Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F361935C/21C9348AEF0011ECB389E5A1F1222468/6B5534A2AFC311EE8606D196775412E6.roa
File:                     6B5534A2AFC311EE8606D196775412E6.roa (raw, json)
Hash identifier:          pIBKsEr+yaxrxYpVZ5L4+xtRFFmaKt0HvuP5/hnszHs=
Subject key identifier:   CE:06:80:81:BE:8C:24:19:72:87:77:DC:E1:CA:BC:25:E1:14:83:B1
Certificate issuer:       /CN=F361935CAF/serialNumber=190945C50473976873EF254B4FA833BC31D9484B
Certificate serial:       0258
Authority key identifier: 19:09:45:C5:04:73:97:68:73:EF:25:4B:4F:A8:33:BC:31:D9:48:4B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/GQlFxQRzl2hz7yVLT6gzvDHZSEs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F361935C/21C9348AEF0011ECB389E5A1F1222468/6B5534A2AFC311EE8606D196775412E6.roa
Signing time:             Wed 10 Jan 2024 14:20:35 +0000
ROA not before:           Wed 10 Jan 2024 14:20:32 +0000
ROA not after:            Tue 31 Dec 2030 14:20:32 +0000
asID:                     15964
IP address blocks:        41.77.80.0/24 maxlen: 24
                          41.77.81.0/24 maxlen: 24
                          41.77.82.0/24 maxlen: 24
                          41.77.83.0/24 maxlen: 24
                          41.77.84.0/24 maxlen: 24
                          41.77.85.0/24 maxlen: 24
                          2c0f:f3d8::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F361935C/21C9348AEF0011ECB389E5A1F1222468/GQlFxQRzl2hz7yVLT6gzvDHZSEs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F361935C/21C9348AEF0011ECB389E5A1F1222468/GQlFxQRzl2hz7yVLT6gzvDHZSEs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/GQlFxQRzl2hz7yVLT6gzvDHZSEs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 01 Dec 2024 00:05:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 600 (0x258)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F361935CAF/serialNumber=190945C50473976873EF254B4FA833BC31D9484B
        Validity
            Not Before: Jan 10 14:20:32 2024 GMT
            Not After : Dec 31 14:20:32 2030 GMT
        Subject: CN=659ea7b3-1dcd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:6c:7c:f5:db:da:c9:4b:fc:fa:78:0d:b4:dd:
                    76:e1:f4:1d:4b:21:67:6b:5c:7e:a5:9f:c7:77:b3:
                    27:0c:50:94:22:bd:eb:b7:8e:22:17:8c:e7:07:7e:
                    0b:bb:a3:33:50:85:55:a1:b3:62:7d:20:c5:c1:67:
                    f7:0d:f3:eb:5e:9f:21:c7:ad:6f:93:27:c4:94:f5:
                    c5:e3:af:92:1d:93:0f:e5:6f:8c:d3:91:1d:62:88:
                    93:09:1b:51:88:a5:c1:7b:ce:05:d2:41:81:33:72:
                    fc:35:6c:5a:19:b7:66:2b:43:63:df:93:e4:33:38:
                    3e:1b:49:1c:ea:39:de:f9:bc:a2:cc:5c:a3:fb:11:
                    95:e0:c5:a1:f8:01:df:2f:9f:d3:b5:3e:0c:ac:c7:
                    fd:eb:fd:5d:4a:10:6f:95:4a:e6:7a:58:a8:c4:ea:
                    1c:86:07:1c:ba:52:b0:fe:a6:0a:5c:3e:31:1c:eb:
                    4f:ff:42:e4:09:10:dd:af:e8:ca:1d:3a:c4:5e:7e:
                    04:df:40:57:85:36:fe:da:3f:1c:44:32:0d:2e:f9:
                    8f:90:3e:63:7d:13:ab:26:be:62:02:d3:27:a5:e7:
                    e1:b7:59:f3:c2:37:ad:59:68:9b:e8:13:88:a7:d5:
                    e5:01:83:48:16:c3:52:2d:ea:d0:fa:23:9a:8e:cd:
                    60:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:06:80:81:BE:8C:24:19:72:87:77:DC:E1:CA:BC:25:E1:14:83:B1
