Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/B5C641305CFC11EEA64F4C474AD9E6FC.roa
File:                     B5C641305CFC11EEA64F4C474AD9E6FC.roa (raw, json)
Hash identifier:          tgXKpYqI5b7R0xuYhafXnC/xY8F2N2nePZ1ypNBD9ZA=
Subject key identifier:   33:98:9D:13:B4:7E:50:97:A5:47:5E:6A:AB:C4:20:22:02:0D:61:82
Certificate issuer:       /CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
Certificate serial:       0C1F
Authority key identifier: 44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1
Authority info access:    rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/B5C641305CFC11EEA64F4C474AD9E6FC.roa
Signing time:             Wed 27 Sep 2023 06:11:35 +0000
ROA not before:           Wed 27 Sep 2023 06:11:31 +0000
ROA not after:            Mon 30 Sep 2030 06:11:31 +0000
asID:                     203999
IP address blocks:        161.123.8.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.mft
                          rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
                          rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:21:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3103 (0xc1f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36FA15DAR/serialNumber=44A9F69F4141DA76B7353EB0D581523AFE2B81E1
        Validity
            Not Before: Sep 27 06:11:31 2023 GMT
            Not After : Sep 30 06:11:31 2030 GMT
        Subject: CN=6513c797-ad8e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:aa:55:1f:b4:30:40:cb:24:4c:6f:7f:bc:e0:
                    b2:2c:8a:6b:b3:bf:f0:e9:2e:81:d7:cc:5a:dc:d4:
                    9e:b9:39:80:04:6d:35:87:78:a0:78:95:1d:00:d7:
                    e9:56:7d:51:14:66:1b:8f:2f:8a:84:16:82:ca:1a:
                    3a:67:a5:56:67:14:a3:72:9b:dd:17:b5:59:a1:0a:
                    9b:b0:b4:0b:2f:47:33:61:85:39:0e:e9:ea:db:1a:
                    c4:94:a3:38:63:a7:e2:7a:0a:a9:b0:76:f7:6e:2e:
                    b2:7d:6c:96:fd:34:16:7a:7c:3c:94:8c:03:9e:91:
                    dd:0a:2d:94:af:c1:0d:97:90:90:02:50:52:99:b7:
                    61:a6:2c:e5:88:87:e0:b2:dd:77:e2:a4:b0:51:46:
                    e3:bc:2b:20:b2:3e:18:c1:d3:ac:e3:2e:65:22:4d:
                    ec:cd:70:5d:30:2f:47:e3:14:8f:68:30:f4:ff:f6:
                    7f:f1:6f:af:4f:51:1b:da:ce:f9:0e:00:bb:04:01:
                    f6:db:df:d7:88:44:95:cb:4c:03:d7:9d:6f:52:cd:
                    f7:20:08:5e:18:91:83:73:5b:22:d6:79:19:b0:f8:
                    5e:7b:c2:16:a5:ea:2d:64:91:66:61:25:1b:e0:d7:
                    ab:6e:11:3c:f0:89:ec:69:f7:40:b8:e1:78:71:c4:
                    9e:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:98:9D:13:B4:7E:50:97:A5:47:5E:6A:AB:C4:20:22:02:0D:61:82
            X509v3 Authority Key Identifier:
