Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36493E2/CD0DCC106FDC11EB9FF77B58F8AEA228/751920CE7E9611EE8D4DD95B4AD9E6FC.roa
File:                     751920CE7E9611EE8D4DD95B4AD9E6FC.roa (raw, json)
Hash identifier:          CNMY5e2drHouzm76FLKpVmYcbX4KrOkhsePbbpZjJY8=
Subject key identifier:   E2:FB:31:65:E0:47:1C:D0:9F:A1:56:B7:D2:0D:49:04:8F:A6:11:AC
Certificate issuer:       /CN=F36493E2AF/serialNumber=A8A1AF02F96C1BA92D93A522CABE9ED8E5295153
Certificate serial:       0412
Authority key identifier: A8:A1:AF:02:F9:6C:1B:A9:2D:93:A5:22:CA:BE:9E:D8:E5:29:51:53
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/qKGvAvlsG6ktk6Uiyr6e2OUpUVM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36493E2/CD0DCC106FDC11EB9FF77B58F8AEA228/751920CE7E9611EE8D4DD95B4AD9E6FC.roa
Signing time:             Thu 09 Nov 2023 00:25:17 +0000
ROA not before:           Thu 09 Nov 2023 00:00:13 +0000
ROA not after:            Sat 31 Dec 2033 00:00:13 +0000
asID:                     37738
IP address blocks:        154.70.200.0/21 maxlen: 21
                          2c0f:5400::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36493E2/CD0DCC106FDC11EB9FF77B58F8AEA228/qKGvAvlsG6ktk6Uiyr6e2OUpUVM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36493E2/CD0DCC106FDC11EB9FF77B58F8AEA228/qKGvAvlsG6ktk6Uiyr6e2OUpUVM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/qKGvAvlsG6ktk6Uiyr6e2OUpUVM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1042 (0x412)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36493E2AF/serialNumber=A8A1AF02F96C1BA92D93A522CABE9ED8E5295153
        Validity
            Not Before: Nov  9 00:00:13 2023 GMT
            Not After : Dec 31 00:00:13 2033 GMT
        Subject: CN=654c26ed-3d59
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:10:49:c4:42:e8:c3:a4:36:55:43:9a:5f:09:
                    c8:6d:7e:91:34:d9:5d:e8:b5:ec:63:9e:3b:08:a5:
                    54:12:73:1e:a4:d9:06:bc:89:9b:35:40:25:b5:86:
                    41:db:0b:44:aa:24:4a:6d:1d:b4:72:8d:4f:69:76:
                    4f:fa:1e:9e:5a:12:1b:58:a8:cf:05:e2:0e:df:e6:
                    24:c6:82:2f:bb:9a:fa:72:bb:f8:d3:15:13:b6:d1:
                    2f:56:53:1a:2e:1b:53:dc:4b:44:d0:d7:9c:62:92:
                    e0:27:11:44:b6:68:29:07:a7:8d:20:fe:eb:cf:48:
                    5d:15:8b:69:6f:30:d6:58:02:98:6d:e2:83:3f:a4:
                    b3:f2:dc:56:0e:19:6e:16:ae:79:33:59:54:e4:af:
                    d0:76:d3:d5:0d:1b:58:a7:3c:92:a4:b4:2b:ad:de:
                    6c:c9:ab:60:f1:a4:d3:74:9c:6e:c1:77:f5:2f:7a:
                    2a:4a:a5:9a:3d:53:2f:43:11:9e:90:86:d4:36:03:
                    3b:74:67:c9:0e:57:0d:f8:7f:fb:8f:fa:92:26:57:
                    f0:ac:1e:f2:26:89:51:1b:c1:08:81:03:de:33:bf:
                    df:6f:64:76:7e:29:7d:06:1c:4d:0a:52:f4:8b:1e:
                    2c:3b:ae:bd:6a:62:af:a8:c4:f4:be:2a:93:53:02:
                    17:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:FB:31:65:E0:47:1C:D0:9F:A1:56:B7:D2:0D:49:04:8F:A6:11:AC
            X509v3 Authority Key Identifier:
                keyid:A8:A1:AF:02:F9:6C:1B:A9:2D:93:A5:22:CA:BE:9E:D8:E5:29:51:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36493E2/CD0DCC106FDC11EB9FF77B58F8AEA228/qKGvAvlsG6ktk6Uiyr6e2OUpUVM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/qKGvAvlsG6ktk6Uiyr6e2OUpUVM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36493E2/CD0DCC106FDC11EB9FF77B58F8AEA228/751920CE7E9611EE8D4DD95B4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  154.70.200.0/21
                IPv6:
                  2c0f:5400::/32

    Signature Algorithm: sha256WithRSAEncryption
         93:37:60:d7:5c:7a:44:94:e8:cc:d3:d0:4f:25:50:e9:08:77:
         24:4d:52:6b:c0:fe:ba:bc:35:56:6d:bc:d0:df:25:13:1f:f6:
         e5:44:ff:51:3e:d7:da:8a:c4:d6:4a:0f:9f:9b:2f:dd:6b:ab:
         eb:9f:ce:c7:4c:3f:92:05:a0:06:00:4c:cf:26:be:e8:dc:10:
         ef:ed:08:e0:61:c4:0f:c3:90:cd:4a:d9:2d:26:60:83:ec:91:
         bf:20:20:59:6e:8a:d0:17:02:1f:82:cc:5c:14:c4:de:cf:99:
         5b:33:d1:c7:bc:ac:e5:d2:65:18:13:71:26:e1:d3:d1:a9:b9:
         b2:ac:55:52:cf:a8:ed:72:fc:3c:9b:6f:bd:21:d9:a0:eb:fc:
         26:98:53:db:f1:71:73:3e:46:6d:c5:ba:42:b6:af:e5:7c:16:
         4e:b3:82:1d:54:84:09:d4:8a:70:26:ad:70:f9:d2:7e:05:b6:
         75:f9:0c:e0:f9:99:67:95:1a:84:cc:14:73:e6:ac:25:05:a3:
         de:7d:5b:1d:0d:ce:90:34:ac:1a:5b:9f:00:0e:38:bd:07:20:
         d5:2b:48:d4:8e:06:e1:f0:e5:8d:71:22:85:ea:9e:4e:3a:8d:
         07:5f:f7:ca:41:0f:bb:61:b1:34:c8:37:66:5b:90:21:da:5e:
         0f:d1:ee:b3
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgICBBIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NDkzRTJBRjExMC8GA1UEBRMoQThBMUFGMDJGOTZDMUJBOTJEOTNBNTIyQ0FCRTlF
RDhFNTI5NTE1MzAeFw0yMzExMDkwMDAwMTNaFw0zMzEyMzEwMDAwMTNaMBgxFjAU
BgNVBAMTDTY1NGMyNmVkLTNkNTkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDDEEnEQujDpDZVQ5pfCchtfpE02V3otexjnjsIpVQScx6k2Qa8iZs1QCW1
hkHbC0SqJEptHbRyjU9pdk/6Hp5aEhtYqM8F4g7f5iTGgi+7mvpyu/jTFRO20S9W
UxouG1PcS0TQ15xikuAnEUS2aCkHp40g/uvPSF0Vi2lvMNZYApht4oM/pLPy3FYO
GW4WrnkzWVTkr9B209UNG1inPJKktCut3mzJq2DxpNN0nG7Bd/UveipKpZo9Uy9D
EZ6QhtQ2Azt0Z8kOVw34f/uP+pImV/CsHvImiVEbwQiBA94zv99vZHZ+KX0GHE0K
UvSLHiw7rr1qYq+oxPS+KpNTAhdxAgMBAAGjggK0MIICsDAdBgNVHQ4EFgQU4vsx
ZeBHHNCfoVa30g1JBI+mEawwHwYDVR0jBBgwFoAUqKGvAvlsG6ktk6Uiyr6e2OUp
UVMwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjQ5M0UyL0NEMERDQzEwNkZEQzExRUI5RkY3N0I1OEY4QUVBMjI4L3FLR3ZB
dmxzRzZrdGs2VWl5cjZlMk9VcFVWTS5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3FLR3ZBdmxzRzZrdGs2VWl5cjZlMk9VcFVWTS5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjQ5M0UyL0NEMERDQzEwNkZEQzExRUI5RkY3N0I1OEY4
QUVBMjI4Lzc1MTkyMENFN0U5NjExRUU4RDRERDk1QjRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAOaRsgwDQQCAAIwBwMFACwP
VAAwDQYJKoZIhvcNAQELBQADggEBAJM3YNdcekSU6MzT0E8lUOkIdyRNUmvA/rq8
NVZtvNDfJRMf9uVE/1E+19qKxNZKD5+bL91rq+ufzsdMP5IFoAYATM8mvujcEO/t
COBhxA/DkM1K2S0mYIPskb8gIFluitAXAh+CzFwUxN7PmVsz0ce8rOXSZRgTcSbh
09GpubKsVVLPqO1y/Dybb70h2aDr/CaYU9vxcXM+Rm3FukK2r+V8Fk6zgh1UhAnU
inAmrXD50n4FtnX5DOD5mWeVGoTMFHPmrCUFo959Wx0NzpA0rBpbnwAOOL0HINUr
SNSOBuHw5Y1xIoXqnk46jQdf98pBD7thsTTIN2ZbkCHaXg/R7rM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org