Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/F25441C6BE9D11EEADDB66A9775412E6.roa
File:                     F25441C6BE9D11EEADDB66A9775412E6.roa (raw, json)
Hash identifier:          ThmE1VW2ZBVlYZBrNW/OBthIz+IP2YebXYtomjDPNPw=
Subject key identifier:   E6:38:D8:01:68:47:12:8F:19:12:D8:6D:31:C3:DE:49:3D:D0:A9:B5
Certificate issuer:       /CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
Certificate serial:       1A
Authority key identifier: CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/F25441C6BE9D11EEADDB66A9775412E6.roa
Signing time:             Mon 29 Jan 2024 12:00:08 +0000
ROA not before:           Mon 29 Jan 2024 12:00:05 +0000
ROA not after:            Thu 29 Jan 2026 12:00:05 +0000
asID:                     21003
IP address blocks:        154.73.28.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.mft
                          rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 26 (0x1a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36114AAAF/serialNumber=CD5232B63C6A832990C86707CB739BDC04DB9A59
        Validity
            Not Before: Jan 29 12:00:05 2024 GMT
            Not After : Jan 29 12:00:05 2026 GMT
        Subject: CN=65b79348-2140
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:5d:b5:0c:88:0c:50:9e:cd:12:cd:0a:43:36:
                    91:bc:6c:78:83:fe:d8:e2:4f:1c:0a:46:db:66:c3:
                    42:f2:7e:57:cf:83:c5:46:1a:a1:bb:8b:ad:ce:fe:
                    67:ee:c6:10:21:e0:bf:45:70:36:1e:da:af:c4:25:
                    cb:7b:57:14:c2:40:9f:50:5c:cb:41:e6:60:ae:38:
                    5b:d6:fe:2e:63:21:80:38:4c:5b:90:36:61:d1:61:
                    de:c5:4e:f1:d7:91:93:b8:5f:14:6e:d4:43:bf:f4:
                    26:14:d0:99:b2:61:8e:96:36:7c:7b:d3:60:2d:23:
                    37:fd:50:4b:cf:8a:17:cc:6e:b6:7a:cc:2d:59:06:
                    3f:4e:a9:ee:51:90:bf:b8:b0:ae:87:e3:7c:5a:d2:
                    36:48:01:1f:fc:28:ca:10:a4:6b:09:5d:a4:99:53:
                    e5:96:fc:94:2c:b4:eb:91:2a:d8:ef:f1:5e:32:4d:
                    5a:05:d8:27:f3:bd:d3:c2:12:2e:20:71:06:c9:48:
                    b8:fc:bb:39:3a:da:7c:6c:74:2c:91:d4:8a:c9:64:
                    78:f9:a4:8a:1f:2e:2b:41:95:77:e7:e7:59:fe:1b:
                    01:58:0b:96:e8:e1:8b:59:38:67:38:27:39:55:54:
                    76:29:7f:45:1e:86:cd:b2:d4:c9:da:d7:ce:b7:83:
                    10:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E6:38:D8:01:68:47:12:8F:19:12:D8:6D:31:C3:DE:49:3D:D0:A9:B5
            X509v3 Authority Key Identifier:
                keyid:CD:52:32:B6:3C:6A:83:29:90:C8:67:07:CB:73:9B:DC:04:DB:9A:59

