Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/3C1C27BABF2611ED869DBEAEF1222468.roa
File:                     3C1C27BABF2611ED869DBEAEF1222468.roa (raw, json)
Hash identifier:          uzqqIMSlh2xjEurHE6RQA0qN+2afs+KDqNra60gaSsI=
Subject key identifier:   21:F2:23:85:E6:F9:47:38:FC:51:47:AE:CE:E7:28:74:01:6A:AF:57
Certificate issuer:       /CN=F366B0C9AF/serialNumber=A20E2067F0DB783DE3723E231517DC7E9FE5BAD3
Certificate serial:       47
Authority key identifier: A2:0E:20:67:F0:DB:78:3D:E3:72:3E:23:15:17:DC:7E:9F:E5:BA:D3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/3C1C27BABF2611ED869DBEAEF1222468.roa
Signing time:             Fri 10 Mar 2023 09:30:46 +0000
ROA not before:           Fri 10 Mar 2023 09:30:42 +0000
ROA not after:            Thu 31 Mar 2033 09:30:42 +0000
asID:                     37182
IP address blocks:        41.93.65.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 71 (0x47)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366B0C9AF/serialNumber=A20E2067F0DB783DE3723E231517DC7E9FE5BAD3
        Validity
            Not Before: Mar 10 09:30:42 2023 GMT
            Not After : Mar 31 09:30:42 2033 GMT
        Subject: CN=640af8c6-6f58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9f:cc:2a:3e:33:74:2e:99:5b:6e:14:d9:19:
                    ba:33:e3:3c:66:81:99:a7:5c:b9:66:03:2b:13:e8:
                    f6:17:69:30:ab:06:a3:e0:e7:4f:a8:2b:d2:4d:56:
                    cf:88:fe:60:dd:e7:1e:5e:58:b4:7d:22:a8:c9:b3:
                    d7:46:3b:e7:89:fd:16:8d:c8:65:88:0b:84:26:47:
                    b0:5d:c2:23:a9:61:be:47:48:71:56:31:ad:b6:f2:
                    2d:39:aa:d1:18:a2:24:5a:0f:c2:17:41:93:1f:79:
                    cf:d3:8c:35:b2:5f:04:46:b2:a4:5d:de:57:3d:8d:
                    fa:56:1b:fa:dc:4b:1d:3b:b2:bf:8e:69:55:8a:5d:
                    e6:47:d2:90:a3:0f:d5:7a:f5:e1:94:5b:5b:91:ad:
                    c0:7a:cd:a0:40:7b:2c:64:3a:04:57:59:15:68:e2:
                    97:b2:a8:25:7f:6a:bc:36:bf:e2:0e:1b:66:67:23:
                    ac:1d:a6:6c:bf:c7:ab:5d:e1:57:d9:24:7f:57:d3:
                    f2:75:bd:1e:db:35:51:f3:50:61:a6:3d:6c:0e:27:
                    b1:20:2b:fe:59:36:62:41:dd:cf:dd:ed:da:f4:54:
                    eb:95:d4:36:b4:a0:3b:57:2f:62:9e:23:4f:22:30:
                    59:ec:76:86:eb:75:9b:34:8e:4b:a5:d7:31:d8:45:
                    b5:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:F2:23:85:E6:F9:47:38:FC:51:47:AE:CE:E7:28:74:01:6A:AF:57
            X509v3 Authority Key Identifier:
                keyid:A2:0E:20:67:F0:DB:78:3D:E3:72:3E:23:15:17:DC:7E:9F:E5:BA:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/3C1C27BABF2611ED869DBEAEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.93.65.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:03:d6:6b:d6:9d:86:f2:8f:71:73:74:5c:6a:a0:16:3d:27:
