Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/3CBFED64495411EFB6814C5D762E951A.roa
File:                     3CBFED64495411EFB6814C5D762E951A.roa (raw, json)
Hash identifier:          rYrqlqO0kH8b1oM3UkYuWQ0BlyjcbnvQAaOtL36BdpY=
Subject key identifier:   F9:CF:88:52:E7:3B:A3:5E:ED:41:64:2B:F6:0A:23:6F:BB:35:EC:7E
Certificate issuer:       /CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
Certificate serial:       30
Authority key identifier: 48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/3CBFED64495411EFB6814C5D762E951A.roa
Signing time:             Wed 24 Jul 2024 00:32:42 +0000
ROA not before:           Wed 24 Jul 2024 00:00:38 +0000
ROA not after:            Mon 14 Dec 2026 00:00:38 +0000
asID:                     37030
IP address blocks:        41.215.165.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 48 (0x30)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
        Validity
            Not Before: Jul 24 00:00:38 2024 GMT
            Not After : Dec 14 00:00:38 2026 GMT
        Subject: CN=66a04baa-1b64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:07:79:89:c4:0b:24:96:e1:e1:d5:9c:dc:44:
                    85:cc:d8:0b:8b:4a:02:fd:84:c1:76:b3:6f:a0:b1:
                    d2:d1:d6:cd:41:8a:55:28:db:cf:5f:8f:36:48:8f:
                    f4:47:6c:4d:b5:8f:05:4d:bb:06:38:df:8e:db:05:
                    65:4a:b3:dc:2b:f1:fc:09:51:0e:58:93:f7:5a:8a:
                    69:ce:0e:d0:2b:50:a1:34:b4:7d:8b:dc:60:83:d0:
                    17:22:ff:17:f1:1b:5e:02:a2:0c:43:da:54:6e:71:
                    af:84:fa:08:6e:7c:dc:2b:7c:9e:ca:39:9a:a5:b4:
                    ca:5e:0d:24:01:c9:cd:bb:98:df:f2:4c:e6:45:26:
                    0e:1f:b7:38:44:8e:cd:7d:4f:ad:2e:a2:bd:1e:68:
                    f5:0a:6d:8a:ab:d2:ee:17:16:81:4d:1e:c7:65:e9:
                    c7:18:01:1f:65:5a:c9:83:99:5c:b0:52:5b:de:77:
                    4b:88:7c:da:dd:68:2c:92:57:cb:13:7a:16:b8:01:
                    01:e9:93:fd:e4:88:a3:be:6c:df:bb:79:e8:30:f4:
                    71:34:e6:05:2c:03:92:86:0e:7a:7d:6e:aa:96:16:
                    e5:fd:ec:ba:2f:6f:e2:01:2a:d1:f1:24:f6:3a:d6:
                    cc:cc:31:17:6b:5f:f6:92:81:b5:15:11:98:81:d0:
                    cb:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F9:CF:88:52:E7:3B:A3:5E:ED:41:64:2B:F6:0A:23:6F:BB:35:EC:7E
            X509v3 Authority Key Identifier:
                keyid:48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/3CBFED64495411EFB6814C5D762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.215.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:3a:93:9a:89:64:e4:83:d2:6a:a3:2e:58:52:92:eb:89:37:
         b5:40:c0:ec:a9:34:1a:e6:cf:27:69:62:93:5d:0f:b5:ff:b8:
         61:87:6a:59:6e:05:a9:24:a3:d0:ce:5a:f7:48:00:31:05:e2:
         1f:a4:c5:d7:f7:67:b3:71:d5:bf:f0:a5:5c:27:44:d8:3a:14:
         b5:35:ed:cf:d6:74:6d:eb:d5:37:da:6a:81:42:6c:0f:c2:ee:
         2d:a0:dd:98:0a:a4:c4:74:81:0c:9b:05:71:a8:be:a1:42:07:
         1f:4c:e1:3f:cf:54:58:45:97:42:23:51:9a:35:98:89:b2:d8:
         2e:f1:48:93:8e:95:5b:d7:74:35:d6:1d:fb:d6:d6:e6:9d:52:
         97:a2:66:c5:53:9b:f2:c0:b3:1c:4e:7a:9a:a6:a9:bd:69:b0:
         1b:d9:17:8f:7d:5b:35:0a:bf:59:e4:08:8a:da:f1:52:87:3f:
         46:78:d4:58:70:b8:7d:83:43:0a:aa:fe:3b:ae:fd:ed:ef:c9:
         dc:ee:68:d1:19:f7:d8:df:86:20:9f:31:94:b0:1b:27:7a:1e:
         4f:43:1c:dc:53:7e:e1:b7:03:67:00:5d:d4:10:0a:14:23:6d:
         f2:23:bc:49:a4:07:d3:72:62:2a:71:8f:c9:df:13:22:27:b0:
         89:00:71:ed
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBMDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MkNCMUFGMTEwLwYDVQQFEyg0ODJERUVDMjkxMzBFRDIwMkQ4Mzk5RDY5QTEzMjY5
QUE2MTJBRkQzMB4XDTI0MDcyNDAwMDAzOFoXDTI2MTIxNDAwMDAzOFowGDEWMBQG
A1UEAxMNNjZhMDRiYWEtMWI2NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoHeYnECySW4eHVnNxEhczYC4tKAv2EwXazb6Cx0tHWzUGKVSjbz1+PNkiP
9EdsTbWPBU27BjjfjtsFZUqz3Cvx/AlRDliT91qKac4O0CtQoTS0fYvcYIPQFyL/
F/EbXgKiDEPaVG5xr4T6CG583Ct8nso5mqW0yl4NJAHJzbuY3/JM5kUmDh+3OESO
zX1PrS6ivR5o9QptiqvS7hcWgU0ex2XpxxgBH2VayYOZXLBSW953S4h82t1oLJJX
yxN6FrgBAemT/eSIo75s37t56DD0cTTmBSwDkoYOen1uqpYW5f3sui9v4gEq0fEk
9jrWzMwxF2tf9pKBtRURmIHQyzkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT5z4hS
5zujXu1BZCv2CiNvuzXsfjAfBgNVHSMEGDAWgBRILe7CkTDtIC2DmdaaEyaaphKv
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYyRTk1MUEvU0MzdXdw
RXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU0MzdXdwRXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYy
RTk1MUEvM0NCRkVENjQ0OTU0MTFFRkI2ODE0QzVENzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACnXpTANBgkqhkiG9w0BAQsF
AAOCAQEARDqTmolk5IPSaqMuWFKS64k3tUDA7Kk0GubPJ2lik10Ptf+4YYdqWW4F
qSSj0M5a90gAMQXiH6TF1/dns3HVv/ClXCdE2DoUtTXtz9Z0bevVN9pqgUJsD8Lu
LaDdmAqkxHSBDJsFcai+oUIHH0zhP89UWEWXQiNRmjWYibLYLvFIk46VW9d0NdYd
+9bW5p1Sl6JmxVOb8sCzHE56mqapvWmwG9kXj31bNQq/WeQIitrxUoc/RnjUWHC4
fYNDCqr+O6797e/J3O5o0Rn32N+GIJ8xlLAbJ3oeT0Mc3FN+4bcDZwBd1BAKFCNt
8iO8SaQH03JiKnGPyd8TIiewiQBx7Q==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org