Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/1A85425E69BB11EEBF5E904C4AD9E6FC.roa
File:                     1A85425E69BB11EEBF5E904C4AD9E6FC.roa (raw, json)
Hash identifier:          Kx/Y8dEbUYeqoToY5LpNSdsXIlBKib23+2DqdNa43/Y=
Subject key identifier:   85:1F:52:23:4B:F4:0B:9C:3D:C4:AB:13:39:F7:29:23:23:9E:70:0B
Certificate issuer:       /CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
Certificate serial:       14
Authority key identifier: 2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/1A85425E69BB11EEBF5E904C4AD9E6FC.roa
Signing time:             Fri 13 Oct 2023 11:24:42 +0000
ROA not before:           Fri 13 Oct 2023 11:24:39 +0000
ROA not after:            Wed 13 Oct 2027 11:24:39 +0000
asID:                     37513
IP address blocks:        196.216.167.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 20 (0x14)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
        Validity
            Not Before: Oct 13 11:24:39 2023 GMT
            Not After : Oct 13 11:24:39 2027 GMT
        Subject: CN=652928fa-f149
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:0f:bd:c2:c7:34:78:48:bf:9f:db:70:f3:db:
                    a1:49:09:3c:ca:0f:d9:25:6c:38:b0:10:ee:83:68:
                    a0:95:97:d9:19:a1:f6:2e:f7:78:91:77:98:14:77:
                    90:05:44:ca:53:72:3e:8f:e9:10:1e:66:94:87:fd:
                    29:b6:96:99:ee:7d:54:a0:b2:2d:62:23:02:93:9a:
                    a3:51:4d:1e:39:96:4d:b7:f2:27:e8:8f:c1:92:12:
                    45:f4:4d:45:db:3f:1a:d5:1f:d6:b0:8a:b0:27:48:
                    bd:02:8b:ec:c0:a9:16:26:22:08:8d:d5:2b:d1:e3:
                    e7:15:e0:8b:66:a6:2f:2e:ef:43:60:3d:b8:c2:f0:
                    a6:a3:79:16:83:ba:f7:c5:40:bd:aa:19:1c:94:8e:
                    0d:2b:54:46:06:b0:c2:11:10:19:14:70:b0:58:21:
                    8a:66:66:fe:b6:1e:ea:52:44:b5:bd:19:9d:ce:8f:
                    1f:76:d5:50:ea:6d:5d:e4:87:53:04:3d:46:1b:db:
                    84:95:22:54:c2:3d:15:80:0a:67:c9:fd:1d:44:ae:
                    1c:b4:d2:d6:e0:3e:c5:6a:a6:21:58:8a:b2:58:d9:
                    83:79:c3:11:f3:f1:4e:3e:08:c7:db:9a:59:40:7d:
                    f4:5a:59:46:78:a2:41:b8:09:7e:16:d5:b1:7a:0a:
                    3a:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:1F:52:23:4B:F4:0B:9C:3D:C4:AB:13:39:F7:29:23:23:9E:70:0B
            X509v3 Authority Key Identifier:
                keyid:2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/1A85425E69BB11EEBF5E904C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.216.167.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:7b:23:e0:d4:07:d9:c9:a2:4a:0d:fb:79:5e:21:54:84:79:
         e7:d8:33:d5:b4:4f:0a:c6:c4:52:ef:70:af:5d:4f:af:99:1b:
         8a:7f:5e:44:d5:df:77:55:fe:62:a6:65:e1:54:93:c6:cd:61:
         2a:a6:c0:13:09:9f:29:28:db:2e:d5:4c:c3:46:5d:c4:78:0f:
         60:29:ed:c8:7e:db:0b:1e:46:c1:0d:f2:16:f8:40:00:02:7f:
         9d:5b:57:ca:20:39:ab:8b:ca:85:dd:b4:a4:49:8d:c8:9e:a5:
         d3:b6:14:84:72:e9:1a:f2:d5:e5:70:6d:8f:8e:1d:d2:5a:f3:
         69:e8:eb:04:86:49:6b:ff:a6:8d:41:03:62:4d:64:9d:38:f5:
         a1:2f:db:0b:83:22:51:92:f6:84:39:80:55:fd:4d:5f:a7:e7:
         87:ad:ce:04:0d:5e:52:f5:85:ea:4e:02:b9:26:ed:43:06:3f:
         ba:22:9e:72:7f:bb:f5:20:48:6e:e6:d0:62:76:f4:d8:8d:96:
         65:d2:dc:5b:96:99:0d:10:93:e7:c5:3b:3a:5a:5f:df:93:39:
         74:8c:cd:c4:02:86:99:27:09:4f:b7:c3:d4:67:da:9a:f5:37:
         db:a4:a0:ab:7f:34:55:5d:58:5c:c0:b6:3a:bc:0f:99:bd:c4:
         47:af:26:70
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBFDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
Q0U2RkFGMTEwLwYDVQQFEygyQTdDRUU3OTE4MkJCODU5MUJCMTM1RERCRkJCRUU5
NEMxREY0MDg3MB4XDTIzMTAxMzExMjQzOVoXDTI3MTAxMzExMjQzOVowGDEWMBQG
A1UEAxMNNjUyOTI4ZmEtZjE0OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN4PvcLHNHhIv5/bcPPboUkJPMoP2SVsOLAQ7oNooJWX2Rmh9i73eJF3mBR3
kAVEylNyPo/pEB5mlIf9KbaWme59VKCyLWIjApOao1FNHjmWTbfyJ+iPwZISRfRN
Rds/GtUf1rCKsCdIvQKL7MCpFiYiCI3VK9Hj5xXgi2amLy7vQ2A9uMLwpqN5FoO6
98VAvaoZHJSODStURgawwhEQGRRwsFghimZm/rYe6lJEtb0Znc6PH3bVUOptXeSH
UwQ9RhvbhJUiVMI9FYAKZ8n9HUSuHLTS1uA+xWqmIViKsljZg3nDEfPxTj4Ix9ua
WUB99FpZRniiQbgJfhbVsXoKOmkCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSFH1Ij
S/QLnD3EqxM59ykjI55wCzAfBgNVHSMEGDAWgBQqfO55GCu4WRuxNd2/u+6Uwd9A
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFEOUU2RkMvS256dWVS
Z3J1Rmtic1RYZHY3dnVsTUhmUUljLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS256dWVSZ3J1Rmtic1RYZHY3dnVsTUhmUUljLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFE
OUU2RkMvMUE4NTQyNUU2OUJCMTFFRUJGNUU5MDRDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMTYpzANBgkqhkiG9w0BAQsF
AAOCAQEAZXsj4NQH2cmiSg37eV4hVIR559gz1bRPCsbEUu9wr11Pr5kbin9eRNXf
d1X+YqZl4VSTxs1hKqbAEwmfKSjbLtVMw0ZdxHgPYCntyH7bCx5GwQ3yFvhAAAJ/
nVtXyiA5q4vKhd20pEmNyJ6l07YUhHLpGvLV5XBtj44d0lrzaejrBIZJa/+mjUED
Yk1knTj1oS/bC4MiUZL2hDmAVf1NX6fnh63OBA1eUvWF6k4CuSbtQwY/uiKecn+7
9SBIbubQYnb02I2WZdLcW5aZDRCT58U7Olpf35M5dIzNxAKGmScJT7fD1GfamvU3
26Sgq380VV1YXMC2OrwPmb3ER68mcA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org