Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/DB265A18BE3511EBBD3DAD62F8AEA228.roa
File:                     DB265A18BE3511EBBD3DAD62F8AEA228.roa (raw, json)
Hash identifier:          KV3B8GBlLxHEsuyTqvu+Xd++amZ7JIl/4XF6Gr4Tw1w=
Subject key identifier:   47:8E:27:67:7C:4D:18:BB:83:C4:15:6B:0C:FB:A9:B7:0F:46:BE:A9
Certificate issuer:       /CN=F3656CC2AF/serialNumber=F09C2C7A2AF6013A5BBFFFEC61042B3BB4B5812B
Certificate serial:       02
Authority key identifier: F0:9C:2C:7A:2A:F6:01:3A:5B:BF:FF:EC:61:04:2B:3B:B4:B5:81:2B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/8Jwseir2ATpbv__sYQQrO7S1gSs.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/DB265A18BE3511EBBD3DAD62F8AEA228.roa
Signing time:             Wed 26 May 2021 15:20:08 +0000
ROA not before:           Sat 29 May 2021 15:20:04 +0000
ROA not after:            Wed 31 Dec 2025 15:20:04 +0000
asID:                     37302
IP address blocks:        41.78.232.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/8Jwseir2ATpbv__sYQQrO7S1gSs.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/8Jwseir2ATpbv__sYQQrO7S1gSs.mft
                          rsync://rpki.afrinic.net/repository/afrinic/8Jwseir2ATpbv__sYQQrO7S1gSs.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3656CC2AF/serialNumber=F09C2C7A2AF6013A5BBFFFEC61042B3BB4B5812B
        Validity
            Not Before: May 29 15:20:04 2021 GMT
            Not After : Dec 31 15:20:04 2025 GMT
        Subject: CN=60ae6728-27ff
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:57:da:2a:cf:c8:2d:96:d2:5f:04:54:51:a0:
                    f0:21:69:0c:fb:a9:07:e0:9c:50:9b:5d:35:33:8c:
                    23:6b:d6:47:85:77:5a:43:98:23:76:49:10:5c:37:
                    db:01:9d:83:1c:6e:61:ca:50:a4:4b:98:f2:ca:64:
                    03:03:db:3b:82:87:7f:47:16:25:1a:9f:45:93:3d:
                    a2:34:0b:d0:11:a3:95:bc:2f:20:61:c4:73:f1:5b:
                    c4:38:8f:21:b4:c8:40:32:d2:53:ef:d9:7a:53:07:
                    68:81:63:70:3c:80:8d:c3:ea:c0:db:70:24:bb:41:
                    90:86:9f:0d:70:3c:ce:2c:f0:2a:9a:1d:45:2d:0e:
                    e5:02:d1:7b:11:e2:31:c4:b5:1f:10:b0:19:10:2c:
                    85:93:a0:22:c6:11:a9:62:41:77:45:c9:b5:58:f9:
                    67:3b:06:87:34:25:0b:06:20:9f:0f:ad:e4:3f:e5:
                    d3:58:c4:37:f1:2e:53:45:ed:c6:94:e3:22:a7:ac:
                    18:70:80:08:1c:ca:7c:d9:99:78:26:ef:dd:36:4a:
                    c9:5c:82:27:93:2d:1c:fc:d5:2b:33:f2:b5:01:99:
                    05:2b:05:78:36:69:7a:60:a7:73:1a:c9:94:80:8d:
                    82:ab:1a:a6:eb:f2:e5:90:d2:55:c8:e9:f6:9b:5f:
                    ff:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:8E:27:67:7C:4D:18:BB:83:C4:15:6B:0C:FB:A9:B7:0F:46:BE:A9
            X509v3 Authority Key Identifier:
                keyid:F0:9C:2C:7A:2A:F6:01:3A:5B:BF:FF:EC:61:04:2B:3B:B4:B5:81:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/8Jwseir2ATpbv__sYQQrO7S1gSs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/8Jwseir2ATpbv__sYQQrO7S1gSs.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3656CC2/D69DE820BE3111EB9AD44E5DF8AEA228/DB265A18BE3511EBBD3DAD62F8AEA228.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.78.232.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ae:54:b2:fb:f6:33:78:c8:1f:41:01:0b:1c:f6:ee:34:23:2a:
         3c:56:cc:e4:39:39:96:03:32:b5:d2:ca:ee:71:af:d0:ba:4a:
         22:95:ac:7c:ae:2c:44:39:3a:7b:de:67:55:79:9c:00:a1:50:
         b3:da:48:f6:92:1f:ae:24:7f:ef:cc:34:1a:20:9b:86:7b:81:
         68:99:ce:d1:94:09:47:44:09:75:ec:1c:fb:10:5c:5b:1f:f1:
         32:56:cf:b7:a4:99:6b:b0:a5:9d:8e:a1:d3:50:71:7c:00:c2:
         b7:7b:51:3a:04:3c:fc:5a:42:ca:81:a0:a3:4e:48:a4:a3:62:
         49:2c:e5:73:6c:1f:2e:72:e0:45:1b:d5:f3:22:15:8f:96:0c:
         84:af:43:48:e8:02:1e:61:5b:4b:7a:9b:7f:7f:37:53:df:d4:
         0e:45:27:43:e6:3b:ae:15:7c:eb:3f:8f:a4:16:4f:20:e2:72:
         96:72:05:8c:21:cd:55:d8:ff:4c:eb:52:5d:88:16:6a:f0:67:
         35:59:c8:bd:cd:33:16:7d:3e:26:6c:0d:18:0f:64:56:15:23:
         7f:55:75:e5:f0:64:7d:40:6e:85:d7:a4:4c:1f:dd:32:1f:0c:
         e7:58:ac:16:54:c2:8f:26:7b:1f:5e:e0:04:3a:7c:5d:f2:d2:
         87:bb:8e:90
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBAjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
NkNDMkFGMTEwLwYDVQQFEyhGMDlDMkM3QTJBRjYwMTNBNUJCRkZGRUM2MTA0MkIz
QkI0QjU4MTJCMB4XDTIxMDUyOTE1MjAwNFoXDTI1MTIzMTE1MjAwNFowGDEWMBQG
A1UEAxMNNjBhZTY3MjgtMjdmZjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO5X2irPyC2W0l8EVFGg8CFpDPupB+CcUJtdNTOMI2vWR4V3WkOYI3ZJEFw3
2wGdgxxuYcpQpEuY8spkAwPbO4KHf0cWJRqfRZM9ojQL0BGjlbwvIGHEc/FbxDiP
IbTIQDLSU+/ZelMHaIFjcDyAjcPqwNtwJLtBkIafDXA8zizwKpodRS0O5QLRexHi
McS1HxCwGRAshZOgIsYRqWJBd0XJtVj5ZzsGhzQlCwYgnw+t5D/l01jEN/EuU0Xt
xpTjIqesGHCACBzKfNmZeCbv3TZKyVyCJ5MtHPzVKzPytQGZBSsFeDZpemCncxrJ
lICNgqsapuvy5ZDSVcjp9ptf/4MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRHjidn
fE0Yu4PEFWsM+6m3D0a+qTAfBgNVHSMEGDAWgBTwnCx6KvYBOlu//+xhBCs7tLWB
KzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NTZDQzIvRDY5REU4MjBCRTMxMTFFQjlBRDQ0RTVERjhBRUEyMjgvOEp3c2Vp
cjJBVHBidl9fc1lRUXJPN1MxZ1NzLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvOEp3c2VpcjJBVHBidl9fc1lRUXJPN1MxZ1NzLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NTZDQzIvRDY5REU4MjBCRTMxMTFFQjlBRDQ0RTVERjhB
RUEyMjgvREIyNjVBMThCRTM1MTFFQkJEM0RBRDYyRjhBRUEyMjgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilO6DANBgkqhkiG9w0BAQsF
AAOCAQEArlSy+/YzeMgfQQELHPbuNCMqPFbM5Dk5lgMytdLK7nGv0LpKIpWsfK4s
RDk6e95nVXmcAKFQs9pI9pIfriR/78w0GiCbhnuBaJnO0ZQJR0QJdewc+xBcWx/x
MlbPt6SZa7ClnY6h01BxfADCt3tROgQ8/FpCyoGgo05IpKNiSSzlc2wfLnLgRRvV
8yIVj5YMhK9DSOgCHmFbS3qbf383U9/UDkUnQ+Y7rhV86z+PpBZPIOJylnIFjCHN
Vdj/TOtSXYgWavBnNVnIvc0zFn0+JmwNGA9kVhUjf1V15fBkfUBuhdekTB/dMh8M
51isFlTCjyZ7H17gBDp8XfLSh7uOkA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:54 2024 by rpki-client on console-fra.rpki-client.org