Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/5740F66E33EE11EEBFA2814F4AD9E6FC.roa
File:                     5740F66E33EE11EEBFA2814F4AD9E6FC.roa (raw, json)
Hash identifier:          LrogqjTwGfFAze89PRHEe21TIS1/HS4/rUXj/zIp7AA=
Subject key identifier:   02:3E:DD:0B:38:B3:D1:F8:0E:BE:27:C6:5C:7D:65:5E:E1:2D:23:65
Certificate issuer:       /CN=F36F144CAR/serialNumber=BFF10D73AA8138DCE36742A766F96523859E487C
Certificate serial:       05B5
Authority key identifier: BF:F1:0D:73:AA:81:38:DC:E3:67:42:A7:66:F9:65:23:85:9E:48:7C
Authority info access:    rsync://rpki.afrinic.net/repository/arin/v_ENc6qBONzjZ0KnZvllI4WeSHw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/5740F66E33EE11EEBFA2814F4AD9E6FC.roa
Signing time:             Sun 06 Aug 2023 00:15:25 +0000
ROA not before:           Sun 06 Aug 2023 00:00:20 +0000
ROA not after:            Mon 05 Aug 2030 00:00:20 +0000
asID:                     328209
IP address blocks:        160.119.96.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/v_ENc6qBONzjZ0KnZvllI4WeSHw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/v_ENc6qBONzjZ0KnZvllI4WeSHw.mft
                          rsync://rpki.afrinic.net/repository/arin/v_ENc6qBONzjZ0KnZvllI4WeSHw.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:21:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1461 (0x5b5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F144CAR/serialNumber=BFF10D73AA8138DCE36742A766F96523859E487C
        Validity
            Not Before: Aug  6 00:00:20 2023 GMT
            Not After : Aug  5 00:00:20 2030 GMT
        Subject: CN=64cee61d-6384
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:af:82:db:24:f5:96:37:b1:28:1c:e2:0a:f2:
                    d6:e5:f6:a8:36:f5:4f:07:16:a0:1c:f5:7e:d2:ce:
                    05:05:9e:96:d3:7a:14:c0:41:ef:e3:e8:50:b0:f9:
                    85:71:68:3a:ef:af:e7:35:1a:d0:bc:db:8b:c2:9d:
                    84:1a:d6:08:d1:fc:71:01:1e:78:da:c6:6d:47:ad:
                    ce:ae:90:14:97:67:03:c7:da:4a:e2:83:b0:17:6c:
                    42:0f:f8:9c:0d:bd:4d:35:5d:41:02:9f:f9:c9:05:
                    7b:43:8f:e1:f6:49:0f:31:e5:c0:88:46:bf:48:cf:
                    08:f6:b0:86:bc:3b:1e:db:0f:81:82:4e:ca:33:84:
                    d4:50:83:5c:f0:34:6c:d5:00:ca:f7:18:20:33:19:
                    fa:ba:83:57:a1:8e:7c:44:0f:a4:61:2a:9a:a5:30:
                    f1:90:a1:48:69:1b:2b:4f:28:7a:33:00:97:73:36:
                    79:56:4c:76:fa:3f:07:2b:00:a1:cd:b4:fa:b7:2e:
                    5f:f5:c3:5b:b3:c5:33:79:63:f6:9d:0a:4b:9d:8b:
                    47:a7:fc:76:7c:7e:14:49:28:04:94:eb:c8:a8:80:
                    eb:5d:5a:bf:c5:f5:a3:47:fb:e5:17:fa:b9:f6:9b:
                    92:5d:9a:35:d8:34:e4:48:ff:58:d5:b2:c4:10:12:
                    ec:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:3E:DD:0B:38:B3:D1:F8:0E:BE:27:C6:5C:7D:65:5E:E1:2D:23:65
            X509v3 Authority Key Identifier:
