Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/3BB28D0269BA11EEABA4ED494AD9E6FC.roa
File:                     3BB28D0269BA11EEABA4ED494AD9E6FC.roa (raw, json)
Hash identifier:          Q1XgZ9ZmDeVtE4gxia+GOYWXfxLUPO9DALH0Nrtl+eg=
Subject key identifier:   E8:87:17:A0:62:5A:3C:85:98:48:BD:3A:23:A2:E1:FC:1F:9E:34:40
Certificate issuer:       /CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
Certificate serial:       08
Authority key identifier: 2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/3BB28D0269BA11EEABA4ED494AD9E6FC.roa
Signing time:             Fri 13 Oct 2023 11:18:28 +0000
ROA not before:           Fri 13 Oct 2023 11:18:25 +0000
ROA not after:            Wed 13 Oct 2027 11:18:25 +0000
asID:                     37513
IP address blocks:        196.216.164.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 8 (0x8)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
        Validity
            Not Before: Oct 13 11:18:25 2023 GMT
            Not After : Oct 13 11:18:25 2027 GMT
        Subject: CN=65292784-875d
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:e4:44:79:da:dd:e5:e3:55:e0:59:a0:65:10:
                    68:89:8f:6b:a3:c9:da:1f:09:70:0a:c1:f6:02:40:
                    e1:5c:bc:03:59:b6:b5:c2:6d:24:bb:02:61:8f:23:
                    a7:16:a2:09:08:df:a9:c2:cc:bf:ff:00:2d:9f:63:
                    e8:c8:1d:93:52:41:3f:ef:a8:41:ba:7f:c5:d9:fa:
                    1f:ec:38:00:f3:59:5b:d9:33:8c:6a:a1:f8:dd:89:
                    f9:f7:28:83:71:e1:59:3a:1b:1e:8e:5f:83:ab:ec:
                    71:73:6a:61:37:ae:f8:dd:5f:c2:31:8c:a0:e5:6f:
                    7d:6d:8a:1a:24:bb:2e:1e:6e:7f:75:c3:65:20:02:
                    41:3d:43:60:32:a1:bd:46:b8:b0:41:10:3a:80:15:
                    4c:3c:77:19:ed:e6:a6:bd:64:e3:62:3a:a7:38:19:
                    5a:a6:d2:95:7c:20:27:b3:52:c4:86:39:5c:83:97:
                    24:ea:ee:dc:68:90:24:98:6a:37:eb:a2:00:ee:0b:
                    4d:e9:87:7e:74:e7:79:ed:f0:c7:93:67:ab:67:6e:
                    ac:2b:a6:e5:1d:1e:dc:b6:e6:f0:50:4e:cf:4e:d0:
                    7b:45:48:0d:bd:4f:41:36:2f:a6:c5:23:12:83:46:
                    1c:d0:1b:8b:8e:45:d3:db:ed:a9:70:16:d8:60:90:
                    e7:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:87:17:A0:62:5A:3C:85:98:48:BD:3A:23:A2:E1:FC:1F:9E:34:40
            X509v3 Authority Key Identifier:
                keyid:2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/3BB28D0269BA11EEABA4ED494AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.216.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:39:fe:26:df:a8:33:e4:2e:21:9d:70:28:d0:76:6b:fe:d2:
         21:af:9a:21:c9:79:bd:a1:35:68:ea:1b:c8:1e:60:10:f5:e8:
         1e:10:94:a1:0d:6a:16:58:ae:bc:95:f6:bd:4c:43:6a:f7:0c:
         f8:8b:75:29:da:02:22:79:7c:bd:d5:46:a2:11:3c:fc:99:67:
         66:e2:37:b7:f2:5d:f4:47:1f:35:61:e9:44:12:c2:77:0d:57:
         82:9d:34:e0:b6:ef:f6:54:d0:47:b4:8e:d9:ab:6e:70:37:c5:
         dd:c5:5e:c2:71:14:5f:2c:f8:be:c6:d0:2c:5f:76:70:1f:b7:
         fc:1a:09:7c:ba:7c:6f:c2:94:f1:bc:ad:78:38:4a:7e:71:74:
         e7:28:54:91:3a:40:13:13:ed:9d:01:d9:f2:16:a7:03:e1:08:
         29:af:b6:e1:9e:c9:fc:a2:8b:00:1c:6e:eb:de:4e:1d:bd:db:
         65:b9:c3:7e:0d:e7:0e:38:02:83:24:a2:7a:34:f1:be:72:2f:
         ac:ac:42:5c:33:e9:09:38:84:9d:3b:90:35:df:ee:04:f1:5b:
         43:f5:f5:4e:87:ca:50:da:43:a1:f6:a9:6a:eb:ce:dd:74:64:
         b8:8f:0f:32:7e:81:86:50:cc:54:da:fc:17:d2:e0:f2:83:62:
         ed:43:d4:cb
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBCDANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
Q0U2RkFGMTEwLwYDVQQFEygyQTdDRUU3OTE4MkJCODU5MUJCMTM1RERCRkJCRUU5
NEMxREY0MDg3MB4XDTIzMTAxMzExMTgyNVoXDTI3MTAxMzExMTgyNVowGDEWMBQG
A1UEAxMNNjUyOTI3ODQtODc1ZDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPTkRHna3eXjVeBZoGUQaImPa6PJ2h8JcArB9gJA4Vy8A1m2tcJtJLsCYY8j
pxaiCQjfqcLMv/8ALZ9j6Mgdk1JBP++oQbp/xdn6H+w4APNZW9kzjGqh+N2J+fco
g3HhWTobHo5fg6vscXNqYTeu+N1fwjGMoOVvfW2KGiS7Lh5uf3XDZSACQT1DYDKh
vUa4sEEQOoAVTDx3Ge3mpr1k42I6pzgZWqbSlXwgJ7NSxIY5XIOXJOru3GiQJJhq
N+uiAO4LTemHfnTnee3wx5Nnq2durCum5R0e3Lbm8FBOz07Qe0VIDb1PQTYvpsUj
EoNGHNAbi45F09vtqXAW2GCQ50MCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBTohxeg
Ylo8hZhIvTojouH8H540QDAfBgNVHSMEGDAWgBQqfO55GCu4WRuxNd2/u+6Uwd9A
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFEOUU2RkMvS256dWVS
Z3J1Rmtic1RYZHY3dnVsTUhmUUljLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS256dWVSZ3J1Rmtic1RYZHY3dnVsTUhmUUljLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFE
OUU2RkMvM0JCMjhEMDI2OUJBMTFFRUFCQTRFRDQ5NEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsTYpDANBgkqhkiG9w0BAQsF
AAOCAQEAUTn+Jt+oM+QuIZ1wKNB2a/7SIa+aIcl5vaE1aOobyB5gEPXoHhCUoQ1q
FliuvJX2vUxDavcM+It1KdoCInl8vdVGohE8/JlnZuI3t/Jd9EcfNWHpRBLCdw1X
gp004Lbv9lTQR7SO2atucDfF3cVewnEUXyz4vsbQLF92cB+3/BoJfLp8b8KU8byt
eDhKfnF05yhUkTpAExPtnQHZ8hanA+EIKa+24Z7J/KKLABxu695OHb3bZbnDfg3n
DjgCgySiejTxvnIvrKxCXDPpCTiEnTuQNd/uBPFbQ/X1TofKUNpDofapauvO3XRk
uI8PMn6BhlDMVNr8F9Lg8oNi7UPUyw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 03:52:56 2024 by rpki-client on console-fra.rpki-client.org