Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/C11DB7D20BF111ED888A119FF1222468.roa
File:                     C11DB7D20BF111ED888A119FF1222468.roa (raw, json)
Hash identifier:          j9Im+ndOTwwtRqaLShL/EO7434UY8M2QcQ2xrEg+LBU=
Subject key identifier:   F6:8A:57:98:84:49:E9:A7:18:8F:C0:89:8F:31:C1:92:14:E0:82:35
Certificate issuer:       /CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
Certificate serial:       0564
Authority key identifier: 95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/C11DB7D20BF111ED888A119FF1222468.roa
Signing time:             Mon 25 Jul 2022 08:14:07 +0000
ROA not before:           Mon 25 Jul 2022 08:14:04 +0000
ROA not after:            Wed 07 Jul 2032 08:14:04 +0000
asID:                     36916
IP address blocks:        41.180.64.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.mft
                          rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1380 (0x564)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
        Validity
            Not Before: Jul 25 08:14:04 2022 GMT
            Not After : Jul  7 08:14:04 2032 GMT
        Subject: CN=62de50cf-1785
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7d:16:e4:19:ba:8c:0d:0a:06:54:b0:a7:30:
                    b7:31:7a:3b:52:14:ff:91:a2:7e:81:80:11:6f:f8:
                    77:6e:71:c5:76:a9:40:f7:47:5a:c9:0e:c1:3b:db:
                    7f:9b:0e:90:63:cc:58:2c:d9:5c:dc:07:a0:2c:c3:
                    27:66:72:41:e4:53:de:36:46:ed:96:e9:aa:2d:20:
                    14:88:a2:b6:f5:05:06:ff:d1:ed:f0:b4:4a:f5:3c:
                    68:48:31:01:8e:e3:60:85:38:da:d0:61:b0:ad:46:
                    c4:5f:76:7b:5f:f3:92:ea:6b:87:07:b6:6d:ed:bc:
                    1d:ed:a1:64:2b:61:37:3e:03:e2:3e:09:6c:0b:00:
                    2b:06:c8:6b:89:da:df:33:84:bd:3b:f6:ea:f7:f6:
                    84:a5:40:c3:db:4a:d9:3b:98:22:19:14:0a:3d:e4:
                    d6:4b:3c:2b:6f:9a:ad:1a:35:3f:e4:ac:65:f7:f5:
                    4a:7f:f4:8a:05:a4:7d:05:7e:67:65:8a:18:63:69:
                    12:3d:ea:95:04:9b:89:f2:4e:35:18:8b:f4:31:49:
                    e2:07:2f:79:e8:cf:8e:19:eb:ce:0a:1c:b8:5c:88:
                    66:6a:16:d6:d5:e7:9f:be:9a:02:f1:f5:14:8e:5b:
                    35:d1:a6:4a:33:75:0a:b7:67:6a:73:6b:b4:2d:ed:
                    ec:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:8A:57:98:84:49:E9:A7:18:8F:C0:89:8F:31:C1:92:14:E0:82:35
            X509v3 Authority Key Identifier:
                keyid:95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/C11DB7D20BF111ED888A119FF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.180.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         2e:b8:be:3c:45:fc:ea:33:b4:76:3b:8c:a1:ce:0f:9c:b2:4b:
         36:b2:98:52:b2:e4:74:ae:1b:ad:76:6a:84:d4:b2:30:e2:be:
         43:8c:ee:38:1c:b0:fe:ae:36:9c:5b:7b:d9:c5:f9:ae:48:fd:
         7b:49:70:26:5f:46:b3:fe:0f:b1:77:88:c2:2c:76:5f:19:7b:
         da:d9:58:cb:8a:50:38:23:68:f7:46:69:15:72:c7:48:6f:f6:
         ac:d1:fb:c9:08:d0:72:a0:14:5e:6e:e1:c7:7e:d7:60:a7:a3:
         7b:21:27:48:e6:3d:3c:f3:e0:55:71:0b:d1:5d:19:67:2f:0b:
         1e:22:cb:a7:44:0e:57:0c:44:0b:71:d0:db:18:de:03:58:be:
         0c:b0:5e:b9:43:43:88:df:28:93:2f:2e:80:6b:69:14:79:28:
         fc:a4:07:66:96:a6:9d:c7:e6:34:39:fd:f1:d6:14:f6:6d:e8:
         38:7d:1e:52:00:1b:e3:88:1c:b0:7f:e4:bc:dd:2a:89:9a:a2:
         99:c3:28:b1:ac:6b:d4:a9:7b:38:e1:92:22:b3:aa:9f:52:87:
         95:c8:89:6a:bc:99:bc:69:e2:79:09:39:35:89:be:ba:54:01:
         89:8d:16:49:31:0f:3d:db:32:23:7b:93:1c:87:92:15:b4:49:
         03:fd:8e:60
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBWQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjlENkJBRjExMC8GA1UEBRMoOTU5NzMzREY1OUU4NkVBN0MyM0IyRkIzN0E2RTg0
NkRCQjE4ODI3QjAeFw0yMjA3MjUwODE0MDRaFw0zMjA3MDcwODE0MDRaMBgxFjAU
BgNVBAMMDTYyZGU1MGNmLTE3ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKfRbkGbqMDQoGVLCnMLcxejtSFP+Ron6BgBFv+HduccV2qUD3R1rJDsE7
23+bDpBjzFgs2VzcB6AswydmckHkU942Ru2W6aotIBSIorb1BQb/0e3wtEr1PGhI
MQGO42CFONrQYbCtRsRfdntf85Lqa4cHtm3tvB3toWQrYTc+A+I+CWwLACsGyGuJ
2t8zhL079ur39oSlQMPbStk7mCIZFAo95NZLPCtvmq0aNT/krGX39Up/9IoFpH0F
fmdlihhjaRI96pUEm4nyTjUYi/QxSeIHL3noz44Z684KHLhciGZqFtbV55++mgLx
9RSOWzXRpkozdQq3Z2pza7Qt7ezTAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQU9opX
mIRJ6acYj8CJjzHBkhTggjUwHwYDVR0jBBgwFoAUlZcz31nobqfCOy+zem6EbbsY
gnswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4QUVBMjI4L2xaY3oz
MW5vYnFmQ095LXplbTZFYmJzWWducy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2xaY3ozMW5vYnFmQ095LXplbTZFYmJzWWducy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4
QUVBMjI4L0MxMURCN0QyMEJGMTExRUQ4ODhBMTE5RkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMptEAwDQYJKoZIhvcNAQEL
BQADggEBAC64vjxF/OoztHY7jKHOD5yySzaymFKy5HSuG612aoTUsjDivkOM7jgc
sP6uNpxbe9nF+a5I/XtJcCZfRrP+D7F3iMIsdl8Ze9rZWMuKUDgjaPdGaRVyx0hv
9qzR+8kI0HKgFF5u4cd+12Cno3shJ0jmPTzz4FVxC9FdGWcvCx4iy6dEDlcMRAtx
0NsY3gNYvgywXrlDQ4jfKJMvLoBraRR5KPykB2aWpp3H5jQ5/fHWFPZt6Dh9HlIA
G+OIHLB/5LzdKomaopnDKLGsa9SpezjhkiKzqp9Sh5XIiWq8mbxp4nkJOTWJvrpU
AYmNFkkxDz3bMiN7kxyHkhW0SQP9jmA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org