Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/6A68425ABF1E11EDB4A3AB96F1222468.roa
File:                     6A68425ABF1E11EDB4A3AB96F1222468.roa (raw, json)
Hash identifier:          rvqro5eAl8M7i/W5NM7pjeqA1CPy4NR1sRqB2Q/2VPY=
Subject key identifier:   1F:74:D1:71:64:6F:4A:B7:72:DD:58:3F:36:D1:56:1F:C1:6F:25:48
Certificate issuer:       /CN=F366B0C9AF/serialNumber=A20E2067F0DB783DE3723E231517DC7E9FE5BAD3
Certificate serial:       21
Authority key identifier: A2:0E:20:67:F0:DB:78:3D:E3:72:3E:23:15:17:DC:7E:9F:E5:BA:D3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/6A68425ABF1E11EDB4A3AB96F1222468.roa
Signing time:             Fri 10 Mar 2023 08:34:47 +0000
ROA not before:           Fri 10 Mar 2023 08:34:43 +0000
ROA not after:            Thu 10 Mar 2033 08:34:43 +0000
asID:                     37182
IP address blocks:        41.93.44.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33 (0x21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366B0C9AF/serialNumber=A20E2067F0DB783DE3723E231517DC7E9FE5BAD3
        Validity
            Not Before: Mar 10 08:34:43 2023 GMT
            Not After : Mar 10 08:34:43 2033 GMT
        Subject: CN=640aeba7-1b30
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:d1:69:e3:d2:0d:b6:95:70:f9:32:05:d9:f2:
                    92:c8:b6:24:4a:2c:06:91:f2:cb:c9:bf:ac:e8:c7:
                    d0:6e:9d:60:d3:65:21:2b:a3:7e:e7:1d:c1:df:5a:
                    fe:2e:f9:fc:14:18:39:01:17:98:0f:c4:c7:e1:c2:
                    8b:e1:c9:48:97:1b:5a:76:8d:ba:9d:23:39:10:82:
                    9c:95:f1:be:10:0e:99:2e:fb:1d:20:ca:c7:89:3d:
                    59:bc:a2:b9:3f:dd:67:c8:74:cd:a8:be:8f:b2:c5:
                    cf:37:17:5f:00:34:dd:7d:68:74:5b:f2:4c:39:1f:
                    47:b5:a8:5b:79:17:85:37:28:bd:f1:fa:d2:12:98:
                    98:c7:ca:28:c9:49:28:e2:6f:1a:9c:f0:80:ad:00:
                    b9:3d:c6:47:0a:30:e3:42:2c:28:b3:0e:ba:7c:6b:
                    ff:5c:a6:16:ee:d1:92:e5:68:7f:df:78:1d:24:2f:
                    36:64:51:df:d8:cc:01:23:ad:d4:6c:39:3b:08:db:
                    49:ba:39:38:87:94:41:b8:8c:25:be:58:46:1b:b9:
                    9c:70:53:7e:5c:64:26:3e:24:61:3e:a7:34:48:db:
                    40:32:01:db:03:f4:34:eb:88:34:a3:c2:1c:55:dc:
                    b9:38:77:73:d1:4f:bc:0e:40:1e:f1:df:2d:1b:1f:
                    ec:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:74:D1:71:64:6F:4A:B7:72:DD:58:3F:36:D1:56:1F:C1:6F:25:48
            X509v3 Authority Key Identifier:
                keyid:A2:0E:20:67:F0:DB:78:3D:E3:72:3E:23:15:17:DC:7E:9F:E5:BA:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/6A68425ABF1E11EDB4A3AB96F1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.93.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:bb:ed:3e:d3:e4:99:2e:3f:ca:95:6d:59:28:17:c9:41:4c:
