Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa
File:                     71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa (raw, json)
Hash identifier:          H2R++FRMLxMiqVXy8BRmuUKzD8njGoupil4sDGEQyh4=
Subject key identifier:   16:0B:F6:94:6B:8E:0C:5E:7D:53:07:78:86:C7:78:F1:EE:BF:0A:58
Certificate issuer:       /CN=F363EA80AF/serialNumber=C67C6231120941235581D5942565ABF7419DCECC
Certificate serial:       28
Authority key identifier: C6:7C:62:31:12:09:41:23:55:81:D5:94:25:65:AB:F7:41:9D:CE:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/xnxiMRIJQSNVgdWUJWWr90Gdzsw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa
Signing time:             Wed 17 May 2023 07:21:30 +0000
ROA not before:           Wed 17 May 2023 07:21:20 +0000
ROA not after:            Tue 16 May 2028 07:21:20 +0000
asID:                     19711
IP address blocks:        41.84.224.0/19 maxlen: 19
                          41.215.144.0/20 maxlen: 20
                          154.119.96.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/xnxiMRIJQSNVgdWUJWWr90Gdzsw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/xnxiMRIJQSNVgdWUJWWr90Gdzsw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/xnxiMRIJQSNVgdWUJWWr90Gdzsw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Wed 19 Jun 2024 00:05:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40 (0x28)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F363EA80AF/serialNumber=C67C6231120941235581D5942565ABF7419DCECC
        Validity
            Not Before: May 17 07:21:20 2023 GMT
            Not After : May 16 07:21:20 2028 GMT
        Subject: CN=6464807a-c85c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:38:a1:a2:37:59:b6:d7:c5:51:c5:4e:94:17:
                    68:a9:fe:57:84:9b:85:00:db:04:02:17:f2:f9:17:
                    95:d2:7f:96:52:fa:72:3a:05:11:75:03:c1:a7:49:
                    cc:0b:6b:6a:cc:3b:03:3c:13:4d:67:f6:12:dd:e7:
                    84:c7:ae:90:59:32:4e:4f:de:bd:8a:15:11:42:5b:
                    85:8f:61:d2:c9:d3:c6:63:c0:41:42:d9:18:56:8e:
                    80:40:5d:27:83:ad:73:d1:f0:0d:3e:f0:f0:b3:8b:
                    f1:9c:8a:36:98:cc:e4:c9:33:2f:ef:66:90:02:c3:
                    35:d1:92:fb:73:bb:e8:86:52:7d:a6:06:eb:54:1d:
                    a2:99:1e:d7:34:01:cf:02:26:e7:90:d5:2c:cf:eb:
                    04:ad:61:6c:fe:05:b0:c8:4a:47:f8:fe:a0:93:2b:
                    4c:29:c7:fd:65:ae:4b:41:f7:8c:3d:a2:2d:c7:e6:
                    9f:5d:ce:54:5b:2a:31:1e:0e:1d:0b:3a:7b:d2:11:
                    6d:a1:b4:41:1a:28:4c:4b:5f:9d:67:d0:b8:c0:07:
                    27:1a:88:26:57:32:72:7e:75:a1:ad:4e:32:bc:d2:
                    8a:46:ca:07:e0:4a:82:96:ff:bf:4d:82:ac:34:33:
                    5d:f0:c7:ac:8e:2f:bc:5a:e8:83:1a:e6:d9:bf:ae:
                    94:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:0B:F6:94:6B:8E:0C:5E:7D:53:07:78:86:C7:78:F1:EE:BF:0A:58
            X509v3 Authority Key Identifier:
                keyid:C6:7C:62:31:12:09:41:23:55:81:D5:94:25:65:AB:F7:41:9D:CE:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/xnxiMRIJQSNVgdWUJWWr90Gdzsw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/xnxiMRIJQSNVgdWUJWWr90Gdzsw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F363EA80/23D54B28DDDA11ED86532E0D306D8C1D/71B9ADBAF48311ED8AC17D2C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.84.224.0/19
                  41.215.144.0/20
                  154.119.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         7f:4e:cc:55:e2:ee:f8:78:25:3e:06:dd:ac:ba:21:97:14:a8:
         c0:54:71:50:2f:e9:8f:91:a8:cb:3c:bb:08:82:75:60:39:5a:
         f2:68:0c:01:eb:3e:fb:48:f1:8e:e3:64:8e:ea:ff:2d:25:1e:
         07:c4:44:6c:7b:af:fd:17:09:5c:e6:2c:0b:50:c2:a3:5a:c2:
         f8:87:b8:68:2a:4a:31:c2:af:42:44:c6:ec:93:c6:0f:fd:f3:
         53:71:dc:cd:1b:87:a7:b5:14:ec:6d:0f:0a:7a:bf:ce:ad:4c:
         3c:89:62:69:c7:d5:c1:82:5c:e7:35:88:1c:c8:ed:64:da:15:
         c9:a8:6e:de:17:49:04:ab:ae:b7:69:80:ba:29:2e:0b:73:78:
         60:d3:cd:e2:cf:d2:cf:12:c7:c2:49:55:db:a8:6a:24:23:99:
         b1:aa:a4:5b:10:b2:3e:ce:db:17:d1:c9:85:73:18:c1:35:84:
         db:cb:9e:72:a1:5f:50:90:c5:5a:fb:c4:42:e4:c9:69:c6:db:
         3d:b7:39:b4:22:27:b6:d0:ef:35:8e:94:7b:b4:16:d8:07:ff:
         36:64:d9:b6:e8:34:1a:7e:7c:c5:87:32:46:8d:f4:25:5d:e6:
         7b:78:1e:4e:9d:e6:46:85:32:1b:f3:4e:6f:74:a2:b2:01:c2:
         33:62:5c:eb
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgIBKDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzYz
RUE4MEFGMTEwLwYDVQQFEyhDNjdDNjIzMTEyMDk0MTIzNTU4MUQ1OTQyNTY1QUJG
NzQxOURDRUNDMB4XDTIzMDUxNzA3MjEyMFoXDTI4MDUxNjA3MjEyMFowGDEWMBQG
A1UEAxMNNjQ2NDgwN2EtYzg1YzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALw4oaI3WbbXxVHFTpQXaKn+V4SbhQDbBAIX8vkXldJ/llL6cjoFEXUDwadJ
zAtrasw7AzwTTWf2Et3nhMeukFkyTk/evYoVEUJbhY9h0snTxmPAQULZGFaOgEBd
J4Otc9HwDT7w8LOL8ZyKNpjM5MkzL+9mkALDNdGS+3O76IZSfaYG61Qdopke1zQB
zwIm55DVLM/rBK1hbP4FsMhKR/j+oJMrTCnH/WWuS0H3jD2iLcfmn13OVFsqMR4O
HQs6e9IRbaG0QRooTEtfnWfQuMAHJxqIJlcycn51oa1OMrzSikbKB+BKgpb/v02C
rDQzXfDHrI4vvFrogxrm2b+ulEkCAwEAAaOCArEwggKtMB0GA1UdDgQWBBQWC/aU
a44MXn1TB3iGx3jx7r8KWDAfBgNVHSMEGDAWgBTGfGIxEglBI1WB1ZQlZav3QZ3O
zDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2M0VBODAvMjNENTRCMjhERERBMTFFRDg2NTMyRTBEMzA2RDhDMUQveG54aU1S
SUpRU05WZ2RXVUpXV3I5MEdkenN3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMveG54aU1SSUpRU05WZ2RXVUpXV3I5MEdkenN3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2M0VBODAvMjNENTRCMjhERERBMTFFRDg2NTMyRTBEMzA2
RDhDMUQvNzFCOUFEQkFGNDgzMTFFRDhBQzE3RDJDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEBSlU4AMEBCnXkAMEBZp3YDAN
BgkqhkiG9w0BAQsFAAOCAQEAf07MVeLu+HglPgbdrLohlxSowFRxUC/pj5Goyzy7
CIJ1YDla8mgMAes++0jxjuNkjur/LSUeB8REbHuv/RcJXOYsC1DCo1rC+Ie4aCpK
McKvQkTG7JPGD/3zU3HczRuHp7UU7G0PCnq/zq1MPIliacfVwYJc5zWIHMjtZNoV
yahu3hdJBKuut2mAuikuC3N4YNPN4s/SzxLHwklV26hqJCOZsaqkWxCyPs7bF9HJ
hXMYwTWE28uecqFfUJDFWvvEQuTJacbbPbc5tCInttDvNY6Ue7QW2Af/NmTZtug0
Gn58xYcyRo30JV3me3geTp3mRoUyG/NOb3SisgHCM2Jc6w==
-----END CERTIFICATE-----
Generated at Mon Jun 17 03:47:39 2024 by rpki-client on console-ams.rpki-client.org