Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/78326C6AC1B911ED9E9F38EEF1222468.roa
File:                     78326C6AC1B911ED9E9F38EEF1222468.roa (raw, json)
Hash identifier:          JQ8M5A35oO87TatXsWdGkC+Jb8F9GWgMecFe4htm2HQ=
Subject key identifier:   40:4B:18:8A:ED:3B:E3:46:88:9A:71:FC:BD:76:79:E4:4A:77:04:38
Certificate issuer:       /CN=F366B0C9AF/serialNumber=A20E2067F0DB783DE3723E231517DC7E9FE5BAD3
Certificate serial:       66
Authority key identifier: A2:0E:20:67:F0:DB:78:3D:E3:72:3E:23:15:17:DC:7E:9F:E5:BA:D3
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/78326C6AC1B911ED9E9F38EEF1222468.roa
Signing time:             Mon 13 Mar 2023 16:09:45 +0000
ROA not before:           Mon 13 Mar 2023 16:09:41 +0000
ROA not after:            Thu 31 Mar 2033 16:09:41 +0000
asID:                     37182
IP address blocks:        41.93.92.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.mft
                          rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 14 May 2024 00:04:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102 (0x66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366B0C9AF/serialNumber=A20E2067F0DB783DE3723E231517DC7E9FE5BAD3
        Validity
            Not Before: Mar 13 16:09:41 2023 GMT
            Not After : Mar 31 16:09:41 2033 GMT
        Subject: CN=640f4ac9-f85d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:73:2a:05:46:7d:88:5c:29:e7:13:36:2e:bd:
                    89:65:7a:39:16:e9:29:68:ec:c0:02:4c:52:60:8c:
                    c7:9b:4a:26:be:aa:1a:e1:fc:87:47:b7:d5:31:82:
                    23:78:28:54:54:de:fe:dd:0d:f7:8a:e8:bb:a0:f6:
                    f5:e3:0b:68:27:f3:f4:70:47:c8:a4:60:9f:cf:2d:
                    fd:39:34:0c:95:a2:bf:1a:24:68:a3:6a:ce:6f:ad:
                    74:49:20:28:90:cc:fd:04:07:40:f8:4e:b2:f6:7a:
                    bd:56:8b:b8:e2:69:0f:cb:47:f7:f4:6e:e9:e6:bc:
                    24:20:e8:29:7b:0a:4d:03:b2:5d:d6:6b:db:d7:97:
                    33:35:5d:16:8b:5e:df:2d:b8:b1:41:99:0c:e6:35:
                    63:be:f9:a5:ff:29:33:2c:ac:e0:b9:89:bb:02:eb:
                    b4:e9:55:b2:fa:07:8c:29:4b:4d:0c:44:33:d7:83:
                    28:b2:2b:dc:28:6f:41:14:9b:2b:da:af:d0:65:7b:
                    a3:4b:29:fd:3f:71:b1:3b:5d:43:14:a6:a3:7c:27:
                    c6:fd:e7:cb:50:b1:cf:34:32:98:8f:31:30:c2:6e:
                    cd:ad:f9:30:91:65:ad:bb:d5:77:75:67:af:c0:49:
                    b6:b7:b5:25:8e:92:e5:27:07:2d:af:9f:a0:d5:22:
                    07:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:4B:18:8A:ED:3B:E3:46:88:9A:71:FC:BD:76:79:E4:4A:77:04:38
            X509v3 Authority Key Identifier:
