Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363918A/85C87532F69E11EBB2F9C378D8A014CE/8FDB7C5AF83211EBA22A126ED8A014CE.roa
File:                     8FDB7C5AF83211EBA22A126ED8A014CE.roa (raw, json)
Hash identifier:          2UBZGh7fdGzBS9ITRyFVqoEfHDrNg17NQNeKYpEBAmA=
Subject key identifier:   A9:42:0F:3B:04:C4:C5:FA:22:36:BB:5D:26:2A:CA:35:E2:43:0D:B7
Certificate issuer:       /CN=F363918AAF/serialNumber=89ED5F93C61C39C658863F374CBA24D13BC388C8
Certificate serial:       07
Authority key identifier: 89:ED:5F:93:C6:1C:39:C6:58:86:3F:37:4C:BA:24:D1:3B:C3:88:C8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/ie1fk8YcOcZYhj83TLok0TvDiMg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363918A/85C87532F69E11EBB2F9C378D8A014CE/8FDB7C5AF83211EBA22A126ED8A014CE.roa
Signing time:             Sun 08 Aug 2021 10:23:17 +0000
ROA not before:           Sun 08 Aug 2021 10:23:10 +0000
ROA not after:            Tue 08 Jun 2049 10:23:10 +0000
asID:                     36907
IP address blocks:        41.63.160.0/19 maxlen: 22
                          41.205.32.0/19 maxlen: 24
                          41.222.248.0/21 maxlen: 22
                          154.71.128.0/17 maxlen: 22
                          154.127.128.0/17 maxlen: 22
                          196.202.252.0/22 maxlen: 24
                          197.148.0.0/18 maxlen: 22
                          2c0f:f810::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363918A/85C87532F69E11EBB2F9C378D8A014CE/ie1fk8YcOcZYhj83TLok0TvDiMg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363918A/85C87532F69E11EBB2F9C378D8A014CE/ie1fk8YcOcZYhj83TLok0TvDiMg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/ie1fk8YcOcZYhj83TLok0TvDiMg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 7 (0x7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363918AAF/serialNumber=89ED5F93C61C39C658863F374CBA24D13BC388C8
        Validity
            Not Before: Aug  8 10:23:10 2021 GMT
            Not After : Jun  8 10:23:10 2049 GMT
        Subject: CN=610fb095-1672
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:74:12:a7:7b:1e:3f:ca:22:3b:df:c5:79:41:
                    85:b7:7f:6a:f9:cf:3c:06:da:6a:b2:d2:0f:66:4c:
                    c5:37:19:46:db:1c:23:da:fb:10:1b:35:f2:f6:24:
                    d1:ee:94:f5:87:05:e7:67:7c:2a:ca:0d:c8:e0:a9:
                    33:78:99:a3:40:06:09:c9:3d:30:f7:76:76:88:31:
                    59:67:5c:a8:f4:81:d6:36:75:cd:2a:17:90:76:1d:
                    99:02:46:cd:f6:4f:fd:32:e0:d1:f9:e3:d6:ed:cf:
                    0d:76:76:49:b3:62:c7:4a:00:a8:01:a8:79:24:25:
                    9b:19:91:5e:65:aa:2c:c0:a8:01:5f:9a:df:39:ce:
                    69:ff:1e:5c:fd:1e:d0:24:7e:f6:43:49:00:7b:dd:
                    fe:30:57:8d:76:58:b5:0d:12:92:ea:f7:31:c4:b4:
                    26:fb:a0:2b:36:c4:7b:c1:9b:92:93:f1:4f:1b:9c:
                    b7:fb:2b:f8:98:a6:f9:16:41:1f:85:21:2b:db:b3:
                    84:54:a1:01:85:37:3b:35:a3:20:f5:9f:22:0a:02:
                    7e:1d:07:aa:ff:61:32:38:30:22:16:1a:6a:17:f1:
                    92:d8:11:d4:1f:8f:ed:b2:fb:ad:89:97:9a:ef:21:
                    1a:13:41:dc:d7:cd:25:0a:6d:21:e6:37:5c:22:e2:
                    b8:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:42:0F:3B:04:C4:C5:FA:22:36:BB:5D:26:2A:CA:35:E2:43:0D:B7
            X509v3 Authority Key Identifier:
                keyid:89:ED:5F:93:C6:1C:39:C6:58:86:3F:37:4C:BA:24:D1:3B:C3:88:C8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363918A/85C87532F69E11EBB2F9C378D8A014CE/ie1fk8YcOcZYhj83TLok0TvDiMg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/ie1fk8YcOcZYhj83TLok0TvDiMg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363918A/85C87532F69E11EBB2F9C378D8A014CE/8FDB7C5AF83211EBA22A126ED8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.63.160.0/19
                  41.205.32.0/19
                  41.222.248.0/21
                  154.71.128.0/17
                  154.127.128.0/17
                  196.202.252.0/22
                  197.148.0.0/18
                IPv6:
                  2c0f:f810::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:30:94:b3:9f:97:56:40:cb:49:f4:ec:13:53:cd:c1:0a:78:
         ab:89:9e:11:33:98:4a:1b:fc:89:0f:fa:06:b9:67:1a:fe:e8:
         fd:55:dc:1d:ac:b8:2e:6b:93:a9:a0:94:e4:13:c0:05:e7:35:
         04:17:2f:2f:71:5c:11:ca:1d:8d:4a:88:7b:1b:09:29:e8:0c:
         a5:1a:d2:82:e3:10:e0:77:ab:7c:2a:16:94:03:76:32:d9:7a:
         aa:fa:7b:f3:fe:0c:b9:46:e5:86:5d:12:89:9f:91:c8:61:09:
         7f:05:ef:f5:a1:f3:5f:29:9e:22:ee:42:61:72:89:ee:e8:3a:
         e7:ce:18:79:03:0f:d8:4c:4e:e7:e4:d2:19:0b:c7:c4:94:8f:
         5b:6b:8c:73:45:44:c7:88:7b:5a:ba:6e:c2:b6:40:1a:7c:4e:
         09:fa:b1:ec:71:4c:88:02:4e:27:d1:10:0f:34:57:ad:ef:76:
         30:c3:63:1b:f3:7c:bc:7a:58:13:07:06:2e:68:ff:76:ad:7e:
         20:71:d5:7a:94:73:65:3d:c1:a1:87:96:4e:3f:63:cb:f5:1a:
         4f:9e:ec:7e:84:54:dc:ee:ad:ed:47:b8:49:06:d5:31:0e:0e:
         e0:96:07:cc:fe:66:e4:4a:db:86:18:38:09:17:77:aa:85:b8:
         8f:a1:04:fb
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIBBzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
OTE4QUFGMTEwLwYDVQQFEyg4OUVENUY5M0M2MUMzOUM2NTg4NjNGMzc0Q0JBMjRE
MTNCQzM4OEM4MB4XDTIxMDgwODEwMjMxMFoXDTQ5MDYwODEwMjMxMFowGDEWMBQG
A1UEAwwNNjEwZmIwOTUtMTY3MjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALJ0Eqd7Hj/KIjvfxXlBhbd/avnPPAbaarLSD2ZMxTcZRtscI9r7EBs18vYk
0e6U9YcF52d8KsoNyOCpM3iZo0AGCck9MPd2dogxWWdcqPSB1jZ1zSoXkHYdmQJG
zfZP/TLg0fnj1u3PDXZ2SbNix0oAqAGoeSQlmxmRXmWqLMCoAV+a3znOaf8eXP0e
0CR+9kNJAHvd/jBXjXZYtQ0Skur3McS0JvugKzbEe8GbkpPxTxuct/sr+Jim+RZB
H4UhK9uzhFShAYU3OzWjIPWfIgoCfh0Hqv9hMjgwIhYaahfxktgR1B+P7bL7rYmX
mu8hGhNB3NfNJQptIeY3XCLiuIECAwEAAaOCAtgwggLUMB0GA1UdDgQWBBSpQg87
BMTF+iI2u10mKso14kMNtzAfBgNVHSMEGDAWgBSJ7V+Txhw5xliGPzdMuiTRO8OI
yDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2MzkxOEEvODVDODc1MzJGNjlFMTFFQkIyRjlDMzc4RDhBMDE0Q0UvaWUxZms4
WWNPY1pZaGo4M1RMb2swVHZEaU1nLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvaWUxZms4WWNPY1pZaGo4M1RMb2swVHZEaU1nLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2MzkxOEEvODVDODc1MzJGNjlFMTFFQkIyRjlDMzc4RDhB
MDE0Q0UvOEZEQjdDNUFGODMyMTFFQkEyMkExMjZFRDhBMDE0Q0Uucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDBSBggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBSk/oAMEBSnNIAMEAyne+AME
B5pHgAMEB5p/gAMEAsTK/AMEBsWUADANBAIAAjAHAwUALA/4EDANBgkqhkiG9w0B
AQsFAAOCAQEAdDCUs5+XVkDLSfTsE1PNwQp4q4meETOYShv8iQ/6BrlnGv7o/VXc
Hay4LmuTqaCU5BPABec1BBcvL3FcEcodjUqIexsJKegMpRrSguMQ4HerfCoWlAN2
Mtl6qvp78/4MuUblhl0SiZ+RyGEJfwXv9aHzXymeIu5CYXKJ7ug6584YeQMP2ExO
5+TSGQvHxJSPW2uMc0VEx4h7WrpuwrZAGnxOCfqx7HFMiAJOJ9EQDzRXre92MMNj
G/N8vHpYEwcGLmj/dq1+IHHVepRzZT3BoYeWTj9jy/UaT57sfoRU3O6t7Ue4SQbV
MQ4O4JYHzP5m5Erbhhg4CRd3qoW4j6EE+w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org