8c:d8:
         51:68:52:4a:7c:2d:23:24:2e:c2:d0:b5:8c:7b:90:14:3b:79:
         84:1c:e2:56:ea:1f:fa:b4:4d:0b:5a:ac:58:05:54:39:b1:27:
         bb:2d:ca:5f:f6:90:47:4b:2c:a1:c4:f2:87:10:ba:5a:68:d9:
         68:9b:51:9f:86:5f:fa:33:2f:7d:9f:01:3a:6d:4c:b8:22:86:
         94:58:e7:06:15:89:a3:7a:52:f8:d8:17:73:3d:64:26:88:cd:
         92:90:4d:34:f5:c4:a1:1e:f9:20:59:6e:f7:83:ca:de:3a:65:
         84:e0:6b:1f:98:9e:8a:69:8c:46:88:57:aa:50:75:1e:4b:5a:
         bd:44:b9:e8:6a:01:8f:a9:fc:4e:96:37:0a:18:2e:8f:dd:ec:
         ad:e4:a4:c3:52:d0:1b:83:51:0e:e3:39:4d:8e:48:f8:92:ab:
         e1:95:5d:c6:90:e7:16:d4:44:c6:0b:a3:8b:b8:d1:93:03:d8:
         fe:ba:c6:f2:21:eb:65:e9:25:9f:44:62:b2:63:6f:ac:ba:b1:
         ad:43:bd:3c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBGYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QjlGNEJBUjExMC8GA1UEBRMoN0I0RTAwNDkwRDQwODQxMjQwQjNBNjc2QjZFMzI4
QTZFRkQwRkRBMjAeFw0yMjA2MTMxMjI3MzJaFw0zMjA2MTExMjI3MzJaMBgxFjAU
BgNVBAMMDTYyYTcyZDM3LWY5MWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCljhmthhz0S0FC80uEtmFTpeHdlY/0Px27rXkN9+4Eq/TkApCzbheMbiXp
CHW6VppqFlYPEav7iBWuSE9BL72icEtm2a7lqU5nMjJUlnwV0GL3wCmldEGF3GET
uO67lgwJqPnimwQFNXgobW4C+i2/PUT9DtU9+ehzWJC9P1x1ABFsqqtegQATtEoY
djHnJQWWgxtF9+2sMrmE43/rujaARpv6KBHFqxT074xJhlpD7h1N3KCayVtNgMZY
qxMYKEHbhrFZkAofLmZvPI5/lEnqjxR56tlLkwRq6D07OGTAf9t1jUisNBASAyBy
16gsVVryP+lEGQ+xUYqNL+Fyh/DZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUls9o
JWsBltehBjb2Q10JjZYXFHkwHwYDVR0jBBgwFoAUe04ASQ1AhBJAs6Z2tuMopu/Q
/aIwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkI5RjRCLzc0MjAzNzgwOERFMDExRTk5MzE3MUEzM0Y4QUVBMjI4L2UwNEFT
UTFBaEJKQXM2WjJ0dU1vcHVfUV9hSS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L2UwNEFTUTFBaEJKQXM2WjJ0dU1vcHVfUV9hSS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkI5RjRCLzc0MjAzNzgwOERFMDExRTk5MzE3MUEzM0Y4QUVB
MjI4LzM0N0U0NzM2RUIxNDExRUM5NUJDMkJBRkYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADAYF4wDQYJKoZIhvcNAQELBQAD
ggEBAAJSJ/RJMiYMA2AlbSKpotAR680wKsdbOpiDgZXMCSE3fQ7Qb8rhGORBHtLE
79NaQC3RgsWM2FFoUkp8LSMkLsLQtYx7kBQ7eYQc4lbqH/q0TQtarFgFVDmxJ7st
yl/2kEdLLKHE8ocQulpo2WibUZ+GX/ozL32fATptTLgihpRY5wYViaN6UvjYF3M9
ZCaIzZKQTTT1xKEe+SBZbveDyt46ZYTgax+YnoppjEaIV6pQdR5LWr1EuehqAY+p
/E6WNwoYLo/d7K3kpMNS0BuDUQ7jOU2OSPiSq+GVXcaQ5xbURMYLo4u40ZMD2P66
xvIh62XpJZ9EYrJjb6y6sa1DvTw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:15 2024 by rpki-client on console-fra.rpki-client.org