Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/0083609C41D011EE89E0E7164AD9E6FC.roa
File:                     0083609C41D011EE89E0E7164AD9E6FC.roa (raw, json)
Hash identifier:          Cs0G4xEl5hMWa6hitaqDuFwhwB4Knj7Qb8tuuA0NfoM=
Subject key identifier:   A1:C9:8F:48:B6:5F:44:F0:FB:03:9B:21:8D:A6:A7:63:2A:19:14:66
Certificate issuer:       /CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
Certificate serial:       4D
Authority key identifier: 39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/0083609C41D011EE89E0E7164AD9E6FC.roa
Signing time:             Wed 23 Aug 2023 16:13:31 +0000
ROA not before:           Wed 23 Aug 2023 16:13:28 +0000
ROA not after:            Fri 23 Aug 2024 16:13:28 +0000
asID:                     36963
IP address blocks:        41.74.59.0/24 maxlen: 24
                          41.138.75.0/24 maxlen: 24
                          105.235.244.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 77 (0x4d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
        Validity
            Not Before: Aug 23 16:13:28 2023 GMT
            Not After : Aug 23 16:13:28 2024 GMT
        Subject: CN=64e6302b-c7ae
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:47:c1:e9:e2:e1:70:66:b8:63:43:ff:ef:44:
                    29:03:db:0d:49:38:3a:28:9e:2a:e8:38:fd:aa:2e:
                    f6:c8:57:99:20:f3:c0:39:44:c7:dd:42:25:85:d5:
                    f5:b4:0f:12:fd:d0:24:74:38:67:bf:a0:cf:dc:7e:
                    8e:bb:96:c5:05:b3:bd:a5:ea:65:70:87:f0:b5:64:
                    b9:83:3e:02:48:4c:6b:9a:b6:7d:d0:a9:f8:d8:37:
                    60:f6:aa:d9:d9:84:be:a9:54:09:4d:af:af:39:94:
                    1a:bf:c9:e7:c9:fb:53:2a:b6:62:f0:c3:b2:a0:8a:
                    ae:e2:d6:cf:fb:0e:32:09:78:3d:3a:3f:7a:02:10:
                    b3:89:54:a4:92:4c:7b:02:b6:df:9c:8c:c4:66:fc:
                    84:e0:4c:48:70:b5:c9:2b:13:df:b5:28:b1:81:bd:
                    99:ea:4e:3f:2e:2d:3d:a4:3f:60:7c:87:ad:0a:a3:
                    b1:62:b0:cc:01:93:9c:33:00:49:4b:57:e6:56:aa:
                    34:35:6a:77:d7:23:3d:19:be:3c:78:55:c0:33:b8:
                    29:13:75:ce:6e:9a:cd:c7:af:5b:0e:2f:f1:f2:e4:
                    1e:58:14:0e:6c:79:9c:0a:1f:cb:e9:38:95:ff:58:
                    e0:70:16:36:ee:ea:f9:14:94:5c:21:59:b4:b0:26:
                    93:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:C9:8F:48:B6:5F:44:F0:FB:03:9B:21:8D:A6:A7:63:2A:19:14:66
            X509v3 Authority Key Identifier:
                keyid:39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/0083609C41D011EE89E0E7164AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.74.59.0/24
