Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36C65C6/11FF6652CF5B11EBB4B3CE16F8AEA228/FA9B731023BF11ED84295CC5F1222468.roa
File:                     FA9B731023BF11ED84295CC5F1222468.roa (raw, json)
Hash identifier:          YC8KXYNCaCNhKTJ0A821cYNyvFRRYAF9H6w9FgItikQ=
Subject key identifier:   E1:9F:47:56:8A:C2:48:F6:34:49:BA:3E:3D:BB:00:5A:EF:70:40:6F
Certificate issuer:       /CN=F36C65C6AR/serialNumber=1FF33E25A32B4691F723F85010D36C1D19AD2613
Certificate serial:       01BF
Authority key identifier: 1F:F3:3E:25:A3:2B:46:91:F7:23:F8:50:10:D3:6C:1D:19:AD:26:13
Authority info access:    rsync://rpki.afrinic.net/repository/arin/H_M-JaMrRpH3I_hQENNsHRmtJhM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/11FF6652CF5B11EBB4B3CE16F8AEA228/FA9B731023BF11ED84295CC5F1222468.roa
Signing time:             Wed 24 Aug 2022 15:18:17 +0000
ROA not before:           Wed 24 Aug 2022 15:18:13 +0000
ROA not after:            Tue 31 Aug 2032 15:18:13 +0000
asID:                     327901
IP address blocks:        169.255.196.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/11FF6652CF5B11EBB4B3CE16F8AEA228/H_M-JaMrRpH3I_hQENNsHRmtJhM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/11FF6652CF5B11EBB4B3CE16F8AEA228/H_M-JaMrRpH3I_hQENNsHRmtJhM.mft
                          rsync://rpki.afrinic.net/repository/arin/H_M-JaMrRpH3I_hQENNsHRmtJhM.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 30 Mar 2024 00:16:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 447 (0x1bf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36C65C6AR/serialNumber=1FF33E25A32B4691F723F85010D36C1D19AD2613
        Validity
            Not Before: Aug 24 15:18:13 2022 GMT
            Not After : Aug 31 15:18:13 2032 GMT
        Subject: CN=63064139-4cf5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:2b:5e:ce:eb:3f:57:95:9d:7f:3d:3d:90:96:
                    69:ac:ed:1c:5f:a8:e6:04:ed:e0:28:cc:24:80:50:
                    50:64:a3:b8:23:47:40:14:49:bb:4f:d0:c1:18:83:
                    cf:f9:e7:af:b0:6a:a0:da:14:67:ce:dc:71:b0:b0:
                    d7:69:ff:a9:1e:b4:d4:5c:4a:ad:e6:27:71:d3:fb:
                    63:61:9f:99:a0:f7:8c:00:95:63:33:5b:f6:61:89:
                    67:68:64:b6:bc:bc:8f:a7:7b:f9:a2:95:a5:77:55:
                    0f:1f:28:42:24:9d:bd:9f:e4:48:72:47:8e:b8:f5:
                    6c:4b:61:13:aa:95:75:e2:4f:a2:4f:55:a9:a4:44:
                    45:63:ad:90:a3:8b:80:62:34:eb:26:d8:e7:7b:97:
                    9f:6a:e3:ba:6e:c3:d9:e2:4f:52:d9:66:f8:d9:2b:
                    2b:bb:b9:e5:f7:05:6a:a9:d5:04:15:56:15:78:b2:
                    85:f3:7e:48:05:5d:c6:c5:ea:88:c1:fb:14:06:9a:
                    60:dd:5a:df:da:dd:0d:b4:b4:31:d6:a5:03:f3:7a:
                    90:50:e4:eb:14:bb:e4:6b:e9:29:df:7b:4e:74:08:
                    80:ac:de:f4:33:39:63:06:df:df:1e:c9:1c:61:82:
                    ac:b3:53:97:a2:0e:b7:84:10:9a:0f:99:8d:e2:9e:
                    c1:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:9F:47:56:8A:C2:48:F6:34:49:BA:3E:3D:BB:00:5A:EF:70:40:6F
            X509v3 Authority Key Identifier:
                keyid:1F:F3:3E:25:A3:2B:46:91:F7:23:F8:50:10:D3:6C:1D:19:AD:26:13

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/11FF6652CF5B11EBB4B3CE16F8AEA228/H_M-JaMrRpH3I_hQENNsHRmtJhM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/H_M-JaMrRpH3I_hQENNsHRmtJhM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36C65C6/11FF6652CF5B11EBB4B3CE16F8AEA228/FA9B731023BF11ED84295CC5F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  169.255.196.0/22

    Signature Algorithm: sha256WithRSAEncryption
         41:ec:71:bb:f1:e7:d7:f2:e7:3e:98:8c:45:b6:71:72:e6:97:
         27:a0:39:97:bd:76:50:90:d8:38:ff:26:4d:7c:eb:a1:53:47:
         6d:6a:2e:d1:80:a1:b6:cc:a7:7d:08:cc:a1:33:64:fe:1b:26:
         2d:9d:c3:02:20:3f:44:49:64:7b:77:44:51:42:bd:dd:ff:f7:
         2b:ec:cd:7f:42:3b:98:53:19:34:a6:81:63:0b:b9:14:ca:71:
         74:33:77:f0:f3:57:d7:58:8d:a4:31:19:f3:d7:78:65:26:2d:
         31:0b:53:64:c1:ca:03:88:ba:2b:be:1c:51:dd:05:e9:1b:14:
         f4:84:5c:23:50:e8:2c:df:b1:1c:2e:f4:a4:52:db:3d:d8:02:
         ae:45:f5:48:10:0b:de:2c:f6:f8:d2:7b:f2:a0:69:9f:0a:9d:
         86:3e:ab:3c:37:c8:bc:38:15:75:c3:7b:2f:08:14:d6:10:61:
         dd:38:fe:14:58:71:bb:39:d0:3e:c7:57:c4:42:9f:42:c1:8d:
         ac:d3:0a:11:04:36:cb:c3:19:cd:02:b9:8e:84:fb:c0:dd:d2:
         cf:98:2b:9b:9f:08:a4:a4:c4:63:5a:13:31:3f:85:21:b1:3f:
         12:05:c9:11:41:70:67:8a:49:1c:fd:f1:d1:4e:91:03:e4:24:
         34:a8:b8:71
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
QzY1QzZBUjExMC8GA1UEBRMoMUZGMzNFMjVBMzJCNDY5MUY3MjNGODUwMTBEMzZD
MUQxOUFEMjYxMzAeFw0yMjA4MjQxNTE4MTNaFw0zMjA4MzExNTE4MTNaMBgxFjAU
BgNVBAMMDTYzMDY0MTM5LTRjZjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVK17O6z9XlZ1/PT2Qlmms7RxfqOYE7eAozCSAUFBko7gjR0AUSbtP0MEY
g8/556+waqDaFGfO3HGwsNdp/6ketNRcSq3mJ3HT+2Nhn5mg94wAlWMzW/ZhiWdo
ZLa8vI+ne/milaV3VQ8fKEIknb2f5EhyR4649WxLYROqlXXiT6JPVamkREVjrZCj
i4BiNOsm2Od7l59q47puw9niT1LZZvjZKyu7ueX3BWqp1QQVVhV4soXzfkgFXcbF
6ojB+xQGmmDdWt/a3Q20tDHWpQPzepBQ5OsUu+Rr6Snfe050CICs3vQzOWMG398e
yRxhgqyzU5eiDreEEJoPmY3insFPAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU4Z9H
VorCSPY0Sbo+PbsAWu9wQG8wHwYDVR0jBBgwFoAUH/M+JaMrRpH3I/hQENNsHRmt
JhMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkM2NUM2LzExRkY2NjUyQ0Y1QjExRUJCNEIzQ0UxNkY4QUVBMjI4L0hfTS1K
YU1yUnBIM0lfaFFFTk5zSFJtdEpoTS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L0hfTS1KYU1yUnBIM0lfaFFFTk5zSFJtdEpoTS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkM2NUM2LzExRkY2NjUyQ0Y1QjExRUJCNEIzQ0UxNkY4QUVB
MjI4L0ZBOUI3MzEwMjNCRjExRUQ4NDI5NUNDNUYxMjIyNDY4LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKp/8QwDQYJKoZIhvcNAQELBQAD
ggEBAEHscbvx59fy5z6YjEW2cXLmlyegOZe9dlCQ2Dj/Jk1866FTR21qLtGAobbM
p30IzKEzZP4bJi2dwwIgP0RJZHt3RFFCvd3/9yvszX9CO5hTGTSmgWMLuRTKcXQz
d/DzV9dYjaQxGfPXeGUmLTELU2TBygOIuiu+HFHdBekbFPSEXCNQ6CzfsRwu9KRS
2z3YAq5F9UgQC94s9vjSe/KgaZ8KnYY+qzw3yLw4FXXDey8IFNYQYd04/hRYcbs5
0D7HV8RCn0LBjazTChEENsvDGc0CuY6E+8Dd0s+YK5ufCKSkxGNaEzE/hSGxPxIF
yRFBcGeKSRz98dFOkQPkJDSouHE=
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:07:41 2024 by rpki-client on console-ams.rpki-client.org