Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3636185/6EFD78B6270911ECAF80DC7BD8A014CE/D675B9C4C09311EE81BFE4B4775412E6.roa
File:                     D675B9C4C09311EE81BFE4B4775412E6.roa (raw, json)
Hash identifier:          yeVSsCWEbMjwZK7TCJavELf3uC42giGMll3LnNn7b1U=
Subject key identifier:   CE:C0:BC:7C:9E:60:C0:DE:9D:11:2B:7A:C2:AA:2E:B6:A0:0D:F6:DE
Certificate issuer:       /CN=F3636185AF/serialNumber=EF8798989E4B8FB35946574F7BC7F08E2CF7FE4B
Certificate serial:       037F
Authority key identifier: EF:87:98:98:9E:4B:8F:B3:59:46:57:4F:7B:C7:F0:8E:2C:F7:FE:4B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/74eYmJ5Lj7NZRldPe8fwjiz3_ks.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3636185/6EFD78B6270911ECAF80DC7BD8A014CE/D675B9C4C09311EE81BFE4B4775412E6.roa
Signing time:             Wed 31 Jan 2024 23:52:49 +0000
ROA not before:           Wed 31 Jan 2024 23:52:45 +0000
ROA not after:            Sun 31 Jan 2027 23:52:45 +0000
asID:                     55429
IP address blocks:        41.63.64.0/18 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3636185/6EFD78B6270911ECAF80DC7BD8A014CE/74eYmJ5Lj7NZRldPe8fwjiz3_ks.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3636185/6EFD78B6270911ECAF80DC7BD8A014CE/74eYmJ5Lj7NZRldPe8fwjiz3_ks.mft
                          rsync://rpki.afrinic.net/repository/afrinic/74eYmJ5Lj7NZRldPe8fwjiz3_ks.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 895 (0x37f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3636185AF/serialNumber=EF8798989E4B8FB35946574F7BC7F08E2CF7FE4B
        Validity
            Not Before: Jan 31 23:52:45 2024 GMT
            Not After : Jan 31 23:52:45 2027 GMT
        Subject: CN=65badd50-31f3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:5b:61:2c:c8:b0:88:ca:a9:36:27:2b:58:91:
                    74:a0:71:d8:c8:8d:c5:8e:c3:dc:1b:a6:7c:ce:d1:
                    37:e1:17:93:47:78:30:b9:6d:11:c8:a5:ed:52:ee:
                    2c:58:58:b2:39:f7:9b:a6:52:f2:f1:64:68:3b:0c:
                    9b:a1:89:40:41:cf:61:be:fb:23:a8:03:42:b2:42:
                    1f:d8:56:41:a7:95:f2:89:1d:45:36:ca:fc:81:f5:
                    23:3a:96:31:65:09:c2:23:40:0e:3d:ee:a0:a8:ba:
                    89:e6:eb:eb:71:8a:e6:52:a0:05:c3:62:c3:76:23:
                    44:ad:36:f6:90:a9:92:fb:75:45:7e:35:7f:4d:7c:
                    dc:e2:d6:d5:6c:b9:f5:2e:4a:92:f4:28:52:3f:dc:
                    29:4f:ad:35:81:d0:64:43:3c:5b:36:b2:57:48:ac:
                    47:e8:f8:48:43:3b:01:54:21:e5:ea:ca:3c:b2:2a:
                    2c:3b:99:be:7d:74:d5:f8:93:5c:bf:2d:b1:1a:94:
                    a3:9c:0d:19:25:82:b5:de:03:45:9d:f2:9b:22:ba:
                    f7:f0:71:68:1f:7d:88:67:be:86:20:76:31:7e:4d:
                    93:d2:cb:43:88:26:b1:c7:58:ef:05:b3:37:b1:76:
                    53:ed:87:93:bd:58:ba:19:f4:ae:ec:e8:31:fe:6c:
                    3a:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:C0:BC:7C:9E:60:C0:DE:9D:11:2B:7A:C2:AA:2E:B6:A0:0D:F6:DE
            X509v3 Authority Key Identifier:
