Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C5A07/6F146B2225A411EC89FD9050D8A014CE/D463691425AA11EC929C1A5AD8A014CE.roa
File:                     D463691425AA11EC929C1A5AD8A014CE.roa (raw, json)
Hash identifier:          zOn0KCR3WUQ3sl7nvMO+r6apzohvakNE95t03lLWHiA=
Subject key identifier:   9B:93:AF:3F:63:B1:A5:46:AD:B7:23:78:8D:AB:47:DE:CD:6A:3D:3A
Certificate issuer:       /CN=F36C5A07AR/serialNumber=CADA7A12055344379A13AE6DE7BA278EBC516A58
Certificate serial:       02
Authority key identifier: CA:DA:7A:12:05:53:44:37:9A:13:AE:6D:E7:BA:27:8E:BC:51:6A:58
Authority info access:    rsync://rpki.afrinic.net/repository/arin/ytp6EgVTRDeaE65t57onjrxRalg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C5A07/6F146B2225A411EC89FD9050D8A014CE/D463691425AA11EC929C1A5AD8A014CE.roa
Signing time:             Tue 05 Oct 2021 07:06:58 +0000
ROA not before:           Tue 05 Oct 2021 07:06:43 +0000
ROA not after:            Wed 31 Dec 2031 07:06:43 +0000
asID:                     328061
IP address blocks:        164.160.136.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C5A07/6F146B2225A411EC89FD9050D8A014CE/ytp6EgVTRDeaE65t57onjrxRalg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C5A07/6F146B2225A411EC89FD9050D8A014CE/ytp6EgVTRDeaE65t57onjrxRalg.mft
                          rsync://rpki.afrinic.net/repository/arin/ytp6EgVTRDeaE65t57onjrxRalg.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C5A07AR/serialNumber=CADA7A12055344379A13AE6DE7BA278EBC516A58
        Validity
            Not Before: Oct  5 07:06:43 2021 GMT
            Not After : Dec 31 07:06:43 2031 GMT
        Subject: CN=615bf992-87ca
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:2b:cb:8a:6a:39:82:16:74:97:b3:85:be:33:
                    c8:9c:42:84:9b:53:48:7c:38:a7:c8:91:99:08:34:
                    2f:c9:04:e5:fc:64:d3:a6:5e:36:2e:41:27:fd:76:
                    ec:38:d7:ca:a8:ac:e3:49:c2:3b:6c:82:4e:9c:69:
                    97:70:29:f8:bc:e8:93:12:29:b0:9c:4c:f6:f4:17:
                    00:be:15:24:1b:49:39:ad:a2:90:02:28:10:40:05:
                    77:fb:d4:26:82:8e:6f:62:23:84:0f:0f:a2:8d:48:
                    11:b5:91:a2:dd:4d:17:42:0a:dd:a5:6b:0c:11:a3:
                    f7:a0:1c:c2:19:be:fd:76:f8:46:f5:4c:08:82:8f:
                    04:af:9d:0e:8d:14:23:55:0b:68:33:8e:f1:46:c1:
                    e8:21:5f:1b:c7:16:9e:cb:6c:1e:e4:bf:05:c1:11:
                    8e:0b:2b:70:1f:4a:07:96:56:13:e4:cd:98:9b:a0:
                    34:c7:0d:b1:4d:d4:3f:c2:90:4c:a8:fc:50:61:3e:
                    c3:f3:5e:d9:4c:e8:18:9e:eb:96:98:85:90:24:4b:
                    c4:cb:52:90:3c:df:41:96:d5:3d:51:bb:d7:26:84:
                    d4:3b:b0:47:ee:93:20:0c:23:83:34:32:03:7d:bb:
                    60:3b:45:cc:76:8c:cc:30:fe:47:9d:4e:e2:27:b9:
                    7a:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:93:AF:3F:63:B1:A5:46:AD:B7:23:78:8D:AB:47:DE:CD:6A:3D:3A
            X509v3 Authority Key Identifier:
                keyid:CA:DA:7A:12:05:53:44:37:9A:13:AE:6D:E7:BA:27:8E:BC:51:6A:58

