Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/0BE2F124134911EEBA13287E4AD9E6FC.roa
File:                     0BE2F124134911EEBA13287E4AD9E6FC.roa (raw, json)
Hash identifier:          AR4h8HP3T9beaneEA35wE5JcMBXckbay9lRrgEhRULI=
Subject key identifier:   C2:3B:AB:4F:39:B6:A1:66:EE:17:A2:66:43:7B:54:8A:59:5D:D8:98
Certificate issuer:       /CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
Certificate serial:       0C
Authority key identifier: 39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/0BE2F124134911EEBA13287E4AD9E6FC.roa
Signing time:             Sun 25 Jun 2023 11:11:35 +0000
ROA not before:           Sun 25 Jun 2023 11:11:30 +0000
ROA not after:            Tue 25 Jun 2024 11:11:30 +0000
asID:                     36963
IP address blocks:        41.74.48.0/24 maxlen: 24
                          41.74.49.0/24 maxlen: 24
                          41.74.55.0/24 maxlen: 24
                          41.74.56.0/24 maxlen: 24
                          41.138.72.0/24 maxlen: 24
                          41.138.73.0/24 maxlen: 24
                          41.138.76.0/24 maxlen: 24
                          41.138.77.0/24 maxlen: 24
                          41.138.78.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
        Validity
            Not Before: Jun 25 11:11:30 2023 GMT
            Not After : Jun 25 11:11:30 2024 GMT
        Subject: CN=649820e7-35d4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:04:bf:e9:bb:7d:4a:7f:6c:52:dd:6e:8f:44:
                    0b:64:45:6d:cb:37:fc:57:62:f2:6d:7f:e4:97:9a:
                    c7:0b:89:2f:43:43:34:fd:86:a9:03:c5:fc:8a:20:
                    85:41:0c:9b:b5:8e:d4:f7:d9:e8:67:6e:10:7e:be:
                    dd:31:ce:df:ee:ba:fa:6f:d6:d9:70:dc:0b:86:be:
                    9c:e1:7e:08:28:62:9d:59:0f:78:e5:bf:08:4f:81:
                    4f:b0:00:8f:19:df:bd:34:ba:f5:6e:25:0f:7a:39:
                    a3:f7:26:9d:96:42:3d:54:cb:c6:ca:25:35:ba:af:
                    91:a6:b4:ed:c7:b8:bb:ad:05:4d:ce:f8:31:af:81:
                    63:c4:f8:a6:d9:13:52:fd:47:22:7a:36:48:11:e9:
                    31:a3:49:68:b8:b2:4f:0e:fd:39:bc:c6:e3:01:f9:
                    4f:68:73:9e:89:ea:c3:c4:64:6c:2d:36:69:f2:d4:
                    49:6f:8a:5f:97:fe:a2:84:34:dd:81:47:3e:c8:a3:
                    54:0d:b7:3b:72:53:cb:c5:a0:29:17:7b:fe:00:89:
                    f2:2c:11:3b:6d:23:24:3d:03:d1:0a:dc:4b:7e:a9:
                    b4:ca:42:2a:5d:a6:5f:50:51:a9:1b:0f:9d:80:16:
                    b9:30:16:0b:13:ba:52:99:45:e9:e0:b6:fd:96:ec:
                    a6:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:3B:AB:4F:39:B6:A1:66:EE:17:A2:66:43:7B:54:8A:59:5D:D8:98
            X509v3 Authority Key Identifier:
                keyid:39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/0BE2F124134911EEBA13287E4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.74.48.0/23
