Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/FD189F0E69BA11EEBE81314C4AD9E6FC.roa
File:                     FD189F0E69BA11EEBE81314C4AD9E6FC.roa (raw, json)
Hash identifier:          UK6i2dFbIWYL9h4T/dpZ4yF8qA519gysmxncwqhjDNc=
Subject key identifier:   5A:59:82:D3:31:5B:D9:75:FF:0E:BA:77:18:DB:5B:60:4D:3F:15:A5
Certificate issuer:       /CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
Certificate serial:       12
Authority key identifier: 2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/FD189F0E69BA11EEBE81314C4AD9E6FC.roa
Signing time:             Fri 13 Oct 2023 11:23:53 +0000
ROA not before:           Fri 13 Oct 2023 11:23:49 +0000
ROA not after:            Wed 13 Oct 2027 11:23:49 +0000
asID:                     37513
IP address blocks:        196.216.166.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.mft
                          rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 18 (0x12)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F366CE6FAF/serialNumber=2A7CEE79182BB8591BB135DDBFBBEE94C1DF4087
        Validity
            Not Before: Oct 13 11:23:49 2023 GMT
            Not After : Oct 13 11:23:49 2027 GMT
        Subject: CN=652928c9-c788
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b9:79:72:66:fe:51:0d:18:87:68:be:2a:57:
                    78:07:17:69:42:80:1a:d4:5f:86:5a:f3:9d:91:d7:
                    04:c8:b6:5d:34:95:a2:ff:b3:62:61:29:02:af:cb:
                    ec:da:98:5b:98:dc:bc:77:1f:1d:e7:01:b4:bc:d0:
                    a4:75:1d:16:30:28:e5:82:f1:96:2b:b3:22:65:ae:
                    88:41:8d:3e:4a:56:fa:6b:18:15:93:06:46:4f:fe:
                    58:d1:e0:50:bf:8e:f3:17:7b:8b:5e:fd:66:e6:f3:
                    e6:f0:8a:bc:cc:1c:05:9a:4f:46:6f:47:db:91:45:
                    52:62:b0:35:34:6f:99:40:7f:4f:67:d8:b7:56:ca:
                    14:f7:53:04:c4:ff:6d:c0:8c:f4:dc:dc:6e:d3:2f:
                    e7:9f:e3:f0:5c:6b:5e:a8:eb:5a:33:c7:86:b0:e7:
                    99:1c:cd:62:1f:00:55:0b:34:38:96:96:77:ee:a3:
                    29:ca:3e:31:28:ee:9c:43:e3:06:74:ac:06:a0:b7:
                    07:36:96:54:22:47:17:92:b0:77:8d:ae:b8:2b:00:
                    36:3f:22:dc:2b:f0:0b:4b:93:37:a7:ea:c6:e8:f8:
                    a0:6e:0b:66:58:02:91:3e:4b:bf:02:e7:3f:6d:28:
                    55:b6:3b:82:21:b0:d0:d0:4d:5d:61:72:45:ba:24:
                    9c:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:59:82:D3:31:5B:D9:75:FF:0E:BA:77:18:DB:5B:60:4D:3F:15:A5
            X509v3 Authority Key Identifier:
                keyid:2A:7C:EE:79:18:2B:B8:59:1B:B1:35:DD:BF:BB:EE:94:C1:DF:40:87

