Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/30C6F72C950F11EE8926A04FD25BE465.roa
File:                     30C6F72C950F11EE8926A04FD25BE465.roa (raw, json)
Hash identifier:          LFYRLa2bmGOmZZNRSETvsxBc+JZihbiM1+V6yMkR8p8=
Subject key identifier:   8F:CC:3C:C3:83:01:8B:63:EB:43:79:25:49:BF:51:79:DF:4D:A9:45
Certificate issuer:       /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial:       0CD6
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/30C6F72C950F11EE8926A04FD25BE465.roa
Signing time:             Thu 07 Dec 2023 14:44:57 +0000
ROA not before:           Thu 07 Dec 2023 14:44:54 +0000
ROA not after:            Thu 14 Dec 2028 14:44:54 +0000
asID:                     207990
IP address blocks:        161.123.32.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.mft
                          rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3286 (0xcd6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
        Validity
            Not Before: Dec  7 14:44:54 2023 GMT
            Not After : Dec 14 14:44:54 2028 GMT
        Subject: CN=6571da69-550a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:a0:2f:79:32:2b:03:38:e4:a1:32:65:22:b7:
                    f9:14:c8:80:64:45:3e:9c:fb:d9:b0:25:07:8a:08:
                    e3:94:7b:04:f8:73:da:29:8e:be:58:52:d1:2c:38:
                    04:9d:29:64:30:df:56:b6:57:ba:ea:73:27:34:f0:
                    2b:1c:bc:a4:75:3e:b3:df:42:1b:af:95:22:01:58:
                    48:20:6a:c5:37:14:2c:f2:b7:b6:b6:db:ef:ee:14:
                    38:8a:3d:94:f1:70:30:88:cc:8a:d1:43:69:79:8e:
                    6f:7c:4c:fb:a9:f4:a5:c1:fe:ad:bb:f6:02:99:bb:
                    f8:5f:0b:71:f9:db:2a:5c:a4:2d:03:d3:44:5c:3b:
                    e7:a3:a7:79:cd:55:6d:2b:7f:00:4a:d9:df:3f:7e:
                    9d:0e:d3:b2:23:9f:26:95:99:ed:41:54:cc:1d:6b:
                    2d:7e:7d:d2:82:eb:6b:0c:0f:e6:7a:cd:b7:c3:16:
                    fc:2e:b5:ca:cb:5c:18:b0:2a:fd:b0:61:39:bb:c9:
                    b4:66:68:8c:9b:8c:bf:81:2e:21:fd:f7:15:4f:cf:
                    e0:ad:57:c1:47:f9:fe:9b:71:f6:95:ee:0b:0e:02:
                    e0:3e:7b:d6:c6:5c:ae:96:29:dd:03:2b:ce:c0:12:
                    a5:1a:21:05:65:69:4c:d2:10:fa:d3:d7:6b:b8:9b:
                    fe:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:CC:3C:C3:83:01:8B:63:EB:43:79:25:49:BF:51:79:DF:4D:A9:45
            X509v3 Authority Key Identifier:
                keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/30C6F72C950F11EE8926A04FD25BE465.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.123.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:f0:c7:30:95:63:11:22:7d:c0:0b:6f:5d:ee:72:dc:27:5b:
         af:46:25:9f:3d:01:2c:4a:e9:49:9d:c5:1e:5b:d0:cc:77:47:
         f5:79:8e:21:53:7c:0e:9a:1c:76:62:ef:5b:22:da:82:6f:40:
         d3:a7:94:c6:02:4f:f9:0c:60:79:93:4f:62:b5:5a:5b:2f:05:
         b9:78:9d:fc:fa:69:71:76:3a:fc:fd:79:21:31:1f:ea:d8:ca:
         0c:d8:ec:8a:f6:ef:d5:4c:b4:3f:54:24:7c:5c:b7:35:c2:f9:
         35:bc:1a:9a:3a:e4:f7:82:6c:ed:40:67:01:9f:ac:7d:f8:b8:
         8d:ab:4e:8f:65:64:1a:07:3d:92:2a:bc:2f:96:d8:73:28:b3:
         6f:2c:d4:62:0e:3d:40:fc:a9:ae:ff:68:31:0f:9b:a6:f4:5c:
         c9:d2:b5:1a:98:26:b6:a2:d0:32:ba:2d:f3:0d:3d:c8:11:e2:
         15:9b:f7:b1:ac:0c:cf:fa:fb:13:0d:b6:18:a5:17:7f:77:9f:
         f7:22:25:45:51:16:88:5f:eb:4c:89:58:24:25:d8:74:51:6a:
         3b:8b:b6:d3:4a:1f:72:7e:2a:15:42:78:b7:bb:ef:47:d3:0a:
         90:82:1a:48:f6:e4:b4:c6:6c:75:2c:4a:a6:9b:d3:1e:11:eb:
         03:68:c4:ec
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDNYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMzEyMDcxNDQ0NTRaFw0yODEyMTQxNDQ0NTRaMBgxFjAU
BgNVBAMTDTY1NzFkYTY5LTU1MGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDRoC95MisDOOShMmUit/kUyIBkRT6c+9mwJQeKCOOUewT4c9opjr5YUtEs
OASdKWQw31a2V7rqcyc08CscvKR1PrPfQhuvlSIBWEggasU3FCzyt7a22+/uFDiK
PZTxcDCIzIrRQ2l5jm98TPup9KXB/q279gKZu/hfC3H52ypcpC0D00RcO+ejp3nN
VW0rfwBK2d8/fp0O07IjnyaVme1BVMwday1+fdKC62sMD+Z6zbfDFvwutcrLXBiw
Kv2wYTm7ybRmaIybjL+BLiH99xVPz+CtV8FH+f6bcfaV7gsOAuA+e9bGXK6WKd0D
K87AEqUaIQVlaUzSEPrT12u4m/5ZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUj8w8
w4MBi2PrQ3klSb9Red9NqUUwHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4LzMwQzZGNzJDOTUwRjExRUU4OTI2QTA0RkQyNUJFNDY1LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACheyAwDQYJKoZIhvcNAQELBQAD
ggEBAGXwxzCVYxEifcALb13uctwnW69GJZ89ASxK6UmdxR5b0Mx3R/V5jiFTfA6a
HHZi71si2oJvQNOnlMYCT/kMYHmTT2K1WlsvBbl4nfz6aXF2Ovz9eSExH+rYygzY
7Ir279VMtD9UJHxctzXC+TW8Gpo65PeCbO1AZwGfrH34uI2rTo9lZBoHPZIqvC+W
2HMos28s1GIOPUD8qa7/aDEPm6b0XMnStRqYJrai0DK6LfMNPcgR4hWb97GsDM/6
+xMNthilF393n/ciJUVRFohf60yJWCQl2HRRajuLttNKH3J+KhVCeLe770fTCpCC
Gkj25LTGbHUsSqab0x4R6wNoxOw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:19 2024 by rpki-client on console-fra.rpki-client.org