Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/752A7A9E024511EFBB3EC965017001B1.roa
File:                     752A7A9E024511EFBB3EC965017001B1.roa (raw, json)
Hash identifier:          ISD3VOQEgAOEfoaCgABzNl36oyPA1PvId4Njfv5xhG4=
Subject key identifier:   80:71:F2:D0:73:6D:91:A5:37:03:CA:B7:BD:D2:CB:03:41:17:EF:52
Certificate issuer:       /CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
Certificate serial:       25
Authority key identifier: 4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/752A7A9E024511EFBB3EC965017001B1.roa
Signing time:             Wed 24 Apr 2024 14:18:01 +0000
ROA not before:           Wed 24 Apr 2024 14:17:58 +0000
ROA not after:            Mon 24 Apr 2034 14:17:58 +0000
asID:                     328866
IP address blocks:        41.92.128.0/21 maxlen: 21

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 37 (0x25)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
        Validity
            Not Before: Apr 24 14:17:58 2024 GMT
            Not After : Apr 24 14:17:58 2034 GMT
        Subject: CN=66291499-a897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:78:11:55:b2:4e:c8:b4:aa:4b:d1:a9:0d:97:
                    d9:3b:38:f8:2b:16:fa:f7:27:85:d5:1d:09:e9:34:
                    73:38:f6:c2:da:bf:9c:45:60:28:ef:c2:3b:2c:7e:
                    1c:3e:a0:bd:58:4c:d4:e8:68:18:fe:99:97:41:6f:
                    fb:08:92:93:fb:9b:1e:64:b9:7f:1c:81:73:c4:4d:
                    a8:84:3f:5d:f1:84:63:c1:14:fd:7f:bc:9f:5b:79:
                    03:89:40:39:1c:6a:5c:66:11:69:ce:73:e0:bb:f9:
                    40:c3:3c:c5:c5:d9:64:42:26:ff:44:46:a2:83:35:
                    0b:8d:fa:6c:82:05:30:8c:5f:9f:24:52:01:0d:7b:
                    51:64:0c:d9:fc:7a:e7:08:d5:ce:62:05:28:3d:97:
                    09:b7:e6:21:d6:ee:fd:38:16:13:ea:e2:46:4f:35:
                    04:fb:65:48:3f:8c:f2:3e:f2:a1:fb:2f:a5:5d:ca:
                    81:0e:9b:ca:f6:ee:77:64:f5:da:4b:05:9a:0b:d4:
                    a4:df:0f:2c:67:15:54:6c:1a:b8:70:d6:ca:ea:bb:
                    cc:69:9a:a8:3b:6b:b6:75:a2:76:9b:af:85:13:f8:
                    98:57:b1:0e:9e:c0:df:bb:e1:a6:a3:79:54:08:d9:
                    d4:d4:d7:b2:9c:ee:e1:3c:eb:e1:00:b0:b2:76:53:
                    37:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:71:F2:D0:73:6D:91:A5:37:03:CA:B7:BD:D2:CB:03:41:17:EF:52
            X509v3 Authority Key Identifier:
                keyid:4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/752A7A9E024511EFBB3EC965017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.92.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         36:08:97:dc:3f:ed:d7:9a:ef:47:bb:81:e7:b4:4a:96:22:d4:
         6e:1f:7d:eb:7c:ef:15:63:08:8f:75:6c:b1:2e:a5:25:8b:de:
         3b:66:6e:39:ce:e4:36:c9:21:e7:62:5d:1e:c4:ab:91:c0:8b:
         ea:6d:da:ed:cb:ef:57:e8:a8:85:99:03:24:5f:c0:61:14:c4:
         c8:f4:13:46:b1:ac:3d:2e:73:ac:35:1c:b2:30:7a:26:41:cb:
         e1:b6:29:33:61:7b:57:10:13:b6:a1:f7:70:a6:b3:54:61:5b:
         39:00:e8:46:75:7e:c8:41:32:c3:6d:43:ac:3d:60:64:82:8f:
         9d:05:f2:84:ea:f6:ff:c1:3b:79:03:2f:74:23:5a:29:f0:fd:
         36:d3:02:1a:cf:61:6f:20:65:7b:79:d0:70:0d:d4:8c:39:47:
         48:21:94:46:01:37:76:22:35:7e:d8:c1:e5:d6:52:41:be:7e:
         d4:55:a2:8d:fc:fd:4c:d8:9e:fa:bf:5f:21:0c:fa:5a:d6:99:
         4d:9e:00:de:2e:c5:33:3b:6e:dd:32:58:8a:6d:07:93:80:ea:
         f2:55:1b:97:55:47:14:a6:d8:f9:5b:ca:51:ac:e5:2e:24:d1:
         54:a2:cd:59:c0:d5:9e:dc:61:1b:37:ab:92:f1:41:58:bb:6d:
         51:aa:6e:d7
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJTANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QkE2QUFGMTEwLwYDVQQFEyg0RjQ4RTdFQTMwQzk4OUIxNUQzNjM5Mzc3NjM1NTNB
MDdFMTZDRDhFMB4XDTI0MDQyNDE0MTc1OFoXDTM0MDQyNDE0MTc1OFowGDEWMBQG
A1UEAxMNNjYyOTE0OTktYTg5NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPB4EVWyTsi0qkvRqQ2X2Ts4+CsW+vcnhdUdCek0czj2wtq/nEVgKO/COyx+
HD6gvVhM1OhoGP6Zl0Fv+wiSk/ubHmS5fxyBc8RNqIQ/XfGEY8EU/X+8n1t5A4lA
ORxqXGYRac5z4Lv5QMM8xcXZZEIm/0RGooM1C436bIIFMIxfnyRSAQ17UWQM2fx6
5wjVzmIFKD2XCbfmIdbu/TgWE+riRk81BPtlSD+M8j7yofsvpV3KgQ6byvbud2T1
2ksFmgvUpN8PLGcVVGwauHDWyuq7zGmaqDtrtnWidpuvhRP4mFexDp7A37vhpqN5
VAjZ1NTXspzu4Tzr4QCwsnZTNx8CAwEAAaOCAqUwggKhMB0GA1UdDgQWBBSAcfLQ
c22RpTcDyre90ssDQRfvUjAfBgNVHSMEGDAWgBRPSOfqMMmJsV02OTd2NVOgfhbN
jjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1NDEyRTYvVDBqbjZq
REppYkZkTmprM2RqVlRvSDRXelk0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVDBqbjZqREppYkZkTmprM2RqVlRvSDRXelk0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1
NDEyRTYvNzUyQTdBOUUwMjQ1MTFFRkJCM0VDOTY1MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAylcgDANBgkqhkiG9w0BAQsF
AAOCAQEANgiX3D/t15rvR7uB57RKliLUbh9963zvFWMIj3VssS6lJYveO2ZuOc7k
Nskh52JdHsSrkcCL6m3a7cvvV+iohZkDJF/AYRTEyPQTRrGsPS5zrDUcsjB6JkHL
4bYpM2F7VxATtqH3cKazVGFbOQDoRnV+yEEyw21DrD1gZIKPnQXyhOr2/8E7eQMv
dCNaKfD9NtMCGs9hbyBle3nQcA3UjDlHSCGURgE3diI1ftjB5dZSQb5+1FWijfz9
TNie+r9fIQz6WtaZTZ4A3i7FMztu3TJYim0Hk4Dq8lUbl1VHFKbY+VvKUazlLiTR
VKLNWcDVntxhGzerkvFBWLttUapu1w==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:05 2024 by rpki-client on console-ams.rpki-client.org