Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/18DEB1243C0211EEB112314D4AD9E6FC.roa
File:                     18DEB1243C0211EEB112314D4AD9E6FC.roa (raw, json)
Hash identifier:          2voGwbbtU2MkBRQ3qoxFFyKv6wtZANkqkPupy4V9TUA=
Subject key identifier:   85:FB:60:C5:25:06:3E:27:B0:73:CD:4D:62:3E:39:3B:5B:22:8B:EB
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       04CD
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/18DEB1243C0211EEB112314D4AD9E6FC.roa
Signing time:             Wed 16 Aug 2023 06:57:00 +0000
ROA not before:           Wed 16 Aug 2023 06:56:51 +0000
ROA not after:            Wed 31 Aug 2033 06:56:51 +0000
asID:                     20011
IP address blocks:        41.132.64.0/21 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1229 (0x4cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Aug 16 06:56:51 2023 GMT
            Not After : Aug 31 06:56:51 2033 GMT
        Subject: CN=64dc733c-e411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:13:ae:ce:7e:85:f9:fa:2d:ad:0f:17:87:12:
                    c9:5d:36:cc:7b:09:e8:54:3d:1c:72:b2:66:d3:ff:
                    04:f9:d9:09:f7:ed:7f:81:f5:58:a2:03:39:36:72:
                    db:8f:e9:0a:57:da:65:34:d5:dc:29:6b:b2:e3:d0:
                    46:38:73:df:e7:c9:f2:c1:db:29:9d:15:19:a5:97:
                    e6:af:d6:fd:54:81:9d:d2:9a:4e:74:ad:fd:81:0a:
                    e2:78:e4:99:1d:de:51:b9:6b:e0:18:86:d6:5a:58:
                    d3:3c:49:65:6a:19:78:0e:c9:3e:33:01:e2:41:7f:
                    91:a0:c5:6a:6e:3c:7d:95:7a:28:1a:85:69:91:4d:
                    70:6c:80:9a:fa:b3:07:ee:da:37:71:cc:ef:93:d3:
                    e8:15:9b:81:48:5a:a9:43:00:82:cf:9f:c7:f5:8d:
                    e7:27:d9:df:0d:0b:dc:1c:8c:7c:41:33:20:66:5f:
                    c6:7a:17:58:7b:bb:ba:9d:bc:2b:60:88:6a:16:cc:
                    af:3f:69:3b:e1:91:d9:86:6b:0c:a7:df:f4:cb:d1:
                    94:63:7b:5c:50:b7:87:7b:32:b3:c7:97:f9:32:66:
                    e2:a3:56:68:25:6e:96:de:70:bd:12:d0:bd:5c:85:
                    09:fd:95:bc:d7:31:f6:e9:2a:22:9e:56:3e:d5:88:
                    d8:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:FB:60:C5:25:06:3E:27:B0:73:CD:4D:62:3E:39:3B:5B:22:8B:EB
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/18DEB1243C0211EEB112314D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.132.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         22:70:8b:6f:84:35:7e:ac:aa:2c:9b:6f:12:a1:a3:6c:4e:33:
         df:81:69:ee:dd:d0:e7:4a:f2:84:a8:04:a8:69:c4:31:58:8e:
         fd:1b:ea:50:d6:1c:4c:34:b7:2d:4f:5b:da:bb:66:f9:4b:74:
         f6:da:63:2e:45:00:65:9e:19:50:02:05:3b:67:89:d0:22:13:
         17:84:0a:26:17:72:b8:67:5b:a7:18:0f:7c:9d:81:fc:5e:f0:
         ef:38:b5:77:81:88:3b:aa:88:e4:1e:55:49:2f:0c:58:be:ce:
         a8:f7:13:71:26:7d:34:b5:21:cf:9b:86:e1:ce:c1:04:88:1b:
         d5:27:b6:0a:4d:2a:29:08:81:98:8a:c8:42:8f:1b:6e:8f:cb:
         b7:97:41:93:26:31:af:87:29:cc:3d:45:8a:95:49:9d:7e:db:
         ef:49:8c:55:0a:2d:d5:8e:a9:02:14:8b:8b:68:a8:50:53:67:
         c7:e2:8c:28:e6:7a:ae:7b:6c:66:bb:f4:86:7c:ba:af:6c:5d:
         69:43:78:cc:dc:55:a1:8a:66:d8:34:3e:63:07:14:b7:dc:f7:
         b9:4b:bc:3a:5f:7f:6f:ec:b3:7c:30:fc:76:e4:5f:b7:cd:7e:
         5d:ff:aa:4a:7a:66:bc:f9:67:c3:57:04:bd:02:a1:ad:40:32:
         a6:10:ed:88
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBM0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMzA4MTYwNjU2NTFaFw0zMzA4MzEwNjU2NTFaMBgxFjAU
BgNVBAMTDTY0ZGM3MzNjLWU0MTEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDJE67OfoX5+i2tDxeHEsldNsx7CehUPRxysmbT/wT52Qn37X+B9ViiAzk2
ctuP6QpX2mU01dwpa7Lj0EY4c9/nyfLB2ymdFRmll+av1v1UgZ3Smk50rf2BCuJ4
5Jkd3lG5a+AYhtZaWNM8SWVqGXgOyT4zAeJBf5GgxWpuPH2VeigahWmRTXBsgJr6
swfu2jdxzO+T0+gVm4FIWqlDAILPn8f1jecn2d8NC9wcjHxBMyBmX8Z6F1h7u7qd
vCtgiGoWzK8/aTvhkdmGawyn3/TL0ZRje1xQt4d7MrPHl/kyZuKjVmglbpbecL0S
0L1chQn9lbzXMfbpKiKeVj7ViNjNAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUhftg
xSUGPiewc81NYj45O1sii+swHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzE4REVCMTI0M0MwMjExRUVCMTEyMzE0RDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAMphEAwDQYJKoZIhvcNAQEL
BQADggEBACJwi2+ENX6sqiybbxKho2xOM9+Bae7d0OdK8oSoBKhpxDFYjv0b6lDW
HEw0ty1PW9q7ZvlLdPbaYy5FAGWeGVACBTtnidAiExeECiYXcrhnW6cYD3ydgfxe
8O84tXeBiDuqiOQeVUkvDFi+zqj3E3EmfTS1Ic+bhuHOwQSIG9UntgpNKikIgZiK
yEKPG26Py7eXQZMmMa+HKcw9RYqVSZ1+2+9JjFUKLdWOqQIUi4toqFBTZ8fijCjm
eq57bGa79IZ8uq9sXWlDeMzcVaGKZtg0PmMHFLfc97lLvDpff2/ss3ww/HbkX7fN
fl3/qkp6Zrz5Z8NXBL0Coa1AMqYQ7Yg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:03:44 2024 by rpki-client on console-ams.rpki-client.org