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/KnzueRgruFkbsTXdv7vulMHfQIc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/KnzueRgruFkbsTXdv7vulMHfQIc.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F366CE6F/D9A4676C699A11EEBCC5FB674AD9E6FC/FD189F0E69BA11EEBE81314C4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  196.216.166.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3d:03:58:3d:46:b4:a3:a2:4d:9a:15:57:19:4a:e8:52:fc:90:
         c3:b4:16:36:eb:b8:65:f6:79:0b:50:47:ca:7f:32:d5:35:33:
         29:66:24:16:ef:22:a6:46:5c:e1:b9:9f:44:36:63:ef:73:38:
         84:7d:2a:4e:5b:b3:d9:20:f2:2f:5d:1c:43:36:e9:23:96:c9:
         da:28:e8:49:33:f3:e3:19:a3:ce:43:a8:45:34:e5:ec:37:23:
         39:c0:d8:d5:a2:88:27:fa:63:4e:80:12:e6:83:d2:d8:de:b9:
         ab:33:87:1e:a9:58:20:fd:61:87:5c:54:c3:80:c7:44:38:ac:
         cf:03:c6:c7:33:6d:c6:c3:ee:4e:aa:ae:1c:ed:18:c9:7e:35:
         9a:c0:31:9a:05:6a:79:c5:40:25:59:14:e8:95:62:d7:e2:ce:
         64:46:4f:d7:e1:5b:7f:8d:c1:38:fa:bb:c8:28:44:3d:d0:33:
         ad:7f:ea:08:5b:15:ec:05:87:06:ca:61:58:11:8d:a3:21:d2:
         11:c4:cf:60:0c:2c:af:91:f2:0b:97:d2:8a:67:e9:af:ce:fe:
         d6:d0:11:f7:f1:ff:16:af:72:ad:66:13:37:10:5e:56:c7:01:
         f6:01:58:12:ea:61:26:4f:03:ed:b2:84:72:08:bf:84:d9:23:
         68:2a:33:28
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBEjANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY2
Q0U2RkFGMTEwLwYDVQQFEygyQTdDRUU3OTE4MkJCODU5MUJCMTM1RERCRkJCRUU5
NEMxREY0MDg3MB4XDTIzMTAxMzExMjM0OVoXDTI3MTAxMzExMjM0OVowGDEWMBQG
A1UEAxMNNjUyOTI4YzktYzc4ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL65eXJm/lENGIdovipXeAcXaUKAGtRfhlrznZHXBMi2XTSVov+zYmEpAq/L
7NqYW5jcvHcfHecBtLzQpHUdFjAo5YLxliuzImWuiEGNPkpW+msYFZMGRk/+WNHg
UL+O8xd7i179Zubz5vCKvMwcBZpPRm9H25FFUmKwNTRvmUB/T2fYt1bKFPdTBMT/
bcCM9NzcbtMv55/j8FxrXqjrWjPHhrDnmRzNYh8AVQs0OJaWd+6jKco+MSjunEPj
BnSsBqC3BzaWVCJHF5Kwd42uuCsANj8i3CvwC0uTN6fqxuj4oG4LZlgCkT5LvwLn
P20oVbY7giGw0NBNXWFyRboknMsCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBRaWYLT
MVvZdf8OuncY21tgTT8VpTAfBgNVHSMEGDAWgBQqfO55GCu4WRuxNd2/u+6Uwd9A
hzAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFEOUU2RkMvS256dWVS
Z3J1Rmtic1RYZHY3dnVsTUhmUUljLmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvS256dWVSZ3J1Rmtic1RYZHY3dnVsTUhmUUljLmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2NkNFNkYvRDlBNDY3NkM2OTlBMTFFRUJDQzVGQjY3NEFE
OUU2RkMvRkQxODlGMEU2OUJBMTFFRUJFODEzMTRDNEFEOUU2RkMucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMTYpjANBgkqhkiG9w0BAQsF
AAOCAQEAPQNYPUa0o6JNmhVXGUroUvyQw7QWNuu4ZfZ5C1BHyn8y1TUzKWYkFu8i
pkZc4bmfRDZj73M4hH0qTluz2SDyL10cQzbpI5bJ2ijoSTPz4xmjzkOoRTTl7Dcj
OcDY1aKIJ/pjToAS5oPS2N65qzOHHqlYIP1hh1xUw4DHRDiszwPGxzNtxsPuTqqu
HO0YyX41msAxmgVqecVAJVkU6JVi1+LOZEZP1+Fbf43BOPq7yChEPdAzrX/qCFsV
7AWHBsphWBGNoyHSEcTPYAwsr5HyC5fSimfpr87+1tAR9/H/Fq9yrWYTNxBeVscB
9gFYEuphJk8D7bKEcgi/hNkjaCozKA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:42 2024 by rpki-client on console-ams.rpki-client.org