Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/4C4D3FC0770511EDBC4C07B7F1222468.roa
File:                     4C4D3FC0770511EDBC4C07B7F1222468.roa (raw, json)
Hash identifier:          xDn8Uz1B72aTUeAcFZ9D3J/QnhWoidTK2vjKvVgIRa8=
Subject key identifier:   8C:5C:A5:E6:E9:55:5A:34:ED:B7:B4:F4:BD:DF:2A:BC:F5:C2:6E:D3
Certificate issuer:       /CN=F3652E81AF/serialNumber=813164E535DF5B1B43F8FA6E225DD0FA98CF6FED
Certificate serial:       0195
Authority key identifier: 81:31:64:E5:35:DF:5B:1B:43:F8:FA:6E:22:5D:D0:FA:98:CF:6F:ED
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/4C4D3FC0770511EDBC4C07B7F1222468.roa
Signing time:             Thu 08 Dec 2022 14:33:36 +0000
ROA not before:           Thu 08 Dec 2022 14:33:32 +0000
ROA not after:            Fri 31 Dec 2049 14:33:32 +0000
asID:                     37179
IP address blocks:        196.13.63.0/24 maxlen: 24
                          196.13.72.0/24 maxlen: 24
                          196.13.78.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 405 (0x195)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3652E81AF/serialNumber=813164E535DF5B1B43F8FA6E225DD0FA98CF6FED
        Validity
            Not Before: Dec  8 14:33:32 2022 GMT
            Not After : Dec 31 14:33:32 2049 GMT
        Subject: CN=6391f5c0-57f7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ae:3c:9b:98:85:d3:2a:ab:aa:e2:f9:3a:90:
                    8d:46:ad:30:5b:52:e7:89:3f:f3:75:54:31:ab:01:
                    a5:df:de:ab:75:16:21:1a:fe:e3:d7:5e:63:4f:ea:
                    0a:30:65:2e:14:a5:a4:92:74:ce:f5:92:c9:04:fa:
                    48:67:6a:7a:3a:98:cf:56:17:0e:78:43:34:2a:13:
                    16:be:af:e4:06:c8:2e:6f:61:2f:96:65:12:83:45:
                    bf:ec:ac:53:ea:08:9c:0f:3a:14:bd:4e:d1:c2:d4:
                    56:f5:ed:b0:51:eb:48:14:56:ad:5a:75:64:6c:08:
                    17:82:e9:93:6c:ee:66:1d:bf:f1:85:cc:01:fc:f9:
                    d4:3a:f1:ea:09:81:fa:87:fb:26:eb:69:60:ae:79:
                    25:ca:a1:05:56:7a:bc:92:fc:11:31:45:63:da:23:
                    64:b8:5f:ea:fb:a3:9b:80:ac:36:3c:dc:7a:9d:4e:
                    b2:cf:17:9d:9f:e3:e9:61:38:79:b7:41:42:02:51:
                    7c:03:fd:ba:4a:83:27:ac:46:7d:0b:3a:07:1d:fe:
                    4a:c9:12:1a:9c:49:be:5f:24:16:86:0e:53:f6:37:
                    7d:b3:b9:e3:7a:2e:aa:e1:a0:c3:55:56:1e:fd:8b:
                    ed:9f:9d:c4:27:32:b7:f4:17:aa:b0:d6:e2:6f:44:
                    6b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:5C:A5:E6:E9:55:5A:34:ED:B7:B4:F4:BD:DF:2A:BC:F5:C2:6E:D3
            X509v3 Authority Key Identifier:
                keyid:81:31:64:E5:35:DF:5B:1B:43:F8:FA:6E:22:5D:D0:FA:98:CF:6F:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/4C4D3FC0770511EDBC4C07B7F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.13.63.0/24
