Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F365C754/9C2341E8DB9111EDBEBF620C306D8C1D/F72FE338F00A11EDA449686A4AD9E6FC.roa
File:                     F72FE338F00A11EDA449686A4AD9E6FC.roa (raw, json)
Hash identifier:          zdUQrVCgr9IHSfzR+iEYqQqzZ0KyEV2I7xjU8CSngKw=
Subject key identifier:   29:25:69:78:6E:87:98:27:F1:36:77:05:54:4F:27:80:24:61:D0:CB
Certificate issuer:       /CN=F365C754AF/serialNumber=33FBE1DCDE341C649868D416BF3EA00002C4DF20
Certificate serial:       28
Authority key identifier: 33:FB:E1:DC:DE:34:1C:64:98:68:D4:16:BF:3E:A0:00:02:C4:DF:20
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/M_vh3N40HGSYaNQWvz6gAALE3yA.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F365C754/9C2341E8DB9111EDBEBF620C306D8C1D/F72FE338F00A11EDA449686A4AD9E6FC.roa
Signing time:             Thu 11 May 2023 14:49:01 +0000
ROA not before:           Thu 11 May 2023 14:48:58 +0000
ROA not after:            Sun 11 May 2025 14:48:58 +0000
asID:                     0
IP address blocks:        196.60.92.0/24 maxlen: 24
                          2001:43ff:6000::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F365C754/9C2341E8DB9111EDBEBF620C306D8C1D/M_vh3N40HGSYaNQWvz6gAALE3yA.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F365C754/9C2341E8DB9111EDBEBF620C306D8C1D/M_vh3N40HGSYaNQWvz6gAALE3yA.mft
                          rsync://rpki.afrinic.net/repository/afrinic/M_vh3N40HGSYaNQWvz6gAALE3yA.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sat 23 Nov 2024 00:06:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40 (0x28)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F365C754AF/serialNumber=33FBE1DCDE341C649868D416BF3EA00002C4DF20
        Validity
            Not Before: May 11 14:48:58 2023 GMT
            Not After : May 11 14:48:58 2025 GMT
        Subject: CN=645d005c-c454
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:05:4a:43:fd:f1:13:6e:71:5f:55:d8:29:b3:
                    69:d5:e8:7e:a8:6a:91:59:d9:6b:3f:c4:0e:92:9b:
                    be:da:69:ee:35:b3:1f:7c:63:3b:06:9a:e7:6b:14:
                    9a:c9:a9:6c:4b:f5:94:cf:88:d5:8a:58:0c:9f:d5:
                    11:22:07:2b:35:ce:cc:73:78:47:5f:30:8e:81:92:
                    bb:7a:a1:e6:46:65:63:c9:24:4e:35:85:0d:cf:b5:
                    0a:bc:b4:0d:24:0f:2a:e7:e7:29:31:c3:1f:07:ce:
                    a0:94:c1:b3:39:53:b4:de:7b:b1:ae:83:e3:ae:e1:
                    66:e1:ce:10:60:21:9a:e4:d2:f3:11:50:87:f0:c5:
                    0a:46:93:d4:1f:66:a9:ca:63:ae:51:9f:f6:5e:3f:
                    5b:33:eb:6f:af:c9:4e:c6:e1:d2:23:51:55:ae:c6:
                    13:bd:19:45:e7:dd:4b:39:3c:68:ed:3b:e9:81:33:
                    6e:83:20:9c:d6:f8:32:82:87:4c:a3:7f:d9:d3:73:
                    17:3c:ee:cc:b2:06:94:fb:cd:99:55:4f:56:0b:cd:
                    43:cf:57:4b:dd:0d:26:f3:f9:2e:e5:09:f7:99:25:
                    0c:24:aa:18:40:92:75:36:f9:04:d9:cf:fe:48:9a:
                    14:20:25:25:36:04:2c:d4:f7:69:58:4a:4f:13:60:
                    ec:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:25:69:78:6E:87:98:27:F1:36:77:05:54:4F:27:80:24:61:D0:CB
            X509v3 Authority Key Identifier:
