Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/AE18FBD67CA911EEB6D3DD404AD9E6FC.roa
File:                     AE18FBD67CA911EEB6D3DD404AD9E6FC.roa (raw, json)
Hash identifier:          EUXpIG95DQgNgpSPlS78r4ZPbIQJ7nP3j1DIht+45k0=
Subject key identifier:   8F:93:39:B1:70:0E:45:D8:47:D1:FA:40:16:5E:0B:1C:07:7F:5F:BF
Certificate issuer:       /CN=F3663CEEAF/serialNumber=CB88587527B383916CC0B1D8866653C33431E45D
Certificate serial:       0532
Authority key identifier: CB:88:58:75:27:B3:83:91:6C:C0:B1:D8:86:66:53:C3:34:31:E4:5D
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/AE18FBD67CA911EEB6D3DD404AD9E6FC.roa
Signing time:             Mon 06 Nov 2023 13:37:51 +0000
ROA not before:           Mon 06 Nov 2023 13:37:41 +0000
ROA not after:            Sun 06 Nov 2033 13:37:41 +0000
asID:                     327693
IP address blocks:        41.76.224.0/21 maxlen: 24
                          102.67.176.0/21 maxlen: 24
                          154.73.184.0/21 maxlen: 24
                          2c0f:f708::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/y4hYdSezg5FswLHYhmZTwzQx5F0.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/y4hYdSezg5FswLHYhmZTwzQx5F0.mft
                          rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1330 (0x532)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3663CEEAF/serialNumber=CB88587527B383916CC0B1D8866653C33431E45D
        Validity
            Not Before: Nov  6 13:37:41 2023 GMT
            Not After : Nov  6 13:37:41 2033 GMT
        Subject: CN=6548ec2f-c8cf
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:7c:74:a8:21:8c:c8:b2:d2:9b:64:9b:51:aa:
                    1a:ef:07:46:1a:12:64:e9:68:45:3e:2f:f4:25:e8:
                    88:b6:a0:ad:ca:35:ba:39:f4:91:7e:4b:cf:cb:74:
                    23:a5:3e:4b:79:36:1e:d2:ff:c6:31:57:b7:5f:5b:
                    be:c4:fa:1e:a4:a0:ff:d0:c4:8e:3d:87:e4:9a:b8:
                    0f:74:f5:5a:ec:51:64:02:9c:10:71:4d:ac:38:57:
                    7a:eb:0b:fe:99:57:db:45:a9:58:9c:06:0a:16:d4:
                    96:82:3f:38:82:95:ad:19:e7:c0:08:71:14:1b:f7:
                    17:90:23:e6:5f:f2:28:c1:01:1e:09:33:5d:d1:2d:
                    72:a0:d4:f9:e1:02:b4:6b:a7:7a:46:ad:e5:0c:0c:
                    6a:1b:1a:1f:79:ca:24:d3:c1:e6:4e:18:00:e5:33:
                    79:2e:2c:45:69:5d:b2:27:48:da:45:7c:c4:6d:b5:
                    99:1a:df:6a:29:80:80:b7:a7:e9:11:29:c7:05:ab:
                    74:5b:2c:63:31:a4:5f:54:ec:ec:73:a0:c0:d3:79:
                    65:2a:da:4c:09:56:e0:35:f0:e2:49:56:d2:99:4a:
                    50:93:09:97:c5:a3:aa:fd:13:b4:96:1d:8a:52:71:
                    59:0d:fa:5a:03:85:0c:1e:51:92:70:4b:6a:a9:a1:
                    00:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:93:39:B1:70:0E:45:D8:47:D1:FA:40:16:5E:0B:1C:07:7F:5F:BF
            X509v3 Authority Key Identifier:
                keyid:CB:88:58:75:27:B3:83:91:6C:C0:B1:D8:86:66:53:C3:34:31:E4:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/y4hYdSezg5FswLHYhmZTwzQx5F0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/y4hYdSezg5FswLHYhmZTwzQx5F0.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3663CEE/1FBC442083BE11EA8A65B730F8AEA228/AE18FBD67CA911EEB6D3DD404AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.76.224.0/21
                  102.67.176.0/21
                  154.73.184.0/21
                IPv6:
                  2c0f:f708::/32

    Signature Algorithm: sha256WithRSAEncryption
         69:37:10:be:c0:90:e4:f0:2c:cb:13:4e:97:56:fb:a0:70:17:
         5c:b2:c8:58:49:58:c9:85:50:44:a6:e3:18:f7:fe:fc:cb:88:
         39:2c:a9:0b:d8:5b:41:7c:d0:1d:b4:32:a4:ae:2c:a8:b2:1c:
         fc:75:08:e0:dc:fb:20:ba:d0:e7:eb:4f:cb:e1:a1:1a:b7:b2:
         b7:74:3f:c6:2e:c4:be:3f:49:3e:1d:a2:bf:a0:8c:f2:9b:4f:
         09:93:31:e5:a5:2c:9c:d7:4a:4e:06:a2:b5:e8:d5:ed:46:2a:
         b8:4f:bf:49:43:a5:49:16:b0:c4:e9:88:e0:c3:09:c0:ef:09:
         cf:9b:86:6b:2e:5d:64:7d:40:48:97:8b:c2:bc:60:63:8f:a8:
         d7:f3:3d:3a:a7:d0:91:ae:78:18:c0:cd:7b:dd:93:fc:5a:b7:
         f1:a6:7d:fc:96:ab:b9:3e:9d:ea:02:9f:68:18:b9:98:02:c8:
         80:41:03:d8:f0:70:61:28:f3:01:65:e1:72:ae:e7:a7:19:a6:
         e0:39:43:47:b7:9e:09:91:bd:8f:1a:cc:fe:4b:19:32:78:42:
         fd:f1:93:5d:09:8a:96:cf:45:bf:06:fb:37:c1:32:16:f9:61:
         1d:90:64:01:a5:fb:54:43:35:79:3c:f2:be:b3:0a:70:8a:77:
         32:af:e3:bc
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgICBTIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjNDRUVBRjExMC8GA1UEBRMoQ0I4ODU4NzUyN0IzODM5MTZDQzBCMUQ4ODY2NjUz
QzMzNDMxRTQ1RDAeFw0yMzExMDYxMzM3NDFaFw0zMzExMDYxMzM3NDFaMBgxFjAU
BgNVBAMTDTY1NDhlYzJmLWM4Y2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWfHSoIYzIstKbZJtRqhrvB0YaEmTpaEU+L/Ql6Ii2oK3KNbo59JF+S8/L
dCOlPkt5Nh7S/8YxV7dfW77E+h6koP/QxI49h+SauA909VrsUWQCnBBxTaw4V3rr
C/6ZV9tFqVicBgoW1JaCPziCla0Z58AIcRQb9xeQI+Zf8ijBAR4JM13RLXKg1Pnh
ArRrp3pGreUMDGobGh95yiTTweZOGADlM3kuLEVpXbInSNpFfMRttZka32opgIC3
p+kRKccFq3RbLGMxpF9U7OxzoMDTeWUq2kwJVuA18OJJVtKZSlCTCZfFo6r9E7SW
HYpScVkN+loDhQweUZJwS2qpoQDhAgMBAAGjggLAMIICvDAdBgNVHQ4EFgQUj5M5
sXAORdhH0fpAFl4LHAd/X78wHwYDVR0jBBgwFoAUy4hYdSezg5FswLHYhmZTwzQx
5F0wDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjYzQ0VFLzFGQkM0NDIwODNCRTExRUE4QTY1QjczMEY4QUVBMjI4L3k0aFlk
U2V6ZzVGc3dMSFlobVpUd3pReDVGMC5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL3k0aFlkU2V6ZzVGc3dMSFlobVpUd3pReDVGMC5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjYzQ0VFLzFGQkM0NDIwODNCRTExRUE4QTY1QjczMEY4
QUVBMjI4L0FFMThGQkQ2N0NBOTExRUVCNkQzREQ0MDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAMpTOADBANmQ7ADBAOaSbgw
DQQCAAIwBwMFACwP9wgwDQYJKoZIhvcNAQELBQADggEBAGk3EL7AkOTwLMsTTpdW
+6BwF1yyyFhJWMmFUESm4xj3/vzLiDksqQvYW0F80B20MqSuLKiyHPx1CODc+yC6
0OfrT8vhoRq3srd0P8YuxL4/ST4dor+gjPKbTwmTMeWlLJzXSk4GorXo1e1GKrhP
v0lDpUkWsMTpiODDCcDvCc+bhmsuXWR9QEiXi8K8YGOPqNfzPTqn0JGueBjAzXvd
k/xat/GmffyWq7k+neoCn2gYuZgCyIBBA9jwcGEo8wFl4XKu56cZpuA5Q0e3ngmR
vY8azP5LGTJ4Qv3xk10JipbPRb8G+zfBMhb5YR2QZAGl+1RDNXk88r6zCnCKdzKv
47w=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:02:11 2024 by rpki-client on console-ams.rpki-client.org