Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/A857E4B4770511ED921423B8F1222468.roa
File:                     A857E4B4770511ED921423B8F1222468.roa (raw, json)
Hash identifier:          Bc7/VI9MM+4AbL2GJyWDhgCaOvjR0WYY04uCXHG4UF0=
Subject key identifier:   59:C0:D9:B7:7C:CA:FE:F0:1E:E5:D3:3E:AB:2D:B9:66:C6:75:D1:DE
Certificate issuer:       /CN=F3652E81AF/serialNumber=813164E535DF5B1B43F8FA6E225DD0FA98CF6FED
Certificate serial:       0197
Authority key identifier: 81:31:64:E5:35:DF:5B:1B:43:F8:FA:6E:22:5D:D0:FA:98:CF:6F:ED
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/A857E4B4770511ED921423B8F1222468.roa
Signing time:             Thu 08 Dec 2022 14:36:10 +0000
ROA not before:           Thu 08 Dec 2022 14:36:07 +0000
ROA not after:            Fri 31 Dec 2049 14:36:07 +0000
asID:                     3741
IP address blocks:        196.13.35.0/24 maxlen: 24
                          196.13.73.0/24 maxlen: 24
                          196.13.74.0/23 maxlen: 23
                          196.13.76.0/22 maxlen: 22
                          196.13.80.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Mon 17 Jun 2024 00:04:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 407 (0x197)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3652E81AF/serialNumber=813164E535DF5B1B43F8FA6E225DD0FA98CF6FED
        Validity
            Not Before: Dec  8 14:36:07 2022 GMT
            Not After : Dec 31 14:36:07 2049 GMT
        Subject: CN=6391f65a-c0df
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:72:3c:26:e9:a4:55:35:58:6c:a5:8f:8d:c2:
                    aa:8e:34:e8:da:6e:c7:36:c5:1f:81:40:85:3b:d4:
                    6c:53:07:00:13:08:84:d2:3b:90:5b:87:f6:e0:d1:
                    c5:7d:11:14:c5:0f:9e:05:e9:1c:60:b1:a8:bc:70:
                    05:da:02:a6:03:c1:91:d7:12:b6:8a:05:62:6d:97:
                    8e:84:bb:ae:47:5e:d7:ed:66:e6:5a:c1:d3:5d:31:
                    9d:05:a9:19:01:2b:5c:15:cd:e0:94:65:8f:43:cb:
                    00:0a:11:bc:ba:f1:14:69:0f:25:b2:29:5a:29:f8:
                    eb:d5:bc:55:69:d9:a9:ec:16:08:9f:37:54:61:77:
                    4e:9d:16:dc:5d:c2:06:52:85:ee:c6:57:3c:ec:6e:
                    c9:61:ec:9c:9b:7a:48:e8:da:16:8b:f7:bd:ba:9c:
                    ad:e5:9c:d7:72:d8:be:4d:3a:95:31:f0:ad:66:cb:
                    22:73:5e:c1:cf:5e:80:29:cc:89:f1:ec:f1:54:da:
                    9b:53:a6:02:6d:44:7c:ef:03:19:4a:62:06:c5:b3:
                    fb:97:db:59:b0:6b:52:2c:7c:7a:1e:f4:25:a2:7e:
                    d4:07:23:18:78:3f:fe:28:43:40:f5:12:92:19:be:
                    60:1f:4b:81:b6:64:48:08:ce:09:35:b1:89:27:97:
                    bf:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                59:C0:D9:B7:7C:CA:FE:F0:1E:E5:D3:3E:AB:2D:B9:66:C6:75:D1:DE
            X509v3 Authority Key Identifier:
                keyid:81:31:64:E5:35:DF:5B:1B:43:F8:FA:6E:22:5D:D0:FA:98:CF:6F:ED

