Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/1ED4202ECD7511EDB2ED6A96F1222468.roa
File:                     1ED4202ECD7511EDB2ED6A96F1222468.roa (raw, json)
Hash identifier:          9yazktSrBnSqQLJYDiJlJ8U061x2FlDHFoEX+tDlWCY=
Subject key identifier:   FB:41:44:D3:6B:35:0C:8D:71:1B:B5:A6:26:96:1C:B2:6E:A3:95:DD
Certificate issuer:       /CN=F365062AAF/serialNumber=5D254CBC9DCA24767E2486009680B743411F08F8
Certificate serial:       04
Authority key identifier: 5D:25:4C:BC:9D:CA:24:76:7E:24:86:00:96:80:B7:43:41:1F:08:F8
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/1ED4202ECD7511EDB2ED6A96F1222468.roa
Signing time:             Tue 28 Mar 2023 14:30:43 +0000
ROA not before:           Tue 28 Mar 2023 14:30:39 +0000
ROA not after:            Thu 31 Mar 2033 14:30:39 +0000
asID:                     37309
IP address blocks:        41.223.212.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.mft
                          rsync://rpki.afrinic.net/repository/afrinic/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365062AAF/serialNumber=5D254CBC9DCA24767E2486009680B743411F08F8
        Validity
            Not Before: Mar 28 14:30:39 2023 GMT
            Not After : Mar 31 14:30:39 2033 GMT
        Subject: CN=6422fa13-cd27
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:9b:7d:0e:ec:45:f3:6d:d2:f5:88:c7:08:63:
                    87:b7:98:df:c2:e2:a4:a6:31:62:1f:0a:68:5e:d6:
                    cc:4e:6f:44:be:d6:74:84:cd:32:df:d4:35:e1:e6:
                    5a:7c:88:40:e1:c3:1e:ed:6c:35:bb:08:1d:62:86:
                    c5:41:2a:b1:67:5a:19:0d:64:bb:0a:b1:2e:f7:c8:
                    0f:64:58:84:62:87:35:27:97:23:5e:1f:d4:64:1d:
                    d8:d2:e0:5f:b4:b0:62:f5:98:0a:e8:5d:bc:64:19:
                    01:a7:84:b7:2a:b6:f9:d0:70:9d:1a:c5:f9:d6:65:
                    70:0a:1c:d9:00:d8:82:0c:76:0e:40:20:e2:b4:fd:
                    77:0c:40:5a:34:5f:c8:e7:72:f2:a1:2e:0b:36:59:
                    04:03:1a:a9:8f:d2:50:1b:13:98:46:e9:35:4f:b5:
                    25:f1:60:ef:ac:a9:a6:7a:41:c5:b4:a0:87:31:22:
                    26:33:4c:ad:54:a3:5b:15:56:76:d0:f6:dc:a3:98:
                    1a:7d:c6:d6:ec:64:ea:d6:5e:a6:32:ab:39:c4:b8:
                    e7:b6:89:2a:5a:6c:b6:ed:e3:e7:28:89:90:9d:e6:
                    ff:5f:72:20:bc:11:a9:ee:bb:1e:09:95:19:e3:2b:
                    9c:82:ef:e8:71:ec:ff:96:e7:67:56:c1:e5:5d:db:
                    78:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:41:44:D3:6B:35:0C:8D:71:1B:B5:A6:26:96:1C:B2:6E:A3:95:DD
            X509v3 Authority Key Identifier:
                keyid:5D:25:4C:BC:9D:CA:24:76:7E:24:86:00:96:80:B7:43:41:1F:08:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/XSVMvJ3KJHZ-JIYAloC3Q0EfCPg.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365062A/D6AEAF64CD7211ED91BCCB8FF1222468/1ED4202ECD7511EDB2ED6A96F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.223.212.0/22