                  41.74.55.0-41.74.56.255
                  41.138.72.0/23
                  41.138.76.0-41.138.78.255

    Signature Algorithm: sha256WithRSAEncryption
         5d:a3:93:4b:d5:92:14:48:fd:62:58:09:d9:3c:cf:20:ee:f4:
         9a:59:c4:4d:63:c3:a9:b3:6e:05:ef:60:c6:2a:fc:d2:1c:3e:
         08:4f:c0:6e:31:7f:3c:6d:20:0b:43:96:aa:ce:d4:83:19:84:
         ec:54:27:9f:4d:29:38:8a:af:8f:37:41:f8:02:bd:56:16:b2:
         67:26:70:06:10:c1:9c:94:1b:e6:d9:22:50:27:31:41:14:dc:
         5d:e1:a1:87:b4:77:21:33:60:b7:0b:d8:11:03:cc:d9:b7:cd:
         70:da:a1:49:1f:25:a4:3b:75:e0:d9:9c:9d:9a:d0:f3:38:06:
         ec:56:d4:04:2f:48:8b:28:40:a9:00:ba:d7:42:9a:f5:9a:0f:
         f3:08:55:f5:6d:7e:58:41:2d:fa:ae:a4:44:2c:22:99:49:98:
         cf:fa:da:d2:e1:3e:ac:3b:69:9b:e8:49:8f:41:12:79:96:1d:
         ac:b2:52:ac:3f:a6:b7:35:64:fd:2c:f8:87:fd:ff:42:89:88:
         fd:2e:88:db:79:0b:cf:ff:92:fb:89:e9:99:44:53:b9:9b:1d:
         49:ed:8b:df:f2:33:3d:51:ea:59:20:00:7f:e5:af:ac:af:08:
         f9:e8:e8:5c:eb:34:7a:f9:78:de:70:7a:e7:1b:bb:9d:de:ed:
         fa:60:9e:1d
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgIBDDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MEY5NkFGMTEwLwYDVQQFEygzOTQxNjM0RjdEOTU2NUI1NkIxOTdBMTBFQzM0QzUw
QUE5NDczNTU5MB4XDTIzMDYyNTExMTEzMFoXDTI0MDYyNTExMTEzMFowGDEWMBQG
A1UEAxMNNjQ5ODIwZTctMzVkNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMgEv+m7fUp/bFLdbo9EC2RFbcs3/Fdi8m1/5JeaxwuJL0NDNP2GqQPF/Iog
hUEMm7WO1PfZ6GduEH6+3THO3+66+m/W2XDcC4a+nOF+CChinVkPeOW/CE+BT7AA
jxnfvTS69W4lD3o5o/cmnZZCPVTLxsolNbqvkaa07ce4u60FTc74Ma+BY8T4ptkT
Uv1HIno2SBHpMaNJaLiyTw79ObzG4wH5T2hznonqw8RkbC02afLUSW+KX5f+ooQ0
3YFHPsijVA23O3JTy8WgKRd7/gCJ8iwRO20jJD0D0QrcS36ptMpCKl2mX1BRqRsP
nYAWuTAWCxO6UplF6eC2/ZbspmMCAwEAAaOCAscwggLDMB0GA1UdDgQWBBTCO6tP
ObahZu4XomZDe1SKWV3YmDAfBgNVHSMEGDAWgBQ5QWNPfZVltWsZehDsNMUKqUc1
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFEOUU2RkMvT1VGalQz
MlZaYlZyR1hvUTdEVEZDcWxITlZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT1VGalQzMlZaYlZyR1hvUTdEVEZDcWxITlZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFE
OUU2RkMvMEJFMkYxMjQxMzQ5MTFFRUJBMTMyODdFNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBBBggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKAMEASlKMDAMAwQAKUo3AwQAKUo4
AwQBKYpIMAwDBAIpikwDBAApik4wDQYJKoZIhvcNAQELBQADggEBAF2jk0vVkhRI
/WJYCdk8zyDu9JpZxE1jw6mzbgXvYMYq/NIcPghPwG4xfzxtIAtDlqrO1IMZhOxU
J59NKTiKr483QfgCvVYWsmcmcAYQwZyUG+bZIlAnMUEU3F3hoYe0dyEzYLcL2BED
zNm3zXDaoUkfJaQ7deDZnJ2a0PM4BuxW1AQvSIsoQKkAutdCmvWaD/MIVfVtflhB
LfqupEQsIplJmM/62tLhPqw7aZvoSY9BEnmWHayyUqw/prc1ZP0s+If9/0KJiP0u
iNt5C8//kvuJ6ZlEU7mbHUnti9/yMz1R6lkgAH/lr6yvCPno6FzrNHr5eN5weucb
u53e7fpgnh0=
-----END CERTIFICATE-----
Generated at Sun Jun 16 04:43:27 2024 by rpki-client on console-fra.rpki-client.org