Route Origin Authorization

$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/EB20B2F4024F11EFA12CEC39017001B1.roa
File:                     EB20B2F4024F11EFA12CEC39017001B1.roa (raw, json)
Hash identifier:          DGspVj5umAbt44A4S5iMDxL6QLK9e40+SjqJ4Rygou4=
Subject key identifier:   0D:90:33:0F:AA:2B:4E:9D:B6:DE:AD:41:A9:29:C1:CB:71:3A:89:96
Certificate issuer:       /CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
Certificate serial:       27
Authority key identifier: 4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E
Authority info access:    rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
Subject info access:      rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/EB20B2F4024F11EFA12CEC39017001B1.roa
Signing time:             Wed 24 Apr 2024 15:32:54 +0000
ROA not before:           Wed 24 Apr 2024 15:32:51 +0000
ROA not after:            Mon 24 Apr 2034 15:32:51 +0000
asID:                     328866
IP address blocks:        41.92.200.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl
                          rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.mft
                          rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.crl
                          rsync://rpki.afrinic.net/repository/afrinic/K1eJenypZMPIt_e92qek2jSpj4A.mft
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/afrinic-ca.cer
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
                          rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
                          rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires:   Tue 18 Jun 2024 00:04:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 39 (0x27)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F367BA6AAF/serialNumber=4F48E7EA30C989B15D363937763553A07E16CD8E
        Validity
            Not Before: Apr 24 15:32:51 2024 GMT
            Not After : Apr 24 15:32:51 2034 GMT
        Subject: CN=66292626-c057
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:a3:84:a3:33:bd:7e:69:f7:bb:a5:c8:02:13:
                    7a:5d:0a:c8:cc:a2:ec:6b:13:d3:97:5c:a4:be:b2:
                    55:51:fe:e6:79:74:df:ec:a7:3d:fc:f6:38:7d:da:
                    98:aa:19:5a:d8:f1:87:0b:f5:ac:c7:0e:76:e0:e5:
                    d7:0e:e1:90:9d:d4:2b:0a:1a:cc:9c:eb:5f:bf:7c:
                    17:aa:8c:92:d9:00:9f:b6:21:8f:bb:4a:81:61:0e:
                    11:f2:0e:d7:2e:83:4a:1d:41:b8:c1:37:8f:50:d3:
                    a6:3b:2d:c2:3b:5e:1f:f7:1b:8b:d0:d9:5a:fa:34:
                    81:f3:07:90:2f:05:3c:71:ab:5c:2d:eb:41:86:c4:
                    6a:df:9c:09:14:a1:8f:0f:20:a1:2d:b4:e3:47:26:
                    e2:24:73:70:ad:d2:6d:25:3e:1d:d2:df:39:ce:43:
                    bc:aa:b8:af:25:6c:e8:a8:b9:d4:5b:4e:19:59:a3:
                    e2:a2:6d:17:5e:d2:38:c6:1a:3c:94:78:8a:67:80:
                    88:80:fe:c5:bf:12:2d:21:b8:80:99:71:c0:06:02:
                    59:ba:9c:75:ac:ad:92:40:28:39:84:35:20:8c:15:
                    f4:40:3d:f4:c5:91:1b:9d:b9:56:11:ab:ec:e1:9d:
                    c4:f4:46:51:7b:55:0b:fb:49:9e:49:35:76:a7:ab:
                    ab:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:90:33:0F:AA:2B:4E:9D:B6:DE:AD:41:A9:29:C1:CB:71:3A:89:96
            X509v3 Authority Key Identifier:
                keyid:4F:48:E7:EA:30:C9:89:B1:5D:36:39:37:76:35:53:A0:7E:16:CD:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/T0jn6jDJibFdNjk3djVToH4WzY4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.afrinic.net/repository/afrinic/T0jn6jDJibFdNjk3djVToH4WzY4.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://rpki.afrinic.net/policy/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F367BA6A/0F4A37F4ECD911EE9F732C67775412E6/EB20B2F4024F11EFA12CEC39017001B1.roa
                RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  41.92.200.0/22

    Signature Algorithm: sha256WithRSAEncryption
         70:1b:1c:ef:86:ef:9f:d9:e8:d1:9a:e9:76:3e:73:ae:5d:84:
         8f:1c:1f:9d:9a:25:93:a4:e1:4f:4f:2a:28:70:bc:d4:d1:f9:
         09:42:1a:35:59:47:b6:d2:c6:ed:11:06:a4:9c:0c:9e:ac:63:
         32:00:e4:ca:71:d6:7c:f2:9d:9c:9e:2f:91:d2:d4:62:53:09:
         2d:1b:5e:9f:e1:47:68:f5:0a:68:a5:a5:9c:f9:d1:3e:68:5b:
         6d:a2:83:9a:84:86:37:11:a3:ac:b9:6a:48:83:73:0c:97:a3:
         2f:de:49:19:74:bd:71:0f:92:6e:d4:49:0b:21:b8:c8:01:14:
         1e:f9:23:93:2f:71:71:e6:3f:7e:27:a0:03:8b:a1:19:26:0b:
         85:c1:db:c0:46:48:2c:cd:7b:26:4a:83:6d:19:7c:7e:77:59:
         33:dd:ca:5c:08:26:41:ee:9a:26:84:56:ed:3e:03:1d:54:48:
         60:d3:b8:c9:6e:8a:7a:c1:3c:48:08:a9:87:9f:78:68:99:07:
         39:b1:70:5c:8d:4f:24:21:7b:73:41:ef:d5:05:7a:53:ac:f1:
         33:56:36:aa:e2:b3:8e:89:a6:b9:15:37:fa:77:3c:55:d0:9b:
         15:de:d0:7f:0b:29:1b:27:7b:3f:a2:f6:23:fa:69:ab:f7:4f:
         e4:34:10:64
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIBJzANBgkqhkiG9w0BAQsFADBIMRMwEQYDVQQDEwpGMzY3
QkE2QUFGMTEwLwYDVQQFEyg0RjQ4RTdFQTMwQzk4OUIxNUQzNjM5Mzc3NjM1NTNB
MDdFMTZDRDhFMB4XDTI0MDQyNDE1MzI1MVoXDTM0MDQyNDE1MzI1MVowGDEWMBQG
A1UEAxMNNjYyOTI2MjYtYzA1NzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALijhKMzvX5p97ulyAITel0KyMyi7GsT05dcpL6yVVH+5nl03+ynPfz2OH3a
mKoZWtjxhwv1rMcOduDl1w7hkJ3UKwoazJzrX798F6qMktkAn7Yhj7tKgWEOEfIO
1y6DSh1BuME3j1DTpjstwjteH/cbi9DZWvo0gfMHkC8FPHGrXC3rQYbEat+cCRSh
jw8goS2040cm4iRzcK3SbSU+HdLfOc5DvKq4ryVs6Ki51FtOGVmj4qJtF17SOMYa
PJR4imeAiID+xb8SLSG4gJlxwAYCWbqcdaytkkAoOYQ1IIwV9EA99MWRG525VhGr
7OGdxPRGUXtVC/tJnkk1dqerq1sCAwEAAaOCAqUwggKhMB0GA1UdDgQWBBQNkDMP
qitOnbberUGpKcHLcTqJljAfBgNVHSMEGDAWgBRPSOfqMMmJsV02OTd2NVOgfhbN
jjAOBgNVHQ8BAf8EBAMCB4AwgZUGA1UdHwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6
Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVyX3JlcG9zaXRvcnkv
RjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1NDEyRTYvVDBqbjZq
REppYkZkTmprM2RqVlRvSDRXelk0LmNybDBnBggrBgEFBQcBAQRbMFkwVwYIKwYB
BQUHMAKGS3JzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L2Fmcmlu
aWMvVDBqbjZqREppYkZkTmprM2RqVlRvSDRXelk0LmNlcjBPBgNVHSABAf8ERTBD
MEEGCCsGAQUFBw4CMDUwMwYIKwYBBQUHAgEWJ2h0dHBzOi8vcnBraS5hZnJpbmlj
Lm5ldC9wb2xpY3kvQ1BTLnBkZjCB2wYIKwYBBQUHAQsEgc4wgcswgZEGCCsGAQUF
BzALhoGEcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvbWVtYmVy
X3JlcG9zaXRvcnkvRjM2N0JBNkEvMEY0QTM3RjRFQ0Q5MTFFRTlGNzMyQzY3Nzc1
NDEyRTYvRUIyMEIyRjQwMjRGMTFFRkExMkNFQzM5MDE3MDAxQjEucm9hMDUGCCsG
AQUFBzANhilodHRwczovL3JyZHAuYWZyaW5pYy5uZXQvbm90aWZpY2F0aW9uLnht
bDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAilcyDANBgkqhkiG9w0BAQsF
AAOCAQEAcBsc74bvn9no0Zrpdj5zrl2EjxwfnZolk6ThT08qKHC81NH5CUIaNVlH
ttLG7REGpJwMnqxjMgDkynHWfPKdnJ4vkdLUYlMJLRten+FHaPUKaKWlnPnRPmhb
baKDmoSGNxGjrLlqSINzDJejL95JGXS9cQ+SbtRJCyG4yAEUHvkjky9xceY/fieg
A4uhGSYLhcHbwEZILM17JkqDbRl8fndZM93KXAgmQe6aJoRW7T4DHVRIYNO4yW6K
esE8SAiph594aJkHObFwXI1PJCF7c0Hv1QV6U6zxM1Y2quKzjommuRU3+nc8VdCb
Fd7QfwspGyd7P6L2I/ppq/dP5DQQZA==
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:31:05 2024 by rpki-client on console-ams.rpki-client.org