Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/7BEDF8A2DBFA11EB8A7DDB3CF8AEA228.roa
File:                     7BEDF8A2DBFA11EB8A7DDB3CF8AEA228.roa (raw, json)
Hash identifier:          ApWsLusZylXWCrCzgO6Wk3QdU7Nfq64WkuMZn7oCkm8=
Subject key identifier:   DB:2D:8E:6B:BD:33:EC:F9:CE:C4:58:51:A1:82:CC:E5:8C:3D:D0:55
Certificate issuer:       /CN=F3634E70AF/serialNumber=BF5DD9BD41321CDABBF1D6A8A0E6647E6FEFD2E3
Certificate serial:       0205
Authority key identifier: BF:5D:D9:BD:41:32:1C:DA:BB:F1:D6:A8:A0:E6:64:7E:6F:EF:D2:E3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/v13ZvUEyHNq78daooOZkfm_v0uM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/7BEDF8A2DBFA11EB8A7DDB3CF8AEA228.roa
Signing time:             Sat 03 Jul 2021 12:30:43 +0000
ROA not before:           Sat 03 Jul 2021 12:30:38 +0000
ROA not after:            Tue 01 Jul 2025 12:30:38 +0000
asID:                     37016
IP address blocks:        41.222.213.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/v13ZvUEyHNq78daooOZkfm_v0uM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/v13ZvUEyHNq78daooOZkfm_v0uM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/v13ZvUEyHNq78daooOZkfm_v0uM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 517 (0x205)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3634E70AF/serialNumber=BF5DD9BD41321CDABBF1D6A8A0E6647E6FEFD2E3
        Validity
            Not Before: Jul  3 12:30:38 2021 GMT
            Not After : Jul  1 12:30:38 2025 GMT
        Subject: CN=60e05873-7769
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:4c:5a:1d:8d:3f:9b:51:a7:83:de:59:77:a4:
                    46:8c:84:10:50:0f:a2:8e:57:b0:b0:19:c1:2a:71:
                    bc:11:90:84:ec:ae:0a:df:9e:4e:8d:c3:f1:e1:86:
                    f5:b1:86:f4:a1:aa:4e:06:2b:87:34:7f:a5:c4:93:
                    59:b9:f5:1b:30:76:d5:c3:71:bb:4b:65:bd:e0:1c:
                    32:35:71:93:c5:1e:aa:54:54:38:21:09:d7:28:99:
                    79:8b:9c:68:d0:97:20:8e:e0:4b:57:86:a7:11:1f:
                    20:9d:d4:c5:20:9f:c5:f3:08:62:ce:d6:c7:55:5e:
                    b2:e1:40:e9:5e:72:da:2f:31:e3:99:f0:2c:9e:94:
                    e5:9d:5c:32:b0:c4:7a:ef:f1:95:77:44:f8:e3:06:
                    65:7c:83:20:cd:99:03:59:b1:f1:a7:26:ca:7d:cb:
                    00:a7:e1:ce:e0:b7:4a:57:64:1c:dd:21:74:39:f4:
                    61:af:f0:3a:d7:1e:b3:26:34:dc:62:77:bc:58:17:
                    7c:bc:86:e5:26:ea:f3:38:e2:9d:19:73:13:a5:a0:
                    ee:11:94:43:b6:75:2b:24:2c:45:b8:6e:cc:2b:bd:
                    1f:24:e0:6d:29:89:0c:7d:95:f3:76:b2:ed:1f:fe:
                    77:ad:89:9b:e8:99:5d:57:95:be:52:02:40:16:8c:
                    4c:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:2D:8E:6B:BD:33:EC:F9:CE:C4:58:51:A1:82:CC:E5:8C:3D:D0:55
            X509v3 Authority Key Identifier:
                keyid:BF:5D:D9:BD:41:32:1C:DA:BB:F1:D6:A8:A0:E6:64:7E:6F:EF:D2:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/v13ZvUEyHNq78daooOZkfm_v0uM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/v13ZvUEyHNq78daooOZkfm_v0uM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3634E70/E1461B52594311EA89ACD861F8AEA228/7BEDF8A2DBFA11EB8A7DDB3CF8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.222.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:e5:10:33:fe:31:a1:a8:fb:9a:66:02:4d:ee:b5:cf:24:23:
         da:f6:93:9c:17:11:c6:47:c1:aa:58:17:d2:02:32:e3:e2:93:
         f7:af:10:5d:7a:d7:d1:24:c9:87:74:22:00:55:6b:e0:91:6a:
         21:67:cc:26:02:b2:11:28:1d:12:28:d0:60:10:2b:08:a8:02:
         37:df:40:87:10:1b:4f:85:d2:cd:49:b3:28:5e:76:33:06:74:
         d4:d6:a7:b4:25:69:c5:9d:7a:1b:f1:06:9c:43:72:c9:78:08:
         94:07:81:dc:c0:f9:64:0d:0c:98:a0:97:8b:48:b1:fc:0b:28:
         52:60:b0:92:57:6e:59:de:50:8f:a0:c8:a7:54:07:9d:d9:30:
         58:62:b2:0f:cd:ee:68:98:8c:e3:7b:2b:e7:d4:14:c3:6c:55:
         3f:48:4a:0c:77:06:75:aa:5a:d6:0b:e5:68:ce:2b:f2:b7:ff:
         19:48:de:82:de:29:65:b8:86:a8:6a:f9:f6:cb:e1:e7:f1:ea:
         fd:79:dd:67:15:1d:f6:ee:3d:d6:82:61:f8:74:fb:7e:e3:4a:
         b7:23:83:65:ff:18:75:5e:c3:64:1c:10:f2:7a:b5:ec:90:7b:
         ee:a9:d2:a4:c6:8e:58:a5:42:2d:48:e2:84:ff:af:3d:44:22:
         f2:1d:9e:a7
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICAgUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzRFNzBBRjExMC8GA1UEBRMoQkY1REQ5QkQ0MTMyMUNEQUJCRjFENkE4QTBFNjY0
N0U2RkVGRDJFMzAeFw0yMTA3MDMxMjMwMzhaFw0yNTA3MDExMjMwMzhaMBgxFjAU
BgNVBAMTDTYwZTA1ODczLTc3NjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCiTFodjT+bUaeD3ll3pEaMhBBQD6KOV7CwGcEqcbwRkITsrgrfnk6Nw/Hh
hvWxhvShqk4GK4c0f6XEk1m59RswdtXDcbtLZb3gHDI1cZPFHqpUVDghCdcomXmL
nGjQlyCO4EtXhqcRHyCd1MUgn8XzCGLO1sdVXrLhQOlectovMeOZ8CyelOWdXDKw
xHrv8ZV3RPjjBmV8gyDNmQNZsfGnJsp9ywCn4c7gt0pXZBzdIXQ59GGv8DrXHrMm
NNxid7xYF3y8huUm6vM44p0ZcxOloO4RlEO2dSskLEW4bswrvR8k4G0piQx9lfN2
su0f/netiZvomV1Xlb5SAkAWjExhAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU2y2O
a70z7PnOxFhRoYLM5Yw90FUwHwYDVR0jBBgwFoAUv13ZvUEyHNq78daooOZkfm/v
0uMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM0RTcwL0UxNDYxQjUyNTk0MzExRUE4OUFDRDg2MUY4QUVBMjI4L3YxM1p2
VUV5SE5xNzhkYW9vT1prZm1fdjB1TS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3YxM1p2VUV5SE5xNzhkYW9vT1prZm1fdjB1TS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM0RTcwL0UxNDYxQjUyNTk0MzExRUE4OUFDRDg2MUY4
QUVBMjI4LzdCRURGOEEyREJGQTExRUI4QTdEREIzQ0Y4QUVBMjI4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAp3tUwDQYJKoZIhvcNAQEL
BQADggEBACrlEDP+MaGo+5pmAk3utc8kI9r2k5wXEcZHwapYF9ICMuPik/evEF16
19EkyYd0IgBVa+CRaiFnzCYCshEoHRIo0GAQKwioAjffQIcQG0+F0s1JsyhedjMG
dNTWp7QlacWdehvxBpxDcsl4CJQHgdzA+WQNDJigl4tIsfwLKFJgsJJXblneUI+g
yKdUB53ZMFhisg/N7miYjON7K+fUFMNsVT9ISgx3BnWqWtYL5WjOK/K3/xlI3oLe
KWW4hqhq+fbL4efx6v153WcVHfbuPdaCYfh0+37jSrcjg2X/GHVew2QcEPJ6teyQ
e+6p0qTGjlilQi1I4oT/rz1EIvIdnqc=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:02:08 2024 by rpki-client on console-ams.rpki-client.org