Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/3EB8BE4ED22611EDAF3CB0D4F1222468.roa
File:                     3EB8BE4ED22611EDAF3CB0D4F1222468.roa (raw, json)
Hash identifier:          8rUeH5+hrD/1gu9Yu/+gBbmACyJtB7cXUwPkrzQinJI=
Subject key identifier:   17:63:ED:88:B8:B7:F2:72:D0:2C:81:43:B3:92:CE:7B:FE:35:5F:54
Certificate issuer:       /CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
Certificate serial:       0B0C
Authority key identifier: 9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/3EB8BE4ED22611EDAF3CB0D4F1222468.roa
Signing time:             Mon 03 Apr 2023 13:48:42 +0000
ROA not before:           Mon 03 Apr 2023 13:48:37 +0000
ROA not after:            Wed 01 Dec 2049 13:48:37 +0000
asID:                     329234
IP address blocks:        196.49.100.0/24 maxlen: 24
                          2001:43f8:691::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2828 (0xb0c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36549B1AF/serialNumber=9F17383EB667E547BA00CFB7F914F4284C5849CC
        Validity
            Not Before: Apr  3 13:48:37 2023 GMT
            Not After : Dec  1 13:48:37 2049 GMT
        Subject: CN=642ad93a-f015
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:c8:50:cc:17:16:f2:c7:fe:72:0d:90:d6:a6:
                    5a:31:bd:39:19:ba:6d:09:0d:ed:99:a1:1e:cb:92:
                    2f:1e:3d:a4:12:3a:66:76:63:88:a3:40:78:43:50:
                    95:2a:23:4f:6b:80:f8:a6:66:38:ec:a8:be:d7:bf:
                    70:de:56:a2:35:59:bd:90:1f:fc:be:b9:f4:78:ef:
                    d7:b1:8d:5a:9d:6d:c3:a0:aa:84:80:7b:a5:f5:bd:
                    31:6d:fc:09:58:8f:7b:a1:0b:31:6a:5b:b5:7d:7f:
                    0c:bd:73:78:fe:c4:8f:59:57:87:c8:16:81:cf:ef:
                    2e:86:6d:be:42:f3:11:d5:44:59:54:e0:e6:d3:25:
                    c0:c7:a9:78:45:40:c9:af:77:4b:9d:16:3b:35:4f:
                    62:78:af:11:92:1f:43:6f:a0:4e:2e:3a:0a:a5:90:
                    d9:b0:39:64:42:85:ae:73:b5:4a:ef:da:b4:ee:31:
                    e4:a1:ee:08:73:c3:4d:9e:42:35:8e:35:98:61:66:
                    e1:e6:31:a9:79:99:17:08:d6:0b:ee:71:b4:0e:0d:
                    08:46:df:b4:92:d6:5c:ee:4a:15:26:28:f6:eb:61:
                    cf:75:6e:fd:3c:b6:0a:01:07:02:2b:9d:72:50:97:
                    75:b5:51:e9:34:f9:33:7f:5c:92:d6:02:d6:e6:e8:
                    1e:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:63:ED:88:B8:B7:F2:72:D0:2C:81:43:B3:92:CE:7B:FE:35:5F:54
            X509v3 Authority Key Identifier:
                keyid:9F:17:38:3E:B6:67:E5:47:BA:00:CF:B7:F9:14:F4:28:4C:58:49:CC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/nxc4PrZn5Ue6AM-3-RT0KExYScw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/nxc4PrZn5Ue6AM-3-RT0KExYScw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36549B1/DF788C98561311E5B1A0E360F8AEA228/3EB8BE4ED22611EDAF3CB0D4F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.49.100.0/24