         be:29:a7:2c:02:e4:a9:45:8e:98:5f:b3:42:2f:53:bf:47:d9:
         23:0f:30:ea:6f:20:85:c6:4a:5d:1d:aa:c7:c7:bb:0a:a1:e8:
         e2:f2:74:51:e8:36:60:cc:d0:19:65:e9:98:d5:dc:fa:92:57:
         28:c9:5c:e3:87:84:97:67:0b:94:35:40:60:48:1f:e8:08:45:
         2c:e8:6d:fb:7f:fe:91:8b:25:9a:3c:fd:73:a4:36:8c:14:37:
         86:06:f6:5c:21:2d:ac:5e:58:72:f0:74:b5:42:a8:29:45:eb:
         92:4a:70:17:bc:6c:b0:13:be:29:b4:a0:d3:ce:f5:ca:58:75:
         cf:37:c9:eb:cb:28:4c:98:75:22:c8:5f:3e:8a:a8:1c:2e:a8:
         0a:9d:3c:47:f7:68:fd:f0:09:00:db:74:a8:e5:b0:c8:cf:bc:
         7b:3e:75:ec:69:63:f4:6c:e7:69:0e:ce:da:a2:d9:13:7d:be:
         d9:6e:8d:2e:dc:79:99:a3:40:37:b8:f7:f8:94:3c:1c:28:55:
         e1:79:34:32:11:a9:a0:cf:25:c6:73:48:d7:c0:0f:b7:c1:a4:
         c4:8c:cb:89:2d:fa:66:5b:29:0e:75:c1:67:7f:bb:10:9e:b6:
         1b:88:20:1d
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBRzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
QjBDOUFGMTEwLwYDVQQFEyhBMjBFMjA2N0YwREI3ODNERTM3MjNFMjMxNTE3REM3
RTlGRTVCQUQzMB4XDTIzMDMxMDA5MzA0MloXDTMzMDMzMTA5MzA0MlowGDEWMBQG
A1UEAwwNNjQwYWY4YzYtNmY1ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGfzCo+M3QumVtuFNkZujPjPGaBmadcuWYDKxPo9hdpMKsGo+DnT6gr0k1W
z4j+YN3nHl5YtH0iqMmz10Y754n9Fo3IZYgLhCZHsF3CI6lhvkdIcVYxrbbyLTmq
0RiiJFoPwhdBkx95z9OMNbJfBEaypF3eVz2N+lYb+txLHTuyv45pVYpd5kfSkKMP
1Xr14ZRbW5GtwHrNoEB7LGQ6BFdZFWjil7KoJX9qvDa/4g4bZmcjrB2mbL/Hq13h
V9kkf1fT8nW9Hts1UfNQYaY9bA4nsSAr/lk2YkHdz93t2vRU65XUNrSgO1cvYp4j
TyIwWex2hut1mzSOS6XXMdhFtdUCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQh8iOF
5vlHOPxRR67O5yh0AWqvVzAfBgNVHSMEGDAWgBSiDiBn8Nt4PeNyPiMVF9x+n+W6
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkIwQzkvRjEyNjUxOENCQzQwMTFFREFCNTk0RURDRjEyMjI0Njgvb2c0Z1pf
RGJlRDNqY2o0akZSZmNmcF9sdXRNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvb2c0Z1pfRGJlRDNqY2o0akZSZmNmcF9sdXRNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkIwQzkvRjEyNjUxOENCQzQwMTFFREFCNTk0RURDRjEy
MjI0NjgvM0MxQzI3QkFCRjI2MTFFRDg2OURCRUFFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACldQTANBgkqhkiG9w0BAQsF
AAOCAQEAYgPWa9adhvKPcXN0XGqgFj0nvimnLALkqUWOmF+zQi9Tv0fZIw8w6m8g
hcZKXR2qx8e7CqHo4vJ0Ueg2YMzQGWXpmNXc+pJXKMlc44eEl2cLlDVAYEgf6AhF
LOht+3/+kYslmjz9c6Q2jBQ3hgb2XCEtrF5YcvB0tUKoKUXrkkpwF7xssBO+KbSg
0871ylh1zzfJ68soTJh1IshfPoqoHC6oCp08R/do/fAJANt0qOWwyM+8ez517Glj
9GznaQ7O2qLZE32+2W6NLtx5maNAN7j3+JQ8HChV4Xk0MhGpoM8lxnNI18APt8Gk
xIzLiS36ZlspDnXBZ3+7EJ62G4ggHQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:55 2024 by rpki-client on console-fra.rpki-client.org