Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/413308947E3A11EE832D2F404AD9E6FC.roa
File:                     413308947E3A11EE832D2F404AD9E6FC.roa (raw, json)
Hash identifier:          Eb0obFXe3E6DORP4MxW4QBN2bM/zRSA3RlnaOBqHUN0=
Subject key identifier:   38:8F:AE:FE:83:83:55:07:D7:B8:1C:1D:3A:2E:F4:AF:C1:FA:67:0B
Certificate issuer:       /CN=F362412EAF/serialNumber=D628E4C96ABA9CFB124477867BBDF1A4435F0F5B
Certificate serial:       06
Authority key identifier: D6:28:E4:C9:6A:BA:9C:FB:12:44:77:86:7B:BD:F1:A4:43:5F:0F:5B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/413308947E3A11EE832D2F404AD9E6FC.roa
Signing time:             Wed 08 Nov 2023 13:25:16 +0000
ROA not before:           Wed 08 Nov 2023 13:25:13 +0000
ROA not after:            Sun 08 Nov 2043 13:25:13 +0000
asID:                     36962
IP address blocks:        41.223.116.0/24 maxlen: 24
                          41.223.117.0/24 maxlen: 24
                          41.223.118.0/24 maxlen: 24
                          41.223.119.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.mft
                          rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 6 (0x6)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F362412EAF/serialNumber=D628E4C96ABA9CFB124477867BBDF1A4435F0F5B
        Validity
            Not Before: Nov  8 13:25:13 2023 GMT
            Not After : Nov  8 13:25:13 2043 GMT
        Subject: CN=654b8c3c-b078
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ac:8c:7c:53:aa:97:c8:56:1b:45:1a:d7:9c:
                    ce:56:52:5e:1f:c5:58:93:1d:36:58:ca:3e:44:26:
                    34:38:76:a1:a8:13:fe:bf:91:ca:d8:e8:74:ca:f5:
                    60:02:1d:57:c5:0d:8a:03:66:40:07:ad:36:b3:57:
                    df:ed:49:24:e5:55:db:fd:78:6f:96:25:ee:2a:e7:
                    e8:ef:e7:84:fb:99:53:d0:a5:39:85:b9:e4:95:1f:
                    24:f9:55:0b:33:7d:14:d3:2c:3c:2b:b5:c5:b0:c5:
                    9d:d6:f1:12:fd:a5:49:37:0b:53:26:ff:12:24:2e:
                    a6:67:22:17:7c:e9:db:47:60:76:b2:f2:83:79:a2:
                    d6:a5:8f:5e:2b:6e:ff:ea:4e:68:78:6f:2c:4c:f5:
                    7c:8f:70:f1:33:bf:6f:c3:6c:d4:f4:88:46:10:cb:
                    1d:d4:50:64:6b:87:37:13:e7:43:bd:21:9f:41:03:
                    81:95:72:9e:7c:d1:52:49:79:12:8a:be:e3:c1:20:
                    2b:b5:c7:07:54:22:82:6e:f8:64:c5:c0:7c:93:7d:
                    53:b7:c7:3f:28:f3:6f:26:9d:99:ed:e4:58:52:46:
                    df:b9:3a:d7:23:e8:2f:18:cc:d9:8f:6f:dd:c0:cb:
                    7c:c1:ba:a3:86:72:a9:e8:d3:12:96:91:04:17:c8:
                    fe:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:8F:AE:FE:83:83:55:07:D7:B8:1C:1D:3A:2E:F4:AF:C1:FA:67:0B
            X509v3 Authority Key Identifier:
                keyid:D6:28:E4:C9:6A:BA:9C:FB:12:44:77:86:7B:BD:F1:A4:43:5F:0F:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/1ijkyWq6nPsSRHeGe73xpENfD1s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/1ijkyWq6nPsSRHeGe73xpENfD1s.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F362412E/3A239A207E3811EE854EE4394AD9E6FC/413308947E3A11EE832D2F404AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.223.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ac:5f:7b:f5:45:a1:92:0e:8b:05:b1:a6:0c:12:48:4a:06:79:
         12:26:78:40:0a:95:c9:64:f4:7e:17:b5:a3:f0:ae:c9:ed:51:
         1a:72:78:f8:37:be:1f:3d:84:02:6b:97:f4:98:5f:59:7d:32:
         00:19:5d:0a:95:b6:7b:38:e1:f4:54:3a:84:f3:49:30:cd:8c:
         03:51:16:28:85:9c:0b:ef:0f:b8:95:b2:ca:62:83:af:41:48:
         3c:65:19:46:24:82:b2:78:58:70:94:6e:d4:43:af:e9:0a:7a:
         d2:58:56:0c:c5:52:5f:4c:6b:50:9b:9a:0c:2f:c0:c3:bd:6a:
         2f:6c:90:bb:30:f8:53:50:60:07:f7:b8:44:02:c4:51:1c:6e:
         13:70:05:fc:2a:46:7f:c0:79:b6:8e:2b:52:ed:f0:7d:33:12:
         50:33:04:47:6b:15:c5:83:2d:b4:fe:44:d7:ca:3b:3c:e5:11:
         ec:39:70:35:21:dd:d7:a7:09:06:02:17:17:9c:81:50:a8:5c:
         28:76:0c:2f:ff:ad:8d:3b:8f:66:51:78:a3:24:a6:df:1f:f9:
         39:39:4e:6d:48:e3:10:ce:26:cf:b6:6d:f8:24:58:ec:5c:57:
         5a:29:e7:cd:79:5a:ae:16:8b:bb:8e:11:3f:2d:6a:b0:40:5d:
         40:33:0e:ae
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzYy
NDEyRUFGMTEwLwYDVQQFEyhENjI4RTRDOTZBQkE5Q0ZCMTI0NDc3ODY3QkJERjFB
NDQzNUYwRjVCMB4XDTIzMTEwODEzMjUxM1oXDTQzMTEwODEzMjUxM1owGDEWMBQG
A1UEAxMNNjU0YjhjM2MtYjA3ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKsjHxTqpfIVhtFGteczlZSXh/FWJMdNljKPkQmNDh2oagT/r+RytjodMr1
YAIdV8UNigNmQAetNrNX3+1JJOVV2/14b5Yl7irn6O/nhPuZU9ClOYW55JUfJPlV
CzN9FNMsPCu1xbDFndbxEv2lSTcLUyb/EiQupmciF3zp20dgdrLyg3mi1qWPXitu
/+pOaHhvLEz1fI9w8TO/b8Ns1PSIRhDLHdRQZGuHNxPnQ70hn0EDgZVynnzRUkl5
Eoq+48EgK7XHB1Qigm74ZMXAfJN9U7fHPyjzbyadme3kWFJG37k61yPoLxjM2Y9v
3cDLfMG6o4ZyqejTEpaRBBfI/gcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ4j67+
g4NVB9e4HB06LvSvwfpnCzAfBgNVHSMEGDAWgBTWKOTJarqc+xJEd4Z7vfGkQ18P
WzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MjQxMkUvM0EyMzlBMjA3RTM4MTFFRTg1NEVFNDM5NEFEOUU2RkMvMWlqa3lX
cTZuUHNTUkhlR2U3M3hwRU5mRDFzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvMWlqa3lXcTZuUHNTUkhlR2U3M3hwRU5mRDFzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MjQxMkUvM0EyMzlBMjA3RTM4MTFFRTg1NEVFNDM5NEFE
OUU2RkMvNDEzMzA4OTQ3RTNBMTFFRTgzMkQyRjQwNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinfdDANBgkqhkiG9w0BAQsF
AAOCAQEArF979UWhkg6LBbGmDBJISgZ5EiZ4QAqVyWT0fhe1o/Cuye1RGnJ4+De+
Hz2EAmuX9JhfWX0yABldCpW2ezjh9FQ6hPNJMM2MA1EWKIWcC+8PuJWyymKDr0FI
PGUZRiSCsnhYcJRu1EOv6Qp60lhWDMVSX0xrUJuaDC/Aw71qL2yQuzD4U1BgB/e4
RALEURxuE3AF/CpGf8B5to4rUu3wfTMSUDMER2sVxYMttP5E18o7POUR7DlwNSHd
16cJBgIXF5yBUKhcKHYML/+tjTuPZlF4oySm3x/5OTlObUjjEM4mz7Zt+CRY7FxX
WinnzXlarhaLu44RPy1qsEBdQDMOrg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:52 2024 by rpki-client on console-fra.rpki-client.org