Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/C003F24010DB11EE919B3D274AD9E6FC.roa
File:                     C003F24010DB11EE919B3D274AD9E6FC.roa (raw, json)
Hash identifier:          ZzsC6VcgZuU64eDRdXNYtK2FJqRl5Cnzl7SVGO0XVEA=
Subject key identifier:   6B:BB:5C:56:4C:A0:39:FD:17:69:D8:C1:5D:4B:C6:38:57:CA:70:0D
Certificate issuer:       /CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
Certificate serial:       02
Authority key identifier: 39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/C003F24010DB11EE919B3D274AD9E6FC.roa
Signing time:             Thu 22 Jun 2023 09:04:10 +0000
ROA not before:           Thu 22 Jun 2023 09:04:07 +0000
ROA not after:            Sat 22 Jun 2024 09:04:07 +0000
asID:                     36963
IP address blocks:        41.74.48.0/20 maxlen: 20
                          41.77.88.0/21 maxlen: 21
                          41.138.72.0/21 maxlen: 21
                          41.190.244.0/22 maxlen: 22
                          41.223.140.0/22 maxlen: 22
                          105.235.240.0/20 maxlen: 20

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3610F96AF/serialNumber=3941634F7D9565B56B197A10EC34C50AA9473559
        Validity
            Not Before: Jun 22 09:04:07 2023 GMT
            Not After : Jun 22 09:04:07 2024 GMT
        Subject: CN=64940e8a-e4e1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:47:b4:d8:8f:c4:c3:0c:c7:7a:b0:e6:f9:5a:
                    21:11:9f:c6:a4:f6:ca:ff:b9:3d:e4:26:76:ea:2d:
                    17:ff:9b:52:4d:7e:16:9f:f2:c2:11:98:51:28:d6:
                    53:d9:ba:ec:cf:5a:4b:da:a1:69:51:87:51:df:9d:
                    99:02:42:69:83:99:61:b7:4d:ca:0a:bf:4a:3c:c5:
                    f4:44:99:c9:47:f0:a4:fe:21:08:53:4a:9a:8c:c4:
                    fa:41:a7:66:05:44:de:a0:16:5a:6e:a9:3f:c5:8a:
                    47:0e:1c:cb:a3:1a:cc:b2:bf:ab:87:9c:01:49:07:
                    26:db:7d:90:97:47:65:84:86:20:66:72:86:cc:ce:
                    f5:35:6c:41:1f:fb:25:36:ec:34:0e:ba:e7:ed:2a:
                    2b:fb:de:4c:d1:01:86:36:80:c6:6c:c7:bb:cb:9f:
                    84:15:77:2d:37:26:db:fa:6d:c2:27:76:9d:fb:b5:
                    5d:85:32:32:25:4a:ce:51:72:bd:47:14:48:bc:7f:
                    f1:96:ed:bb:10:89:af:44:15:67:1e:6f:79:ca:4e:
                    54:78:44:7d:ff:96:99:28:6d:b4:89:7c:9d:68:f0:
                    b0:9b:51:1e:bd:38:b3:06:00:37:87:f7:d3:18:46:
                    1b:55:5e:f2:42:65:43:85:f6:a0:05:46:1b:47:bc:
                    00:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:BB:5C:56:4C:A0:39:FD:17:69:D8:C1:5D:4B:C6:38:57:CA:70:0D
            X509v3 Authority Key Identifier:
                keyid:39:41:63:4F:7D:95:65:B5:6B:19:7A:10:EC:34:C5:0A:A9:47:35:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/OUFjT32VZbVrGXoQ7DTFCqlHNVk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/OUFjT32VZbVrGXoQ7DTFCqlHNVk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3610F96/5233202E10D611EE975DEC154AD9E6FC/C003F24010DB11EE919B3D274AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.74.48.0/20