                keyid:A2:0E:20:67:F0:DB:78:3D:E3:72:3E:23:15:17:DC:7E:9F:E5:BA:D3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/og4gZ_DbeD3jcj4jFRfcfp_lutM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/og4gZ_DbeD3jcj4jFRfcfp_lutM.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366B0C9/F126518CBC4011EDAB594EDCF1222468/78326C6AC1B911ED9E9F38EEF1222468.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.93.92.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3c:34:e2:d0:83:8e:68:c6:7f:d7:df:d7:b6:3d:d5:0f:cb:e4:
         a4:9e:c7:7a:76:90:54:d8:b8:86:74:0c:cf:a0:ac:42:6f:33:
         56:69:64:b5:23:e6:98:a5:56:70:82:eb:13:3a:d0:36:4d:4c:
         b3:87:d5:e4:8a:b8:ce:61:db:31:44:89:5d:e1:b6:5e:c7:52:
         67:92:e6:18:d5:5c:98:c0:7b:21:e3:e0:3f:d7:0f:d4:64:ea:
         55:18:43:d3:6b:8c:a5:af:a2:ec:b8:41:39:94:6e:3f:8e:ea:
         b3:f7:58:9b:bf:97:60:be:db:77:77:1f:db:5c:b9:1c:84:7f:
         ad:bd:43:0e:82:08:e1:0d:00:d9:c3:46:7a:18:d3:4f:f5:6f:
         b5:14:48:28:51:8d:f3:e3:2c:f4:da:0a:63:ba:40:7a:fb:c9:
         0b:bc:7e:54:28:ad:99:b7:7f:c4:60:92:54:77:55:95:35:1e:
         47:d9:d7:c0:53:65:7a:21:db:ef:f8:32:c9:27:85:36:7e:29:
         58:8c:12:21:05:6e:c0:51:52:96:6c:b6:d1:19:56:ff:31:dd:
         c6:f1:ca:c4:1a:a1:b7:1b:74:36:69:c3:3f:e9:90:35:f1:2e:
         1d:42:7b:59:6e:bb:a4:50:62:f7:29:e5:72:98:f7:7a:8f:86:
         27:e6:cd:8a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBZjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDDApGMzY2
QjBDOUFGMTEwLwYDVQQFEyhBMjBFMjA2N0YwREI3ODNERTM3MjNFMjMxNTE3REM3
RTlGRTVCQUQzMB4XDTIzMDMxMzE2MDk0MVoXDTMzMDMzMTE2MDk0MVowGDEWMBQG
A1UEAwwNNjQwZjRhYzktZjg1ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKdzKgVGfYhcKecTNi69iWV6ORbpKWjswAJMUmCMx5tKJr6qGuH8h0e31TGC
I3goVFTe/t0N94rou6D29eMLaCfz9HBHyKRgn88t/Tk0DJWivxokaKNqzm+tdEkg
KJDM/QQHQPhOsvZ6vVaLuOJpD8tH9/Ru6ea8JCDoKXsKTQOyXdZr29eXMzVdFote
3y24sUGZDOY1Y775pf8pMyys4LmJuwLrtOlVsvoHjClLTQxEM9eDKLIr3ChvQRSb
K9qv0GV7o0sp/T9xsTtdQxSmo3wnxv3ny1CxzzQymI8xMMJuza35MJFlrbvVd3Vn
r8BJtre1JY6S5ScHLa+foNUiBycCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRASxiK
7TvjRoiacfy9dnnkSncEODAfBgNVHSMEGDAWgBSiDiBn8Nt4PeNyPiMVF9x+n+W6
0zAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkIwQzkvRjEyNjUxOENCQzQwMTFFREFCNTk0RURDRjEyMjI0Njgvb2c0Z1pf
RGJlRDNqY2o0akZSZmNmcF9sdXRNLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvb2c0Z1pfRGJlRDNqY2o0akZSZmNmcF9sdXRNLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkIwQzkvRjEyNjUxOENCQzQwMTFFREFCNTk0RURDRjEy
MjI0NjgvNzgzMjZDNkFDMUI5MTFFRDlFOUYzOEVFRjEyMjI0Njgucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEACldXDANBgkqhkiG9w0BAQsF
AAOCAQEAPDTi0IOOaMZ/19/Xtj3VD8vkpJ7HenaQVNi4hnQMz6CsQm8zVmlktSPm
mKVWcILrEzrQNk1Ms4fV5Iq4zmHbMUSJXeG2XsdSZ5LmGNVcmMB7IePgP9cP1GTq
VRhD02uMpa+i7LhBOZRuP47qs/dYm7+XYL7bd3cf21y5HIR/rb1DDoII4Q0A2cNG
ehjTT/VvtRRIKFGN8+Ms9NoKY7pAevvJC7x+VCitmbd/xGCSVHdVlTUeR9nXwFNl
eiHb7/gyySeFNn4pWIwSIQVuwFFSlmy20RlW/zHdxvHKxBqhtxt0NmnDP+mQNfEu
HUJ7WW67pFBi9ynlcpj3eo+GJ+bNig==
-----END CERTIFICATE-----
Generated at Sun May 12 03:24:46 2024 by rpki-client on console-fra.rpki-client.org