Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36BA80D/D81C33865A2411EABDAFF409F8AEA228/964FB7BE8A4E11ECB25B298F5A40D577.roa
File:                     964FB7BE8A4E11ECB25B298F5A40D577.roa (raw, json)
Hash identifier:          uuv1yLRtGT/Cy5Iz/F52ivTRox70cuy9dlz82qPXQ+8=
Subject key identifier:   5F:32:43:58:8E:DE:68:7F:F4:D6:C6:8B:AA:72:5B:FF:81:3A:7F:5F
Certificate issuer:       /CN=F36BA80DAR/serialNumber=EF7EB7CFCF254C998BD9CE07C0F48E07D61B7C3F
Certificate serial:       02DF
Authority key identifier: EF:7E:B7:CF:CF:25:4C:99:8B:D9:CE:07:C0:F4:8E:07:D6:1B:7C:3F
Authority info access:    rsync://rpki.afrinic.net/repository/arin/7363z88lTJmL2c4HwPSOB9YbfD8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/D81C33865A2411EABDAFF409F8AEA228/964FB7BE8A4E11ECB25B298F5A40D577.roa
Signing time:             Thu 10 Feb 2022 08:51:08 +0000
ROA not before:           Thu 10 Feb 2022 08:50:57 +0000
ROA not after:            Tue 10 Feb 2032 08:50:57 +0000
asID:                     327926
IP address blocks:        169.255.28.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/D81C33865A2411EABDAFF409F8AEA228/7363z88lTJmL2c4HwPSOB9YbfD8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/D81C33865A2411EABDAFF409F8AEA228/7363z88lTJmL2c4HwPSOB9YbfD8.mft
                          rsync://rpki.afrinic.net/repository/arin/7363z88lTJmL2c4HwPSOB9YbfD8.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 735 (0x2df)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36BA80DAR/serialNumber=EF7EB7CFCF254C998BD9CE07C0F48E07D61B7C3F
        Validity
            Not Before: Feb 10 08:50:57 2022 GMT
            Not After : Feb 10 08:50:57 2032 GMT
        Subject: CN=6204d1fb-0752
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:df:ee:23:53:c2:74:ce:1f:1c:e9:f5:98:0e:
                    23:55:49:24:84:32:02:6c:7c:03:9c:90:dd:c2:1c:
                    89:aa:76:b2:ae:fa:1d:e8:1b:d4:4a:bb:5f:a4:82:
                    a9:70:2b:37:a4:ab:55:d0:ea:4b:52:a5:34:21:a0:
                    ae:f3:37:a0:6f:b1:65:34:0a:ee:3b:79:ec:53:fa:
                    ad:5f:df:73:29:9d:17:4a:4b:65:02:22:d7:0e:9e:
                    7f:eb:a1:5d:20:16:93:11:26:12:a0:9a:19:96:07:
                    b4:c5:0f:b8:45:dd:3b:6d:b5:5b:77:ec:91:62:36:
                    fb:2b:78:9e:e2:99:3e:24:aa:7c:d7:1f:c9:28:69:
                    9f:02:08:5a:6d:bb:e4:89:60:a0:82:b8:04:22:e3:
                    60:84:76:83:7e:8b:d3:3d:1e:24:c2:b8:91:03:68:
                    77:02:51:b0:91:4b:d5:09:d8:25:69:e8:e5:e3:47:
                    ae:94:7e:8a:1b:a2:9b:c8:be:bf:42:d2:07:35:e0:
                    29:48:e8:ac:27:ef:ed:ce:6c:00:64:24:57:60:0e:
                    00:d5:9f:db:5a:4c:76:06:07:d6:aa:bf:e9:3b:8d:
                    61:c6:47:4e:4e:93:02:e3:36:a2:d7:e8:72:f9:6b:
                    b0:dd:43:69:da:94:8e:c5:de:1c:91:22:6d:29:a3:
                    bb:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:32:43:58:8E:DE:68:7F:F4:D6:C6:8B:AA:72:5B:FF:81:3A:7F:5F
            X509v3 Authority Key Identifier:
                keyid:EF:7E:B7:CF:CF:25:4C:99:8B:D9:CE:07:C0:F4:8E:07:D6:1B:7C:3F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/D81C33865A2411EABDAFF409F8AEA228/7363z88lTJmL2c4HwPSOB9YbfD8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/7363z88lTJmL2c4HwPSOB9YbfD8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36BA80D/D81C33865A2411EABDAFF409F8AEA228/964FB7BE8A4E11ECB25B298F5A40D577.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.255.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:b2:be:4f:31:38:af:3a:4c:4e:54:e3:8b:90:d8:e9:1d:20:
         5b:3a:0f:71:47:3f:9d:30:5f:ef:bf:d7:cf:51:fe:80:60:19:
         68:a0:7b:c3:00:4f:90:33:25:1d:75:66:64:47:34:2e:f0:35:
         87:e1:ee:01:c8:93:0d:43:ae:2c:5b:a3:93:92:16:17:a6:c9:
         cd:91:8d:1d:25:76:81:58:4d:4c:27:25:4d:e7:cd:51:47:8c:
         2a:31:b7:c6:3d:f8:68:39:e9:32:1b:7a:a1:69:4a:8b:66:19:
         71:71:bb:d0:ca:d1:87:82:43:da:ba:c5:20:2d:2e:98:7d:48:
         f1:6b:41:4f:db:02:66:37:5b:e8:86:cb:41:ee:2d:1a:02:9b:
         c0:bd:4f:5f:74:70:8b:a7:de:cc:94:90:ef:95:29:41:c1:a4:
         f6:6b:43:ca:bb:b0:b5:eb:5c:f2:ec:ee:a1:a6:aa:1a:79:b4:
         1e:0b:79:b2:f2:ee:05:b6:36:f6:ed:e4:63:86:f6:27:c3:93:
         fd:17:71:0d:8e:31:40:b9:c9:2d:9a:74:8d:16:8d:84:89:fe:
         40:76:f9:5f:66:7e:f6:24:54:13:a8:85:7e:5a:3f:5b:66:88:
         aa:40:6b:f6:bc:84:89:b7:74:22:4c:98:fa:89:f9:24:a0:60:
         c5:44:f2:cb
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAt8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QkE4MERBUjExMC8GA1UEBRMoRUY3RUI3Q0ZDRjI1NEM5OThCRDlDRTA3QzBGNDhF
MDdENjFCN0MzRjAeFw0yMjAyMTAwODUwNTdaFw0zMjAyMTAwODUwNTdaMBgxFjAU
BgNVBAMMDTYyMDRkMWZiLTA3NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDN3+4jU8J0zh8c6fWYDiNVSSSEMgJsfAOckN3CHImqdrKu+h3oG9RKu1+k
gqlwKzekq1XQ6ktSpTQhoK7zN6BvsWU0Cu47eexT+q1f33MpnRdKS2UCItcOnn/r
oV0gFpMRJhKgmhmWB7TFD7hF3TtttVt37JFiNvsreJ7imT4kqnzXH8koaZ8CCFpt
u+SJYKCCuAQi42CEdoN+i9M9HiTCuJEDaHcCUbCRS9UJ2CVp6OXjR66UfoobopvI
vr9C0gc14ClI6Kwn7+3ObABkJFdgDgDVn9taTHYGB9aqv+k7jWHGR05OkwLjNqLX
6HL5a7DdQ2nalI7F3hyRIm0po7s/AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUXzJD
WI7eaH/01saLqnJb/4E6f18wHwYDVR0jBBgwFoAU7363z88lTJmL2c4HwPSOB9Yb
fD8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkJBODBEL0Q4MUMzMzg2NUEyNDExRUFCREFGRjQwOUY4QUVBMjI4LzczNjN6
ODhsVEptTDJjNEh3UFNPQjlZYmZEOC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
LzczNjN6ODhsVEptTDJjNEh3UFNPQjlZYmZEOC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkJBODBEL0Q4MUMzMzg2NUEyNDExRUFCREFGRjQwOUY4QUVB
MjI4Lzk2NEZCN0JFOEE0RTExRUNCMjVCMjk4RjVBNDBENTc3LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKp/xwwDQYJKoZIhvcNAQELBQAD
ggEBAKCyvk8xOK86TE5U44uQ2OkdIFs6D3FHP50wX++/189R/oBgGWige8MAT5Az
JR11ZmRHNC7wNYfh7gHIkw1Drixbo5OSFhemyc2RjR0ldoFYTUwnJU3nzVFHjCox
t8Y9+Gg56TIbeqFpSotmGXFxu9DK0YeCQ9q6xSAtLph9SPFrQU/bAmY3W+iGy0Hu
LRoCm8C9T190cIun3syUkO+VKUHBpPZrQ8q7sLXrXPLs7qGmqhp5tB4LebLy7gW2
Nvbt5GOG9ifDk/0XcQ2OMUC5yS2adI0WjYSJ/kB2+V9mfvYkVBOohX5aP1tmiKpA
a/a8hIm3dCJMmPqJ+SSgYMVE8ss=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:22 2024 by rpki-client on console-ams.rpki-client.org