                keyid:BF:F1:0D:73:AA:81:38:DC:E3:67:42:A7:66:F9:65:23:85:9E:48:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/v_ENc6qBONzjZ0KnZvllI4WeSHw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/v_ENc6qBONzjZ0KnZvllI4WeSHw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/5740F66E33EE11EEBFA2814F4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.119.96.0/24

    Signature Algorithm: sha256WithRSAEncryption
         30:80:15:44:32:a6:5b:72:df:51:bf:71:68:5a:22:18:56:2f:
         28:24:4d:e1:ec:50:55:94:4d:b1:66:24:a7:8a:9a:b0:a1:05:
         64:f8:e4:e5:39:8a:da:ea:f5:fb:6d:f9:81:16:20:50:5d:71:
         d7:d1:a2:23:26:e9:79:d0:5b:b1:10:2f:ca:ab:d4:b4:6f:20:
         34:86:35:10:49:2d:12:be:e6:44:e9:fe:c0:de:91:0a:62:a0:
         15:97:ba:93:44:cd:9b:be:38:8c:c4:cc:f7:17:08:d8:5c:84:
         1b:51:2a:e5:70:5a:c7:22:a5:aa:54:ec:16:cb:cd:df:1b:21:
         7c:29:1c:e6:a1:f1:bf:34:a4:91:a5:70:4a:16:53:94:13:27:
         b0:18:93:08:9d:56:ab:46:31:d1:5c:68:76:99:d0:ce:e4:dc:
         82:a4:d6:b3:15:64:dd:4f:71:31:22:58:19:3d:c0:b9:4f:5f:
         2f:bf:c2:fa:43:91:be:96:94:c2:d5:5d:74:16:c9:66:89:88:
         cf:ba:1f:12:01:1b:59:15:eb:46:54:25:00:f0:33:1f:e0:61:
         7d:ef:38:ec:76:b4:d2:ea:b6:90:1c:28:23:af:c1:df:27:b3:
         0f:4b:66:1d:95:0d:11:61:07:e4:e6:5f:78:ae:15:76:48:1d:
         d4:67:ac:a0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBbUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjE0NENBUjExMC8GA1UEBRMoQkZGMTBENzNBQTgxMzhEQ0UzNjc0MkE3NjZGOTY1
MjM4NTlFNDg3QzAeFw0yMzA4MDYwMDAwMjBaFw0zMDA4MDUwMDAwMjBaMBgxFjAU
BgNVBAMTDTY0Y2VlNjFkLTYzODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCar4LbJPWWN7EoHOIK8tbl9qg29U8HFqAc9X7SzgUFnpbTehTAQe/j6FCw
+YVxaDrvr+c1GtC824vCnYQa1gjR/HEBHnjaxm1Hrc6ukBSXZwPH2krig7AXbEIP
+JwNvU01XUECn/nJBXtDj+H2SQ8x5cCIRr9Izwj2sIa8Ox7bD4GCTsozhNRQg1zw
NGzVAMr3GCAzGfq6g1ehjnxED6RhKpqlMPGQoUhpGytPKHozAJdzNnlWTHb6Pwcr
AKHNtPq3Ll/1w1uzxTN5Y/adCkudi0en/HZ8fhRJKASU68iogOtdWr/F9aNH++UX
+rn2m5JdmjXYNORI/1jVssQQEuyNAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUAj7d
Cziz0fgOvifGXH1lXuEtI2UwHwYDVR0jBBgwFoAUv/ENc6qBONzjZ0KnZvllI4We
SHwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkYxNDRDLzkwMzAxNTdDRDJFNTExRTk5QTRDRTM2OEY4QUVBMjI4L3ZfRU5j
NnFCT056alowS25admxsSTRXZVNIdy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3ZfRU5jNnFCT056alowS25admxsSTRXZVNIdy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkYxNDRDLzkwMzAxNTdDRDJFNTExRTk5QTRDRTM2OEY4QUVB
MjI4LzU3NDBGNjZFMzNFRTExRUVCRkEyODE0RjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACgd2AwDQYJKoZIhvcNAQELBQAD
ggEBADCAFUQyplty31G/cWhaIhhWLygkTeHsUFWUTbFmJKeKmrChBWT45OU5itrq
9ftt+YEWIFBdcdfRoiMm6XnQW7EQL8qr1LRvIDSGNRBJLRK+5kTp/sDekQpioBWX
upNEzZu+OIzEzPcXCNhchBtRKuVwWscipapU7BbLzd8bIXwpHOah8b80pJGlcEoW
U5QTJ7AYkwidVqtGMdFcaHaZ0M7k3IKk1rMVZN1PcTEiWBk9wLlPXy+/wvpDkb6W
lMLVXXQWyWaJiM+6HxIBG1kV60ZUJQDwMx/gYX3vOOx2tNLqtpAcKCOvwd8nsw9L
Zh2VDRFhB+TmX3iuFXZIHdRnrKA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:48 2024 by rpki-client on console-ams.rpki-client.org