Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/1C97FE7C0BF411EDBC876CA6F1222468.roa
File:                     1C97FE7C0BF411EDBC876CA6F1222468.roa (raw, json)
Hash identifier:          ekqp55fRP+lUS0myRl2PGEWgmsdJpZEw6fnyR61loqw=
Subject key identifier:   0B:3D:8A:B6:32:38:D4:34:17:CA:1F:24:24:C0:55:A2:7B:81:D4:A5
Certificate issuer:       /CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
Certificate serial:       0584
Authority key identifier: 95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/1C97FE7C0BF411EDBC876CA6F1222468.roa
Signing time:             Mon 25 Jul 2022 08:31:00 +0000
ROA not before:           Mon 25 Jul 2022 08:30:56 +0000
ROA not after:            Wed 07 Jul 2032 08:30:56 +0000
asID:                     36916
IP address blocks:        41.223.60.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.mft
                          rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1412 (0x584)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
        Validity
            Not Before: Jul 25 08:30:56 2022 GMT
            Not After : Jul  7 08:30:56 2032 GMT
        Subject: CN=62de54c4-20e8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:0a:ca:e7:58:40:67:fb:9e:ad:d4:7c:6a:f2:
                    86:5b:c4:a1:2e:e5:f0:7c:d5:8c:54:3d:a4:31:83:
                    ca:52:57:97:d2:1f:68:14:f2:e7:41:d8:e5:8b:af:
                    a2:60:37:0b:68:0c:0f:09:3f:d9:62:81:df:99:32:
                    c9:1d:eb:da:b6:bd:a4:14:3b:bb:02:bc:f7:c9:01:
                    40:95:d8:98:b9:f7:48:1f:c0:b0:59:89:eb:7f:97:
                    39:73:58:aa:51:15:33:a8:ef:99:34:e4:4d:86:46:
                    df:0c:aa:e1:ef:33:cf:40:e8:df:19:a2:6e:b0:99:
                    d8:cd:50:3d:03:94:f0:c1:40:1d:d3:2c:83:43:6c:
                    5d:02:ef:55:3a:27:53:51:ba:7b:ac:bd:28:38:c9:
                    5b:1c:d6:84:08:46:62:51:dc:ac:8e:96:68:bb:14:
                    75:01:52:e3:30:4b:dd:45:79:ee:df:c4:9f:e8:5a:
                    80:56:7c:24:f9:41:ef:b3:cb:e4:d0:be:a7:ed:0e:
                    45:62:c0:44:37:bf:ae:43:a6:81:03:59:78:09:ac:
                    a3:22:11:b3:37:6e:09:35:9e:e1:d9:a0:a9:14:6d:
                    24:87:b1:f1:70:65:5e:3e:7e:f1:47:0a:8a:58:1c:
                    4e:fd:9e:8a:ee:9a:5e:95:44:b7:24:2a:12:8a:4c:
                    40:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:3D:8A:B6:32:38:D4:34:17:CA:1F:24:24:C0:55:A2:7B:81:D4:A5
            X509v3 Authority Key Identifier:
                keyid:95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/1C97FE7C0BF411EDBC876CA6F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.223.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6e:07:9f:17:f4:4a:55:9b:49:87:5e:64:6c:25:64:c5:8a:c6:
         ea:9b:f9:79:2b:ce:f4:01:cf:ad:f6:df:96:a6:58:53:f3:74:
         9e:52:91:1d:a7:e2:e7:26:1f:15:30:65:b8:7a:26:f2:6e:1a:
         f4:83:16:4f:67:13:9c:9a:20:00:dc:f2:1f:8b:88:cd:cb:75:
         2b:bf:f0:cd:a1:df:77:92:be:46:8e:88:cc:ab:2b:ec:c5:ff:
         b9:0d:76:3b:6d:45:83:bd:38:d1:ca:c4:67:e8:15:d4:c8:43:
         83:7a:73:79:84:70:b0:65:0e:17:69:11:6d:a6:a2:12:68:ff:
         d5:6e:0c:86:2b:9d:71:83:8d:18:83:13:0a:9e:11:95:f4:4c:
         f0:a5:8a:2e:32:bb:a8:dc:fc:1f:6b:42:d1:d4:a1:51:8c:30:
         eb:ec:80:2b:3b:05:dd:29:93:14:b2:98:5b:fd:2c:f6:13:8f:
         a5:fc:2d:57:36:cd:a6:54:e3:81:95:1b:52:77:57:25:80:cf:
         13:da:e4:da:ba:41:2d:0c:b3:97:d6:fc:12:b3:12:c4:f3:41:
         7f:37:f8:bf:0e:6b:b2:e1:4d:26:c7:8e:27:8c:21:1e:9a:be:
         1e:d6:03:c1:20:b9:86:0e:67:6c:13:28:a5:a2:ed:7c:5e:d0:
         70:ba:19:92
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBYQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjlENkJBRjExMC8GA1UEBRMoOTU5NzMzREY1OUU4NkVBN0MyM0IyRkIzN0E2RTg0
NkRCQjE4ODI3QjAeFw0yMjA3MjUwODMwNTZaFw0zMjA3MDcwODMwNTZaMBgxFjAU
BgNVBAMMDTYyZGU1NGM0LTIwZTgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCgCsrnWEBn+56t1Hxq8oZbxKEu5fB81YxUPaQxg8pSV5fSH2gU8udB2OWL
r6JgNwtoDA8JP9ligd+ZMskd69q2vaQUO7sCvPfJAUCV2Ji590gfwLBZiet/lzlz
WKpRFTOo75k05E2GRt8MquHvM89A6N8Zom6wmdjNUD0DlPDBQB3TLINDbF0C71U6
J1NRunusvSg4yVsc1oQIRmJR3KyOlmi7FHUBUuMwS91Fee7fxJ/oWoBWfCT5Qe+z
y+TQvqftDkViwEQ3v65DpoEDWXgJrKMiEbM3bgk1nuHZoKkUbSSHsfFwZV4+fvFH
CopYHE79noruml6VRLckKhKKTEBdAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUCz2K
tjI41DQXyh8kJMBVonuB1KUwHwYDVR0jBBgwFoAUlZcz31nobqfCOy+zem6EbbsY
gnswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4QUVBMjI4L2xaY3oz
MW5vYnFmQ095LXplbTZFYmJzWWducy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2xaY3ozMW5vYnFmQ095LXplbTZFYmJzWWducy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4
QUVBMjI4LzFDOTdGRTdDMEJGNDExRURCQzg3NkNBNkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIp3zwwDQYJKoZIhvcNAQEL
BQADggEBAG4Hnxf0SlWbSYdeZGwlZMWKxuqb+XkrzvQBz63235amWFPzdJ5SkR2n
4ucmHxUwZbh6JvJuGvSDFk9nE5yaIADc8h+LiM3LdSu/8M2h33eSvkaOiMyrK+zF
/7kNdjttRYO9ONHKxGfoFdTIQ4N6c3mEcLBlDhdpEW2mohJo/9VuDIYrnXGDjRiD
EwqeEZX0TPClii4yu6jc/B9rQtHUoVGMMOvsgCs7Bd0pkxSymFv9LPYTj6X8LVc2
zaZU44GVG1J3VyWAzxPa5Nq6QS0Ms5fW/BKzEsTzQX83+L8Oa7LhTSbHjieMIR6a
vh7WA8EguYYOZ2wTKKWi7Xxe0HC6GZI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org