Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/D12DB3A81FD711ED960B32D7F1222468.roa
File:                     D12DB3A81FD711ED960B32D7F1222468.roa (raw, json)
Hash identifier:          ikGOwGaplOGV/PcSGhjp0MvdLR9UJJ+/G1KwNBdKWWU=
Subject key identifier:   3B:95:B5:B6:2A:18:66:9F:10:AC:92:43:9D:7A:26:C1:E5:6D:39:37
Certificate issuer:       /CN=F36663C2AF/serialNumber=E0219D5A4CD8582C4F37E2D0DDD706B77EBD9F6C
Certificate serial:       7B
Authority key identifier: E0:21:9D:5A:4C:D8:58:2C:4F:37:E2:D0:DD:D7:06:B7:7E:BD:9F:6C
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/4CGdWkzYWCxPN-LQ3dcGt369n2w.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/D12DB3A81FD711ED960B32D7F1222468.roa
Signing time:             Fri 19 Aug 2022 15:58:51 +0000
ROA not before:           Fri 19 Aug 2022 15:58:47 +0000
ROA not after:            Tue 19 Aug 2025 15:58:47 +0000
asID:                     33763
IP address blocks:        196.43.120.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/4CGdWkzYWCxPN-LQ3dcGt369n2w.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/4CGdWkzYWCxPN-LQ3dcGt369n2w.mft
                          rsync://rpki.afrinic.net/repository/afrinic/4CGdWkzYWCxPN-LQ3dcGt369n2w.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Thu 28 Nov 2024 00:05:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 123 (0x7b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F36663C2AF/serialNumber=E0219D5A4CD8582C4F37E2D0DDD706B77EBD9F6C
        Validity
            Not Before: Aug 19 15:58:47 2022 GMT
            Not After : Aug 19 15:58:47 2025 GMT
        Subject: CN=62ffb33b-7ce1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e7:09:49:f2:80:2b:1b:bb:1c:f1:94:b6:9b:
                    5a:20:20:75:77:b2:04:8c:c8:06:3a:3a:85:a1:24:
                    4b:ad:e7:54:32:99:6c:1f:f6:3c:42:4a:19:ad:2a:
                    62:cc:84:c5:a1:5c:f6:d2:20:ff:85:f0:5e:71:d3:
                    1b:8c:be:90:34:72:3b:13:bd:37:35:be:f7:f3:15:
                    78:af:84:02:05:68:2e:24:0c:41:07:7c:28:00:e7:
                    e1:c4:4f:92:13:6b:52:4f:0a:e1:84:31:ae:b3:53:
                    2e:b9:4f:90:20:d7:b6:dc:41:4d:52:22:99:d4:b4:
                    8a:72:89:aa:31:e9:8d:83:12:31:23:84:61:71:0f:
                    e9:f0:32:51:bc:fc:52:66:f0:83:78:67:58:83:5d:
                    79:74:2d:ec:f7:5d:5f:f9:ad:30:4a:71:82:19:f1:
                    cc:3f:90:e9:38:3a:d3:7c:a7:c6:47:bc:27:76:3a:
                    82:f6:88:f6:1c:c2:0e:92:59:82:e5:16:cf:56:7e:
                    4a:3a:20:d9:d9:6c:35:16:ca:07:8d:d1:0f:5a:be:
                    f2:f2:7d:b8:b6:c4:4d:92:ca:21:f5:67:76:56:f8:
                    41:86:9f:31:bb:ef:f7:e4:35:b5:d4:1d:2f:63:05:
                    ab:0e:31:91:07:2c:e4:12:b3:9e:ed:4b:6b:c7:57:
                    af:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:95:B5:B6:2A:18:66:9F:10:AC:92:43:9D:7A:26:C1:E5:6D:39:37
            X509v3 Authority Key Identifier:
                keyid:E0:21:9D:5A:4C:D8:58:2C:4F:37:E2:D0:DD:D7:06:B7:7E:BD:9F:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/4CGdWkzYWCxPN-LQ3dcGt369n2w.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/4CGdWkzYWCxPN-LQ3dcGt369n2w.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F36663C2/B390E9E8C78311ECB1982894F1222468/D12DB3A81FD711ED960B32D7F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.43.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         85:0d:60:f5:f0:16:9c:20:f9:1d:a2:42:51:d4:65:fd:29:ad:
         53:80:b6:27:3c:21:62:6e:eb:cc:4c:53:e6:1d:a9:bd:9b:4d:
         40:b7:70:5d:b0:4a:ae:62:26:e2:e6:1f:07:62:f9:4d:0d:63:
         30:1d:44:39:94:b7:8b:14:72:3a:98:06:03:01:41:f1:66:bb:
         d0:b4:53:bf:a4:fe:1c:c8:75:a5:68:5d:cf:84:f1:0e:b6:2a:
         3a:77:1e:8e:ba:7d:26:8a:31:bd:a0:14:4e:d1:9b:a3:9e:0e:
         af:32:2e:1f:f5:47:e5:9b:12:1f:6f:7c:fc:9f:de:39:d9:14:
         a6:86:45:98:6d:72:61:51:15:e6:c5:d2:c6:43:82:0e:db:17:
         92:f2:47:47:63:30:52:1f:63:7a:07:27:e3:25:b8:80:42:39:
         d3:39:de:73:7f:f8:95:6f:9b:66:c3:d5:ec:93:11:55:69:24:
         09:f0:0f:19:cf:46:12:d8:dd:49:97:a5:6d:e4:08:dd:db:61:
         3f:7c:fa:a7:e8:5c:ec:14:07:9b:4e:88:9d:d8:19:3c:c4:6d:
         2b:82:ce:cc:3a:7a:a7:27:3d:d3:ab:9b:f6:7e:74:8f:33:8e:
         9d:92:05:78:5d:57:fb:f4:99:95:e0:ca:08:a4:71:09:9e:48:
         e3:ee:b1:b2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBezANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
NjNDMkFGMTEwLwYDVQQFEyhFMDIxOUQ1QTRDRDg1ODJDNEYzN0UyRDBEREQ3MDZC
NzdFQkQ5RjZDMB4XDTIyMDgxOTE1NTg0N1oXDTI1MDgxOTE1NTg0N1owGDEWMBQG
A1UEAwwNNjJmZmIzM2ItN2NlMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXnCUnygCsbuxzxlLabWiAgdXeyBIzIBjo6haEkS63nVDKZbB/2PEJKGa0q
YsyExaFc9tIg/4XwXnHTG4y+kDRyOxO9NzW+9/MVeK+EAgVoLiQMQQd8KADn4cRP
khNrUk8K4YQxrrNTLrlPkCDXttxBTVIimdS0inKJqjHpjYMSMSOEYXEP6fAyUbz8
Umbwg3hnWINdeXQt7PddX/mtMEpxghnxzD+Q6Tg603ynxke8J3Y6gvaI9hzCDpJZ
guUWz1Z+Sjog2dlsNRbKB43RD1q+8vJ9uLbETZLKIfVndlb4QYafMbvv9+Q1tdQd
L2MFqw4xkQcs5BKznu1La8dXr/MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQ7lbW2
KhhmnxCskkOdeibB5W05NzAfBgNVHSMEGDAWgBTgIZ1aTNhYLE834tDd1wa3fr2f
bDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NjYzQzIvQjM5MEU5RThDNzgzMTFFQ0IxOTgyODk0RjEyMjI0NjgvNENHZFdr
ellXQ3hQTi1MUTNkY0d0MzY5bjJ3LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvNENHZFdrellXQ3hQTi1MUTNkY0d0MzY5bjJ3LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NjYzQzIvQjM5MEU5RThDNzgzMTFFQ0IxOTgyODk0RjEy
MjI0NjgvRDEyREIzQTgxRkQ3MTFFRDk2MEIzMkQ3RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsQreDANBgkqhkiG9w0BAQsF
AAOCAQEAhQ1g9fAWnCD5HaJCUdRl/SmtU4C2JzwhYm7rzExT5h2pvZtNQLdwXbBK
rmIm4uYfB2L5TQ1jMB1EOZS3ixRyOpgGAwFB8Wa70LRTv6T+HMh1pWhdz4TxDrYq
Oncejrp9JooxvaAUTtGbo54OrzIuH/VH5ZsSH298/J/eOdkUpoZFmG1yYVEV5sXS
xkOCDtsXkvJHR2MwUh9jegcn4yW4gEI50znec3/4lW+bZsPV7JMRVWkkCfAPGc9G
EtjdSZelbeQI3dthP3z6p+hc7BQHm06IndgZPMRtK4LOzDp6pyc906ub9n50jzOO
nZIFeF1X+/SZleDKCKRxCZ5I4+6xsg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 04:53:39 2024 by rpki-client on console-ams.rpki-client.org