                keyid:EF:87:98:98:9E:4B:8F:B3:59:46:57:4F:7B:C7:F0:8E:2C:F7:FE:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3636185/6EFD78B6270911ECAF80DC7BD8A014CE/74eYmJ5Lj7NZRldPe8fwjiz3_ks.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/74eYmJ5Lj7NZRldPe8fwjiz3_ks.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3636185/6EFD78B6270911ECAF80DC7BD8A014CE/D675B9C4C09311EE81BFE4B4775412E6.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.63.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         70:71:06:67:00:9d:08:16:bd:a2:93:3a:ba:cc:1a:cf:f9:d2:
         0a:bd:42:7d:f3:6b:91:75:c6:90:ed:c5:0e:47:14:c8:97:a1:
         d8:73:c5:c0:6c:c1:03:2b:c1:b1:21:f8:75:f0:b5:d0:b0:4f:
         f7:72:15:0b:16:cb:2a:73:3f:40:dc:24:5b:c2:d8:53:56:91:
         ff:e8:ea:f2:31:56:5e:dd:b7:7e:97:7e:66:aa:78:6b:0a:a3:
         fe:18:b3:73:8c:56:9e:e8:59:d3:74:b0:9c:f6:2a:ed:f6:ad:
         cb:07:79:37:4e:b1:42:3c:90:20:3e:3d:85:aa:4c:44:32:97:
         0d:38:6f:a6:c4:c0:c1:6d:e1:fa:92:b8:a6:3e:c6:17:7c:9b:
         92:4c:3c:27:23:5d:db:a6:ee:20:c3:a2:6e:bc:2c:0a:1e:11:
         11:9f:cd:bc:3a:fb:23:91:53:11:b9:8d:09:86:62:e8:66:81:
         6f:e9:8b:db:d5:1d:45:00:22:30:3f:c3:bd:a1:6b:a2:14:35:
         a1:6a:37:19:f2:09:f1:9e:c9:8b:2e:16:5c:aa:42:85:2b:c9:
         a8:00:32:b7:08:ba:9a:81:66:de:98:17:7f:46:bc:09:15:b9:
         ed:2e:19:70:40:ba:4b:5e:40:c2:ec:d3:12:4a:de:de:8a:bf:
         8d:f0:02:c9
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICA38wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MzYxODVBRjExMC8GA1UEBRMoRUY4Nzk4OTg5RTRCOEZCMzU5NDY1NzRGN0JDN0Yw
OEUyQ0Y3RkU0QjAeFw0yNDAxMzEyMzUyNDVaFw0yNzAxMzEyMzUyNDVaMBgxFjAU
BgNVBAMTDTY1YmFkZDUwLTMxZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvW2EsyLCIyqk2JytYkXSgcdjIjcWOw9wbpnzO0TfhF5NHeDC5bRHIpe1S
7ixYWLI595umUvLxZGg7DJuhiUBBz2G++yOoA0KyQh/YVkGnlfKJHUU2yvyB9SM6
ljFlCcIjQA497qCouonm6+txiuZSoAXDYsN2I0StNvaQqZL7dUV+NX9NfNzi1tVs
ufUuSpL0KFI/3ClPrTWB0GRDPFs2sldIrEfo+EhDOwFUIeXqyjyyKiw7mb59dNX4
k1y/LbEalKOcDRklgrXeA0Wd8psiuvfwcWgffYhnvoYgdjF+TZPSy0OIJrHHWO8F
szexdlPth5O9WLoZ9K7s6DH+bDqtAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUzsC8
fJ5gwN6dESt6wqoutqAN9t4wHwYDVR0jBBgwFoAU74eYmJ5Lj7NZRldPe8fwjiz3
/kswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjM2MTg1LzZFRkQ3OEI2MjcwOTExRUNBRjgwREM3QkQ4QTAxNENFLzc0ZVlt
SjVMajdOWlJsZFBlOGZ3aml6M19rcy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljLzc0ZVltSjVMajdOWlJsZFBlOGZ3aml6M19rcy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjM2MTg1LzZFRkQ3OEI2MjcwOTExRUNBRjgwREM3QkQ4
QTAxNENFL0Q2NzVCOUM0QzA5MzExRUU4MUJGRTRCNDc3NTQxMkU2LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAYpP0AwDQYJKoZIhvcNAQEL
BQADggEBAHBxBmcAnQgWvaKTOrrMGs/50gq9Qn3za5F1xpDtxQ5HFMiXodhzxcBs
wQMrwbEh+HXwtdCwT/dyFQsWyypzP0DcJFvC2FNWkf/o6vIxVl7dt36XfmaqeGsK
o/4Ys3OMVp7oWdN0sJz2Ku32rcsHeTdOsUI8kCA+PYWqTEQylw04b6bEwMFt4fqS
uKY+xhd8m5JMPCcjXdum7iDDom68LAoeERGfzbw6+yORUxG5jQmGYuhmgW/pi9vV
HUUAIjA/w72ha6IUNaFqNxnyCfGeyYsuFlyqQoUryagAMrcIupqBZt6YF39GvAkV
ue0uGXBAukteQMLs0xJK3t6Kv43wAsk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:32 2024 by rpki-client on console-ams.rpki-client.org