Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/9C73B5384A2611EF8F9A1380762E951A.roa
File:                     9C73B5384A2611EF8F9A1380762E951A.roa (raw, json)
Hash identifier:          nRAl69sp6vxHIEfCOCmW9Tz389R1auBc2Q7TENAtRGg=
Subject key identifier:   5C:D9:60:77:06:0B:DE:B7:D5:AB:AF:72:18:C0:20:69:18:83:E6:D2
Certificate issuer:       /CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
Certificate serial:       41
Authority key identifier: 48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/9C73B5384A2611EF8F9A1380762E951A.roa
Signing time:             Thu 25 Jul 2024 01:38:37 +0000
ROA not before:           Thu 25 Jul 2024 01:38:33 +0000
ROA not after:            Mon 14 Dec 2026 01:38:33 +0000
asID:                     37030
IP address blocks:        41.215.164.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 65 (0x41)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
        Validity
            Not Before: Jul 25 01:38:33 2024 GMT
            Not After : Dec 14 01:38:33 2026 GMT
        Subject: CN=66a1ac9d-d265
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:fc:15:30:40:c8:1a:99:f9:4b:ea:25:60:12:
                    1d:57:56:3c:b3:a9:f6:42:7f:d7:94:e3:c7:31:76:
                    52:4a:81:a6:f8:45:a0:96:a5:17:90:97:ac:52:b3:
                    77:55:30:87:af:ec:e5:4c:e1:b0:a5:d8:58:41:8b:
                    38:7d:ac:ff:64:04:84:1f:be:95:dd:ec:60:94:ec:
                    1b:fa:04:f0:93:31:be:b5:a0:c1:92:99:1d:41:f2:
                    18:3f:79:3e:e0:19:e4:d9:58:ff:64:b4:67:28:3d:
                    52:e9:8a:08:bf:80:7d:f4:42:ae:7a:21:85:21:9e:
                    49:77:08:2c:9c:41:76:93:76:a0:c3:9d:0a:4c:58:
                    14:91:78:e4:d2:2c:c3:52:f3:c7:23:d6:13:9e:f6:
                    70:53:08:2d:62:03:70:36:95:c7:8d:fe:9d:59:50:
                    43:de:8a:59:33:e4:64:70:80:91:fd:e2:48:f4:fb:
                    71:10:7a:6f:d1:90:d4:9a:36:45:30:49:ba:08:d9:
                    39:4b:3a:50:73:2b:25:d0:79:8b:b0:be:0c:17:62:
                    c0:93:8f:83:a5:d4:de:ab:a2:9c:2f:ad:92:c1:a1:
                    f7:f2:ce:08:ea:aa:0f:59:d7:e4:e7:49:37:f7:51:
                    93:bc:df:06:21:cd:b1:b1:3b:12:fd:21:a4:16:22:
                    a3:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:D9:60:77:06:0B:DE:B7:D5:AB:AF:72:18:C0:20:69:18:83:E6:D2
            X509v3 Authority Key Identifier:
                keyid:48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/9C73B5384A2611EF8F9A1380762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.215.164.0/24

    Signature Algorithm: sha256WithRSAEncryption
         53:be:e3:7f:6b:28:dc:1e:d1:a3:c3:6d:37:63:4f:7b:17:9f:
         95:e4:c6:61:6c:8f:05:45:04:c5:71:eb:59:af:1c:09:28:16:
         5a:2a:af:7f:ed:98:b3:1c:09:b3:4e:db:cf:ce:05:88:e0:d9:
         81:c6:1b:07:01:b9:b0:8e:3c:03:b1:52:d2:1c:fb:71:c2:21:
         9c:bc:90:1e:36:57:49:87:24:a6:ea:29:2b:1b:68:02:c4:91:
         1d:c8:14:f2:3f:54:26:9f:69:d7:33:dd:1f:d5:57:d0:f6:7a:
         92:1f:fe:0e:06:f0:ac:c5:81:17:b6:9b:3c:53:bb:15:ad:2c:
         c2:00:e0:9d:d4:a9:77:20:4a:03:e9:2e:3f:97:0b:e9:37:48:
         a8:a0:78:05:64:29:6f:8a:2b:18:07:6e:d1:44:3e:0d:75:91:
         d9:d7:67:26:92:ca:e6:07:3e:af:ae:4a:75:43:78:77:42:d3:
         05:92:df:52:6a:76:fb:7d:9c:3b:2d:c7:7a:ce:57:ad:57:de:
         b9:94:af:5b:a3:46:ce:e5:c7:60:29:dc:09:44:c4:6d:a5:5c:
         89:e0:49:5f:76:60:72:36:94:d9:c6:e6:e3:47:e5:eb:f2:8f:
         e3:93:22:07:9a:a2:2c:cb:82:c1:71:97:63:0f:42:f6:d9:5a:
         40:de:bd:99
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBQTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MkNCMUFGMTEwLwYDVQQFEyg0ODJERUVDMjkxMzBFRDIwMkQ4Mzk5RDY5QTEzMjY5
QUE2MTJBRkQzMB4XDTI0MDcyNTAxMzgzM1oXDTI2MTIxNDAxMzgzM1owGDEWMBQG
A1UEAxMNNjZhMWFjOWQtZDI2NTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMb8FTBAyBqZ+UvqJWASHVdWPLOp9kJ/15TjxzF2UkqBpvhFoJalF5CXrFKz
d1Uwh6/s5UzhsKXYWEGLOH2s/2QEhB++ld3sYJTsG/oE8JMxvrWgwZKZHUHyGD95
PuAZ5NlY/2S0Zyg9UumKCL+AffRCrnohhSGeSXcILJxBdpN2oMOdCkxYFJF45NIs
w1LzxyPWE572cFMILWIDcDaVx43+nVlQQ96KWTPkZHCAkf3iSPT7cRB6b9GQ1Jo2
RTBJugjZOUs6UHMrJdB5i7C+DBdiwJOPg6XU3quinC+tksGh9/LOCOqqD1nX5OdJ
N/dRk7zfBiHNsbE7Ev0hpBYio18CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRc2WB3
Bgvet9Wrr3IYwCBpGIPm0jAfBgNVHSMEGDAWgBRILe7CkTDtIC2DmdaaEyaaphKv
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYyRTk1MUEvU0MzdXdw
RXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU0MzdXdwRXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYy
RTk1MUEvOUM3M0I1Mzg0QTI2MTFFRjhGOUExMzgwNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACnXpDANBgkqhkiG9w0BAQsF
AAOCAQEAU77jf2so3B7Ro8NtN2NPexefleTGYWyPBUUExXHrWa8cCSgWWiqvf+2Y
sxwJs07bz84FiODZgcYbBwG5sI48A7FS0hz7ccIhnLyQHjZXSYckpuopKxtoAsSR
HcgU8j9UJp9p1zPdH9VX0PZ6kh/+DgbwrMWBF7abPFO7Fa0swgDgndSpdyBKA+ku
P5cL6TdIqKB4BWQpb4orGAdu0UQ+DXWR2ddnJpLK5gc+r65KdUN4d0LTBZLfUmp2
+32cOy3Hes5XrVfeuZSvW6NGzuXHYCncCUTEbaVcieBJX3ZgcjaU2cbm40fl6/KP
45MiB5qiLMuCwXGXYw9C9tlaQN69mQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org