         b7:dd:c5:9b:73:5c:32:26:1d:66:b6:6d:2b:b2:a6:d3:da:06:
         33:58:bf:83:28:dc:e9:84:89:1d:14:44:75:98:ee:4e:e7:1c:
         39:21:ca:81:c9:d1:c3:da:b2:22:df:1a:1c:6e:c3:6a:96:1f:
         96:7d:af:e1:8d:c4:4c:d4:7a:ca:0f:95:98:ce:e3:2f:98:01:
         42:54:0e:57:60:89:b8:e4:e7:3b:8d:ef:5b:1e:8e:40:ee:6c:
         3d:c4:e0:75:f1:cc:59:5d:2a:43:d0:7c:c9:2d:84:1d:1d:15:
         de:5b:f2:d1:c4:38:00:37:be:44:9a:66:b6:2a:7d:03:87:2e:
         67:27:31:fe:98:50:68:08:ad:56:6a:8f:9b:1f:38:82:f0:b0:
         6b:b2:1e:69:29:d0:cc:9d:26:a1:8e:65:64:b5:58:1b:40:1e:
         3a:c0:cb:65:2d:86:4d:cb:15:be:4f:a6:07:df:0c:cb:06:20:
         3f:cd:27:62:df:fc:53:61:89:8e:a4:b8:1d:51:43:2c:e1:cd:
         1a:df:45:83:13:d2:fd:73:32:c5:ca:8f:2e:06:2c:d3:17:8c:
         11:99:25:e3:9d:fc:cf:c2:98:6f:3f:0d:05:5d:be:8a:6d:41:
         bd:89:cb:e2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBITANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
QjBDOUFGMTEwLwYDVQQFEyhBMjBFMjA2N0YwREI3ODNERTM3MjNFMjMxNTE3REM3
RTlGRTVCQUQzMB4XDTIzMDMxMDA4MzQ0M1oXDTMzMDMxMDA4MzQ0M1owGDEWMBQG
A1UEAwwNNjQwYWViYTctMWIzMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO3RaePSDbaVcPkyBdnyksi2JEosBpHyy8m/rOjH0G6dYNNlISujfucdwd9a
/i75/BQYOQEXmA/Ex+HCi+HJSJcbWnaNup0jORCCnJXxvhAOmS77HSDKx4k9Wbyi
uT/dZ8h0zai+j7LFzzcXXwA03X1odFvyTDkfR7WoW3kXhTcovfH60hKYmMfKKMlJ
KOJvGpzwgK0AuT3GRwow40IsKLMOunxr/1ymFu7RkuVof994HSQvNmRR39jMASOt
1Gw5OwjbSbo5OIeUQbiMJb5YRhu5nHBTflxkJj4kYT6nNEjbQDIB2wP0NOuINKPC
HFXcuTh3c9FPvA5AHvHfLRsf7PECAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQfdNFx
ZG9Kt3LdWD820VYfwW8lSDAfBgNVHSMEGDAWgBSiDiBn8Nt4PeNyPiMVF9x+n+W6
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkIwQzkvRjEyNjUxOENCQzQwMTFFREFCNTk0RURDRjEyMjI0Njgvb2c0Z1pf
RGJlRDNqY2o0akZSZmNmcF9sdXRNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvb2c0Z1pfRGJlRDNqY2o0akZSZmNmcF9sdXRNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkIwQzkvRjEyNjUxOENCQzQwMTFFREFCNTk0RURDRjEy
MjI0NjgvNkE2ODQyNUFCRjFFMTFFREI0QTNBQjk2RjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACldLDANBgkqhkiG9w0BAQsF
AAOCAQEAfrvtPtPkmS4/ypVtWSgXyUFMt93Fm3NcMiYdZrZtK7Km09oGM1i/gyjc
6YSJHRREdZjuTuccOSHKgcnRw9qyIt8aHG7DapYfln2v4Y3ETNR6yg+VmM7jL5gB
QlQOV2CJuOTnO43vWx6OQO5sPcTgdfHMWV0qQ9B8yS2EHR0V3lvy0cQ4ADe+RJpm
tip9A4cuZycx/phQaAitVmqPmx84gvCwa7IeaSnQzJ0moY5lZLVYG0AeOsDLZS2G
TcsVvk+mB98MywYgP80nYt/8U2GJjqS4HVFDLOHNGt9FgxPS/XMyxcqPLgYs0xeM
EZkl4538z8KYbz8NBV2+im1BvYnL4g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:42 2024 by rpki-client on console-ams.rpki-client.org