Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/B5F67940495A11EFBD9D1F91762E951A.roa
File:                     B5F67940495A11EFBD9D1F91762E951A.roa (raw, json)
Hash identifier:          Fxf/e9tt77VXipQwVutTjXDkhsLGh3QnCmbowhMJuac=
Subject key identifier:   06:22:8A:2E:39:A5:89:AC:E1:EA:88:B3:2B:E0:8C:C4:9C:73:A8:DD
Certificate issuer:       /CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
Certificate serial:       38
Authority key identifier: 48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/B5F67940495A11EFBD9D1F91762E951A.roa
Signing time:             Wed 24 Jul 2024 01:19:02 +0000
ROA not before:           Wed 24 Jul 2024 01:18:58 +0000
ROA not after:            Mon 14 Dec 2026 01:18:58 +0000
asID:                     37030
IP address blocks:        41.215.173.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 56 (0x38)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
        Validity
            Not Before: Jul 24 01:18:58 2024 GMT
            Not After : Dec 14 01:18:58 2026 GMT
        Subject: CN=66a05686-ade6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:07:56:90:c5:fb:ba:76:ba:52:f2:f1:82:0f:
                    a7:1c:de:75:a0:4c:c0:57:ba:00:66:22:60:b6:9b:
                    4b:2a:7d:c8:55:e1:7c:06:5c:86:c5:0a:d7:28:b8:
                    c0:18:3a:74:77:42:40:b1:ad:14:67:cf:69:42:60:
                    35:4e:8a:57:79:c5:8d:e9:8f:cd:61:16:7c:a2:48:
                    60:f9:a5:e5:10:a0:dd:56:f0:2b:ca:4a:61:a5:6a:
                    48:bd:94:06:fd:f8:50:ad:d3:51:37:fb:f0:ac:ce:
                    7c:1e:5a:c3:03:19:ef:8b:fb:1c:f3:0d:4c:d1:57:
                    88:57:5e:46:e5:71:d6:a1:3c:24:9e:35:19:50:52:
                    96:85:e6:b5:34:0d:17:50:6e:63:9a:3f:7e:51:8b:
                    f0:46:28:0e:88:df:9c:af:2f:ee:19:9d:ec:67:07:
                    48:7a:e9:97:d3:a3:6f:18:db:9a:17:98:a7:c9:42:
                    80:ac:c2:7b:ba:a1:dc:03:98:c2:78:21:6b:38:18:
                    cd:a8:28:ac:6a:f5:af:2f:34:b9:87:22:72:ad:3b:
                    ba:7b:78:c6:1a:f2:e7:0c:2f:13:16:39:c2:25:39:
                    21:9c:93:43:6b:9e:47:45:8b:73:fa:ad:5d:0a:32:
                    b6:17:29:32:ce:9b:37:55:c0:7f:75:57:be:e9:1b:
                    99:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:22:8A:2E:39:A5:89:AC:E1:EA:88:B3:2B:E0:8C:C4:9C:73:A8:DD
            X509v3 Authority Key Identifier:
                keyid:48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/B5F67940495A11EFBD9D1F91762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.215.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:31:58:10:c0:6f:93:1e:0b:2f:02:f7:9f:af:75:69:45:40:
         78:28:68:41:e7:6c:e9:4b:10:c1:f1:6c:83:b0:5a:db:78:d3:
         bd:cb:f0:f1:aa:44:57:5e:c1:f9:8c:19:0b:c2:18:71:11:ea:
         10:6e:79:d0:eb:52:da:fd:ac:08:e6:81:2f:62:af:13:1d:1e:
         33:d0:76:fa:53:e2:1d:0c:2d:d9:02:cf:ee:57:a8:b6:77:88:
         c8:7c:da:2f:e3:b6:21:92:41:52:46:4c:58:9e:94:c7:0d:e2:
         60:c6:85:cd:4e:91:fe:d7:b5:69:2f:0a:3e:8a:4b:d1:af:88:
         20:51:18:a9:f3:53:a6:c5:a4:84:00:ab:05:24:e4:be:ec:8f:
         57:b5:82:6b:79:78:e0:79:32:3c:da:6e:9d:bf:e7:e1:10:bc:
         72:2b:22:fe:e4:38:6e:70:e9:d5:94:8d:a8:65:44:2d:46:92:
         ef:4b:34:d4:83:f5:6f:d3:3b:05:fc:43:e0:c1:f4:97:8a:6a:
         c2:06:d8:4f:79:b4:39:75:35:0c:fc:55:75:a1:41:bd:5b:73:
         15:df:b1:02:5f:2c:08:88:d6:20:e2:18:c4:57:73:84:3a:d5:
         46:80:56:e2:ed:a1:e0:9a:79:00:57:af:97:87:43:29:24:e4:
         2b:a9:df:90
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBODANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MkNCMUFGMTEwLwYDVQQFEyg0ODJERUVDMjkxMzBFRDIwMkQ4Mzk5RDY5QTEzMjY5
QUE2MTJBRkQzMB4XDTI0MDcyNDAxMTg1OFoXDTI2MTIxNDAxMTg1OFowGDEWMBQG
A1UEAxMNNjZhMDU2ODYtYWRlNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKoHVpDF+7p2ulLy8YIPpxzedaBMwFe6AGYiYLabSyp9yFXhfAZchsUK1yi4
wBg6dHdCQLGtFGfPaUJgNU6KV3nFjemPzWEWfKJIYPml5RCg3VbwK8pKYaVqSL2U
Bv34UK3TUTf78KzOfB5awwMZ74v7HPMNTNFXiFdeRuVx1qE8JJ41GVBSloXmtTQN
F1BuY5o/flGL8EYoDojfnK8v7hmd7GcHSHrpl9OjbxjbmheYp8lCgKzCe7qh3AOY
wnghazgYzagorGr1ry80uYcicq07unt4xhry5wwvExY5wiU5IZyTQ2ueR0WLc/qt
XQoythcpMs6bN1XAf3VXvukbmWkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQGIoou
OaWJrOHqiLMr4IzEnHOo3TAfBgNVHSMEGDAWgBRILe7CkTDtIC2DmdaaEyaaphKv
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYyRTk1MUEvU0MzdXdw
RXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU0MzdXdwRXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYy
RTk1MUEvQjVGNjc5NDA0OTVBMTFFRkJEOUQxRjkxNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACnXrTANBgkqhkiG9w0BAQsF
AAOCAQEAUTFYEMBvkx4LLwL3n691aUVAeChoQeds6UsQwfFsg7Ba23jTvcvw8apE
V17B+YwZC8IYcRHqEG550OtS2v2sCOaBL2KvEx0eM9B2+lPiHQwt2QLP7leotneI
yHzaL+O2IZJBUkZMWJ6Uxw3iYMaFzU6R/te1aS8KPopL0a+IIFEYqfNTpsWkhACr
BSTkvuyPV7WCa3l44HkyPNpunb/n4RC8cisi/uQ4bnDp1ZSNqGVELUaS70s01IP1
b9M7BfxD4MH0l4pqwgbYT3m0OXU1DPxVdaFBvVtzFd+xAl8sCIjWIOIYxFdzhDrV
RoBW4u2h4Jp5AFevl4dDKSTkK6nfkA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:53 2024 by rpki-client on console-fra.rpki-client.org