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/gTFk5TXfWxtD-PpuIl3Q-pjPb-0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3652E81/2DA244A0416711EC870A307CD8A014CE/A857E4B4770511ED921423B8F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.13.35.0/24
                  196.13.73.0-196.13.80.255

    Signature Algorithm: sha256WithRSAEncryption
         3c:10:f4:2c:4f:6b:66:5f:77:0e:69:a0:a8:9b:5b:a0:2b:43:
         65:96:37:0b:90:f4:70:a8:f1:e7:15:d3:53:f8:68:92:c4:26:
         9f:3e:50:8c:16:a7:4a:95:e4:78:34:f4:a9:4d:c8:af:28:d9:
         1a:63:4b:20:46:ae:2a:15:45:ec:c1:6b:3b:eb:fd:99:31:b1:
         02:64:70:09:e0:f5:e8:5b:6d:f2:ac:3d:b5:0d:07:84:f0:21:
         0f:d4:11:b6:5d:42:63:d7:3a:97:e4:cb:51:52:27:06:ee:05:
         37:4d:91:a8:aa:c2:57:81:3f:f1:69:bf:70:1b:92:a7:b6:e4:
         97:7a:f8:82:a3:e1:cb:a9:a0:af:e9:5d:bd:6a:ab:a7:ca:f5:
         39:37:c9:b6:da:f2:56:ce:d3:16:d7:e0:47:69:92:c3:20:4b:
         33:d0:63:74:3a:b5:e9:0d:40:b7:61:63:e6:33:3b:eb:09:4d:
         c8:18:c5:19:f6:e2:51:45:38:1c:ef:f0:5f:8f:93:59:21:ea:
         ca:20:54:e3:a0:03:55:4d:d6:9c:c8:b2:4c:ea:43:ac:78:c2:
         b7:e5:3e:3e:df:56:3a:36:c0:62:99:5b:e0:08:a2:84:29:e3:
         1d:43:14:6d:70:71:17:31:29:12:7b:77:94:38:c4:61:3c:aa:
         ee:8e:c5:0c
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgICAZcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTJFODFBRjExMC8GA1UEBRMoODEzMTY0RTUzNURGNUIxQjQzRjhGQTZFMjI1REQw
RkE5OENGNkZFRDAeFw0yMjEyMDgxNDM2MDdaFw00OTEyMzExNDM2MDdaMBgxFjAU
BgNVBAMMDTYzOTFmNjVhLWMwZGYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGcjwm6aRVNVhspY+NwqqONOjabsc2xR+BQIU71GxTBwATCITSO5Bbh/bg
0cV9ERTFD54F6Rxgsai8cAXaAqYDwZHXEraKBWJtl46Eu65HXtftZuZawdNdMZ0F
qRkBK1wVzeCUZY9DywAKEby68RRpDyWyKVop+OvVvFVp2ansFgifN1Rhd06dFtxd
wgZShe7GVzzsbslh7Jybekjo2haL9726nK3lnNdy2L5NOpUx8K1myyJzXsHPXoAp
zInx7PFU2ptTpgJtRHzvAxlKYgbFs/uX21mwa1IsfHoe9CWiftQHIxh4P/4oQ0D1
EpIZvmAfS4G2ZEgIzgk1sYknl79/AgMBAAGjggKzMIICrzAdBgNVHQ4EFgQUWcDZ
t3zK/vAe5dM+qy25ZsZ10d4wHwYDVR0jBBgwFoAUgTFk5TXfWxtD+PpuIl3Q+pjP
b+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjUyRTgxLzJEQTI0NEEwNDE2NzExRUM4NzBBMzA3Q0Q4QTAxNENFL2dURms1
VFhmV3h0RC1QcHVJbDNRLXBqUGItMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2dURms1VFhmV3h0RC1QcHVJbDNRLXBqUGItMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjUyRTgxLzJEQTI0NEEwNDE2NzExRUM4NzBBMzA3Q0Q4
QTAxNENFL0E4NTdFNEI0NzcwNTExRUQ5MjE0MjNCOEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQDBADEDSMwDAMEAMQNSQMEAMQN
UDANBgkqhkiG9w0BAQsFAAOCAQEAPBD0LE9rZl93DmmgqJtboCtDZZY3C5D0cKjx
5xXTU/hoksQmnz5QjBanSpXkeDT0qU3IryjZGmNLIEauKhVF7MFrO+v9mTGxAmRw
CeD16Ftt8qw9tQ0HhPAhD9QRtl1CY9c6l+TLUVInBu4FN02RqKrCV4E/8Wm/cBuS
p7bkl3r4gqPhy6mgr+ldvWqrp8r1OTfJttryVs7TFtfgR2mSwyBLM9BjdDq16Q1A
t2Fj5jM76wlNyBjFGfbiUUU4HO/wX4+TWSHqyiBU46ADVU3WnMiyTOpDrHjCt+U+
Pt9WOjbAYplb4AiihCnjHUMUbXBxFzEpEnt3lDjEYTyq7o7FDA==
-----END CERTIFICATE-----
Generated at Sat Jun 15 02:43:33 2024 by rpki-client on console-ams.rpki-client.org