Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/A80D090633EF11EE9FE76B534AD9E6FC.roa
File:                     A80D090633EF11EE9FE76B534AD9E6FC.roa (raw, json)
Hash identifier:          /T6YjN1xp+pnZ0irA0nkuSOCTeR3Dp7xC5vZj5YoiHI=
Subject key identifier:   83:AF:35:B4:5C:43:1F:19:6D:1D:34:D3:99:43:53:C2:83:E5:6A:35
Certificate issuer:       /CN=F36F144CAR/serialNumber=BFF10D73AA8138DCE36742A766F96523859E487C
Certificate serial:       05BE
Authority key identifier: BF:F1:0D:73:AA:81:38:DC:E3:67:42:A7:66:F9:65:23:85:9E:48:7C
Authority info access:    rsync://rpki.afrinic.net/repository/arin/v_ENc6qBONzjZ0KnZvllI4WeSHw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/A80D090633EF11EE9FE76B534AD9E6FC.roa
Signing time:             Sun 06 Aug 2023 00:24:50 +0000
ROA not before:           Sun 06 Aug 2023 00:00:47 +0000
ROA not after:            Sat 06 Aug 2033 00:00:47 +0000
asID:                     328209
IP address blocks:        160.119.96.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/v_ENc6qBONzjZ0KnZvllI4WeSHw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/v_ENc6qBONzjZ0KnZvllI4WeSHw.mft
                          rsync://rpki.afrinic.net/repository/arin/v_ENc6qBONzjZ0KnZvllI4WeSHw.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 27 Nov 2024 00:21:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1470 (0x5be)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F144CAR/serialNumber=BFF10D73AA8138DCE36742A766F96523859E487C
        Validity
            Not Before: Aug  6 00:00:47 2023 GMT
            Not After : Aug  6 00:00:47 2033 GMT
        Subject: CN=64cee852-9bf3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:3e:14:f2:f8:4b:f6:b4:c8:4d:20:25:08:96:
                    d8:0c:45:00:83:4b:ff:a5:ee:db:70:fd:13:ac:ea:
                    0c:86:7a:6e:ae:95:b0:b4:6b:c7:13:7d:85:e1:d6:
                    f0:69:7e:09:16:39:e4:7f:5d:f9:43:5e:29:ad:d9:
                    57:28:54:75:88:9e:e9:40:24:ff:39:df:61:01:04:
                    10:ae:dc:54:5e:07:41:4d:b0:8c:c6:5e:63:5b:17:
                    ba:2b:d4:02:15:3f:84:a1:6f:bf:9e:49:e5:af:ea:
                    46:bb:09:b8:62:4b:81:f0:b4:51:58:1e:b9:90:f3:
                    e4:fc:2f:1b:45:d3:e7:59:d8:34:1a:9d:59:51:e6:
                    f3:c6:10:01:5e:22:e0:f3:7d:39:3c:2a:97:e4:91:
                    3e:d1:42:54:c2:01:be:3f:6f:2c:b1:fb:f8:88:3e:
                    c7:06:dd:32:36:96:61:92:f0:34:81:60:88:5e:88:
                    27:fb:51:a4:c7:56:2d:02:f0:9a:4b:e1:59:ec:97:
                    f0:25:71:99:96:01:a1:4e:49:4f:15:12:3f:72:a6:
                    de:74:2e:57:ac:0b:61:20:c8:21:40:dc:a2:7e:43:
                    10:d9:fc:b4:05:0c:40:ff:3e:1d:8e:75:14:a4:99:
                    46:d2:42:bf:35:f5:59:c5:66:f4:40:1c:b8:8e:88:
                    3b:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                83:AF:35:B4:5C:43:1F:19:6D:1D:34:D3:99:43:53:C2:83:E5:6A:35
            X509v3 Authority Key Identifier:
                keyid:BF:F1:0D:73:AA:81:38:DC:E3:67:42:A7:66:F9:65:23:85:9E:48:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/v_ENc6qBONzjZ0KnZvllI4WeSHw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/v_ENc6qBONzjZ0KnZvllI4WeSHw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F144C/9030157CD2E511E99A4CE368F8AEA228/A80D090633EF11EE9FE76B534AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.119.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:db:d8:79:dc:10:05:22:18:6e:e1:bd:02:ba:06:71:de:53:
         23:e8:c8:17:ab:9e:bc:8f:a0:64:69:b3:b2:9f:23:f5:e9:d7:
         c2:91:39:24:12:73:c8:1a:b4:7d:51:2f:a6:87:e6:1f:46:81:
         5e:18:36:73:fe:76:ca:e0:6d:72:6d:20:0e:36:dd:49:c7:f9:
         50:c7:7c:03:ae:8d:ce:70:a0:c4:2e:8a:ed:a7:12:95:81:6c:
         1f:2d:04:50:ea:1e:ec:5f:1a:e1:5a:38:eb:49:51:fb:3f:01:
         ec:41:83:89:54:25:07:37:96:df:c1:cf:50:95:6a:a1:47:b8:
         6b:87:81:f9:c9:8b:69:98:91:46:21:c7:63:da:71:cc:af:f2:
         d2:ac:10:63:53:da:44:3c:fa:3a:22:93:6b:92:d3:6c:f6:b3:
         ab:c3:9b:8d:5f:cb:f0:47:45:b1:0f:10:b5:9a:f2:a9:eb:46:
         18:a8:e0:f1:80:03:65:bd:c7:68:80:34:53:7e:0c:85:7e:a9:
         28:9f:bc:f2:03:d7:08:74:2b:e1:64:e0:05:e6:58:ee:8b:eb:
         8e:f3:46:b9:5a:1f:11:46:64:8c:25:9f:08:f9:79:06:7e:e9:
         b1:ac:4c:80:b0:21:39:95:cf:21:34:d3:8c:af:47:61:f2:f4:
         3d:b5:75:e0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBb4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RjE0NENBUjExMC8GA1UEBRMoQkZGMTBENzNBQTgxMzhEQ0UzNjc0MkE3NjZGOTY1
MjM4NTlFNDg3QzAeFw0yMzA4MDYwMDAwNDdaFw0zMzA4MDYwMDAwNDdaMBgxFjAU
BgNVBAMTDTY0Y2VlODUyLTliZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDbPhTy+Ev2tMhNICUIltgMRQCDS/+l7ttw/ROs6gyGem6ulbC0a8cTfYXh
1vBpfgkWOeR/XflDXimt2VcoVHWInulAJP8532EBBBCu3FReB0FNsIzGXmNbF7or
1AIVP4Shb7+eSeWv6ka7CbhiS4HwtFFYHrmQ8+T8LxtF0+dZ2DQanVlR5vPGEAFe
IuDzfTk8KpfkkT7RQlTCAb4/byyx+/iIPscG3TI2lmGS8DSBYIheiCf7UaTHVi0C
8JpL4Vnsl/AlcZmWAaFOSU8VEj9ypt50LlesC2EgyCFA3KJ+QxDZ/LQFDED/Ph2O
dRSkmUbSQr819VnFZvRAHLiOiDvtAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUg681
tFxDHxltHTTTmUNTwoPlajUwHwYDVR0jBBgwFoAUv/ENc6qBONzjZ0KnZvllI4We
SHwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkYxNDRDLzkwMzAxNTdDRDJFNTExRTk5QTRDRTM2OEY4QUVBMjI4L3ZfRU5j
NnFCT056alowS25admxsSTRXZVNIdy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3ZfRU5jNnFCT056alowS25admxsSTRXZVNIdy5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkYxNDRDLzkwMzAxNTdDRDJFNTExRTk5QTRDRTM2OEY4QUVB
MjI4L0E4MEQwOTA2MzNFRjExRUU5RkU3NkI1MzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKgd2AwDQYJKoZIhvcNAQELBQAD
ggEBAHbb2HncEAUiGG7hvQK6BnHeUyPoyBernryPoGRps7KfI/Xp18KROSQSc8ga
tH1RL6aH5h9GgV4YNnP+dsrgbXJtIA423UnH+VDHfAOujc5woMQuiu2nEpWBbB8t
BFDqHuxfGuFaOOtJUfs/AexBg4lUJQc3lt/Bz1CVaqFHuGuHgfnJi2mYkUYhx2Pa
ccyv8tKsEGNT2kQ8+joik2uS02z2s6vDm41fy/BHRbEPELWa8qnrRhio4PGAA2W9
x2iANFN+DIV+qSifvPID1wh0K+Fk4AXmWO6L647zRrlaHxFGZIwlnwj5eQZ+6bGs
TICwITmVzyE004yvR2Hy9D21deA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 02:48:48 2024 by rpki-client on console-ams.rpki-client.org