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C5A07/6F146B2225A411EC89FD9050D8A014CE/ytp6EgVTRDeaE65t57onjrxRalg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/ytp6EgVTRDeaE65t57onjrxRalg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C5A07/6F146B2225A411EC89FD9050D8A014CE/D463691425AA11EC929C1A5AD8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  164.160.136.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:3b:cc:0d:a1:30:ec:7a:68:3e:54:4b:67:7d:15:87:90:1a:
         7c:28:69:1d:e5:68:ad:c5:e6:d0:c3:45:42:3b:43:d7:55:0a:
         e3:13:13:bb:e2:c1:6a:8e:9d:5c:1f:73:6c:79:bd:24:52:a5:
         8e:0d:13:89:bb:aa:06:fe:50:81:c0:84:78:a6:bc:75:26:45:
         8f:5f:2b:bc:19:0c:d7:c7:33:0c:2f:b5:40:7f:4f:0e:97:4a:
         38:1a:b1:56:3b:a3:6e:7b:fc:1d:ff:03:e9:b2:14:d8:8f:66:
         45:dd:61:33:a3:b0:66:ec:ea:6a:ae:c7:ad:74:40:b2:c2:1e:
         95:fa:a2:a1:64:99:25:bc:42:9d:d8:cc:c4:e8:87:82:ce:bf:
         c0:12:88:13:cd:e7:ca:9f:4c:4e:77:41:74:75:06:b8:bc:2c:
         91:62:70:fd:36:00:a2:2e:a1:4d:b5:d0:0b:bd:e7:26:70:bb:
         85:08:21:ad:33:f0:30:b4:10:20:f3:ef:96:3b:cc:d0:14:ba:
         94:68:b9:64:59:fd:82:ab:93:70:51:56:06:33:0f:d6:81:69:
         b3:83:8e:ad:c2:29:16:9a:97:f7:4f:65:c6:be:8d:31:4d:10:
         09:f0:dd:69:c3:30:b8:25:fb:bc:02:6b:47:31:4d:fa:3b:d4:
         84:c4:c1:ea
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
NUEwN0FSMTEwLwYDVQQFEyhDQURBN0ExMjA1NTM0NDM3OUExM0FFNkRFN0JBMjc4
RUJDNTE2QTU4MB4XDTIxMTAwNTA3MDY0M1oXDTMxMTIzMTA3MDY0M1owGDEWMBQG
A1UEAwwNNjE1YmY5OTItODdjYTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsry4pqOYIWdJezhb4zyJxChJtTSHw4p8iRmQg0L8kE5fxk06ZeNi5BJ/12
7DjXyqis40nCO2yCTpxpl3Ap+LzokxIpsJxM9vQXAL4VJBtJOa2ikAIoEEAFd/vU
JoKOb2IjhA8Poo1IEbWRot1NF0IK3aVrDBGj96Acwhm+/Xb4RvVMCIKPBK+dDo0U
I1ULaDOO8UbB6CFfG8cWnstsHuS/BcERjgsrcB9KB5ZWE+TNmJugNMcNsU3UP8KQ
TKj8UGE+w/Ne2UzoGJ7rlpiFkCRLxMtSkDzfQZbVPVG71yaE1DuwR+6TIAwjgzQy
A327YDtFzHaMzDD+R51O4ie5eqUCAwEAAaOCAqIwggKeMB0GA1UdDgQWBBSbk68/
Y7GlRq23I3iNq0fezWo9OjAfBgNVHSMEGDAWgBTK2noSBVNEN5oTrm3nuieOvFFq
WDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2QzVBMDcvNkYxNDZCMjIyNUE0MTFFQzg5RkQ5MDUwRDhBMDE0Q0UveXRwNkVn
VlRSRGVhRTY1dDU3b25qcnhSYWxnLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
eXRwNkVnVlRSRGVhRTY1dDU3b25qcnhSYWxnLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2QzVBMDcvNkYxNDZCMjIyNUE0MTFFQzg5RkQ5MDUwRDhBMDE0
Q0UvRDQ2MzY5MTQyNUFBMTFFQzkyOUMxQTVBRDhBMDE0Q0Uucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqSgiDANBgkqhkiG9w0BAQsFAAOC
AQEAojvMDaEw7HpoPlRLZ30Vh5AafChpHeVorcXm0MNFQjtD11UK4xMTu+LBao6d
XB9zbHm9JFKljg0TibuqBv5QgcCEeKa8dSZFj18rvBkM18czDC+1QH9PDpdKOBqx
Vjujbnv8Hf8D6bIU2I9mRd1hM6OwZuzqaq7HrXRAssIelfqioWSZJbxCndjMxOiH
gs6/wBKIE83nyp9MTndBdHUGuLwskWJw/TYAoi6hTbXQC73nJnC7hQghrTPwMLQQ
IPPvljvM0BS6lGi5ZFn9gquTcFFWBjMP1oFps4OOrcIpFpqX909lxr6NMU0QCfDd
acMwuCX7vAJrRzFN+jvUhMTB6g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:26 2024 by rpki-client on console-ams.rpki-client.org