Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/CD674766C4BD11EE919A03C3775412E6.roa
File:                     CD674766C4BD11EE919A03C3775412E6.roa (raw, json)
Hash identifier:          OanaiKOLIqNb1FgUkON3ImaUbAy5m6c5J9qnUpLgWow=
Subject key identifier:   00:76:EB:30:3D:FD:43:BD:D2:FE:E3:DB:21:2B:0E:8B:29:81:EF:A7
Certificate issuer:       /CN=F36F9BF2AR/serialNumber=AD33560A35FDC24E32B7E1A479E21B0E896A2B0F
Certificate serial:       0314
Authority key identifier: AD:33:56:0A:35:FD:C2:4E:32:B7:E1:A4:79:E2:1B:0E:89:6A:2B:0F
Authority info access:    rsync://rpki.afrinic.net/repository/arin/rTNWCjX9wk4yt-GkeeIbDolqKw8.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/CD674766C4BD11EE919A03C3775412E6.roa
Signing time:             Tue 06 Feb 2024 07:03:17 +0000
ROA not before:           Tue 06 Feb 2024 07:03:14 +0000
ROA not after:            Fri 28 Feb 2025 07:03:14 +0000
asID:                     37154
IP address blocks:        165.58.129.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/rTNWCjX9wk4yt-GkeeIbDolqKw8.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/rTNWCjX9wk4yt-GkeeIbDolqKw8.mft
                          rsync://rpki.afrinic.net/repository/arin/rTNWCjX9wk4yt-GkeeIbDolqKw8.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 788 (0x314)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36F9BF2AR/serialNumber=AD33560A35FDC24E32B7E1A479E21B0E896A2B0F
        Validity
            Not Before: Feb  6 07:03:14 2024 GMT
            Not After : Feb 28 07:03:14 2025 GMT
        Subject: CN=65c1d9b5-9101
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:3a:71:c1:66:51:21:a6:0c:77:5b:ce:cb:a9:
                    03:a1:76:bd:f1:59:bf:ef:c1:9c:1b:09:1f:df:bc:
                    d0:66:d8:7d:9d:e8:ad:84:9d:1c:31:e3:c3:94:43:
                    45:82:08:e0:66:57:d5:74:f6:f3:f5:0e:41:2d:f9:
                    81:2f:90:f8:62:96:ea:3b:7f:91:83:31:b6:bf:78:
                    ff:e7:a4:44:c2:a6:6c:88:9b:87:1d:33:81:90:ee:
                    7d:38:71:60:af:c0:3a:11:20:8b:1c:ef:3c:84:4e:
                    93:8c:24:df:da:39:03:b3:3f:89:4d:80:32:7c:64:
                    5c:19:98:97:3b:b6:d1:21:08:19:ae:17:14:bd:ab:
                    e5:1c:27:dd:7d:e5:c6:e8:18:d7:c6:b8:25:6a:93:
                    23:17:03:00:49:3e:97:62:9b:bf:4a:e5:5d:6a:ac:
                    06:4b:ae:5e:72:eb:2e:f5:94:c8:3a:8b:49:f7:66:
                    c1:9b:a6:a0:6b:38:d4:b5:21:7a:74:08:c0:59:29:
                    6e:a8:4d:03:37:27:2a:21:02:e9:88:cc:37:53:7c:
                    d7:12:3c:e6:c5:9b:78:13:15:c7:50:84:8d:c5:27:
                    f7:60:d8:10:52:47:12:0a:2b:e9:54:f3:03:25:b4:
                    39:59:c7:a4:19:38:48:75:97:34:b6:e0:06:0f:36:
                    e3:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:76:EB:30:3D:FD:43:BD:D2:FE:E3:DB:21:2B:0E:8B:29:81:EF:A7
            X509v3 Authority Key Identifier:
                keyid:AD:33:56:0A:35:FD:C2:4E:32:B7:E1:A4:79:E2:1B:0E:89:6A:2B:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/rTNWCjX9wk4yt-GkeeIbDolqKw8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/rTNWCjX9wk4yt-GkeeIbDolqKw8.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36F9BF2/5A60711A6FF711EC954B07CA5A40D577/CD674766C4BD11EE919A03C3775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  165.58.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:d6:ac:49:ab:41:d3:2f:69:53:0c:ad:8c:6b:05:49:29:c0:
         f6:31:a4:5b:13:54:85:a5:19:40:7e:d2:82:b6:20:ca:2b:37:
         4f:36:16:ba:04:0d:2b:2e:8c:63:c7:f6:fe:4a:55:22:8b:f5:
         96:89:3f:8f:03:38:8b:01:f2:2a:29:01:b1:6c:f2:5b:08:5b:
         93:24:7f:27:10:b6:bc:0d:47:f2:1f:e6:82:65:31:b0:3c:3b:
         51:44:e1:a6:b2:7c:29:ee:df:46:24:1e:25:50:4c:a2:08:42:
         cd:b6:46:65:35:b2:74:d0:12:8f:bd:d9:62:fe:95:31:12:78:
         6a:9e:b9:f1:00:f4:77:aa:4c:ad:4c:ca:01:3d:73:72:40:d0:
         cd:63:01:ff:ab:e7:bc:f1:db:9d:f2:f3:9c:c1:53:6c:84:46:
         3f:5c:77:cc:78:bc:8a:cd:a7:0e:0b:c1:06:14:4b:60:83:fd:
         3a:a6:e3:2b:62:c9:3c:2d:b8:98:56:27:0a:1e:f2:fc:d8:41:
         0e:85:dd:1e:0a:db:f8:c2:73:47:16:8a:67:2f:03:d7:33:d4:
         72:9e:30:7a:18:58:c6:39:ac:b5:f8:a9:38:e2:11:c5:a5:e0:
         af:c3:1e:0e:b8:42:3f:0e:ad:8b:af:93:5c:d2:e9:b4:cf:aa:
         42:5a:af:02
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAxQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
RjlCRjJBUjExMC8GA1UEBRMoQUQzMzU2MEEzNUZEQzI0RTMyQjdFMUE0NzlFMjFC
MEU4OTZBMkIwRjAeFw0yNDAyMDYwNzAzMTRaFw0yNTAyMjgwNzAzMTRaMBgxFjAU
BgNVBAMTDTY1YzFkOWI1LTkxMDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCxOnHBZlEhpgx3W87LqQOhdr3xWb/vwZwbCR/fvNBm2H2d6K2EnRwx48OU
Q0WCCOBmV9V09vP1DkEt+YEvkPhiluo7f5GDMba/eP/npETCpmyIm4cdM4GQ7n04
cWCvwDoRIIsc7zyETpOMJN/aOQOzP4lNgDJ8ZFwZmJc7ttEhCBmuFxS9q+UcJ919
5cboGNfGuCVqkyMXAwBJPpdim79K5V1qrAZLrl5y6y71lMg6i0n3ZsGbpqBrONS1
IXp0CMBZKW6oTQM3JyohAumIzDdTfNcSPObFm3gTFcdQhI3FJ/dg2BBSRxIKK+lU
8wMltDlZx6QZOEh1lzS24AYPNuMvAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUAHbr
MD39Q73S/uPbISsOiymB76cwHwYDVR0jBBgwFoAUrTNWCjX9wk4yt+GkeeIbDolq
Kw8wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkY5QkYyLzVBNjA3MTFBNkZGNzExRUM5NTRCMDdDQTVBNDBENTc3L3JUTldD
alg5d2s0eXQtR2tlZUliRG9scUt3OC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3JUTldDalg5d2s0eXQtR2tlZUliRG9scUt3OC5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkY5QkYyLzVBNjA3MTFBNkZGNzExRUM5NTRCMDdDQTVBNDBE
NTc3L0NENjc0NzY2QzRCRDExRUU5MTlBMDNDMzc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAClOoEwDQYJKoZIhvcNAQELBQAD
ggEBADzWrEmrQdMvaVMMrYxrBUkpwPYxpFsTVIWlGUB+0oK2IMorN082FroEDSsu
jGPH9v5KVSKL9ZaJP48DOIsB8iopAbFs8lsIW5MkfycQtrwNR/If5oJlMbA8O1FE
4aayfCnu30YkHiVQTKIIQs22RmU1snTQEo+92WL+lTESeGqeufEA9HeqTK1MygE9
c3JA0M1jAf+r57zx253y85zBU2yERj9cd8x4vIrNpw4LwQYUS2CD/Tqm4ytiyTwt
uJhWJwoe8vzYQQ6F3R4K2/jCc0cWimcvA9cz1HKeMHoYWMY5rLX4qTjiEcWl4K/D
Hg64Qj8OrYuvk1zS6bTPqkJarwI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:05:33 2024 by rpki-client on console-ams.rpki-client.org