Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/AE1744B6F3B711EC89B3739FF1222468.roa
File:                     AE1744B6F3B711EC89B3739FF1222468.roa (raw, json)
Hash identifier:          w92koESbKPuRCFn8wA4oOAkJlDGs//YsXIKVLmIo1FE=
Subject key identifier:   19:4E:1C:32:19:3D:18:78:29:63:FB:CE:39:D6:BB:AD:8A:0D:83:73
Certificate issuer:       /CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
Certificate serial:       04F3
Authority key identifier: 95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/AE1744B6F3B711EC89B3739FF1222468.roa
Signing time:             Fri 24 Jun 2022 12:17:57 +0000
ROA not before:           Fri 24 Jun 2022 12:17:53 +0000
ROA not after:            Wed 12 Jun 2030 12:17:53 +0000
asID:                     36916
IP address blocks:        41.180.8.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.mft
                          rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1267 (0x4f3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
        Validity
            Not Before: Jun 24 12:17:53 2022 GMT
            Not After : Jun 12 12:17:53 2030 GMT
        Subject: CN=62b5ab75-56fb
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:37:b5:26:89:c5:bd:e2:58:97:f1:8f:2a:1b:
                    a2:5c:6c:7c:9a:d7:f7:0b:82:92:b3:d6:41:e9:c7:
                    50:75:ee:00:78:14:c7:28:25:e8:95:ab:a3:da:5a:
                    7c:98:dc:d4:8d:8e:b8:38:25:d1:14:9f:16:73:84:
                    86:af:1b:f4:a6:5a:d8:60:ef:ef:bb:10:b9:06:a8:
                    18:a5:ed:dd:cf:ac:18:41:fa:a6:a3:32:be:99:58:
                    ae:ba:c0:0a:80:ba:67:72:19:25:16:8d:6c:dc:8d:
                    9b:eb:d5:65:ec:4c:9e:8e:14:2e:2b:ee:21:ab:98:
                    80:c3:68:47:ef:9a:1c:a1:6c:72:cb:85:73:46:19:
                    c4:3d:71:03:dc:e1:6a:9a:a7:23:ce:ae:b7:71:a5:
                    58:19:2d:9c:71:7c:af:8a:0c:ea:74:7a:4d:d4:78:
                    04:4a:48:e7:22:26:d4:77:1c:b5:7a:3c:5d:76:00:
                    87:64:35:99:23:e9:d7:32:1b:58:a4:f2:5d:7f:a8:
                    16:bd:ea:f8:4a:f5:9a:10:d2:f9:51:df:4b:91:af:
                    4d:c3:80:14:6e:6d:24:a8:73:32:4c:69:07:36:e9:
                    96:db:6d:2b:51:c3:fd:b3:bb:bd:ca:34:2a:bd:fd:
                    d4:c9:43:f8:31:a8:9e:24:e3:a4:da:95:be:56:bb:
                    d1:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:4E:1C:32:19:3D:18:78:29:63:FB:CE:39:D6:BB:AD:8A:0D:83:73
            X509v3 Authority Key Identifier:
                keyid:95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/AE1744B6F3B711EC89B3739FF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.180.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         96:0b:f2:41:04:4b:3c:d3:9f:f6:28:4c:d5:6b:87:f9:f6:31:
         39:38:3d:8c:a6:78:41:88:ba:76:7a:65:44:26:6d:4d:62:4f:
         f2:24:60:7f:de:88:0c:b1:58:f9:bc:cd:06:3a:eb:20:88:dd:
         51:3b:89:e4:89:f3:e0:27:2c:f3:43:f9:c8:57:b5:61:fc:a1:
         53:34:c8:ff:0d:20:3a:f2:24:e3:b7:49:af:4d:41:19:fa:e6:
         f6:77:a1:b7:61:ba:60:75:60:db:f6:51:2c:43:57:b0:17:db:
         d7:c9:3a:77:a0:aa:aa:65:10:7e:c5:10:38:dc:e0:ba:61:fe:
         d1:ff:e8:2e:54:d6:b0:c6:d6:2d:00:f1:8f:ec:c7:4c:ea:0f:
         7b:7a:06:e2:84:35:df:51:53:8d:79:42:62:75:da:dc:f2:78:
         cc:0a:26:12:3f:4e:9e:9d:15:c4:6f:82:48:76:b9:5e:04:f6:
         c7:dc:0f:eb:64:a6:75:d2:cd:40:a6:61:88:91:08:b9:57:ed:
         22:88:47:bf:a5:14:9c:ed:a3:ae:08:c3:3f:b2:8f:4c:c1:5a:
         79:61:9c:db:d1:55:fa:04:4b:c9:8e:e3:ed:17:ca:7d:51:cf:
         74:35:29:9b:5a:ba:80:b3:e2:07:f6:6a:56:14:48:4f:1a:60:
         a6:8e:ca:f8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBPMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjlENkJBRjExMC8GA1UEBRMoOTU5NzMzREY1OUU4NkVBN0MyM0IyRkIzN0E2RTg0
NkRCQjE4ODI3QjAeFw0yMjA2MjQxMjE3NTNaFw0zMDA2MTIxMjE3NTNaMBgxFjAU
BgNVBAMMDTYyYjVhYjc1LTU2ZmIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdN7UmicW94liX8Y8qG6JcbHya1/cLgpKz1kHpx1B17gB4FMcoJeiVq6Pa
WnyY3NSNjrg4JdEUnxZzhIavG/SmWthg7++7ELkGqBil7d3PrBhB+qajMr6ZWK66
wAqAumdyGSUWjWzcjZvr1WXsTJ6OFC4r7iGrmIDDaEfvmhyhbHLLhXNGGcQ9cQPc
4WqapyPOrrdxpVgZLZxxfK+KDOp0ek3UeARKSOciJtR3HLV6PF12AIdkNZkj6dcy
G1ik8l1/qBa96vhK9ZoQ0vlR30uRr03DgBRubSSoczJMaQc26ZbbbStRw/2zu73K
NCq9/dTJQ/gxqJ4k46Talb5Wu9FLAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUGU4c
Mhk9GHgpY/vOOda7rYoNg3MwHwYDVR0jBBgwFoAUlZcz31nobqfCOy+zem6EbbsY
gnswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4QUVBMjI4L2xaY3oz
MW5vYnFmQ095LXplbTZFYmJzWWducy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2xaY3ozMW5vYnFmQ095LXplbTZFYmJzWWducy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4
QUVBMjI4L0FFMTc0NEI2RjNCNzExRUM4OUIzNzM5RkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAptAgwDQYJKoZIhvcNAQEL
BQADggEBAJYL8kEESzzTn/YoTNVrh/n2MTk4PYymeEGIunZ6ZUQmbU1iT/IkYH/e
iAyxWPm8zQY66yCI3VE7ieSJ8+AnLPND+chXtWH8oVM0yP8NIDryJOO3Sa9NQRn6
5vZ3obdhumB1YNv2USxDV7AX29fJOnegqqplEH7FEDjc4Lph/tH/6C5U1rDG1i0A
8Y/sx0zqD3t6BuKENd9RU415QmJ12tzyeMwKJhI/Tp6dFcRvgkh2uV4E9sfcD+tk
pnXSzUCmYYiRCLlX7SKIR7+lFJzto64Iwz+yj0zBWnlhnNvRVfoES8mO4+0Xyn1R
z3Q1KZtauoCz4gf2alYUSE8aYKaOyvg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:53 2024 by rpki-client on console-fra.rpki-client.org