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/zVIytjxqgymQyGcHy3Ob3ATbmlk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/zVIytjxqgymQyGcHy3Ob3ATbmlk.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36114AA/86D6E57EBE8F11EE832F4491775412E6/F25441C6BE9D11EEADDB66A9775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.73.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         33:3a:2f:09:54:53:20:eb:ab:65:5a:9c:16:27:81:59:78:17:
         8c:67:9a:58:81:9a:df:a6:63:33:a7:f1:d1:b8:66:04:d8:b7:
         9a:21:02:39:41:98:29:bd:66:cb:41:98:aa:2c:f2:f0:17:2a:
         0d:e9:aa:ce:dd:11:35:c4:33:d7:1a:f0:35:4a:bd:04:e0:10:
         46:36:a5:0e:a6:97:2d:91:7d:06:60:a7:02:d4:f8:10:81:8c:
         df:ac:fe:ce:de:a8:df:94:c5:71:d5:4f:52:d4:f0:a6:1a:e6:
         34:32:9a:f4:71:76:a2:60:bb:f1:de:89:40:fa:55:87:ea:69:
         f2:f2:f9:0e:8e:69:9a:78:4c:65:84:9a:d7:cb:e0:1c:09:9d:
         09:7e:cd:b1:64:4f:09:4e:0e:85:c7:c7:21:90:e0:d7:6d:58:
         a2:17:b0:87:ee:5e:bc:0e:21:ca:a0:e5:b2:05:69:c6:c9:43:
         32:95:25:4d:2f:3a:50:80:aa:59:d0:f7:95:12:3a:33:52:0d:
         c7:95:a0:d1:dd:8d:66:57:49:a7:5d:80:58:1f:f2:44:70:e8:
         44:cf:94:c7:58:15:04:7c:ec:ea:0f:ec:17:34:01:a7:77:7b:
         6d:07:05:11:2a:8f:95:29:65:41:e8:d9:fd:15:da:4d:91:cc:
         f5:a0:6f:86
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBGjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYx
MTRBQUFGMTEwLwYDVQQFEyhDRDUyMzJCNjNDNkE4MzI5OTBDODY3MDdDQjczOUJE
QzA0REI5QTU5MB4XDTI0MDEyOTEyMDAwNVoXDTI2MDEyOTEyMDAwNVowGDEWMBQG
A1UEAxMNNjViNzkzNDgtMjE0MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFdtQyIDFCezRLNCkM2kbxseIP+2OJPHApG22bDQvJ+V8+DxUYaobuLrc7+
Z+7GECHgv0VwNh7ar8Qly3tXFMJAn1Bcy0HmYK44W9b+LmMhgDhMW5A2YdFh3sVO
8deRk7hfFG7UQ7/0JhTQmbJhjpY2fHvTYC0jN/1QS8+KF8xutnrMLVkGP06p7lGQ
v7iwrofjfFrSNkgBH/woyhCkawldpJlT5Zb8lCy065Eq2O/xXjJNWgXYJ/O908IS
LiBxBslIuPy7OTrafGx0LJHUislkePmkih8uK0GVd+fnWf4bAVgLlujhi1k4Zzgn
OVVUdil/RR6GzbLUydrXzreDEBUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTmONgB
aEcSjxkS2G0xw95JPdCptTAfBgNVHSMEGDAWgBTNUjK2PGqDKZDIZwfLc5vcBNua
WTAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1NDEyRTYvelZJeXRq
eHFneW1ReUdjSHkzT2IzQVRibWxrLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvelZJeXRqeHFneW1ReUdjSHkzT2IzQVRibWxrLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MTE0QUEvODZENkU1N0VCRThGMTFFRTgzMkY0NDkxNzc1
NDEyRTYvRjI1NDQxQzZCRTlEMTFFRUFEREI2NkE5Nzc1NDEyRTYucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJpJHDANBgkqhkiG9w0BAQsF
AAOCAQEAMzovCVRTIOurZVqcFieBWXgXjGeaWIGa36ZjM6fx0bhmBNi3miECOUGY
Kb1my0GYqizy8BcqDemqzt0RNcQz1xrwNUq9BOAQRjalDqaXLZF9BmCnAtT4EIGM
36z+zt6o35TFcdVPUtTwphrmNDKa9HF2omC78d6JQPpVh+pp8vL5Do5pmnhMZYSa
18vgHAmdCX7NsWRPCU4OhcfHIZDg121Yohewh+5evA4hyqDlsgVpxslDMpUlTS86
UICqWdD3lRI6M1INx5Wg0d2NZldJp12AWB/yRHDoRM+Ux1gVBHzs6g/sFzQBp3d7
bQcFESqPlSllQejZ/RXaTZHM9aBvhg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org