Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/DCC0D7980BF211EDBB6593A2F1222468.roa
File:                     DCC0D7980BF211EDBB6593A2F1222468.roa (raw, json)
Hash identifier:          r8VuJl5xjfF3AnqsVRjKvkLN8IDUkALyajdrvcScRNY=
Subject key identifier:   05:B0:8F:FE:47:95:B1:9A:83:5A:D9:1A:C8:59:41:84:FD:D7:16:06
Certificate issuer:       /CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
Certificate serial:       0572
Authority key identifier: 95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/DCC0D7980BF211EDBB6593A2F1222468.roa
Signing time:             Mon 25 Jul 2022 08:22:03 +0000
ROA not before:           Mon 25 Jul 2022 08:21:59 +0000
ROA not after:            Wed 07 Jul 2032 08:21:59 +0000
asID:                     36916
IP address blocks:        41.221.224.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.mft
                          rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1394 (0x572)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3669D6BAF/serialNumber=959733DF59E86EA7C23B2FB37A6E846DBB18827B
        Validity
            Not Before: Jul 25 08:21:59 2022 GMT
            Not After : Jul  7 08:21:59 2032 GMT
        Subject: CN=62de52ab-fead
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:84:e6:1a:93:a6:b6:4b:21:39:40:12:69:bf:
                    23:d3:53:5b:fb:52:ed:7b:d7:62:a0:9b:d6:37:37:
                    fc:36:0a:1c:53:5c:60:71:08:bb:69:3e:4e:07:33:
                    3a:d3:8c:36:07:a7:39:f5:3d:84:94:3f:6c:87:11:
                    3c:ae:99:5c:60:51:0e:9f:37:1c:f7:be:db:78:3d:
                    44:b8:76:99:dd:81:bb:c0:3a:35:44:61:72:c5:09:
                    92:7c:9e:cf:c8:b5:c9:cc:27:15:a3:9e:e9:d6:78:
                    3d:4b:c2:52:3d:cf:e4:2e:e0:7b:c2:6e:46:16:02:
                    ad:6b:71:ef:8b:f0:3e:be:cd:42:28:4c:eb:bb:30:
                    87:a5:ec:e2:62:11:82:cc:87:c2:75:c2:72:9c:11:
                    b3:94:9d:e1:62:26:2d:a4:f3:d3:3a:07:35:92:fa:
                    42:a8:15:2f:1d:76:fd:62:06:35:c5:fe:96:c4:9e:
                    0a:8a:4f:6a:36:91:62:49:14:32:df:eb:2b:15:49:
                    3d:40:1c:fe:45:8d:be:02:fe:5e:e6:8d:e7:36:6d:
                    28:d7:21:aa:dd:b6:5c:96:28:bf:f5:15:d8:cb:fc:
                    60:66:ee:37:f1:a9:62:5e:e6:a8:f9:6e:02:5e:8e:
                    d2:e6:37:2c:a1:a8:f6:ae:e7:49:e1:ba:fd:dd:84:
                    2c:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:B0:8F:FE:47:95:B1:9A:83:5A:D9:1A:C8:59:41:84:FD:D7:16:06
            X509v3 Authority Key Identifier:
                keyid:95:97:33:DF:59:E8:6E:A7:C2:3B:2F:B3:7A:6E:84:6D:BB:18:82:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/lZcz31nobqfCOy-zem6EbbsYgns.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/lZcz31nobqfCOy-zem6EbbsYgns.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3669D6B/BEFB44EE879A11E99F393351F8AEA228/DCC0D7980BF211EDBB6593A2F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.221.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         21:35:02:1b:cc:27:87:bd:b7:6b:df:14:b8:e3:3a:7c:e6:cb:
         2a:72:d4:dd:82:f1:d2:80:b2:fb:b7:01:ab:e0:46:df:3d:79:
         ef:08:1a:68:b9:f5:8c:dc:a3:7b:69:f1:17:ea:09:14:7d:5c:
         ac:38:de:dc:74:8a:4e:b0:c9:d5:e3:5a:fe:d7:f6:e5:a1:60:
         9d:24:32:55:eb:05:89:5c:6d:cc:9e:bc:5d:ce:41:27:d1:99:
         b1:77:41:1d:95:f9:ba:b0:2a:f7:ec:8d:dd:9d:96:eb:c0:54:
         3a:f1:5e:75:34:66:ae:3c:2c:6b:46:79:09:ba:08:8b:7e:9d:
         d7:88:ef:50:f9:10:61:3b:6d:a4:b7:14:e2:ce:d7:84:1e:67:
         f2:3c:21:0b:1b:df:48:c2:05:72:b3:18:06:42:5d:bb:8a:4e:
         3f:0c:1a:b4:8b:a5:c1:d0:eb:01:32:cc:ae:dd:5d:7a:c4:31:
         ab:91:de:c3:b8:6b:51:31:8b:ca:cc:3a:9d:4f:a2:91:43:48:
         db:a0:b3:f2:20:d9:ec:0f:ea:7e:a6:fd:58:a6:29:c5:5c:b7:
         d4:d8:1d:13:ed:32:76:1e:a6:a5:a0:4b:34:9d:7b:21:49:70:
         15:e3:f4:3a:9d:2e:bb:cb:68:28:b7:42:9e:83:d0:ac:2d:74:
         e2:d2:ac:e8
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBXIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
NjlENkJBRjExMC8GA1UEBRMoOTU5NzMzREY1OUU4NkVBN0MyM0IyRkIzN0E2RTg0
NkRCQjE4ODI3QjAeFw0yMjA3MjUwODIxNTlaFw0zMjA3MDcwODIxNTlaMBgxFjAU
BgNVBAMMDTYyZGU1MmFiLWZlYWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrhOYak6a2SyE5QBJpvyPTU1v7Uu1712Kgm9Y3N/w2ChxTXGBxCLtpPk4H
MzrTjDYHpzn1PYSUP2yHETyumVxgUQ6fNxz3vtt4PUS4dpndgbvAOjVEYXLFCZJ8
ns/ItcnMJxWjnunWeD1LwlI9z+Qu4HvCbkYWAq1rce+L8D6+zUIoTOu7MIel7OJi
EYLMh8J1wnKcEbOUneFiJi2k89M6BzWS+kKoFS8ddv1iBjXF/pbEngqKT2o2kWJJ
FDLf6ysVST1AHP5Fjb4C/l7mjec2bSjXIardtlyWKL/1FdjL/GBm7jfxqWJe5qj5
bgJejtLmNyyhqPau50nhuv3dhCyJAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUBbCP
/keVsZqDWtkayFlBhP3XFgYwHwYDVR0jBBgwFoAUlZcz31nobqfCOy+zem6EbbsY
gnswDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4QUVBMjI4L2xaY3oz
MW5vYnFmQ095LXplbTZFYmJzWWducy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL2xaY3ozMW5vYnFmQ095LXplbTZFYmJzWWducy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjY5RDZCL0JFRkI0NEVFODc5QTExRTk5RjM5MzM1MUY4
QUVBMjI4L0RDQzBENzk4MEJGMjExRURCQjY1OTNBMkYxMjIyNDY4LnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEp3eAwDQYJKoZIhvcNAQEL
BQADggEBACE1AhvMJ4e9t2vfFLjjOnzmyypy1N2C8dKAsvu3AavgRt89ee8IGmi5
9Yzco3tp8RfqCRR9XKw43tx0ik6wydXjWv7X9uWhYJ0kMlXrBYlcbcyevF3OQSfR
mbF3QR2V+bqwKvfsjd2dluvAVDrxXnU0Zq48LGtGeQm6CIt+ndeI71D5EGE7baS3
FOLO14QeZ/I8IQsb30jCBXKzGAZCXbuKTj8MGrSLpcHQ6wEyzK7dXXrEMauR3sO4
a1Exi8rMOp1PopFDSNugs/Ig2ewP6n6m/VimKcVct9TYHRPtMnYepqWgSzSdeyFJ
cBXj9DqdLrvLaCi3Qp6D0KwtdOLSrOg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:41 2024 by rpki-client on console-ams.rpki-client.org