Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/FC54DD08571F11EC90429C41D8A014CE.roa
File:                     FC54DD08571F11EC90429C41D8A014CE.roa (raw, json)
Hash identifier:          TM156CRwR/2Jif+4HOy6chTdvP7fT1UGWA7gKZC9RKY=
Subject key identifier:   C4:B3:75:5D:6F:67:3A:A3:95:48:F8:95:01:BD:65:41:66:F2:A1:FC
Certificate issuer:       /CN=F36472E5AF/serialNumber=86FED2ED19C2067A482221B645D60C45A4D56A9D
Certificate serial:       0932
Authority key identifier: 86:FE:D2:ED:19:C2:06:7A:48:22:21:B6:45:D6:0C:45:A4:D5:6A:9D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/hv7S7RnCBnpIIiG2RdYMRaTVap0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/FC54DD08571F11EC90429C41D8A014CE.roa
Signing time:             Tue 07 Dec 2021 05:39:03 +0000
ROA not before:           Tue 07 Dec 2021 05:38:58 +0000
ROA not after:            Thu 06 Feb 2025 05:38:58 +0000
asID:                     36874
IP address blocks:        41.177.0.0/16 maxlen: 24
                          105.233.0.0/16 maxlen: 24
                          196.6.121.0/24 maxlen: 24
                          196.22.240.0/20 maxlen: 24
                          196.41.96.0/19 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/hv7S7RnCBnpIIiG2RdYMRaTVap0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/hv7S7RnCBnpIIiG2RdYMRaTVap0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/hv7S7RnCBnpIIiG2RdYMRaTVap0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2354 (0x932)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36472E5AF/serialNumber=86FED2ED19C2067A482221B645D60C45A4D56A9D
        Validity
            Not Before: Dec  7 05:38:58 2021 GMT
            Not After : Feb  6 05:38:58 2025 GMT
        Subject: CN=61aef377-429c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:68:b6:14:23:28:c7:96:5b:50:e9:04:b6:72:
                    2b:cf:62:22:db:3e:41:ae:58:d8:56:67:e5:6e:1b:
                    b2:2e:1b:81:f3:5e:b5:0c:72:d8:4f:e1:c6:3e:a7:
                    61:0c:fd:fa:01:45:a9:52:1d:d9:31:ac:19:33:98:
                    dc:3f:70:4e:f4:bc:96:22:84:f9:16:21:63:43:b3:
                    b0:0e:80:7c:c1:5e:f3:88:24:7f:e6:a8:51:44:e6:
                    0a:d8:89:e9:31:70:1c:36:ed:bd:e9:55:7d:06:09:
                    3e:7a:e6:22:e5:0c:6c:d2:49:00:42:e7:2b:54:a0:
                    98:e6:a3:c9:f3:72:f4:78:2c:c2:f4:cf:a4:2d:31:
                    36:0a:27:b7:33:dc:1f:d9:e1:3a:2a:87:13:f7:7b:
                    7a:13:df:ef:09:63:01:4f:5e:d0:c9:e3:79:0a:43:
                    f1:3f:e6:43:c0:75:18:1d:f7:c5:18:7a:02:5f:cf:
                    e2:d4:f2:cf:e3:c9:39:08:cf:6d:b3:10:cd:47:45:
                    61:16:08:cd:d7:ef:22:a3:fd:fc:53:a8:73:9b:d0:
                    51:a1:4a:09:6b:95:e3:7c:ea:cc:8b:58:2f:af:72:
                    17:c2:d8:52:c6:e6:15:6b:70:92:cb:81:f4:e5:c7:
                    7d:0d:90:ee:39:33:f2:5a:09:2c:f8:27:aa:6a:7e:
                    e2:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C4:B3:75:5D:6F:67:3A:A3:95:48:F8:95:01:BD:65:41:66:F2:A1:FC
            X509v3 Authority Key Identifier:
                keyid:86:FE:D2:ED:19:C2:06:7A:48:22:21:B6:45:D6:0C:45:A4:D5:6A:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/hv7S7RnCBnpIIiG2RdYMRaTVap0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/hv7S7RnCBnpIIiG2RdYMRaTVap0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36472E5/8DB6547A56D711E585356D60F8AEA228/FC54DD08571F11EC90429C41D8A014CE.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.177.0.0/16
                  105.233.0.0/16
                  196.6.121.0/24
                  196.22.240.0/20
                  196.41.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         0f:4f:c0:5b:59:57:e9:05:86:68:25:91:c8:cd:22:d8:f8:c1:
         0e:72:40:6f:86:a1:0b:fd:7a:84:78:9f:7c:24:7b:cd:4a:b0:
         d4:5d:ca:40:a6:44:f2:28:d7:c2:18:73:8d:80:b1:e6:1d:c7:
         ee:db:fb:f7:e8:db:17:37:ec:66:30:c2:24:04:5b:a6:e6:c0:
         5f:ac:59:9a:c5:74:04:77:fb:12:54:b6:66:43:57:f4:ce:b4:
         48:8e:0e:91:7a:4b:99:b9:c5:ab:1f:d2:d3:64:89:77:79:ee:
         4d:b3:de:2d:73:fa:dc:5b:1a:bd:ab:52:0a:57:1f:2a:1e:bc:
         e7:9f:28:c5:d6:38:25:83:17:ef:07:7a:7d:db:c7:a8:b8:b0:
         ef:11:81:3c:94:a2:6d:dc:d1:23:a9:43:3b:c2:ee:d8:69:d0:
         58:37:79:8a:3f:ad:b1:ae:0a:1e:73:52:da:61:8d:db:a0:40:
         93:25:5f:1e:d7:59:85:8f:77:2d:6b:20:58:9e:04:fe:88:26:
         4e:29:3e:a7:fe:eb:62:a5:a7:bf:fb:a9:b8:72:4e:0f:7a:6e:
         2a:3d:2b:d2:70:3f:d1:f8:6b:70:6b:fc:59:31:a5:85:37:15:
         3e:f2:7a:3b:87:57:9f:fe:ec:c1:9b:e7:ce:da:86:af:fa:c6:
         4a:7c:c5:1d
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgICCTIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
NDcyRTVBRjExMC8GA1UEBRMoODZGRUQyRUQxOUMyMDY3QTQ4MjIyMUI2NDVENjBD
NDVBNEQ1NkE5RDAeFw0yMTEyMDcwNTM4NThaFw0yNTAyMDYwNTM4NThaMBgxFjAU
BgNVBAMMDTYxYWVmMzc3LTQyOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCjaLYUIyjHlltQ6QS2civPYiLbPkGuWNhWZ+VuG7IuG4HzXrUMcthP4cY+
p2EM/foBRalSHdkxrBkzmNw/cE70vJYihPkWIWNDs7AOgHzBXvOIJH/mqFFE5grY
iekxcBw27b3pVX0GCT565iLlDGzSSQBC5ytUoJjmo8nzcvR4LML0z6QtMTYKJ7cz
3B/Z4ToqhxP3e3oT3+8JYwFPXtDJ43kKQ/E/5kPAdRgd98UYegJfz+LU8s/jyTkI
z22zEM1HRWEWCM3X7yKj/fxTqHOb0FGhSglrleN86syLWC+vchfC2FLG5hVrcJLL
gfTlx30NkO45M/JaCSz4J6pqfuLBAgMBAAGjggK7MIICtzAdBgNVHQ4EFgQUxLN1
XW9nOqOVSPiVAb1lQWbyofwwHwYDVR0jBBgwFoAUhv7S7RnCBnpIIiG2RdYMRaTV
ap0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ3MkU1LzhEQjY1NDdBNTZENzExRTU4NTM1NkQ2MEY4QUVBMjI4L2h2N1M3
Um5DQm5wSUlpRzJSZFlNUmFUVmFwMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2h2N1M3Um5DQm5wSUlpRzJSZFlNUmFUVmFwMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ3MkU1LzhEQjY1NDdBNTZENzExRTU4NTM1NkQ2MEY4
QUVBMjI4L0ZDNTRERDA4NTcxRjExRUM5MDQyOUM0MUQ4QTAxNENFLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwNQYIKwYBBQUHAQcBAf8EJjAkMCIEAgABMBwDAwApsQMDAGnpAwQAxAZ5AwQE
xBbwAwQFxClgMA0GCSqGSIb3DQEBCwUAA4IBAQAPT8BbWVfpBYZoJZHIzSLY+MEO
ckBvhqEL/XqEeJ98JHvNSrDUXcpApkTyKNfCGHONgLHmHcfu2/v36NsXN+xmMMIk
BFum5sBfrFmaxXQEd/sSVLZmQ1f0zrRIjg6RekuZucWrH9LTZIl3ee5Ns94tc/rc
Wxq9q1IKVx8qHrznnyjF1jglgxfvB3p928eouLDvEYE8lKJt3NEjqUM7wu7YadBY
N3mKP62xrgoec1LaYY3boECTJV8e11mFj3ctayBYngT+iCZOKT6n/utipae/+6m4
ck4Pem4qPSvScD/R+Gtwa/xZMaWFNxU+8no7h1ef/uzBm+fO2oav+sZKfMUd
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org