                IPv6:
                  2001:43f8:691::/48

    Signature Algorithm: sha256WithRSAEncryption
         29:66:98:b2:1b:73:64:5a:c0:05:5d:e0:b7:f3:f3:51:04:2f:
         1f:f7:fb:77:77:8f:71:54:e0:38:d2:04:f0:36:d2:91:c0:2a:
         ea:4f:f8:30:9c:f9:48:a7:19:c2:08:a8:29:75:24:02:5b:a1:
         ee:7f:0a:01:e5:03:88:8a:13:74:a1:c0:40:45:ab:1d:3e:19:
         aa:62:38:7b:a6:54:64:fb:ec:c6:9a:40:39:62:4a:1a:83:36:
         1e:76:a6:11:3a:6d:c8:c9:14:60:8e:5a:8d:52:23:d4:4e:4f:
         0e:c6:d1:05:00:0c:a4:69:aa:15:08:0d:30:a9:fc:47:7c:a1:
         04:2f:2c:14:43:ed:89:d8:64:03:c9:5b:d0:68:09:7c:dc:30:
         e0:f7:8d:3e:93:f9:0a:e0:b5:aa:5e:73:3f:05:c3:17:19:b6:
         d8:a2:b2:00:a9:6c:74:ff:df:53:7e:a4:1c:21:58:94:21:09:
         4a:a4:37:c1:2f:d2:6d:c5:fb:7e:06:ab:de:42:6c:17:76:e7:
         84:04:e4:66:41:34:06:ca:74:dc:ab:1e:52:3f:c5:84:3d:8d:
         d1:fc:61:18:e6:93:53:cb:ae:b4:ab:90:f0:21:82:b3:d1:ef:
         77:55:6a:60:4c:0e:dc:24:ed:b9:ea:ad:3b:b7:96:26:33:f6:
         19:91:c1:be
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgICCwwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NTQ5QjFBRjExMC8GA1UEBRMoOUYxNzM4M0VCNjY3RTU0N0JBMDBDRkI3RjkxNEY0
Mjg0QzU4NDlDQzAeFw0yMzA0MDMxMzQ4MzdaFw00OTEyMDExMzQ4MzdaMBgxFjAU
BgNVBAMMDTY0MmFkOTNhLWYwMTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC4yFDMFxbyx/5yDZDWploxvTkZum0JDe2ZoR7Lki8ePaQSOmZ2Y4ijQHhD
UJUqI09rgPimZjjsqL7Xv3DeVqI1Wb2QH/y+ufR479exjVqdbcOgqoSAe6X1vTFt
/AlYj3uhCzFqW7V9fwy9c3j+xI9ZV4fIFoHP7y6Gbb5C8xHVRFlU4ObTJcDHqXhF
QMmvd0udFjs1T2J4rxGSH0NvoE4uOgqlkNmwOWRCha5ztUrv2rTuMeSh7ghzw02e
QjWONZhhZuHmMal5mRcI1gvucbQODQhG37SS1lzuShUmKPbrYc91bv08tgoBBwIr
nXJQl3W1Uek0+TN/XJLWAtbm6B4/AgMBAAGjggK2MIICsjAdBgNVHQ4EFgQUF2Pt
iLi38nLQLIFDs5LOe/41X1QwHwYDVR0jBBgwFoAUnxc4PrZn5Ue6AM+3+RT0KExY
ScwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4QUVBMjI4L254YzRQ
clpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL254YzRQclpuNVVlNkFNLTMtUlQwS0V4WVNjdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjU0OUIxL0RGNzg4Qzk4NTYxMzExRTVCMUEwRTM2MEY4
QUVBMjI4LzNFQjhCRTRFRDIyNjExRURBRjNDQjBENEYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwMAYIKwYBBQUHAQcBAf8EITAfMAwEAgABMAYDBADEMWQwDwQCAAIwCQMHACAB
Q/gGkTANBgkqhkiG9w0BAQsFAAOCAQEAKWaYshtzZFrABV3gt/PzUQQvH/f7d3eP
cVTgONIE8DbSkcAq6k/4MJz5SKcZwgioKXUkAluh7n8KAeUDiIoTdKHAQEWrHT4Z
qmI4e6ZUZPvsxppAOWJKGoM2HnamETptyMkUYI5ajVIj1E5PDsbRBQAMpGmqFQgN
MKn8R3yhBC8sFEPtidhkA8lb0GgJfNww4PeNPpP5CuC1ql5zPwXDFxm22KKyAKls
dP/fU36kHCFYlCEJSqQ3wS/SbcX7fgar3kJsF3bnhATkZkE0Bsp03KseUj/FhD2N
0fxhGOaTU8uutKuQ8CGCs9Hvd1VqYEwO3CTtueqtO7eWJjP2GZHBvg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org