    Signature Algorithm: sha256WithRSAEncryption
         66:f8:7f:1d:14:fc:8d:04:bf:69:b7:7f:0d:a6:47:99:ce:fc:
         8a:60:67:7a:7a:39:f9:09:ee:b9:5f:55:6a:81:db:79:86:12:
         28:d2:a1:2f:fc:df:e3:23:ca:04:3e:32:32:ff:a7:d9:46:f9:
         3e:06:6f:82:a3:0d:7d:17:8c:64:af:a4:ec:4d:f4:3c:66:62:
         32:bb:60:f8:72:27:d3:6f:de:0e:57:88:23:3b:b7:6a:6e:93:
         e6:d9:21:f5:59:a8:45:49:6e:b5:bd:ab:3f:07:6a:4d:c3:62:
         28:71:dd:77:d8:6d:72:45:96:53:a8:6e:15:ee:a4:af:7c:2d:
         24:c7:f4:60:5e:af:b0:00:97:99:8f:b4:02:20:9a:dc:b3:b0:
         3d:df:8c:1e:11:53:a6:7a:18:0b:08:1d:cf:46:f7:ea:d1:46:
         4f:3f:45:23:8b:d9:9e:2a:b4:39:e6:2d:90:cc:92:82:58:2e:
         42:41:00:48:12:5b:fc:5d:56:50:d4:c8:27:ce:d9:0b:1d:44:
         33:0a:6e:ff:ea:58:4d:4f:42:2d:e0:4e:48:a3:87:88:e1:c4:
         ee:e8:f0:4f:9f:48:7d:77:1d:46:0c:d8:77:4c:3b:b6:d0:fa:
         bd:f4:4b:b3:3e:ae:e6:dc:86:f5:c5:fa:ca:d8:63:1a:28:91:
         2b:4a:bb:f4
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBBDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY1
MDYyQUFGMTEwLwYDVQQFEyg1RDI1NENCQzlEQ0EyNDc2N0UyNDg2MDA5NjgwQjc0
MzQxMUYwOEY4MB4XDTIzMDMyODE0MzAzOVoXDTMzMDMzMTE0MzAzOVowGDEWMBQG
A1UEAwwNNjQyMmZhMTMtY2QyNzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMObfQ7sRfNt0vWIxwhjh7eY38LipKYxYh8KaF7WzE5vRL7WdITNMt/UNeHm
WnyIQOHDHu1sNbsIHWKGxUEqsWdaGQ1kuwqxLvfID2RYhGKHNSeXI14f1GQd2NLg
X7SwYvWYCuhdvGQZAaeEtyq2+dBwnRrF+dZlcAoc2QDYggx2DkAg4rT9dwxAWjRf
yOdy8qEuCzZZBAMaqY/SUBsTmEbpNU+1JfFg76yppnpBxbSghzEiJjNMrVSjWxVW
dtD23KOYGn3G1uxk6tZepjKrOcS457aJKlpstu3j5yiJkJ3m/19yILwRqe67HgmV
GeMrnILv6HHs/5bnZ1bB5V3beJcCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBT7QUTT
azUMjXEbtaYmlhyybqOV3TAfBgNVHSMEGDAWgBRdJUy8ncokdn4khgCWgLdDQR8I
+DAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTA2MkEvRDZBRUFGNjRDRDcyMTFFRDkxQkNDQjhGRjEyMjI0NjgvWFNWTXZK
M0tKSFotSklZQWxvQzNRMEVmQ1BnLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvWFNWTXZKM0tKSFotSklZQWxvQzNRMEVmQ1BnLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTA2MkEvRDZBRUFGNjRDRDcyMTFFRDkxQkNDQjhGRjEy
MjI0NjgvMUVENDIwMkVDRDc1MTFFREIyRUQ2QTk2RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAinf1DANBgkqhkiG9w0BAQsF
AAOCAQEAZvh/HRT8jQS/abd/DaZHmc78imBneno5+QnuuV9VaoHbeYYSKNKhL/zf
4yPKBD4yMv+n2Ub5PgZvgqMNfReMZK+k7E30PGZiMrtg+HIn02/eDleIIzu3am6T
5tkh9VmoRUlutb2rPwdqTcNiKHHdd9htckWWU6huFe6kr3wtJMf0YF6vsACXmY+0
AiCa3LOwPd+MHhFTpnoYCwgdz0b36tFGTz9FI4vZniq0OeYtkMySglguQkEASBJb
/F1WUNTIJ87ZCx1EMwpu/+pYTU9CLeBOSKOHiOHE7ujwT59IfXcdRgzYd0w7ttD6
vfRLsz6u5tyG9cX6ythjGiiRK0q79A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:34 2024 by rpki-client on console-ams.rpki-client.org