Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/FA56183C4A2E11EF935CD441762E951A.roa
File:                     FA56183C4A2E11EF935CD441762E951A.roa (raw, json)
Hash identifier:          qasmLn0THzKUXPfZdrwuy9yINB8A6qwmZTMMTYcCuGE=
Subject key identifier:   12:A2:C9:F8:53:EF:E0:98:17:28:1A:14:13:76:2B:09:B5:A6:F5:F6
Certificate issuer:       /CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
Certificate serial:       47
Authority key identifier: 48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/FA56183C4A2E11EF935CD441762E951A.roa
Signing time:             Thu 25 Jul 2024 02:38:30 +0000
ROA not before:           Thu 25 Jul 2024 02:38:27 +0000
ROA not after:            Mon 14 Dec 2026 02:38:27 +0000
asID:                     37140
IP address blocks:        196.175.1.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.mft
                          rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 71 (0x47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3642CB1AF/serialNumber=482DEEC29130ED202D8399D69A13269AA612AFD3
        Validity
            Not Before: Jul 25 02:38:27 2024 GMT
            Not After : Dec 14 02:38:27 2026 GMT
        Subject: CN=66a1baa6-de80
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c4:d7:1a:34:96:da:a1:26:69:3a:fa:35:70:
                    14:b1:ec:86:bd:c2:b6:df:c5:44:84:82:09:13:c0:
                    13:33:26:e3:b9:4f:aa:1b:74:be:2d:f4:1e:5d:a9:
                    c6:15:e6:82:f4:b2:12:d5:3a:b2:7f:87:cc:9b:d9:
                    d7:10:e7:7a:9e:3d:93:55:53:cb:42:45:86:da:d4:
                    fd:b3:32:66:41:43:fe:19:78:ed:f6:06:7b:c3:45:
                    79:5e:5e:45:d9:09:4a:ce:84:03:b6:03:ba:4a:4a:
                    ba:91:04:d0:33:13:62:d5:56:49:79:60:d2:38:49:
                    3f:1a:4b:ec:54:4d:f0:0c:35:75:18:08:6e:61:bc:
                    04:27:15:05:6c:ea:ce:0b:03:0c:c5:35:2f:5d:fa:
                    20:42:e2:5c:f5:82:46:43:a7:42:bc:56:6d:f9:0d:
                    70:fa:27:10:f5:1a:2d:d2:f9:92:cc:96:d1:21:1b:
                    65:b1:07:78:e4:20:9b:00:69:5a:de:99:59:db:08:
                    19:ea:54:e1:b8:fd:d5:63:f1:93:31:61:53:81:79:
                    d3:e4:e3:77:fb:56:b9:d8:0d:49:b9:7c:49:bc:b8:
                    80:d8:78:48:31:87:6e:ff:fb:98:64:23:ae:6a:61:
                    a8:a6:75:32:61:23:0e:9e:ee:cc:96:27:a7:83:13:
                    a8:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:A2:C9:F8:53:EF:E0:98:17:28:1A:14:13:76:2B:09:B5:A6:F5:F6
            X509v3 Authority Key Identifier:
                keyid:48:2D:EE:C2:91:30:ED:20:2D:83:99:D6:9A:13:26:9A:A6:12:AF:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/SC3uwpEw7SAtg5nWmhMmmqYSr9M.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/SC3uwpEw7SAtg5nWmhMmmqYSr9M.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3642CB1/2A238452348911EF96C98D9E762E951A/FA56183C4A2E11EF935CD441762E951A.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.175.1.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b5:1f:57:ee:96:1f:34:39:74:75:92:f1:85:1e:ea:87:b5:e8:
         d1:2b:51:9d:b0:fa:f9:18:a6:74:04:4c:f5:91:ba:68:49:cb:
         99:68:29:a5:ee:1e:7b:7d:00:08:eb:f2:27:20:6a:1d:4b:90:
         01:71:eb:39:f2:12:35:3b:38:90:88:00:62:f6:03:92:6a:b0:
         fc:16:78:8f:2f:8c:62:b7:a3:cd:35:00:01:30:a9:82:f3:ca:
         62:97:47:f0:92:a8:fc:53:c1:9d:db:d4:6e:61:fd:e5:5d:86:
         fd:4f:9a:c1:84:a5:57:71:93:ee:18:18:f6:d4:58:41:1b:97:
         57:7a:28:44:23:90:3b:88:20:2e:03:2e:c7:1c:8a:0b:c9:17:
         d4:39:dd:87:2c:5e:f6:2e:83:3b:8c:d6:7f:67:9f:a6:49:26:
         a0:0b:80:d4:5c:cd:06:3b:15:d1:73:ab:8b:d5:a0:57:c5:33:
         6f:2c:7b:b8:b3:54:40:e5:37:23:45:1e:52:c2:25:e9:98:26:
         42:1b:6c:04:c9:b6:2d:c1:e1:86:d9:37:28:d8:fa:8d:5f:3f:
         97:cd:80:b6:83:e1:9c:d0:b8:cc:14:02:ba:e1:bf:c9:83:5a:
         7f:e9:03:9a:21:bd:c3:de:83:3c:47:7c:eb:1d:49:c6:d6:67:
         7e:03:cb:94
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBRzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY0
MkNCMUFGMTEwLwYDVQQFEyg0ODJERUVDMjkxMzBFRDIwMkQ4Mzk5RDY5QTEzMjY5
QUE2MTJBRkQzMB4XDTI0MDcyNTAyMzgyN1oXDTI2MTIxNDAyMzgyN1owGDEWMBQG
A1UEAxMNNjZhMWJhYTYtZGU4MDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM7E1xo0ltqhJmk6+jVwFLHshr3Ctt/FRISCCRPAEzMm47lPqht0vi30Hl2p
xhXmgvSyEtU6sn+HzJvZ1xDnep49k1VTy0JFhtrU/bMyZkFD/hl47fYGe8NFeV5e
RdkJSs6EA7YDukpKupEE0DMTYtVWSXlg0jhJPxpL7FRN8Aw1dRgIbmG8BCcVBWzq
zgsDDMU1L136IELiXPWCRkOnQrxWbfkNcPonEPUaLdL5ksyW0SEbZbEHeOQgmwBp
Wt6ZWdsIGepU4bj91WPxkzFhU4F50+Tjd/tWudgNSbl8Sby4gNh4SDGHbv/7mGQj
rmphqKZ1MmEjDp7uzJYnp4MTqIECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQSosn4
U+/gmBcoGhQTdisJtab19jAfBgNVHSMEGDAWgBRILe7CkTDtIC2DmdaaEyaaphKv
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYyRTk1MUEvU0MzdXdw
RXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvU0MzdXdwRXc3U0F0ZzVuV21oTW1tcVlTcjlNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NDJDQjEvMkEyMzg0NTIzNDg5MTFFRjk2Qzk4RDlFNzYy
RTk1MUEvRkE1NjE4M0M0QTJFMTFFRjkzNUNENDQxNzYyRTk1MUEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMSvATANBgkqhkiG9w0BAQsF
AAOCAQEAtR9X7pYfNDl0dZLxhR7qh7Xo0StRnbD6+RimdARM9ZG6aEnLmWgppe4e
e30ACOvyJyBqHUuQAXHrOfISNTs4kIgAYvYDkmqw/BZ4jy+MYrejzTUAATCpgvPK
YpdH8JKo/FPBndvUbmH95V2G/U+awYSlV3GT7hgY9tRYQRuXV3ooRCOQO4ggLgMu
xxyKC8kX1Dndhyxe9i6DO4zWf2efpkkmoAuA1FzNBjsV0XOri9WgV8Uzbyx7uLNU
QOU3I0UeUsIl6ZgmQhtsBMm2LcHhhtk3KNj6jV8/l82AtoPhnNC4zBQCuuG/yYNa
f+kDmiG9w96DPEd86x1JxtZnfgPLlA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:33 2024 by rpki-client on console-ams.rpki-client.org