                  41.138.75.0/24
                  105.235.244.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:18:4d:50:6c:21:87:5b:c9:05:a9:54:4f:d3:27:b7:a7:49:
         0e:fd:40:6d:b4:1f:c3:89:6a:9d:69:af:25:3a:b9:c5:b9:33:
         50:fd:8e:cd:d4:b3:4c:9f:ac:69:ba:0e:b2:e5:a9:56:57:f7:
         74:3d:4e:3f:68:4d:57:ad:89:0f:02:50:8a:52:fc:db:5c:1e:
         74:6b:46:7a:03:11:fc:42:e2:11:12:5e:71:bb:14:ec:fd:06:
         b0:0b:e8:c5:71:9a:11:a9:a3:68:b6:78:ab:66:76:40:7d:12:
         0a:96:87:9a:27:33:7d:e6:62:19:02:3c:af:6f:28:f5:43:10:
         20:53:30:1d:77:d7:30:37:ee:bc:95:90:26:fe:de:10:a1:b3:
         46:0a:7d:1a:c9:7d:c7:83:bf:3e:44:e9:05:9c:d6:55:35:45:
         81:fb:c9:6c:94:12:5a:c4:b3:96:ad:23:f0:d4:c7:b0:38:f7:
         84:0a:e9:b6:b7:fe:31:a1:97:1d:26:d4:dc:0e:48:7a:c2:b4:
         f4:bd:1f:cd:42:16:e4:c5:36:f4:0e:ac:8b:45:15:1f:b5:87:
         b8:ad:ab:a1:a7:d6:a4:27:9e:a7:73:29:2d:2d:a9:93:fc:d3:
         9d:ed:f8:55:0e:ed:d3:02:2e:64:99:eb:28:f6:da:86:b2:dc:
         bc:e1:64:a4
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBTTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MEY5NkFGMTEwLwYDVQQFEygzOTQxNjM0RjdEOTU2NUI1NkIxOTdBMTBFQzM0QzUw
QUE5NDczNTU5MB4XDTIzMDgyMzE2MTMyOFoXDTI0MDgyMzE2MTMyOFowGDEWMBQG
A1UEAxMNNjRlNjMwMmItYzdhZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANtHweni4XBmuGND/+9EKQPbDUk4OiieKug4/aou9shXmSDzwDlEx91CJYXV
9bQPEv3QJHQ4Z7+gz9x+jruWxQWzvaXqZXCH8LVkuYM+AkhMa5q2fdCp+Ng3YPaq
2dmEvqlUCU2vrzmUGr/J58n7Uyq2YvDDsqCKruLWz/sOMgl4PTo/egIQs4lUpJJM
ewK235yMxGb8hOBMSHC1ySsT37UosYG9mepOPy4tPaQ/YHyHrQqjsWKwzAGTnDMA
SUtX5laqNDVqd9cjPRm+PHhVwDO4KRN1zm6azcevWw4v8fLkHlgUDmx5nAofy+k4
lf9Y4HAWNu7q+RSUXCFZtLAmk+sCAwEAAaOCArEwggKtMB0GA1UdDgQWBBShyY9I
tl9E8PsDmyGNpqdjKhkUZjAfBgNVHSMEGDAWgBQ5QWNPfZVltWsZehDsNMUKqUc1
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFEOUU2RkMvT1VGalQz
MlZaYlZyR1hvUTdEVEZDcWxITlZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT1VGalQzMlZaYlZyR1hvUTdEVEZDcWxITlZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFE
OUU2RkMvMDA4MzYwOUM0MUQwMTFFRTg5RTBFNzE2NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAClKOwMEACmKSwMEAGnr9DAN
BgkqhkiG9w0BAQsFAAOCAQEAcxhNUGwhh1vJBalUT9Mnt6dJDv1AbbQfw4lqnWmv
JTq5xbkzUP2OzdSzTJ+saboOsuWpVlf3dD1OP2hNV62JDwJQilL821wedGtGegMR
/ELiERJecbsU7P0GsAvoxXGaEamjaLZ4q2Z2QH0SCpaHmiczfeZiGQI8r28o9UMQ
IFMwHXfXMDfuvJWQJv7eEKGzRgp9Gsl9x4O/PkTpBZzWVTVFgfvJbJQSWsSzlq0j
8NTHsDj3hArptrf+MaGXHSbU3A5IesK09L0fzUIW5MU29A6si0UVH7WHuK2roafW
pCeep3MpLS2pk/zTne34VQ7t0wIuZJnrKPbahrLcvOFkpA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:30:58 2024 by rpki-client on console-ams.rpki-client.org