            X509v3 Authority Key Identifier:
                keyid:19:09:45:C5:04:73:97:68:73:EF:25:4B:4F:A8:33:BC:31:D9:48:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F361935C/21C9348AEF0011ECB389E5A1F1222468/GQlFxQRzl2hz7yVLT6gzvDHZSEs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/GQlFxQRzl2hz7yVLT6gzvDHZSEs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F361935C/21C9348AEF0011ECB389E5A1F1222468/6B5534A2AFC311EE8606D196775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.77.80.0-41.77.85.255
                IPv6:
                  2c0f:f3d8::/32

    Signature Algorithm: sha256WithRSAEncryption
         30:e4:3a:55:9e:c4:99:3b:85:5a:c4:26:5b:f5:0a:06:6e:5b:
         a2:6a:f0:0b:78:aa:ab:d4:a0:53:e7:9a:92:02:9f:ad:46:16:
         b5:12:3b:96:f7:bb:7b:56:16:8a:96:8b:c4:47:94:95:2a:47:
         6c:69:c6:6f:2c:16:5e:d6:71:fd:2e:89:79:0e:c2:86:0a:e6:
         91:9b:bd:7c:04:9b:bf:d6:7b:a3:41:91:5a:54:f3:06:2e:ab:
         22:d6:cd:51:40:7d:58:1e:ea:96:0c:46:95:fc:96:8f:fb:1a:
         cd:5b:e8:44:7d:13:c4:8a:33:fc:aa:c2:f4:15:58:bb:84:89:
         fd:b4:c3:ba:0d:27:b4:a7:3c:19:8c:55:f3:5e:96:6f:96:c8:
         87:f1:38:fe:8a:d1:db:d7:fd:6d:8e:57:d3:2c:2a:0d:09:64:
         4c:6d:ee:56:41:14:0e:79:0a:7c:b1:07:9b:79:42:3c:41:39:
         50:0c:57:cf:e8:9d:cb:e1:20:2a:30:e6:b8:55:28:e9:65:52:
         de:2e:5e:39:7b:6a:4a:72:fe:bb:7f:d6:d9:35:60:e3:84:dd:
         a7:2f:fc:d3:fe:0b:12:32:6a:4e:2d:77:18:f9:0d:7f:4a:a4:
         2e:11:75:aa:3f:cb:4f:02:8a:37:64:56:06:72:04:8c:59:5d:
         05:d8:d4:f9
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgICAlgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MTkzNUNBRjExMC8GA1UEBRMoMTkwOTQ1QzUwNDczOTc2ODczRUYyNTRCNEZBODMz
QkMzMUQ5NDg0QjAeFw0yNDAxMTAxNDIwMzJaFw0zMDEyMzExNDIwMzJaMBgxFjAU
BgNVBAMTDTY1OWVhN2IzLTFkY2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWbHz129rJS/z6eA203Xbh9B1LIWdrXH6ln8d3sycMUJQiveu3jiIXjOcH
fgu7ozNQhVWhs2J9IMXBZ/cN8+tenyHHrW+TJ8SU9cXjr5Idkw/lb4zTkR1iiJMJ
G1GIpcF7zgXSQYEzcvw1bFoZt2YrQ2Pfk+QzOD4bSRzqOd75vKLMXKP7EZXgxaH4
Ad8vn9O1Pgysx/3r/V1KEG+VSuZ6WKjE6hyGBxy6UrD+pgpcPjEc60//QuQJEN2v
6ModOsRefgTfQFeFNv7aPxxEMg0u+Y+QPmN9E6smvmIC0yel5+G3WfPCN61ZaJvo
E4in1eUBg0gWw1It6tD6I5qOzWB3AgMBAAGjggK8MIICuDAdBgNVHQ4EFgQUzgaA
gb6MJBlyh3fc4cq8JeEUg7EwHwYDVR0jBBgwFoAUGQlFxQRzl2hz7yVLT6gzvDHZ
SEswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjE5MzVDLzIxQzkzNDhBRUYwMDExRUNCMzg5RTVBMUYxMjIyNDY4L0dRbEZ4
UVJ6bDJoejd5VkxUNmd6dkRIWlNFcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0dRbEZ4UVJ6bDJoejd5VkxUNmd6dkRIWlNFcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjE5MzVDLzIxQzkzNDhBRUYwMDExRUNCMzg5RTVBMUYx
MjIyNDY4LzZCNTUzNEEyQUZDMzExRUU4NjA2RDE5Njc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNgYIKwYBBQUHAQcBAf8EJzAlMBQEAgABMA4wDAMEBClNUAMEASlNVDANBAIA
AjAHAwUALA/z2DANBgkqhkiG9w0BAQsFAAOCAQEAMOQ6VZ7EmTuFWsQmW/UKBm5b
omrwC3iqq9SgU+eakgKfrUYWtRI7lve7e1YWipaLxEeUlSpHbGnGbywWXtZx/S6J
eQ7ChgrmkZu9fASbv9Z7o0GRWlTzBi6rItbNUUB9WB7qlgxGlfyWj/sazVvoRH0T
xIoz/KrC9BVYu4SJ/bTDug0ntKc8GYxV816Wb5bIh/E4/orR29f9bY5X0ywqDQlk
TG3uVkEUDnkKfLEHm3lCPEE5UAxXz+idy+EgKjDmuFUo6WVS3i5eOXtqSnL+u3/W
2TVg44Tdpy/80/4LEjJqTi13GPkNf0qkLhF1qj/LTwKKN2RWBnIEjFldBdjU+Q==
-----END CERTIFICATE-----
Generated at Fri Nov 29 03:19:31 2024 by rpki-client on console-ams.rpki-client.org