                keyid:33:FB:E1:DC:DE:34:1C:64:98:68:D4:16:BF:3E:A0:00:02:C4:DF:20

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F365C754/9C2341E8DB9111EDBEBF620C306D8C1D/M_vh3N40HGSYaNQWvz6gAALE3yA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/M_vh3N40HGSYaNQWvz6gAALE3yA.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F365C754/9C2341E8DB9111EDBEBF620C306D8C1D/F72FE338F00A11EDA449686A4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.60.92.0/24
                IPv6:
                  2001:43ff:6000::/48

    Signature Algorithm: sha256WithRSAEncryption
         35:c1:5f:a2:08:7f:37:ef:59:59:44:dc:58:10:81:34:ea:ac:
         52:e7:a2:58:23:cd:c3:6d:78:6c:b1:b3:59:9b:bc:1f:56:d4:
         fd:07:c8:05:f8:1a:67:ba:8c:04:41:6e:1c:78:35:44:0b:02:
         ba:32:8b:55:e5:4c:10:d4:f7:2d:e2:de:34:87:8c:37:a0:ba:
         4d:08:bc:49:1c:08:e9:0e:d9:6c:34:59:73:16:d2:a7:e2:ea:
         8f:e9:72:89:90:6b:32:3f:47:12:7b:5b:79:7d:f2:5d:71:1d:
         8f:55:d9:3e:21:0a:eb:2c:e4:fb:79:3a:e6:ec:f3:1b:5e:a6:
         20:6b:1b:03:bb:9e:38:c6:1a:12:b9:71:dd:d8:f3:d7:e0:85:
         2d:c5:ad:78:ab:d4:8f:10:e1:1a:70:1c:0c:cc:d3:fe:de:9a:
         2f:96:24:83:b2:36:21:92:df:91:e6:59:03:ec:e7:6f:e9:92:
         16:c4:0a:5c:d3:a3:73:5c:b3:7c:cb:31:1f:87:67:ae:12:0a:
         a9:31:e8:68:c8:ed:34:30:da:f9:66:64:c5:ca:a1:a8:76:ac:
         11:da:1c:b6:57:ff:be:89:6a:a3:1e:82:db:03:02:a8:72:0e:
         5c:f9:f1:7f:f5:7e:41:e3:b2:d4:ea:6e:34:77:04:93:96:a1:
         74:07:fa:93
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY1
Qzc1NEFGMTEwLwYDVQQFEygzM0ZCRTFEQ0RFMzQxQzY0OTg2OEQ0MTZCRjNFQTAw
MDAyQzRERjIwMB4XDTIzMDUxMTE0NDg1OFoXDTI1MDUxMTE0NDg1OFowGDEWMBQG
A1UEAxMNNjQ1ZDAwNWMtYzQ1NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwFSkP98RNucV9V2CmzadXofqhqkVnZaz/EDpKbvtpp7jWzH3xjOwaa52sU
msmpbEv1lM+I1YpYDJ/VESIHKzXOzHN4R18wjoGSu3qh5kZlY8kkTjWFDc+1Cry0
DSQPKufnKTHDHwfOoJTBszlTtN57sa6D467hZuHOEGAhmuTS8xFQh/DFCkaT1B9m
qcpjrlGf9l4/WzPrb6/JTsbh0iNRVa7GE70ZRefdSzk8aO076YEzboMgnNb4MoKH
TKN/2dNzFzzuzLIGlPvNmVVPVgvNQ89XS90NJvP5LuUJ95klDCSqGECSdTb5BNnP
/kiaFCAlJTYELNT3aVhKTxNg7OcCAwEAAaOCArYwggKyMB0GA1UdDgQWBBQpJWl4
boeYJ/E2dwVUTyeAJGHQyzAfBgNVHSMEGDAWgBQz++Hc3jQcZJho1Ba/PqAAAsTf
IDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NUM3NTQvOUMyMzQxRThEQjkxMTFFREJFQkY2MjBDMzA2RDhDMUQvTV92aDNO
NDBIR1NZYU5RV3Z6NmdBQUxFM3lBLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvTV92aDNONDBIR1NZYU5RV3Z6NmdBQUxFM3lBLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NUM3NTQvOUMyMzQxRThEQjkxMTFFREJFQkY2MjBDMzA2
RDhDMUQvRjcyRkUzMzhGMDBBMTFFREE0NDk2ODZBNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMQ8XDAPBAIAAjAJAwcAIAFD
/2AAMA0GCSqGSIb3DQEBCwUAA4IBAQA1wV+iCH8371lZRNxYEIE06qxS56JYI83D
bXhssbNZm7wfVtT9B8gF+BpnuowEQW4ceDVECwK6MotV5UwQ1Pct4t40h4w3oLpN
CLxJHAjpDtlsNFlzFtKn4uqP6XKJkGsyP0cSe1t5ffJdcR2PVdk+IQrrLOT7eTrm
7PMbXqYgaxsDu544xhoSuXHd2PPX4IUtxa14q9SPEOEacBwMzNP+3povliSDsjYh
kt+R5lkD7Odv6ZIWxApc06NzXLN8yzEfh2euEgqpMehoyO00MNr5ZmTFyqGodqwR
2hy2V/++iWqjHoLbAwKocg5c+fF/9X5B47LU6m40dwSTlqF0B/qT
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:10:17 2024 by rpki-client on console-fra.rpki-client.org