                  41.77.88.0/21
                  41.138.72.0/21
                  41.190.244.0/22
                  41.223.140.0/22
                  105.235.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         96:a9:bd:ea:71:a0:18:d6:8e:9d:98:42:06:f7:56:90:81:63:
         4d:0e:f9:38:42:a3:63:8e:34:c7:5d:56:2f:5c:fe:69:6b:b8:
         b2:24:e9:fb:58:a9:77:31:49:0a:bc:c7:5a:2d:05:b1:ce:08:
         d3:31:f1:cf:5c:4c:90:45:0c:3a:68:1d:74:a6:3a:9f:7f:5d:
         d0:0d:fd:b5:3b:ac:77:53:db:eb:b6:c1:32:89:b4:98:ed:9d:
         ce:1d:7c:a9:7e:16:87:57:59:e4:20:9e:e2:32:8d:c7:61:b4:
         0d:8d:6b:34:58:47:3b:10:35:9f:6e:4a:20:c9:86:13:dc:00:
         25:f3:3a:62:f6:8b:82:15:da:dc:9c:d5:c4:18:43:e6:1e:16:
         22:9f:01:9f:62:2f:6c:c2:09:65:f8:1f:97:4b:10:18:06:9c:
         d4:6f:25:84:05:c0:1a:42:7c:18:f2:43:02:2a:0e:d9:cc:cb:
         dd:32:1f:ac:47:85:96:bb:0f:7f:a0:31:b6:c6:66:69:64:1c:
         22:b4:ea:ec:8a:65:f4:ed:30:97:2b:26:7b:0b:f3:b4:61:45:
         d4:64:b6:a9:53:50:42:eb:84:42:22:24:24:e3:92:85:93:ee:
         50:a5:15:96:c7:40:23:12:fe:bb:26:31:d6:5f:a9:78:8d:03:
         6a:d6:c5:dc
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MEY5NkFGMTEwLwYDVQQFEygzOTQxNjM0RjdEOTU2NUI1NkIxOTdBMTBFQzM0QzUw
QUE5NDczNTU5MB4XDTIzMDYyMjA5MDQwN1oXDTI0MDYyMjA5MDQwN1owGDEWMBQG
A1UEAxMNNjQ5NDBlOGEtZTRlMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZHtNiPxMMMx3qw5vlaIRGfxqT2yv+5PeQmduotF/+bUk1+Fp/ywhGYUSjW
U9m67M9aS9qhaVGHUd+dmQJCaYOZYbdNygq/SjzF9ESZyUfwpP4hCFNKmozE+kGn
ZgVE3qAWWm6pP8WKRw4cy6MazLK/q4ecAUkHJtt9kJdHZYSGIGZyhszO9TVsQR/7
JTbsNA665+0qK/veTNEBhjaAxmzHu8ufhBV3LTcm2/ptwid2nfu1XYUyMiVKzlFy
vUcUSLx/8ZbtuxCJr0QVZx5vecpOVHhEff+WmShttIl8nWjwsJtRHr04swYAN4f3
0xhGG1Ve8kJlQ4X2oAVGG0e8ALsCAwEAAaOCAsMwggK/MB0GA1UdDgQWBBRru1xW
TKA5/Rdp2MFdS8Y4V8pwDTAfBgNVHSMEGDAWgBQ5QWNPfZVltWsZehDsNMUKqUc1
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFEOUU2RkMvT1VGalQz
MlZaYlZyR1hvUTdEVEZDcWxITlZrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvT1VGalQzMlZaYlZyR1hvUTdEVEZDcWxITlZrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTBGOTYvNTIzMzIwMkUxMEQ2MTFFRTk3NURFQzE1NEFE
OUU2RkMvQzAwM0YyNDAxMERCMTFFRTkxOUIzRDI3NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEBClKMAMEAylNWAMEAymKSAME
Aim+9AMEAinfjAMEBGnr8DANBgkqhkiG9w0BAQsFAAOCAQEAlqm96nGgGNaOnZhC
BvdWkIFjTQ75OEKjY440x11WL1z+aWu4siTp+1ipdzFJCrzHWi0Fsc4I0zHxz1xM
kEUMOmgddKY6n39d0A39tTusd1Pb67bBMom0mO2dzh18qX4Wh1dZ5CCe4jKNx2G0
DY1rNFhHOxA1n25KIMmGE9wAJfM6YvaLghXa3JzVxBhD5h4WIp8Bn2IvbMIJZfgf
l0sQGAac1G8lhAXAGkJ8GPJDAioO2czL3TIfrEeFlrsPf6AxtsZmaWQcIrTq7Ipl
9O0wlysmewvztGFF1GS2qVNQQuuEQiIkJOOShZPuUKUVlsdAIxL+uyYx1l+peI0D
atbF3A==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:30:58 2024 by rpki-client on console-ams.rpki-client.org