Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36CF917/F9C1E412E27711ECBA278AD6F1222468/282DC0BAE31211ECABFC60BFF1222468.roa
File:                     282DC0BAE31211ECABFC60BFF1222468.roa (raw, json)
Hash identifier:          +YVubLFEdP3oFfhGjZ7aF/r3X0+W1ak/u5GBnLWdqN0=
Subject key identifier:   D5:85:80:D9:8C:F9:90:79:EA:99:42:09:0F:C6:89:73:BD:65:09:31
Certificate issuer:       /CN=F36CF917AR/serialNumber=C3857421D5DB8B6144D07C3C59371F420317A977
Certificate serial:       05
Authority key identifier: C3:85:74:21:D5:DB:8B:61:44:D0:7C:3C:59:37:1F:42:03:17:A9:77
Authority info access:    rsync://rpki.afrinic.net/repository/arin/w4V0IdXbi2FE0Hw8WTcfQgMXqXc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36CF917/F9C1E412E27711ECBA278AD6F1222468/282DC0BAE31211ECABFC60BFF1222468.roa
Signing time:             Fri 03 Jun 2022 07:52:46 +0000
ROA not before:           Fri 03 Jun 2022 07:52:42 +0000
ROA not after:            Thu 03 Jun 2032 07:52:42 +0000
asID:                     36913
IP address blocks:        168.253.224.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36CF917/F9C1E412E27711ECBA278AD6F1222468/w4V0IdXbi2FE0Hw8WTcfQgMXqXc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36CF917/F9C1E412E27711ECBA278AD6F1222468/w4V0IdXbi2FE0Hw8WTcfQgMXqXc.mft
                          rsync://rpki.afrinic.net/repository/arin/w4V0IdXbi2FE0Hw8WTcfQgMXqXc.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36CF917AR/serialNumber=C3857421D5DB8B6144D07C3C59371F420317A977
        Validity
            Not Before: Jun  3 07:52:42 2022 GMT
            Not After : Jun  3 07:52:42 2032 GMT
        Subject: CN=6299bdce-7277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:ea:0f:db:65:d4:8e:8c:24:b4:6a:0d:47:55:
                    fe:8b:30:fd:b2:b4:d3:4c:ab:8a:0e:79:cc:58:29:
                    40:c5:2d:c1:b5:f4:8b:1f:44:a6:10:2c:01:7b:d1:
                    1e:c5:f1:6e:06:bd:cf:b8:40:5d:e1:83:35:93:82:
                    6c:ad:1a:e7:92:ca:66:6d:ab:e4:de:6e:4b:89:21:
                    b4:eb:3b:1c:61:49:34:f6:f0:be:da:ac:25:78:15:
                    85:a7:6f:e1:7f:46:f2:91:ba:33:94:70:0f:02:31:
                    78:60:8d:23:0c:14:b8:71:a7:d9:58:f6:95:44:3b:
                    04:09:83:d4:d5:98:c6:75:66:77:f5:e1:d5:cb:77:
                    2d:f8:9e:cf:84:9e:e1:11:67:25:91:9c:a9:e7:33:
                    cf:32:ba:90:50:14:db:24:61:20:90:3a:4b:5f:ef:
                    b4:e1:84:fd:89:af:78:89:8f:44:b1:6a:55:2c:6d:
                    7c:b2:7d:4c:a1:34:7e:e9:3e:04:d4:68:4f:c0:e5:
                    9a:d3:53:db:bf:24:21:6c:fb:8f:36:41:99:a3:0f:
                    a8:a6:2a:f7:9e:b4:5e:a6:9c:a3:72:96:93:ac:c1:
                    44:0c:88:a2:ee:c1:24:e0:9f:a5:d1:30:16:d7:a0:
                    06:78:f8:d3:bc:11:f1:60:94:11:23:8a:f3:05:b4:
                    1c:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:85:80:D9:8C:F9:90:79:EA:99:42:09:0F:C6:89:73:BD:65:09:31
            X509v3 Authority Key Identifier:
                keyid:C3:85:74:21:D5:DB:8B:61:44:D0:7C:3C:59:37:1F:42:03:17:A9:77

