Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/AFEDAA6610DD11EE8748E62C4AD9E6FC.roa
File:                     AFEDAA6610DD11EE8748E62C4AD9E6FC.roa (raw, json)
Hash identifier:          gCx9BJAFQ4GJs/Hi/6EjAjuBeWDiY1wM1Ig2qRC6Gi4=
Subject key identifier:   17:EC:35:48:3C:F5:D6:39:9D:71:CD:D7:A7:FD:18:8A:64:D9:5E:52
Certificate issuer:       /CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
Certificate serial:       05
Authority key identifier: 39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/AFEDAA6610DD11EE8748E62C4AD9E6FC.roa
Signing time:             Thu 22 Jun 2023 09:18:02 +0000
ROA not before:           Thu 22 Jun 2023 09:17:59 +0000
ROA not after:            Sat 22 Jun 2024 09:17:59 +0000
asID:                     36963
IP address blocks:        41.190.244.0/24 maxlen: 24
                          41.190.245.0/24 maxlen: 24
                          41.190.246.0/24 maxlen: 24
                          41.190.247.0/24 maxlen: 24
                          41.223.140.0/24 maxlen: 24
                          41.223.141.0/24 maxlen: 24
                          41.223.142.0/24 maxlen: 24
                          41.223.143.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 5 (0x5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
        Validity
            Not Before: Jun 22 09:17:59 2023 GMT
            Not After : Jun 22 09:17:59 2024 GMT
        Subject: CN=649411ca-6dcb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:6b:dd:8f:3c:0c:97:0b:6d:87:db:ac:75:6d:
                    ab:79:51:99:26:0c:96:a9:fc:d7:a1:23:96:9e:73:
                    5d:dc:d2:4c:f9:7a:8d:bc:50:9d:27:6c:94:86:c7:
                    8b:80:08:e2:9b:e1:9a:e1:31:ec:1f:ff:0e:8b:31:
                    62:ef:1b:d7:b4:71:01:46:65:6e:97:a8:0e:5e:fe:
                    18:ce:20:88:9f:4d:ca:04:4c:a0:99:04:f6:08:49:
                    4b:04:ce:b5:36:2b:97:fc:17:63:d4:fc:a0:81:80:
                    11:ea:30:bd:0e:f8:85:84:1d:21:11:e0:46:b9:e9:
                    fe:48:84:3e:ec:ce:22:30:64:32:0f:c9:11:0e:3a:
                    8a:07:01:51:f7:e4:d1:b1:37:0d:5c:e6:57:da:39:
                    78:44:ca:fe:a7:bf:f3:e8:ca:1a:b4:fc:d1:f0:1a:
                    ed:6b:3c:0d:b1:23:55:de:8e:59:91:3f:c7:96:46:
                    3f:1b:e6:bf:c5:e6:dc:41:ab:5b:2d:ee:ba:f9:e0:
                    5a:1a:95:4a:14:68:8e:4a:fc:a6:a4:e3:f4:0d:c0:
                    3c:6d:40:b6:46:77:0a:ca:cf:f0:b6:7a:58:67:62:
                    58:f5:15:92:44:7c:82:00:47:2d:81:90:e4:0c:08:
                    a0:0d:84:00:75:8f:fc:fa:37:79:a2:29:06:1a:99:
                    67:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:EC:35:48:3C:F5:D6:39:9D:71:CD:D7:A7:FD:18:8A:64:D9:5E:52
            X509v3 Authority Key Identifier:
                keyid:39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/AFEDAA6610DD11EE8748E62C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.190.244.0/22
                  41.223.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         22:23:13:9c:16:91:07:ae:cf:31:5d:3f:8f:92:eb:70:98:58:
         99:bc:12:6e:a5:ce:be:9d:c8:f1:2b:0e:8b:59:09:72:89:97:
         03:2a:b1:d0:6c:0c:c7:0d:38:bf:88:0a:b7:40:d0:45:56:7b:
         bc:c2:6c:9e:8e:1f:ce:73:a6:a1:db:0d:6c:52:28:fd:0a:c4:
         0a:52:6b:26:09:4d:05:97:cb:ca:32:3d:f4:e5:75:c0:92:a1:
         f1:3b:a5:a5:3d:62:5c:b7:f4:a4:a3:21:42:12:90:e9:e7:3b:
         84:6e:89:be:c3:b2:e2:8f:f7:16:f5:d5:f4:de:aa:5c:f0:aa:
         2b:6c:d6:0f:08:58:b6:bf:76:52:c3:8d:d7:4b:1a:a8:a7:55:
         1d:e2:ab:c3:3e:77:32:e5:44:33:f0:04:dd:2e:f7:70:43:c1:
         a7:c5:19:7f:fb:17:f1:ca:89:c1:d7:56:18:7e:c4:0e:61:0e:
         8c:77:17:89:ea:da:1f:7a:5b:ed:f7:a3:14:5b:65:15:cd:e8:
         c7:0b:b3:bc:84:9c:72:8a:64:0d:9a:03:ba:93:97:c6:39:2f:
         1d:77:d6:21:87:29:03:60:76:e5:44:75:34:ed:98:77:26:1f:
         ab:44:1d:30:dc:ba:a3:99:6f:7b:18:64:7f:ce:72:f1:94:13:
         74:c3:87:0b
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MEY5NkFGMTEwLwYDVQQFEygzOTQxNjM0RjdEOTU2NUI1NkIxOTdBMTBFQzM0QzUw
QUE5NDczNTU5MB4XDTIzMDYyMjA5MTc1OVoXDTI0MDYyMjA5MTc1OVowGDEWMBQG
A1UEAxMNNjQ5NDExY2EtNmRjYjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALBr3Y88DJcLbYfbrHVtq3lRmSYMlqn816Ejlp5zXdzSTPl6jbxQnSdslIbH
i4AI4pvhmuEx7B//DosxYu8b17RxAUZlbpeoDl7+GM4giJ9NygRMoJkE9ghJSwTO
tTYrl/wXY9T8oIGAEeowvQ74hYQdIRHgRrnp/kiEPuzOIjBkMg/JEQ46igcBUffk
0bE3DVzmV9o5eETK/qe/8+jKGrT80fAa7Ws8DbEjVd6OWZE/x5ZGPxvmv8Xm3EGr
Wy3uuvngWhqVShRojkr8pqTj9A3APG1AtkZ3CsrP8LZ6WGdiWPUVkkR8ggBHLYGQ
5AwIoA2EAHWP/Po3eaIpBhqZZ4ECAwEAAaOCAqswggKnMB0GA1UdDgQWBBQX7DVI
PPXWOZ1xzden/RiKZNleUjAfBgNVHSMEGDAWgBQ5QWNPfZVltWsZehDsNMUKqUc1
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFEOUU2RkMvT1VGalQz
MlZaYlZyR1hvUTdEVEZDcWxITlZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT1VGalQzMlZaYlZyR1hvUTdEVEZDcWxITlZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFE
OUU2RkMvQUZFREFBNjYxMEREMTFFRTg3NDhFNjJDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAim+9AMEAinfjDANBgkqhkiG
9w0BAQsFAAOCAQEAIiMTnBaRB67PMV0/j5LrcJhYmbwSbqXOvp3I8SsOi1kJcomX
Ayqx0GwMxw04v4gKt0DQRVZ7vMJsno4fznOmodsNbFIo/QrEClJrJglNBZfLyjI9
9OV1wJKh8TulpT1iXLf0pKMhQhKQ6ec7hG6JvsOy4o/3FvXV9N6qXPCqK2zWDwhY
tr92UsON10saqKdVHeKrwz53MuVEM/AE3S73cEPBp8UZf/sX8cqJwddWGH7EDmEO
jHcXieraH3pb7fejFFtlFc3oxwuzvISccopkDZoDupOXxjkvHXfWIYcpA2B25UR1
NO2YdyYfq0QdMNy6o5lvexhkf85y8ZQTdMOHCw==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:30:58 2024 by rpki-client on console-ams.rpki-client.org