Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/45348D3E3C0211EEB5E8B34D4AD9E6FC.roa
File:                     45348D3E3C0211EEB5E8B34D4AD9E6FC.roa (raw, json)
Hash identifier:          N5x+px76X8BL1nYIKyGDo12pV8wnBKHCEHdD0dKYxR8=
Subject key identifier:   9F:D6:28:4E:A8:47:77:6D:A6:C7:AA:29:3F:BC:CE:96:0E:CF:6A:AD
Certificate issuer:       /CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
Certificate serial:       04CF
Authority key identifier: 2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/45348D3E3C0211EEB5E8B34D4AD9E6FC.roa
Signing time:             Wed 16 Aug 2023 06:58:14 +0000
ROA not before:           Wed 16 Aug 2023 06:58:10 +0000
ROA not after:            Wed 31 Aug 2033 06:58:10 +0000
asID:                     20011
IP address blocks:        41.132.72.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.mft
                          rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Sun 24 Nov 2024 00:05:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1231 (0x4cf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367B216AF/serialNumber=2F407FECD8B7DDDCA5D5B90A5E19589D06C101DC
        Validity
            Not Before: Aug 16 06:58:10 2023 GMT
            Not After : Aug 31 06:58:10 2033 GMT
        Subject: CN=64dc7386-d282
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:f5:68:81:00:dd:3a:a1:2d:63:2e:1e:33:17:
                    19:0b:f5:c3:10:0b:46:77:76:bf:46:64:6e:3e:0f:
                    63:c3:db:3d:84:04:96:b0:d1:5e:d9:c6:b0:ae:1d:
                    91:3f:b1:25:19:42:81:43:e4:90:0d:e3:64:ba:4e:
                    ed:4c:ba:a9:b7:08:48:cc:8c:88:5d:39:40:5c:d0:
                    1f:5f:7d:7a:04:6f:17:b0:de:ec:8d:2a:22:16:9e:
                    d2:c9:b0:92:91:35:10:2e:67:bb:74:a4:55:1a:58:
                    15:0d:30:6e:0d:27:b8:6f:3b:1a:d2:fc:cd:cd:e9:
                    a0:ac:c5:56:34:62:fc:8d:fd:76:38:a8:f5:1b:3f:
                    64:f7:dd:8d:bd:8d:70:92:26:1b:18:68:bb:ec:3d:
                    df:78:18:e2:0f:fd:e9:44:b9:b3:c6:bb:61:13:45:
                    b6:79:30:25:f7:2c:c3:24:cc:9d:dd:fd:ec:f2:eb:
                    5f:d1:4c:03:a4:34:d0:ba:29:f5:21:fe:e5:df:23:
                    89:b4:31:17:5f:ea:6d:b2:c5:41:3a:db:3f:81:bc:
                    95:c8:33:a0:97:b2:44:e2:f7:44:54:fb:e5:f4:15:
                    d9:05:f4:4c:9a:23:e4:1e:96:f3:a9:3f:56:d5:b8:
                    7e:ce:f0:e0:ec:21:9f:18:86:29:ff:a0:b7:61:a7:
                    72:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:D6:28:4E:A8:47:77:6D:A6:C7:AA:29:3F:BC:CE:96:0E:CF:6A:AD
            X509v3 Authority Key Identifier:
                keyid:2F:40:7F:EC:D8:B7:DD:DC:A5:D5:B9:0A:5E:19:58:9D:06:C1:01:DC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/L0B_7Ni33dyl1bkKXhlYnQbBAdw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/L0B_7Ni33dyl1bkKXhlYnQbBAdw.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367B216/36AC0F9687D511EBAAFF3447F8AEA228/45348D3E3C0211EEB5E8B34D4AD9E6FC.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.132.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c0:29:5d:0b:4f:82:78:c8:e4:5c:b4:60:ba:56:cf:2f:d4:65:
         df:de:be:5e:77:1b:27:eb:85:0b:00:a1:2b:53:cf:9b:07:d9:
         e6:b9:d9:d7:eb:f7:1f:41:fe:bc:8b:68:d0:45:66:76:60:81:
         4c:e8:a6:7c:ed:c7:3c:a0:ae:3e:28:e8:02:97:b7:62:c6:ed:
         17:2b:84:e0:b2:96:ef:6e:97:5e:38:f7:88:98:6e:40:05:5f:
         94:fc:4f:e3:a0:9e:9d:0d:54:e2:2a:d5:4c:b6:18:69:e3:b3:
         11:62:18:9f:b3:ce:5c:d7:ae:f1:50:d8:53:f5:17:f8:9d:ba:
         53:bd:d6:f0:de:3c:e6:4e:2f:3e:e4:7f:de:d9:15:ef:6a:d6:
         e8:74:6b:54:cd:02:f5:d4:56:72:24:00:54:6c:c9:36:af:8d:
         27:a4:8b:f1:a4:0e:9b:f0:ae:11:c4:67:3e:ad:c8:aa:13:08:
         e3:d3:0d:85:7b:18:6b:3c:26:cb:0d:a2:87:0b:1b:5a:66:af:
         df:1e:a3:21:d4:3f:59:9f:65:3b:ff:d3:a0:be:8b:9f:f8:0a:
         35:6d:8b:74:3e:f3:c7:3a:8a:97:0c:f2:d6:cc:e3:75:3d:a1:
         c5:03:44:56:5c:40:a4:e3:c1:29:7a:8d:b1:c0:3a:d1:2e:89:
         68:9f:59:d5
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgICBM8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
N0IyMTZBRjExMC8GA1UEBRMoMkY0MDdGRUNEOEI3REREQ0E1RDVCOTBBNUUxOTU4
OUQwNkMxMDFEQzAeFw0yMzA4MTYwNjU4MTBaFw0zMzA4MzEwNjU4MTBaMBgxFjAU
BgNVBAMTDTY0ZGM3Mzg2LWQyODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDf9WiBAN06oS1jLh4zFxkL9cMQC0Z3dr9GZG4+D2PD2z2EBJaw0V7ZxrCu
HZE/sSUZQoFD5JAN42S6Tu1Muqm3CEjMjIhdOUBc0B9ffXoEbxew3uyNKiIWntLJ
sJKRNRAuZ7t0pFUaWBUNMG4NJ7hvOxrS/M3N6aCsxVY0YvyN/XY4qPUbP2T33Y29
jXCSJhsYaLvsPd94GOIP/elEubPGu2ETRbZ5MCX3LMMkzJ3d/ezy61/RTAOkNNC6
KfUh/uXfI4m0MRdf6m2yxUE62z+BvJXIM6CXskTi90RU++X0FdkF9EyaI+QelvOp
P1bVuH7O8ODsIZ8Yhin/oLdhp3LZAgMBAAGjggKlMIICoTAdBgNVHQ4EFgQUn9Yo
TqhHd22mx6opP7zOlg7Paq0wHwYDVR0jBBgwFoAUL0B/7Ni33dyl1bkKXhlYnQbB
AdwwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4QUVBMjI4L0wwQl83
TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jcmwwZwYIKwYBBQUHAQEEWzBZMFcGCCsG
AQUFBzAChktyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hZnJp
bmljL0wwQl83TmkzM2R5bDFia0tYaGxZblFiQkFkdy5jZXIwTwYDVR0gAQH/BEUw
QzBBBggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5p
Yy5uZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEF
BQcwC4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJl
cl9yZXBvc2l0b3J5L0YzNjdCMjE2LzM2QUMwRjk2ODdENTExRUJBQUZGMzQ0N0Y4
QUVBMjI4LzQ1MzQ4RDNFM0MwMjExRUVCNUU4QjM0RDRBRDlFNkZDLnJvYTA1Bggr
BgEFBQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54
bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIphEgwDQYJKoZIhvcNAQEL
BQADggEBAMApXQtPgnjI5Fy0YLpWzy/UZd/evl53GyfrhQsAoStTz5sH2ea52dfr
9x9B/ryLaNBFZnZggUzopnztxzygrj4o6AKXt2LG7RcrhOCylu9ul14494iYbkAF
X5T8T+Ognp0NVOIq1Uy2GGnjsxFiGJ+zzlzXrvFQ2FP1F/idulO91vDePOZOLz7k
f97ZFe9q1uh0a1TNAvXUVnIkAFRsyTavjSeki/GkDpvwrhHEZz6tyKoTCOPTDYV7
GGs8JssNoocLG1pmr98eoyHUP1mfZTv/06C+i5/4CjVti3Q+88c6ipcM8tbM43U9
ocUDRFZcQKTjwSl6jbHAOtEuiWifWdU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:54 2024 by rpki-client on console-fra.rpki-client.org