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF917/F9C1E412E27711ECBA278AD6F1222468/w4V0IdXbi2FE0Hw8WTcfQgMXqXc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/w4V0IdXbi2FE0Hw8WTcfQgMXqXc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36CF917/F9C1E412E27711ECBA278AD6F1222468/282DC0BAE31211ECABFC60BFF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.253.224.0/19

    Signature Algorithm: sha256WithRSAEncryption
         38:77:ba:5a:4f:1b:3e:8a:bf:65:dc:cc:e1:de:2d:49:ae:cd:
         e3:12:c3:27:8f:f1:06:20:da:7f:76:d0:c1:81:c4:cb:11:89:
         2c:d0:48:ab:11:0f:a9:04:f8:6a:8e:84:2a:1d:4b:ae:ad:27:
         a8:04:67:52:8b:83:bd:b7:b5:ff:d4:ec:c1:c4:9c:d3:18:b9:
         0e:d1:f2:c7:ec:58:f0:8a:48:a8:ac:03:2e:40:e9:69:47:4c:
         26:fc:6d:17:e2:50:cc:4a:77:65:f7:7e:e6:e2:b7:a9:e2:c9:
         57:3e:cf:b6:d4:6e:9e:38:fe:b9:14:90:2b:d5:93:03:8c:00:
         78:dd:5e:98:5c:62:c6:01:73:1f:a1:36:1f:6d:c6:97:fb:ad:
         5e:4f:90:6e:bb:f3:d1:b4:67:d5:3b:be:de:bf:b8:3e:0c:0a:
         71:57:61:e3:e4:05:8d:29:7b:ae:69:e8:07:1b:8e:ce:f7:bd:
         60:15:71:84:11:79:9b:3d:2e:53:6c:2d:77:63:dd:ec:aa:5b:
         0e:b6:e9:6f:45:90:86:c1:85:28:5b:97:18:8d:40:0d:e9:07:
         1c:d1:f9:37:2f:62:f2:bb:c3:56:c9:4e:f6:11:5c:77:0b:cf:
         a3:bb:6e:0d:55:5e:7a:1a:cd:c6:3c:0f:bb:17:16:13:3f:04:
         2b:01:44:6e
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzZD
RjkxN0FSMTEwLwYDVQQFEyhDMzg1NzQyMUQ1REI4QjYxNDREMDdDM0M1OTM3MUY0
MjAzMTdBOTc3MB4XDTIyMDYwMzA3NTI0MloXDTMyMDYwMzA3NTI0MlowGDEWMBQG
A1UEAwwNNjI5OWJkY2UtNzI3NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLqD9tl1I6MJLRqDUdV/osw/bK000yrig55zFgpQMUtwbX0ix9EphAsAXvR
HsXxbga9z7hAXeGDNZOCbK0a55LKZm2r5N5uS4khtOs7HGFJNPbwvtqsJXgVhadv
4X9G8pG6M5RwDwIxeGCNIwwUuHGn2Vj2lUQ7BAmD1NWYxnVmd/Xh1ct3Lfiez4Se
4RFnJZGcqeczzzK6kFAU2yRhIJA6S1/vtOGE/YmveImPRLFqVSxtfLJ9TKE0fuk+
BNRoT8DlmtNT278kIWz7jzZBmaMPqKYq9560Xqaco3KWk6zBRAyIou7BJOCfpdEw
FtegBnj407wR8WCUESOK8wW0HI0CAwEAAaOCAqIwggKeMB0GA1UdDgQWBBTVhYDZ
jPmQeeqZQgkPxolzvWUJMTAfBgNVHSMEGDAWgBTDhXQh1duLYUTQfDxZNx9CAxep
dzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2Q0Y5MTcvRjlDMUU0MTJFMjc3MTFFQ0JBMjc4QUQ2RjEyMjI0NjgvdzRWMElk
WGJpMkZFMEh3OFdUY2ZRZ01YcVhjLmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2FyaW4v
dzRWMElkWGJpMkZFMEh3OFdUY2ZRZ01YcVhjLmNlcjBPBgNVHSABAf8ERTBDMEEG
CCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmljLm5l
dC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUFBzAL
hoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3Jl
cG9zaXRvcnkvRjM2Q0Y5MTcvRjlDMUU0MTJFMjc3MTFFQ0JBMjc4QUQ2RjEyMjI0
NjgvMjgyREMwQkFFMzEyMTFFQ0FCRkM2MEJGRjEyMjI0Njgucm9hMDUGCCsGAQUF
BzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBaj94DANBgkqhkiG9w0BAQsFAAOC
AQEAOHe6Wk8bPoq/ZdzM4d4tSa7N4xLDJ4/xBiDaf3bQwYHEyxGJLNBIqxEPqQT4
ao6EKh1Lrq0nqARnUouDvbe1/9TswcSc0xi5DtHyx+xY8IpIqKwDLkDpaUdMJvxt
F+JQzEp3Zfd+5uK3qeLJVz7PttRunjj+uRSQK9WTA4wAeN1emFxixgFzH6E2H23G
l/utXk+Qbrvz0bRn1Tu+3r+4PgwKcVdh4+QFjSl7rmnoBxuOzve9YBVxhBF5mz0u
U2wtd2Pd7KpbDrbpb0WQhsGFKFuXGI1ADekHHNH5Ny9i8rvDVslO9hFcdwvPo7tu
DVVeehrNxjwPuxcWEz8EKwFEbg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:59 2024 by rpki-client on console-fra.rpki-client.org