                  196.13.72.0/24
                  196.13.78.0/24

    Signature Algorithm: sha256WithRSAEncryption
         10:98:01:43:30:f7:06:77:22:59:67:95:4e:17:b5:bd:1c:87:
         3e:fd:9a:b6:0a:2c:32:6d:43:c9:13:65:07:0d:f3:f9:85:ee:
         1f:95:8a:19:85:e6:87:55:b4:4e:10:9e:2d:79:59:bc:eb:1c:
         2e:09:d1:d7:dd:17:92:e6:87:0a:60:26:7e:67:a6:11:4f:32:
         70:bb:0c:a8:21:d1:40:78:5d:c7:b2:d0:2a:c5:c8:3d:87:3f:
         25:c1:aa:c6:98:83:93:13:2a:6d:32:3a:27:0d:43:38:d1:4b:
         7d:4e:ad:ed:8f:cf:16:22:f3:94:42:a3:93:fd:b8:b6:f2:28:
         74:6d:91:14:06:62:7c:c4:bd:4c:66:af:92:c1:9c:15:81:84:
         b6:3c:c5:52:3a:0d:a6:2b:b7:d9:dc:db:1f:2b:7d:9b:ae:a6:
         c5:24:cb:9c:f7:a4:d9:8f:e6:46:c0:ae:84:49:31:1b:b9:72:
         f3:6c:4b:62:04:e4:87:55:8a:74:b0:be:dc:b7:5b:e2:65:fc:
         bb:d7:20:e1:95:ca:2a:0c:44:aa:5a:d3:4f:4e:27:92:b3:b8:
         1d:f8:b4:b9:37:0d:3a:f3:62:3a:97:5f:8c:11:8d:fd:9f:0e:
         c0:67:c6:0c:16:fd:75:f9:74:b0:25:34:5d:62:c3:77:c0:70:
         e9:ae:cc:8c
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgICAZUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTJFODFBRjExMC8GA1UEBRMoODEzMTY0RTUzNURGNUIxQjQzRjhGQTZFMjI1REQw
RkE5OENGNkZFRDAeFw0yMjEyMDgxNDMzMzJaFw00OTEyMzExNDMzMzJaMBgxFjAU
BgNVBAMMDTYzOTFmNWMwLTU3ZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCkrjybmIXTKquq4vk6kI1GrTBbUueJP/N1VDGrAaXf3qt1FiEa/uPXXmNP
6gowZS4UpaSSdM71kskE+khnano6mM9WFw54QzQqExa+r+QGyC5vYS+WZRKDRb/s
rFPqCJwPOhS9TtHC1Fb17bBR60gUVq1adWRsCBeC6ZNs7mYdv/GFzAH8+dQ68eoJ
gfqH+ybraWCueSXKoQVWeryS/BExRWPaI2S4X+r7o5uArDY83HqdTrLPF52f4+lh
OHm3QUICUXwD/bpKgyesRn0LOgcd/krJEhqcSb5fJBaGDlP2N32zueN6LqrhoMNV
Vh79i+2fncQnMrf0F6qw1uJvRGsLAgMBAAGjggKxMIICrTAdBgNVHQ4EFgQUjFyl
5ulVWjTtt7T0vd8qvPXCbtMwHwYDVR0jBBgwFoAUgTFk5TXfWxtD+PpuIl3Q+pjP
b+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjUyRTgxLzJEQTI0NEEwNDE2NzExRUM4NzBBMzA3Q0Q4QTAxNENFL2dURms1
VFhmV3h0RC1QcHVJbDNRLXBqUGItMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2dURms1VFhmV3h0RC1QcHVJbDNRLXBqUGItMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjUyRTgxLzJEQTI0NEEwNDE2NzExRUM4NzBBMzA3Q0Q4
QTAxNENFLzRDNEQzRkMwNzcwNTExRURCQzRDMDdCN0YxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBADEDT8DBADEDUgDBADEDU4w
DQYJKoZIhvcNAQELBQADggEBABCYAUMw9wZ3IllnlU4Xtb0chz79mrYKLDJtQ8kT
ZQcN8/mF7h+VihmF5odVtE4Qni15WbzrHC4J0dfdF5LmhwpgJn5nphFPMnC7DKgh
0UB4Xcey0CrFyD2HPyXBqsaYg5MTKm0yOicNQzjRS31Ore2PzxYi85RCo5P9uLby
KHRtkRQGYnzEvUxmr5LBnBWBhLY8xVI6DaYrt9nc2x8rfZuupsUky5z3pNmP5kbA
roRJMRu5cvNsS2IE5IdVinSwvty3W+Jl/LvXIOGVyioMRKpa009OJ5KzuB34tLk3
DTrzYjqXX4wRjf2fDsBnxgwW/XX5dLAlNF1iw3fAcOmuzIw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org