                keyid:44:A9:F6:9F:41:41:DA:76:B7:35:3E:B0:D5:81:52:3A:FE:2B:81:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/RKn2n0FB2na3NT6w1YFSOv4rgeE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/RKn2n0FB2na3NT6w1YFSOv4rgeE.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36FA15D/98166C5E623711EB931CB859F8AEA228/B5C641305CFC11EEA64F4C474AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  161.123.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ab:cd:77:38:30:99:8c:17:24:69:e6:dc:35:56:66:f2:42:23:
         35:29:96:13:81:81:0d:8b:d5:71:7d:2f:f9:d1:e8:34:1b:dc:
         98:16:88:a7:71:11:9f:4f:cd:fa:fc:44:90:3c:81:87:63:9e:
         65:ed:f8:fb:cb:38:62:a3:cc:b5:8d:b3:78:4a:8a:96:3b:57:
         c2:0e:43:63:c7:b5:97:e9:c4:b7:2d:13:11:52:66:e4:44:53:
         98:74:fa:ea:a8:e4:f0:9e:49:7d:7b:62:83:73:96:76:e5:1b:
         7b:65:53:86:00:a7:79:17:00:32:d6:c1:73:8d:17:02:80:5c:
         a8:3d:da:fd:ce:d1:5b:44:d1:2a:ec:19:16:63:43:59:0f:63:
         27:9a:1a:f3:f2:67:0b:74:94:c9:d6:a4:5f:69:25:92:8d:69:
         6c:a3:4c:52:a7:8f:1f:71:b6:5d:43:b4:69:5d:a2:35:38:39:
         18:b2:2e:dc:e9:11:33:af:43:bd:46:7c:8a:b7:ac:ed:f6:0d:
         87:3b:bb:86:3a:e8:22:2a:48:95:b9:e5:8c:db:a4:53:88:bd:
         6d:70:b5:3e:e5:8a:c5:a4:40:4f:13:5d:1b:7e:e2:fd:d7:ad:
         53:17:d2:3f:c7:7d:fc:c4:47:4a:9b:aa:07:d7:bb:c8:c6:e8:
         6a:e6:52:9c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICDB8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
RkExNURBUjExMC8GA1UEBRMoNDRBOUY2OUY0MTQxREE3NkI3MzUzRUIwRDU4MTUy
M0FGRTJCODFFMTAeFw0yMzA5MjcwNjExMzFaFw0zMDA5MzAwNjExMzFaMBgxFjAU
BgNVBAMTDTY1MTNjNzk3LWFkOGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCpqlUftDBAyyRMb3+84LIsimuzv/DpLoHXzFrc1J65OYAEbTWHeKB4lR0A
1+lWfVEUZhuPL4qEFoLKGjpnpVZnFKNym90XtVmhCpuwtAsvRzNhhTkO6erbGsSU
ozhjp+J6CqmwdvduLrJ9bJb9NBZ6fDyUjAOekd0KLZSvwQ2XkJACUFKZt2GmLOWI
h+Cy3XfipLBRRuO8KyCyPhjB06zjLmUiTezNcF0wL0fjFI9oMPT/9n/xb69PURva
zvkOALsEAfbb39eIRJXLTAPXnW9SzfcgCF4YkYNzWyLWeRmw+F57whal6i1kkWZh
JRvg16tuETzwiexp90C44XhxxJ6NAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUM5id
E7R+UJelR15qq8QgIgINYYIwHwYDVR0jBBgwFoAURKn2n0FB2na3NT6w1YFSOv4r
geEwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVBMjI4L1JLbjJu
MEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L1JLbjJuMEZCMm5hM05UNncxWUZTT3Y0cmdlRS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNkZBMTVELzk4MTY2QzVFNjIzNzExRUI5MzFDQjg1OUY4QUVB
MjI4L0I1QzY0MTMwNUNGQzExRUVBNjRGNEM0NzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOhewgwDQYJKoZIhvcNAQELBQAD
ggEBAKvNdzgwmYwXJGnm3DVWZvJCIzUplhOBgQ2L1XF9L/nR6DQb3JgWiKdxEZ9P
zfr8RJA8gYdjnmXt+PvLOGKjzLWNs3hKipY7V8IOQ2PHtZfpxLctExFSZuREU5h0
+uqo5PCeSX17YoNzlnblG3tlU4YAp3kXADLWwXONFwKAXKg92v3O0VtE0SrsGRZj
Q1kPYyeaGvPyZwt0lMnWpF9pJZKNaWyjTFKnjx9xtl1DtGldojU4ORiyLtzpETOv
Q71GfIq3rO32DYc7u4Y66CIqSJW55YzbpFOIvW1wtT7lisWkQE8TXRt+4v3XrVMX
0j/HffzER0qbqgfXu8jG6GrmUpw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:10:20 2024 by rpki-client on console-fra.rpki-client.org